Hi all,
Another issue for another week. Trying to get back to my schedule. If you like BetterDev, please help spead word out by refer to your friends. Buy me a coffee would be great too.
This week we had a big security issue with Github. If you had archive the whole directory, the Github token may leak into the artifact. Read more here: https://unit42.paloaltonetworks.com/github-repo-artifacts-leak-tokens/
I also found this amazing tool call that allow you to auto apply job to linkedin. Try it out to increase your chance. The job market is tough these day.
The Alerty JavaScript SDK takes 7 minutes to set up and covers your app and database with all the APM and error-tracking features you’d expect, all at a fraction of the big monitoring tools cost. But it doesn’t stop there. Alerty Agents use your frontend telemetry data to give you tailored guidance and feedback to debug issues and optimize your app’s performance. Audit your app for free today.
deep dive into the GNU/Linux local facilities used to convert a domain name or hostname into IP addresses, specifically in the context of dual-stack applications. Although it may seem simple at first glance, the entire process involving stub resolvers is filled with complexities and subtle nuances
WebKit have recently announced their intent to implement the blocking=render attribute for script and style elements, bringing them in line with support already available in Blink and generally positive sentiment in Firefox. The blocking=render attribute allows developers to explicitly mark a resource as render blocking, but… why on earth would you want to do that?!
The problem of collision detection is pretty common in video game programming. It’s a prerequisite to the implementation of certain game mechanics or simulations. Here I’ll cover several related approaches, starting with the simplest and building up to the sweep-and-prune algorithm. I won’t cover other approaches, such as space partitioning or spatial tree subdivision.
Memory leaks are a silent threat that gradually degrades performance, leads to crashes, and increases operational costs. Unlike obvious bugs, memory leaks are often subtle and difficult to spot until they start causing serious problems.
In this blog post, I will be documenting the journey veritas and I took to extract the AES keys and browser flags/fingerprint from the Supreme anti-bot system. This work was done using the ticket.js anti-bot from March, 2021, and is being published now that Supreme has migrated away from the ticket anti-bot system in favour of using Shopify. Extracting these keys allows for a complete bypass of the anti-bot system.
Not a really programming article but I enjoy and learn something from it when trying to do some animation
could it be possible to build syntax highlighting directly into a font, skipping JavaScript altogether? Could I somehow leverage OpenType features, by creating colored glyphs with the COLR table, and identifying and substituting code syntax with contextual alternates?
Useful as memory overcommit may be for other applications, it is bad news for your PostgreSQL database. With this article I am trying to raise the awareness of this problem. I’ll give you hints for the proper kernel configuration and discuss the implications for a containerized setup
Read the companion post Hacking Beyond .com — Enumerating Private TLDs
WIFI / LAN intruder detector. Scans for devices connected to your network and alerts you if new and unknown devices are found.
AI-Goat is a deliberately vulnerable AI infrastructure hosted on AWS, designed to simulate the OWASP Machine Learning Security Top 10 risks (OWASP ML Top 10). You can deploy this into your own infra and practice exploting. The app deployed with terraform, in a standalone VPC so you can quickly spin up and destroy everything without leaving something insecure running in your infra. Read the comprehensive introduction post
Combination of multiple linters to run as a GitHub Action or standalone. One linter to rule them all.
a multi-agent framework based on large language models. agentUniverse provides you with the flexible and easily extensible capability to build single agents.
WPScan WordPress security scanne
An improved drop-in replacement for SQS
Open-source and next-generation Web Application Firewall (WAF)
Organize your photos & videos, chats & messages, location history, social media content, contacts, and more into a single cohesive timeline on your own computer where you can keep them alive forever. Written by Caddy’s creator.
BetterDev Link
Every Monday