Navigation Menu

Skip to content

Instantly share code, notes, and snippets.

View mvayngrib's full-sized avatar

Mark Vayngrib mvayngrib

  • over here
View GitHub Profile
thesamesam /
Last active April 23, 2024 12:44
xz-utils backdoor situation (CVE-2024-3094)

FAQ on the xz-utils backdoor (CVE-2024-3094)

This is still a new situation. There is a lot we don't know. We don't know if there are more possible exploit paths. We only know about this one path. Please update your systems regardless.

This is a living document. Everything in this document is made in good faith of being accurate, but like I just said; we don't yet know everything about what's going on.

fabiospampinato /
Last active March 27, 2024 16:38
20x faster replacement for "npm run"
# 20x faster replacement for "npm run"
# - It supports scripts executing a built-in shell function
# - It supports scripts executing a binary found in PATH
# - It supports scripts executing a binary found in node_modules
# - It supports passing arguments and options to scripts
# - It supports reading scripts either via ripgrep (fast) or via jq (slower, but safer)
# - It adds ./node_modules/.bin to the $PATH
# - It handles gracefully when a script has not been found
# - It handles gracefully when "&", "&&", "|", "||", or ENV variables are used, falling back to "npm run"
veekaybee /
Last active April 12, 2024 20:16
Everything I understand about chatgpt

ChatGPT Resources


ChatGPT appeared like an explosion on all my social media timelines in early December 2022. While I keep up with machine learning as an industry, I wasn't focused so much on this particular corner, and all the screenshots seemed like they came out of nowhere. What was this model? How did the chat prompting work? What was the context of OpenAI doing this work and collecting my prompts for training data?

I decided to do a quick investigation. Here's all the information I've found so far. I'm aggregating and synthesizing it as I go, so it's currently changing pretty frequently.

Model Architecture

lrvick /
Last active April 11, 2023 06:53
Sig v2 Design
sindresorhus /
Last active April 23, 2024 09:02
Pure ESM package

Pure ESM package

The package that linked you here is now pure ESM. It cannot be require()'d from CommonJS.

This means you have the following choices:

  1. Use ESM yourself. (preferred)
    Use import foo from 'foo' instead of const foo = require('foo') to import the package. You also need to put "type": "module" in your package.json and more. Follow the below guide.
  2. If the package is used in an async context, you could use await import(…) from CommonJS instead of require(…).
  3. Stay on the existing version of the package until you can move to ESM.
br3ndonland /
Last active April 21, 2024 04:25
Getting the Gist of GitHub Actions
import React from "react";
import {
} from "react-native";
import Svg, {
alanshaw /
Last active September 22, 2023 23:49
Streaming iterables WAT?

Streaming iterables

Your friends from pull stream, but in terms of async iterators.

source it

A "source" is something that can be consumed. It is an iterable object.

const ints = {
outofambit /
Last active February 12, 2022 09:19
convert screen recording to animated gif
ffmpeg -i -pix_fmt rgb8 -r 8 -vf scale=-1:640 my-gif.gif
ArashMotamedi /
Last active February 13, 2019 11:28
Strongly typed APIs with runtime object validations using TypeScript and TypeScript-is

TypeScript, NodeJS Express Server, React WebApp

Common stack, right? How do you keep your API signatures in check between your client and your server?

I recently set out to bring sanity to my API calls between my web app, and my NodeJS Express API server. My goals:

  1. Share API signature between web app and api server.
  2. Validate request objects on both the front-end and the back-end.

For goal #1, I knew I had to implement TypeScript interfaces to describe my objects and API signatures. For goal #2, I recently stumbled upon a gem of a library, typescript-is.