What if a package did something like this, but instead of logging to the console, they sent it back to a server?
Have you actually reviewed every dependency and every child dependency in every app you deploy?
Why are people not more scared of this?
Tim Elfelt timelf123
funnbot
/ Discord Auto DM Advertisement Check.js
Last active
December 5, 2022 10:55
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| if (process.version.startsWith("v6")) throw new Error("This Bot requires Node 7v+ because of async/await") | |
| const Discord = require("discord.js") | |
| const express = require("express") | |
| const app = express() | |
| const superagent = require("superagent") | |
| //Config | |
| let INVITE = process.env.INVITE || "", //An Infinite Invite to your discord server. | |
| GUILD = process.env.GUILD || "", //The ID of the Guild for this invite ^ |
kevincennis
/ README.md
Last active
June 14, 2017 21:45
pstadler
/ radarr-delete-unmonitored.sh
Last active
June 18, 2022 09:59
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/sh | |
| # See: https://github.com/Radarr/Radarr/wiki/Mass-Delete-via-API | |
| HOST=http://radarr.local:7878 | |
| API_KEY= # Settings > General | |
| ids=$(curl --silent $HOST/api/movie -X GET -H "X-Api-Key: $API_KEY" \ | |
| | jq '.[] | select(.monitored == false) | .id') |
4Kaylum
/ discordEmbedMaker.py
Last active
September 8, 2020 12:52
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import discord | |
| from discord.ext import commands | |
| from asyncio import sleep | |
| me = commands.Bot(command_prefix='.', self_bot=True) | |
| @me.event | |
| async def on_ready(): |
alexellis
/ base.Dockerfile
Last active
March 16, 2021 12:36
Docker swarm service to mine into the Nice Hash pool
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Published on Docker Hub with above user alexellisio. | |
| # If you want to rebuild your own copy, follow below instructions | |
| # Build this on each type of machine so you have the correct CPU extensions. | |
| FROM alexellisio/boostbase | |
| RUN git clone -b Linux https://github.com/nicehash/nheqminer.git | |
| RUN cd nheqminer/cpu_xenoncat/Linux/asm/ && sh assemble.sh && cd ../../../Linux_cmake/nheqminer_cpu && cmake . && make | |
| ENTRYPOINT ["./nheqminer/Linux_cmake/nheqminer_cpu/nheqminer_cpu"] |
bertrandmartel
/ aggregation_lookup.md
Last active
December 22, 2023 13:32
MongoDB $lookup aggregation example
db.votes.aggregate([{
$lookup: {
from: "users",
localField: "createdBy",
foreignField: "_id",
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Below are some notes for grabbing a list of domain users and other information via ADFS using acquired credentials. | |
| Install Apps | |
| Download and install visual studio 10 | |
| Downoad and install the Lync SDK | |
| https://www.microsoft.com/en-us/download/details.aspx?id=36824 (deprecated) | |
| http://go.microsoft.com/fwlink/?LinkID=248583 |
blowsie
/ glyphicon_font-awesome_convert.scss
Last active
March 5, 2024 13:27
Map glyphicon icons to font-awesome
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| $fa-font-path: "~font-awesome/fonts"; | |
| @import '~font-awesome/scss/font-awesome'; | |
| .glyphicon { | |
| @extend .fa; | |
| &.glyphicon-asterisk { | |
| @extend .fa-asterisk; | |
| } | |
| &.glyphicon-plus { | |
| @extend .fa-plus; |
maxvt
/ infra-secret-management-overview.md
Last active
February 28, 2024 20:53
Infrastructure Secret Management Software Overview
Currently, there is an explosion of tools that aim to manage secrets for automated, cloud native infrastructure management. Daniel Somerfield did some work classifying the various approaches, but (as far as I know) no one has made a recent effort to summarize the various tools.
This is an attempt to give a quick overview of what can be found out there. The list is alphabetical. There will be tools that are missing, and some of the facts might be wrong--I welcome your corrections. For the purpose, I can be reached via @maxvt on Twitter, or just leave me a comment here.
There is a companion feature matrix of various tools. Comments are welcome in the same manner.
