Skip to content

Instantly share code, notes, and snippets.

View sgolemon's full-sized avatar
👩‍💻
Pushin' code and fixin' bugs

Sara Golemon sgolemon

👩‍💻
Pushin' code and fixin' bugs
1.4k followers · 3 following
View GitHub Profile
@sgolemon
sgolemon / gist:0e1ea13a16d21098e73f
Last active August 29, 2015 14:23
Questionable use of GitHub APIs

Over-reacted to second hand info and misinterpreted docs.

I do think OAuth providers (like Github, Twitter, Facebook, etc...) should do more to discourage apps from requesting write access. It PARTICULARLY disturbs me that admin:public_key is even an option in Github's Scopes. So the potential for disasterous outcomes certainly exists when granting access to apps via Github's OAuth system, but provided that you carefully read what you're granting access to, it's not necessarily as bad a my original post (left intact below) made it out.

During a twitter conversation[1] this morning, I discovered that in order for an application to get something as simple as your name during a single-sign on, it has to ask for full user profile information. That's a bit scary by itself, but when asking for full profile information, it also has to ask for read and WRITE permissions.[2]

Yes, in order to use single-signon to a 3rd party site, I have to give that site the rights to modify my email addr

@sgolemon
sgolemon / graft-if.phpt
Created October 16, 2015 11:56
My AstKit experimental branch. This is runkit levels of bad...
--TEST--
Graft new value onto a statement list
--FILE--
<?php
include('astkit-test.inc');
$if = AstKit::parseString(<<<EOD
if (true) {
echo "This is a triumph.\n";
} else {
@sgolemon
sgolemon / ZEND_MODULE_API.php
Last active June 20, 2017 15:01
Quick and dirty cheat sheet for what ZEND_MODULE_API numbers map to what PHP versions
<?php
return array(
20160731 => 7.2, // provisional
20160303 => 7.1,
20151012 => 7.0,
20131226 => 5.6,
20121212 => 5.5,
20100525 => 5.4,
20090626 => 5.3,
@sgolemon
sgolemon / rfc2397.txt
Created April 12, 2017 20:27
Private keystore
data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAMgAAADIAQMAAACXljzdAAAABlBMVEX///8AAABVwtN+AAABN0lEQVRYhd2XuxGEMAxExRA4pASX4tJwaZRCCQ4JGHRayRzcpwAJZfiR7HhXkolC1sBaK5WKz7RNduCc7DjIa+HKh/y2TQ0Hc1wyMrcsSqEOSltmrkGI6RFxDyG4kkiku2qRDxr/+c0j6dkGET1/Uh+L3Euz/d1oXRLVAyOJBIDUJmirUQkqNcoLJgbuh6ZV7OacDLxTUh/Vux52TvbRjFRY+6hqO6dZQCL9Sa7Etg0+xg2ql2LZ9ktsLuAPuRNxFV8pCUqQEt020KtUKXe/eSamR3YKOsgC8/abZ7JBT1mIJedGdNeOSc7SbcPmXIZU3+TaKbTb6n7dsx2T9J1P3wuX0tk76a8C0SMdls1VXIMQecvYpO5rUXyiaUnWt2bvxFxVoGGwjvTpt2DkzPYZ59/3j0PysHoBMVu1nJLzLuUAAAAASUVORK5CYII=
@sgolemon
sgolemon / php-7.2.0alpha1.txt
Last active November 29, 2017 22:00
PHP 7.2.0alpha1 Release Checksums/Signatures
php-7.2.0alpha1.tar.gz
MD5 hash: d3f018291c11b85ff3f6ded9cb82f84f
SHA256 hash: 15c03c5b9511607b27f0c57a159263e6313a2002387d8cd7e94885e1218f3f88
PGP signature:
-----BEGIN PGP SIGNATURE-----
iQItBAABCAAXBQJZNrPZEBxwb2xsaXRhQHBocC5uZXQACgkQ29s5dHDRIXL2KA//
dupnCV971OgCrTnjDdOJzAApvMYg8OrwEBQYvpKuSzG43k+PtF3KNfYH8eq2rB5p
ktwWEAoX90WQgqRBSxBU8A+avOYzWbhkLtVWhOsVL3RHGhMcGy+REyi0kdZLwiYi
Mw1WAgTm6Y3Xm7bO/CcL8jVZ79YZq65Q74wY4RbnG5+yLQUNZn2gcEnGp9x8p06p
@sgolemon
sgolemon / keybase.md
Created June 8, 2017 13:22

Keybase proof

I hereby claim:

  • I am sgolemon on github.
  • I am saramg (https://keybase.io/saramg) on keybase.
  • I have a public key whose fingerprint is 1729 F839 38DA 44E2 7BA0 F4D3 DBDB 3974 70D1 2172

To claim this, I am signing this object:

@sgolemon
sgolemon / php-7.2.0alpha2.txt
Created June 20, 2017 15:00
PHP 7.2.0alpha2 Release Checksums/Signatures
php-7.2.0alpha2.tar.gz
MD5 hash: 09ca0e0654a686037957f343c62677d8
SHA256 hash: e772fc95e67fa5e01972228d6a65626fb84f3ef3ee28d13c509f5ab0eafb662e
PGP signature:
-----BEGIN PGP SIGNATURE-----
iQItBAABCAAXBQJZSSxNEBxwb2xsaXRhQHBocC5uZXQACgkQ29s5dHDRIXLQuw/9
HepVk/BwQ54wdH81FmnaqjtQkLMHRvR2co+1zX95kpicHp/K1+mC4jPH/y0q2oVD
iL01soh6/GIOtLsJ8/X9Vn0jX6UI0vRzQQDZH9wyrz25vgyXUI17bsP+LUi9zuKg
SzsBg1JCUDS1CKeuXcoWdeyDrJ7MgAlRYyClosgTu1c7b7fHPV+pc15WQrSL9D7H
@sgolemon
sgolemon / php-7.2.0beta1.txt
Created July 20, 2017 11:11
PHP 7.2.0beta1 Release Checksums/Signatures Raw
php-7.2.0beta1.tar.gz
SHA256 hash: 82700e3c72305a5e27a4900beec1fb49c7f19048e4d8a4e512685e6e35860bff
PGP signature:
-----BEGIN PGP SIGNATURE-----
iQItBAABCAAXBQJZbjIgEBxwb2xsaXRhQHBocC5uZXQACgkQ29s5dHDRIXKP9xAA
uIKxMoV1tzPgAqWOR/6nkDgLz4jq8ps2pkixH5PVnl+GCIVhVgKswQLIQ+bGoT0v
9JQ9Nff98dL1xz74fO013Y44076H7GkLyb4S33n4OFu4iNc2k0yWYGAcGvpdXgn/
0w9unHIaLdAwY2IU5RhszbaK0APc9WdMZ8s40tkiJ8vwi4mQq72kaKtEMj5XuJ3D
ucgAOhn+ERP6lgGnpaEck/J0AAgWHlVM+HsciJB1hUAELxr1OF5vZ11cxtM50Z6M
@sgolemon
sgolemon / php-7.2.0beta2.txt
Created August 3, 2017 13:04
PHP 7.2.0beta2 Release Checksums/Signatures
php-7.2.0beta2.tar.gz
SHA256 hash: 557f13109bfcac0cd8a35fafa9e3a87b0eb9dcf39967e9cc916b8a48528f1f68
PGP signature:
-----BEGIN PGP SIGNATURE-----
iQItBAABCAAXBQJZgLDsEBxwb2xsaXRhQHBocC5uZXQACgkQ29s5dHDRIXL2MxAA
u5QkZ5oD9Xsx2AenC3xx/ykGHMkpxhS5+yXrNCuFjhhRVarYqrtfuKNHtzarJyV1
y6W4iZzgEN6ewFyyHZgGdi6zhZN4Pb1r4eeOb47hnNl4BCsEpiRByKFAAlLCtVpK
C/wTbFu0Rp9+P0GTKi/j4C5ejfSYHdxdacoi9hD9qVeaWnNq3ETcs4kyaB5TyWA3
KFMTWoGValkTlBnOmLsNF4AWgB5BFRY12/ZZxCJ5GHppMkp8/l74NxXVvxwMLUBi
@sgolemon
sgolemon / manifest.txt
Created September 12, 2017 16:53
php-7.2.0RC2
php-7.2.0RC2.tar.gz
SHA256 hash: 5d143459d19f09ffd6e47578b50e74888b49585a5f0571f0d33b5537f0b1c7a7
PGP signature:
-----BEGIN PGP SIGNATURE-----
iQItBAABCAAXBQJZuA9JEBxwb2xsaXRhQHBocC5uZXQACgkQ29s5dHDRIXL85g/+
IpqGsY1x6infHVVup0TqaI6AhCA7tqvgxNEpbP0PokEGqNIIoSTpUapxMj5NFTy8
ir6fFMMYe/C7n958ko3qXbNKsRDeu/VRfYdA2n3P1KrZ/ol0BRJmD+PrS0sD6oVn
H74E1HV2cC1c9FbnakyZUsGWg4E0KEWrLFATs0yW/kkE8KfpbuVbU5lpapLF7n0w
0DOtmGOJH+MtA9dbXipPR0idF4sFENwqaSu1Pkt5qMXwfE3fD37gvGrBcaHBMB0W