zachmu

package main

import (
	"fmt"
	"io"
	"iter"
	"math/big"
	"math/rand"
)

motoyasu-saburi

TL;DR

• I found 1 browser, 1 language, and 15 vulnerabilities in { Web Framework, HTTP Client library, Email library / Web Service, etc }
• All the vulnerabilities I found were found from a single perspective (I investigated maybe 50-80 products).
• The RFC description of the problem (rather confusingly) describes the requirements for this problem, while the WHATWG > HTML Spec is well documented.
• The problem is clearly targeted at the Content-Disposition fields filename and filename*.
• This problem affects HTTP Request/Response/Email in different ways.
  • HTTP Request : request tampering (especially with file contents, tainting of other fields, etc.)
  • HTTP Response : Reflect File Download vulnerability

• Email : Attachment tampering (e.g., extension and filename tampering and potential file content tampering)

sanketsudake

I have created a local Kubernetes cluster with kind. Following are changes you need to get metric-server running on Kind.

Deploy latest metric-server release.

kubectl apply -f https://github.com/kubernetes-sigs/metrics-server/releases/download/v0.5.0/components.yaml

Within existing arguments to metric-server container, you need to add argument --kubelet-insecure-tls.

MicahParks

package vault

import (
	"encoding/base64"
	"encoding/json"
	"fmt"
	"io/ioutil"

	"github.com/aws/aws-sdk-go/aws/session"
	"github.com/aws/aws-sdk-go/service/sts"

fl64

package main


import (
	"github.com/prometheus/client_golang/prometheus"
	"github.com/prometheus/client_golang/prometheus/promhttp"
	"log"
	"math/rand"
	"net/http"
	"time"

geraldstanje

• example: https://medium.com/swlh/build-and-use-go-packages-as-c-libraries-889eb0c19838

https://medium.com/@walkert/fun-building-shared-libraries-in-go-639500a6a669

https://www.darkcoding.net/software/building-shared-libraries-in-go-part-2/

https://karthikkaranth.me/blog/calling-c-code-from-go/

udhos

# how to push PR changes to a work-in-progress fork?

upstream: https://github.com/exercism/go
fork:     https://github.com/udhos/go

git clone https://github.com/exercism/go         ;# get upstream
cd go
git remote add fork https://github.com/udhos/go
git pull fork master                             ;# get changes from fork

aliostad

COPIED FROM https://build.opensuse.org/package/view_file/games/stockfish/stockfish-interface.txt?expand=1


Description of the universal chess interface (UCI)    April  2006
=================================================================

* The specification is independent of the operating system. For Windows,
  the engine is a normal exe file, either a console or "real" windows application.

* all communication is done via standard input and output with text commands,

sergeyklay

package main

import (
	"fmt"
	"golang.org/x/net/context"
	cc "golang.org/x/oauth2/clientcredentials"
	"io/ioutil"
	"net/http"
	"os"
)

shaneutt

This is free and unencumbered software released into the public domain.

Anyone is free to copy, modify, publish, use, compile, sell, or
distribute this software, either in source code form or as a compiled
binary, for any purpose, commercial or non-commercial, and by any
means.

In jurisdictions that recognize copyright laws, the author or authors
of this software dedicate any and all copyright interest in the
software to the public domain. We make this dedication for the benefit