Skip to content

Instantly share code, notes, and snippets.

View mearns's full-sized avatar

B. Mearns mearns

12 followers · 5 following
  • Albany, NY
View GitHub Profile
@joepie91
joepie91 / random.md
Last active May 19, 2024 18:16
Secure random values (in Node.js)

Not all random values are created equal - for security-related code, you need a specific kind of random value.

A summary of this article, if you don't want to read the entire thing:

  • Don't use Math.random(). There are extremely few cases where Math.random() is the right answer. Don't use it, unless you've read this entire article, and determined that it's necessary for your case.
  • Don't use crypto.getRandomBytes directly. While it's a CSPRNG, it's easy to bias the result when 'transforming' it, such that the output becomes more predictable.
  • If you want to generate random tokens or API keys: Use uuid, specifically the uuid.v4() method. Avoid node-uuid - it's not the same package, and doesn't produce reliably secure random values.
  • If you want to generate random numbers in a range: Use random-number-csprng.

You should seriously consider reading the entire article, though - it's

@tsvetomir
tsvetomir / random.js
Created April 27, 2015 13:01
PRNG - Linear feedback shift register
var random = (function() {
// Implements 32-bit Linear feedback shift register
var lfsr = 0xDEADBEEF;
return function() {
lfsr = ((lfsr >>> 1) ^ (-(lfsr & 1) & 0xD0000001)) >>> 0;
return lfsr;
};
})();
@staltz
staltz / introrx.md
Last active May 24, 2024 07:56
The introduction to Reactive Programming you've been missing
@epc
epc / inventory.py
Last active November 1, 2022 04:48
python script to parse sphinx objects.inv file
#!/usr/bin/env python
""" Process URL for intersphinx targets and emit html or text """
def validuri(string):
return string
from sphinx.ext.intersphinx import read_inventory_v2
from posixpath import join
import pprint
import argparse
@domenic
domenic / promises.md
Last active March 31, 2024 14:07
You're Missing the Point of Promises

This article has been given a more permanent home on my blog. Also, since it was first written, the development of the Promises/A+ specification has made the original emphasis on Promises/A seem somewhat outdated.

You're Missing the Point of Promises

Promises are a software abstraction that makes working with asynchronous operations much more pleasant. In the most basic definition, your code will move from continuation-passing style:

getTweetsFor("domenic", function (err, results) {
 // the rest of your code goes here.
@jexchan
jexchan / multiple_ssh_setting.md
Created April 10, 2012 15:00
Multiple SSH keys for different github accounts

Multiple SSH Keys settings for different github account

create different public key

create different ssh key according the article Mac Set-Up Git

$ ssh-keygen -t rsa -C "your_email@youremail.com"