View find-new-Lo-code-points.js
const compare = (versionA, versionB) => {
// TODO: Does there exist a path for which every single Unicode version
// gets new entries? If so, use that instead.
const path = 'General_Category/Other_Letter';
const before = new Set(require(
`unicode-${ versionA }/${ path }/code-points.js`
const after = require(
`unicode-${ versionB }/${ path }/code-points.js`
#!/usr/bin/env bash
curl -#s "${url}" | \
base64 --decode | \
sed '/^ *\/\// d' | \
sed '/^\s*$/d' > hsts.json;
View bf.js
'use strict';
const pad = function(string) {
const totalCharacters = 4;
return string.length < totalCharacters ?
(Array(totalCharacters + 1).join('0') + string).slice(-totalCharacters) :
const UNICODE_MIN = 0x0;
View output.txt

Someone tried to exploit the Shellshock vulnerability in Bash on, likely as part of a mass-exploit attempt.

In this case, the exploit attempted to download a modified version of @schierlm’s pseudo-terminal Perl script that would connect to on port 23. The download URL contains the targeted host name (? which gives the attacker an indication of which hosts might have the /tmp/ backdoor in place.

View regex-lone-surrogates.js
var assert = require('assert');
// The goal is to match lone surrogates, i.e. any high surrogates
// (`[\uD800-\uDBFF]`) that are not directly followed by a low surrogate
// (`[\uDC00-\uDFFF]`), and any low surrogates (`[\uDC00-\uDFFF]`) that are not
// directly preceded by a high surrogate (`[\uD800-\uDBFF]`).
var regex = /[\uD800-\uDBFF](?![\uDC00-\uDFFF])|(?:[^\uD800-\uDBFF]|^)[\uDC00-\uDFFF]/;
assert.equal(regex.test('foo\uDC00bar'), true);

Cards Against Humanity

Below are the white and black card sets published by Cards Against Humanity. Take them and come back with a bot. You have 48 hours, starting from an arbitrary time that I forget.

Black cards with 2 blanks are pick 2. Black cards with 3 blanks are pick 3, draw 2.

The rules are on the official web site.

These cards are taken from this PDF.