git clone git@github.com:YOUR-USERNAME/YOUR-FORKED-REPO.git
cd into/cloned/fork-repo
git remote add upstream git://github.com/ORIGINAL-DEV-USERNAME/REPO-YOU-FORKED-FROM.git
git fetch upstream
"use strict"; | |
const vm = require("vm"); | |
const sandbox = { anObject: {} }; | |
const whatIsThis = vm.runInNewContext(` | |
const ForeignObject = anObject.constructor; | |
const ForeignFunction = ForeignObject.constructor; | |
const process = ForeignFunction("return process")(); | |
const require = process.mainModule.require; | |
require("fs"); |
image: java:8-jdk | |
stages: | |
- build | |
- test | |
- deploy | |
before_script: | |
# - echo `pwd` # debug | |
# - echo "$CI_BUILD_NAME, $CI_BUILD_REF_NAME $CI_BUILD_STAGE" # debug |
A proposed library that provides safe defaults (with opt-out) for security-relevant HTTP response headers.
This is now implemented: https://github.com/OWASP/url-classifier
Matching URLs with regular expressions is hard.
Even experienced programmers who are familiar with the URL spec produce code like /http:\/\/example.com/
which spuriously matches unintended URLs like
Lets project teams trust code they know with more than code they don't.
"use strict"; | |
// Prompted by https://esdiscuss.org/topic/json-canonicalize | |
// Given a string of JSON produces a string of JSON without unnecessary | |
// degrees of freedom like whitespace, optional escape sequences, and | |
// unnecessary variance in number representation. | |
function hashable(json) { | |
const strs = [] // Side table to collect string bodies | |
return reorderProperties( |