soderlind

Delete failed and cancelled GitHub Actions workflow runs

The script will remove failed and cancelled workflow runs from your GitHub Action workflow history log.

Prerequisite

• GitHub CLI installed.

soderlind

Semgrep SAST (Static Application Security Testing) for WordPress

I use this GitHub Action to security test our WordPress themes

So what does the GitHub Action do?

It;

• get the code (i.e. themes) required by composer
• scan the code using semgrep
• upload the security errors to GitHub Code Security (i.e. the scan creates a sarif file which is uploaded)

soderlind

Favorite keybindings in Visual Studio Code

First, disable multible tabs: Set Workbench > Editor: Show Tabs to single

Included in VS Code:

• Control+Tab: Next File
• Shift+Control+Tab: Previous File

Custom, add the code in keybindings.json to VS Code (Shift+Command+P, select Preferences: Open Keybord Shortcuts (JSON))

• Option+Tab: Next Workspace (file picker)

soderlind

WordPress WAF Custom rules for Azure Front Door (AFD)

AFD WAF Managed Rules DRS 2.1 blocks WordPress. The below WP* custom rules let you access WordPress URLs that you need. I also implemented a rate-limiting rule to prevent brute force attacks.

The WP* rules are based on the OWASP CRS - WordPress Rule Exclusions Plugin rules

• AFD Premuim supports max 5 (!) regex, so I had to convert the regex rules to separate rules.

Custom WordPress Allow Rules

• WPLoginUser

soderlind

resource wafPolicy 'Microsoft.Network/FrontDoorWebApplicationFirewallPolicies@2022-05-01' = {
  name: wafPolicyName
  location: 'global'
  sku: {
    name: frontDoorSkuName
  }
  tags: tags
  properties: {
    policySettings: {
      enabledState: 'Enabled'

soderlind

I did this to show how easy it is to create your own media inserter. In production I would create a a server that returns the json.

Install

1. Create a block
   • in wp-content/plugins run npx @wordpress/create-block@latest my-image-inserter
   • cd my-image-inserter
2. Copy index.js to my-image-inserter/src/index.js
3. Delete my-image-inserter/my-image-inserter.php
4. Copy plugin.php to my-image-inserter/plugin.php

soderlind

# GitHub CLI aliases
eval "$(gh copilot alias -- zsh)" # or bash
# Old school aliases
alias '??'='ghcs'
alias 'git?'='ghcs -t git'
alias 'gh?'='ghcs -t gh'
alias 'explain'='ghce'

soderlind

services:
    buggregator:
        image: ghcr.io/buggregator/server:latest
        depends_on:
            buggregator-database:
                condition: service_healthy
        ports:
            - 127.0.0.1:8000:8000 # Sentry, Ray
            - 127.0.0.1:1025:1025 # SMTP
        environment:

soderlind

Live Preview for Jobbnorge Block

Plugin Previews are now available for opt-in, I've added a live preview to my block plugin

On wordpress.org, there are two things required for a plugin preview button to appear to all users:

1. A valid blueprint.json file must be provided in the plugins assets/blueprints sub-directory.
2. The plugin preview must be set to “public” from the plugin’s Advanced view by a committer.

Read the blueprint documentation for more information.

soderlind

@soderlind: I need a bash script that read a list of domains from disk and use az cli to remove the domains from azure front door. I have several azure front doors in the resource group.

GitHub Copilot: Here's a step-by-step plan for the bash script:

1. Define the script shebang to specify that the script should be run using bash.
2. Read the file line by line using a while loop.
3. Inside the loop, use the az network front-door frontend-endpoint delete command to delete the domain from each Azure Front Door in the resource group.
4. The command requires the names of the resource group, the Front Door, and the endpoint (domain). You'll need to loop over each Front Door in the resource group.
5. To get the list of Front Doors, use the az network front-door list command with the resource group name.
6. Parse the output of the list command to extract the names of the Front Doors.