simbo1905

GnuPG 2.2.x Build Instructions

Below are my build instructions for GnuPG 2.2.9, released on July 12th, 2018. These instructions are built for a headless Centos 7 LTS server (specificaly the openshift/base-centos7 docker image).

You use the below install script to install GnuPG 2.2.x by running the following commands:

# if you are root in a docker image:
curl -OL "https://gist.githubusercontent.com/simbo1905/ba3e8af9a45435db6093aea35c6150e8/raw/83561e214e36f6556fd6b1ec0a384cf28cb2debf/install-gnupg22.sh" && bash ./install-gnupg22.sh
# else if you need to sudo to do the installs:

simbo1905

How To Load The HIBP Pwned Passwords Database Into Redis

NIST recommends that when users are trying to set a password you should reject those that are commonly used or compromised:

When processing requests to establish and change memorized secrets, 
verifiers SHALL compare the prospective secrets against a list that 
contains values known to be commonly-used, expected, or compromised.

But how do you know what are the compromised passwords? Luckily Troy Hunter put a lot of effort into building the "Have I Been Pwned (HIBP)" database with the SHA1 hashes of 501,636,842 passwords that have been compromised on the internet. Sweet.

simbo1905

How To Load The HIBP Pwned Passwords Database Into MongoDB

NIST recommends that when users are trying to set a password you should reject those that are commonly used or compromised:

When processing requests to establish and change memorized secrets, 
verifiers SHALL compare the prospective secrets against a list that 
contains values known to be commonly-used, expected, or compromised.

But how do you know what are the compromised passwords? Luckily Troy Hunter put a lot of effort into building the "Have I Been Pwned (HIBP)" database with the SHA1 hashes of 501,636,842 passwords that have been compromised on the internet. Sweet.

simbo1905

import java.security.Key;
import java.util.Properties;

import javax.crypto.Cipher;
import javax.crypto.spec.SecretKeySpec;
import javax.persistence.AttributeConverter;
import javax.persistence.Converter;

import org.slf4j.Logger;

simbo1905

Automated Docker releases using Maven and GitHub Actions

Life is too short for tedious, manual release processes.

Here, we will use Maven's [Release plugin][maven-release] to execute releases. Instead of triggering the release process manually, we will use a [GitHub Actions][gh-actions] workflow on the master branch. All development work is done on the dev branch (or feature branches) and a release is done when (and only when) the dev branch is merged with the master branch.

simbo1905

package demo;

import io.netty.buffer.ByteBuf;
import io.netty.buffer.Unpooled;
import io.netty.util.CharsetUtil;
import reactor.netty.DisposableServer;
import reactor.netty.tcp.TcpServer;

public class TrexTcpServer {

simbo1905

Mixing two frameworks will typically require that you are an expert in both to be successful. This is because making them interact will add an additional level of complexity of having to interopate between the two frameworks. That often requires detailed knowledge of the internal workings of the frameworks that you would normally just "take for granted" such as session management and caching.

The point of using a framework is that it provides out-of-the-box "known good practice" in many low-level details so you can focus on your "business logic" not the "basic plumbing". The moment you "go against the framework" and try to do complex things like "make two frameworks coexist" you are basically throwing away the main benefit of using any framework. In short, using two is likely not better than using one. It is like to be more of a case that using two will be "three times the work".

While the actual result will depend on lots of factors I would expect that you would be better off if you picked the worst fra

simbo1905

#!/bin/bash
set -Eeuo pipefail

oc() { 
    if ! bin/oc_wrapper.sh "$@"; then
        >&2 echo "ERROR oc wrapper returned none zero status"
    fi
}

IMAGE_STREAM="$1"

simbo1905

                                                                                
                       === npm audit security report ===                        
                                                                                
# Run  npm install express-hbs@2.3.0  to resolve 6 vulnerabilities
SEMVER WARNING: Recommended action is a potentially breaking change
┌───────────────┬──────────────────────────────────────────────────────────────┐
│ Critical      │ Prototype Pollution                                          │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Package       │ handlebars                                                   │
├───────────────┼──────────────────────────────────────────────────────────────┤

simbo1905

import reactor.core.publisher.Mono;

public class BlockingJournal {

    private static String blockingWrite(String in){
        try {
            // fakes blocking for disk write
            Thread.sleep(5L);
            System.out.println("journal wrote: "+in+" on "+Thread.currentThread().getName());