Skip to content

Instantly share code, notes, and snippets.

@jimklimov
jimklimov / gist:a8dc06eacdf05eff7edc2bb69f42c0f2
Last active December 9, 2024 15:47
Jenkins SCM Changesets investigation
def b = Jenkins.instance.getItem("job-name").getBuildByNumber(1234)
println("Build name:\t${b}")
def mapCommitScm = [:]
b.getSCMs().each { scm ->
println("SCM:\t${scm}")
println("* Key:\t${scm.getKey()}")
println("* Branches:\t${scm.getBranches()}")
//println("* DN:\t${scm.getDisplayName()}")
//println("* URL:\t${scm.guessBrowser()?.repoUrl}")
@jimklimov
jimklimov / DependencyTrack-01-COMPONENTS_V.md
Last active September 25, 2024 11:37
Dependency-Track manually analyzed and/or depended-on components

PostgreSQL:

-- Helper view, indexes and methods

SET statement_timeout TO 0;

BEGIN;

-- Methods and their indices, to find UUID hits in DIRECT_DEPENDENCIES columns as text (JSON docs)

🛠 groovy scripts for jenkins credentials

... keeping update ...

@jimklimov
jimklimov / gist:4c489b7ccbd5ce89b293cea483b9f6fd
Created October 24, 2023 14:26
Jenkins - investigate job causes (e.g. to find SCM sources)
// Paste to your JENKINS_URL/script console:
def job = Jenkins.instance.getItemByFullName("org/repo/branch")
println "job: ${job}"
def build = job.getBuildByNumber(123)
println build
def commitHashForBuild(build) {
def scmAction = null
@jimklimov
jimklimov / gist:1f5f5e8b20398e70852bda6f4f0c667b
Last active September 14, 2023 01:21
Getting custom-built dotNet library+tool (2 repos)

Example below stems from my adventure starting with C#/.NET by fixing some issues in CycloneDX tooling. One big caveat was getting my custom-built library used by the custom-built tool (and VS Code IDE to debug). Ended up with the following; maybe better ways exist...

  • Install DotNet and NuGet
    • TODO: How did I get that on Windows?
    • Ubuntu Linux (in WSL):
:; sudo apt-get update && sudo apt-get install dotnet7 nuget
@jimklimov
jimklimov / gist:e6775212f6c9781173e94f5085f32fdb
Last active May 29, 2023 21:26
Cross-building exfat tools for Android on a PC

CONTEXT

TL;DR: See about installing MUSL tool-chain, and scroll down to exfatprogs build - that's what did work best for me.

Needed fsck.exfat 1.3.0 or newer to actively fix SD card issues on an Android phone. All builds I could find were older, so can only detect problems but not fix them even though these versions are supposed to be able to fix "some corruptions" (assuming exfat-fuse 1.3.0 here), e.g.:

:; which fsck.exfat
/system/bin/fsck.exfat
@jimklimov
jimklimov / backup-github.sh
Created May 11, 2023 19:08 — forked from rodw/backup-github.sh
A simple script to backup an organization's GitHub repositories, wikis and issues.
#!/bin/bash
# A simple script to backup an organization's GitHub repositories.
#-------------------------------------------------------------------------------
# NOTES:
#-------------------------------------------------------------------------------
# * Under the heading "CONFIG" below you'll find a number of configuration
# parameters that must be personalized for your GitHub account and org.
# Replace the `<CHANGE-ME>` strings with the value described in the comments
# (or overwrite those values at run-time by providing environment variables).

How to GPG as a Scala OSS Maintainer

tl;dr Generate a GPG key pair (exercising appropriate paranoia). Send it to key servers. Create a Keybase account with the public part of that key. Use your keypair to sign git tags and SBT artifacts.

GPG is probably one of the least understood day-to-day pieces of software in the modern developer's toolshed. It's certainly the least understood of the important pieces of software (literally no one cares that you can't remember grep's regex variant), and this is a testament to the mightily terrible user interface it exposes to its otherwise extremely simple functionality. It's almost like cryptographers think that part of the security comes from the fact that bad guys can't figure it out any more than the good guys can.

Anyway, GPG is important for open source in particular because of one specific feature of public/private key cryptography: signing. Any published software should be signed by the developer (or company) who published it. Ideally, consu

@jimklimov
jimklimov / .gitconfig
Created April 1, 2023 12:23
WSL2 wrapper for `git difftool`
# Add these lines to your ~/.gitconfig, to use wsl_wrapper
# program and your helper script to call winmerge GUI:
[mergetool "winmerge"]
cmd = \"$HOME/bin/winmerge.sh\" -u -maximize -wl -wr -fm -dl 'Mine: '\"$LOCAL\" -dm 'Merged: '\"$BASE\" -dr 'Theirs: '\"$REMOTE\" \"$LOCAL\" \"$BASE\" \"$REMOTE\" -o \"$MERGED\" -am
trustExitCode = true
[difftool "winmerge"]
cmd = \"$HOME/bin/winmerge.sh\" \"$LOCAL\" \"$REMOTE\"
[diff]
tool = winmerge
[merge]
enum mpciEnumPatchapplStrategies {
MERGE("merge", "mrg"),
ADDDIFF("addDiff"),
BOGUS();
final static def addDiff = ADDDIFF, merge = MERGE, adddiff = ADDDIFF;
static {
def oldAsType = String.metaClass.getMetaMethod("asType", [Class] as Class[])
String.metaClass.asType = { Class type ->