Ludochaordic
Fantaisies programatico-ludiques

Pelican, Pingback and Webmentions

Linkback protocols are an old breed. They were born in a time where MySpace, Wikipedia & WordPress had just been launched, and Friendster was more popular than this new website called Facebook. Diagram source: PPRuNe article on linkbacks The latest linkback protocol, Webmention, is relatively recent though, as it became a …

Read More

Listing all GitHub security alerts of a user's projects using GraphQL and Python

Almost a year ago, GitHub introduced security alerts. They are an awesome feature. They function as notifications you receive whenever a vulnerability affecting one of your project dependencies. But long after receiving a notification, how to list all security alerts affecting your repositories ? I didn't found an out-of-the box solution …

Read More

Python 3 non consistent set & dict iteration gotcha

Consider the following Python expression: print("".join(set("ABCDE"))) What do you think it produces ? Not necessarily "ABCDE". Right, but you would expect the result to be consistent, isn't it ? $ for i in {1..3}; do python2.7 -c 'print("".join(set("ABCDE")))'; done ACBED ACBED ACBED Great ! ... But with …

Read More

Bash remote code execution vulnerability

Just relaying the information about this "ShellShock" vulnerability: RedHat security blog post the full disclosure on seclists.org This seems to affect Apache, sshd, DHCP clients and even potentially git. TL;DR here is how to check your Bash version env x='() { echo Never called; }; echo YOUR BASH IS VULNERABLE …

Read More