Skip to content

Instantly share code, notes, and snippets.

🐕
‏‏‎

Aditya Prakash sonalkr132

🐕
‏‏‎
Block or report user

Report or block sonalkr132

Hide content and notifications from this user.

Learn more about blocking users

Contact Support about this user’s behavior.

Learn more about reporting abuse

Report abuse
View GitHub Profile
View gist:0af1746c14b42a41e01d20fffbed585b
Locking user homografo...
** [Honeybadger] Initializing Honeybadger Error Tracker for Ruby. Ship it! version=3.1.2 framework=rails level=1 pid=15043
Yanking jOjOjO
1000.0.5
1000.0.1
1000.0.2
1000.0.4
1000.0.3
1000.0.0
Yanking jsom
View typo.txt
bashim hashie 2739 2017-03-27 03:57:34 UTC http://idone.su
yo-api dogapi 2079 2017-03-27 04:08:32 UTC http://bitbucket.org/Aeoxic/yo
spect rspec 4264 2017-03-27 03:38:27 UTC ########################not found############################
crock rack 3008 2017-03-27 03:46:19 UTC
action_mailer actionmailer 0 2009-11-04 04:05:12 UTC ########################not found############################
RubyRc4 ruby-rc4 2190 2017-03-27 03:57:36 UTC
rtals rails 1283 2017-03-27 03:42:36 UTC ########################not found############################
syaso sass 3808 2017-03-27 03:56:58 UTC
ctapi httpi 6192 2017-03-27 03:39:35 UTC http://ctapi.rubyforge.org
hime hike 2315 2017-03-27 03:56:20 UTC
@sonalkr132
sonalkr132 / protected.rb
Last active Jun 23, 2019
affected gems from typo-squatting rules
View protected.rb
count = 0
count = 0
Rubygem.all.each do |r|
gem_typo = GemTypo.new(r.name)
protected_bool = gem_typo.protected_typo?
if protected_bool
text = "#{r.name} #{gem_typo.protected_gem} #{r.downloads} #{r.updated_at}\n"
puts text
File.open('/tmp/sosme.log', 'a') { |file| file.write(text) }
View no-home.sql
select r.name from rubygems as r where id in (select distinct(r.id) from versions as v join rubygems as r on v.rubygem_id = r.id join linksets as l on r.id = l.rubygem_id join gem_downloads as d on d.rubygem_id = r.id where v.metadata::jsonb ?| array['changelog_uri', 'source_code_uri', 'documentation_uri', 'wiki_uri', 'mailing_list_uri', 'bug_tracker_uri', 'mailing_list_uri'] and not v.metadata::jsonb ? 'homepage_uri' and l.home is not null) order by name;
name
-----------------------------------------
absee
actioncable
actionmailer
actionpack
actionview
activejob
@sonalkr132
sonalkr132 / curl.sh
Last active Mar 19, 2019
All benchmarks were done locally.
View curl.sh
# old
$ time curl http://localhost:3000/api/v1/activity/latest.json
real 0m1.220s
user 0m0.020s
sys 0m0.008s
# new
$ time curl http://localhost:3000/api/v1/activity/latest.json
real 0m0.233s
user 0m0.021s
View report.txt
Warming up --------------------------------------
reorder_versions 1.000 i/100ms
reorder_versions_bulk
1.000 i/100ms
reorder_versions_prep
1.000 i/100ms
Calculating ----
@sonalkr132
sonalkr132 / dependencies-validation.rb
Last active Feb 18, 2019
compare `quick/Marshal.4.8/#{full_name}.gemspec.rz` and dependencies stored in db
View dependencies-validation.rb
#!/usr/bin/env ruby
require 'rubygems'
require 'json'
require 'net/http'
require 'pry'
ENV['RAILS_ENV'] ||= 'development'
require_relative '../config/environment'
View rubygems-dump-25-jan.sql
# select count(distinct r.name) from versions as v join rubygems as r on v.rubygem_id = r.id where v.metadata::jsonb ?| array['homepage_uri', 'changelog_uri', 'source_code_uri', 'documentation_uri', 'wiki_uri', 'mailing_list_uri', 'bug_tracker_uri', 'mailing_list_uri'];
count
-------
1116
(1 row)
gemcutter_development=# select count(*) from rubygems;
count
--------
158380
View brakeman.report
== Brakeman Report ==
Application Path: /home/aditya/rubygems.org
Rails Version: 5.2.2
Brakeman Version: 4.4.0
Scan Date: 2019-01-18 16:23:20 +0530
Duration: 1.622901744 seconds
Checks Run: BasicAuth, BasicAuthTimingAttack, ContentTag, CreateWith, CrossSiteScripting, DefaultRoutes, Deserialize, DetailedExceptions, DigestDoS, DynamicFinders, EscapeFunction, Evaluation, Execute, FileAccess, FileDisclosure, FilterSkipping, ForgerySetting, HeaderDoS, I18nXSS, JRubyXML, JSONEncoding, JSONParsing, LinkTo, LinkToHref, MailTo, MassAssignment, MimeTypeDoS, ModelAttrAccessible, ModelAttributes, ModelSerialize, NestedAttributes, NestedAttributesBypass, NumberToCurrency, PermitAttributes, QuoteTableName, Redirect, RegexDoS, Render, RenderDoS, RenderInline, ResponseSplitting, RouteDoS, SQL, SQLCVEs, SSLVerify, SafeBufferManipulation, SanitizeMethods, SelectTag, SelectVulnerability, Send, SendFile, SessionManipulation, SessionSettings, SimpleFormat, SingleQuotes, SkipBeforeFilter, SprocketsPathTraversal, StripTags, Symbo
You can’t perform that action at this time.