Skip to content

Instantly share code, notes, and snippets.

View sethmlarson's full-sized avatar
🛡️

Seth Michael Larson sethmlarson

🛡️
View GitHub Profile
Package Version Ecosystem
python 3.10.12 binary
adduser 3.118ubuntu5 deb
apt 2.4.11 deb
asymptote 2.78+ds-2 deb
base-files 12ubuntu4.4 deb
base-passwd 3.5.52build1 deb
bash 5.1-6ubuntu1 deb
biber 2.17-2 deb
bsdutils 1:2.37.2-4ubuntu3 deb
@sethmlarson
sethmlarson / xar-generator.py
Created January 29, 2024 17:09
Simple script for constructing small XAR files (License: CC0-1.0)
"""
Simple script for constructing small XAR files.
License: CC0-1.0
"""
import datetime
import gzip
import hashlib
import io
import struct
@sethmlarson
sethmlarson / pycodeorg.py
Created November 13, 2023 18:08
Simple module for querying data from py-code.org
# MIT License
#
# Copyright (c) 2023 Seth Michael Larson
#
# Permission is hereby granted, free of charge, to any person obtaining a copy
# of this software and associated documentation files (the "Software"), to deal
# in the Software without restriction, including without limitation the rights
# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
# copies of the Software, and to permit persons to whom the Software is
# furnished to do so, subject to the following conditions:
@sethmlarson
sethmlarson / psf-cna-onboarding.md
Created August 2, 2023 20:23
PSF CNA onboarding materials
@sethmlarson
sethmlarson / schema.json
Last active November 18, 2022 16:43
OpenAPI 3.1 JSON schema with $schema
{
"$id": "https://spec.openapis.org/oas/3.1/schema/2022-10-07",
"$schema": "https://json-schema.org/draft/2020-12/schema",
"description": "The description of OpenAPI v3.1.x documents without schema validation, as defined by https://spec.openapis.org/oas/v3.1.0",
"type": "object",
"properties": {
"$schema": {
"type": "string"
},
"openapi": {

SLSA + Python Notes

Created example project: https://github.com/sethmlarson/python-slsa-release-test

Python doesn't have a specific builder yet. Only have source attestation using the generic builder. Used: slsa-framework/slsa-github-generator/.github/workflows/generator_generic_slsa3.yml

Attestation "subject.name" is taken as input from sha256sum, so check the output of that to ensure it's what you want (ie package.tar.gz vs dist/package.tar.gz) For this I had to include a cd dist/ && before the sha256sum * call. Not sure where this matters though?

Success:

import ssl
import requests
from requests.adapters import HTTPAdapter
import truststore
class TruststoreAdapter(HTTPAdapter):
def init_poolmanager(
self, *args, **kwargs
):
ctx = truststore.SSLContext(ssl.PROTOCOL_TLS_CLIENT)
@sethmlarson
sethmlarson / business-card-http-client.py
Last active February 14, 2022 14:00
HTTP client on a business card
import asyncio as A,urllib.parse as U,re;B,C,I,S=b"",b"\r\n",int,lambda*A:re.match(*A,24).groups()
async def request(m,u,h,b):
s,_,a,_,q,_=z=U.urlparse(u);T,E,d,N=s!=b"http",0,B,z.hostname;r,w=await A.open_connection(N,I(z.port or 80+363*T),ssl=T,server_hostname=[None,N][T]);w.write(m+b" "+(a or b"/")+[b"?"+q,B][q==B]+b" HTTP/1.0"+C+C.join([b"%b:%b"%W for W in h]+[B,b]));await w.drain()
while c:=await r.read():
if C*2in(d:=d+c)*(E==0):E,d=d.split(C*2,1);t,o=S(b"HTTP/.+? (\d+).*?%b(.*)"%C,E);o=[S(rb"([^\s]+):\s*(.+?)\s*$",x)for x in o.split(C)]
w.close();return I(t),o,d
@sethmlarson
sethmlarson / brotlipy-0.7.0-abi3.diff
Created September 2, 2021 17:51
Diff between brotlipy 0.7.0 tag and the source for building the abi3 compatible wheels
diff --git a/setup.py b/setup.py
index f804932..12ae724 100644
--- a/setup.py
+++ b/setup.py
@@ -1,11 +1,43 @@
#!/usr/bin/env python
+import platform
+import sys
from setuptools import find_packages, setup
+from setuptools.command.build_ext import build_ext
@sethmlarson
sethmlarson / warning-stacklevel.py
Last active February 11, 2022 14:20
Dynamically determine stacklevel for use with warnings.warn(..., stacklevel=X)
import inspect
import sys
from pathlib import Path
def warn_stacklevel() -> int:
"""Dynamically determine stacklevel for warnings based on the call stack"""
try:
# Grab the root module from the current module '__name__'
module_name = __name__.partition(".")[0]