al3rez

Security Checklist (What can be done in CursorAI & software-level not infrastructure!)

Configuration Security

• Detect secrets in code
• Identify secrets committed to version control
• Flag hardcoded credentials

Authentication & Authorization

• Identify missing authentication checks
• Detect improper authorization patterns

BrianInAz

{
  "always_run_in_app" : false,
  "icon" : {
    "color" : "orange",
    "glyph" : "chart-area"
  },
  "name" : "Grafana",
  "script" : "\/\/ Configuration\nconst url = \"http:\/\/grafana.example.com\";\nconst token = \"xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx\";\nconst orgId = 1;\nconst dashboardName = \"widgets\";\nconst dashboardId = \"xxxxxxxxxxxxxx\";\nconst tz = \"America\/Chicago\";\nconst darkMode = true;\nconst deviceSize = \"393x852\";\n\nparams = config.runsInWidget\n  ? args.widgetParameter?.split(\",\") : []\n\nconst opts = {\n  type: params[0] ? params[0] : \"md\",\n  panel: params[1] ? params[1] : \"1\",\n  from: params[2] ? params[2] : \"now-30m\",\n  to: params[3] ? params[3] : \"now\",\n  title: params[4] ? params[4] : \"Grafana\",\n  align: params[5] ? params[5] : \"c\",\n};\n\n\/\/ Scriptable limits displayed image resolution to a max of 500x500\nconst imageSizes = {\n  sm: new Size(474, 474),\n  md: new Size(500, 210),\n  lg: new Size(500, 500),\n  re: new Size(480, 216),\n  ci: ne

akoskm

Install with npm i and run the server with npm start.

Depending on where you put your project, you might have to alter the path in the query params, but eventually you'll get the /etc/passwd file downloaded using the unsafe access:

dmwyatt

# models.py

from django.db import models

class User(models.Model):
    # Old field (blue version)
    name = models.CharField(max_length=100)
    
    # New fields (green version)
    first_name = models.CharField(max_length=50, null=True, blank=True)

Pagebakers

import { AnyZodObject, z } from 'zod'
import { Metadata, ResolvingMetadata } from 'next'

type InferParams<Params> = Params extends readonly string[]
  ? {
      [K in Params[number]]: string
    }
  : Params extends AnyZodObject
    ? z.infer<Params>
    : unknown

Temzasse

import { useMemo } from "react";
import { useSearchParams } from "react-router-dom";

type ParseConfig = Record<
  string,
  | { type: "string"; defaultValue?: string }
  | { type: "number"; defaultValue?: number }
  | { parse: (value: URLSearchParams) => unknown }
>;

veekaybee

Anti-hype LLM reading list

Goals: Add links that are reasonable and good explanations of how stuff works. No hype and no vendor content if possible. Practical first-hand accounts of models in prod eagerly sought.

Foundational Concepts

Pre-Transformer Models

samoshkin

Statements describing Python as a language

Interpreted: Python is an interpreted language, which means that the source code is translated and executed line-by-line at runtime, rather than being compiled to machine code beforehand.

Dynamic type system: Python uses a dynamic type system, which means that variable types are determined at runtime and can change during the execution of a program.

Garbage-collected: Python automatically manages memory allocation and deallocation using garbage collection, which frees developers from having to manually manage memory in their code.

Indentation-based syntax: Python uses indentation to define code blocks, making the code more readable and less cluttered with braces or other delimiters.

rain-1

Purpose

Bootstrap knowledge of LLMs ASAP. With a bias/focus to GPT.

Avoid being a link dump. Try to provide only valuable well tuned information.

Prelude

Neural network links before starting with transformers.

devagrawal09

export type QueryStatus = "loading" | "error" | "success";

export type ReadonlyStore<T> = {
  getState: () => T;
  subscribe: (
    listenerOrStore: ((state: T) => void) | Store<any>
  ) => () => void;
};
export type Store<T> = ReadonlyStore<T> & {
  setState: (newStateOrReducer: T | ((state: T) => T)) => void;