Skip to content

Instantly share code, notes, and snippets.

View casamia918's full-sized avatar

Dev.Casamia casamia918

7 followers · 17 following
View GitHub Profile
@casamia918
casamia918 / React2Shell_and_absence_of_std_for_partial_rendering_en.md
Created December 15, 2025 14:33

React2Shell and the Absence of Web Standards for Partial Rendering

On December 3, 2025, a security vulnerability shook the React ecosystem. CVE-2025-55182, dubbed "React2Shell," received a perfect CVSS score of 10.0. This wasn't just another bugโ€”it revealed a fundamental structural problem facing modern web development.

This article explores why React2Shell happened and how it relates to the absence of web standards for partial rendering.

What Happened

@casamia918
casamia918 / React2Shell_and_absence_of_std_for_partial_rendering.md
Last active December 15, 2025 14:28

React2Shell ์‚ฌ๊ฑด์œผ๋กœ ๋ณธ Partial Rendering ์„ ์œ„ํ•œ ์›น ํ‘œ์ค€์˜ ๊ณต๋ฐฑ

2025๋…„ 12์›” 3์ผ, React ์ƒํƒœ๊ณ„๋ฅผ ๋’คํ”๋“  ๋ณด์•ˆ ์ทจ์•ฝ์ ์ด ๊ณต๊ฐœ๋˜์—ˆ์Šต๋‹ˆ๋‹ค. CVSS 10.0์  ๋งŒ์ ์„ ๋ฐ›์€ CVE-2025-55182, ์ผ๋ช… "React2Shell"์ž…๋‹ˆ๋‹ค. ์ด ์ทจ์•ฝ์ ์€ ๋‹จ์ˆœํ•œ ๋ฒ„๊ทธ๊ฐ€ ์•„๋‹™๋‹ˆ๋‹ค. ํ˜„๋Œ€ ์›น ๊ฐœ๋ฐœ์ด ์ง๋ฉดํ•œ ๊ทผ๋ณธ์ ์ธ ๊ตฌ์กฐ์  ๋ฌธ์ œ๋ฅผ ๋“œ๋Ÿฌ๋‚ธ ์‚ฌ๊ฑด์ด๋ผ๊ณ  ๋ณผ ์ˆ˜ ์žˆ์Šต๋‹ˆ๋‹ค.

์ด ๊ธ€์—์„œ๋Š” React2Shell์ด ์™œ ๋ฐœ์ƒํ–ˆ๋Š”์ง€, ๊ทธ๋ฆฌ๊ณ  ์ด๊ฒƒ์ด ์›น ํ‘œ์ค€์˜ ๋ถ€์žฌ์™€ ์–ด๋–ค ๊ด€๋ จ์ด ์žˆ๋Š”์ง€ ์‚ดํŽด๋ณด๊ณ ์ž ํ•ฉ๋‹ˆ๋‹ค.

๋ฌด์Šจ ์ผ์ด ์žˆ์—ˆ๋‚˜

@casamia918
casamia918 / docker_study.txt
Last active February 2, 2025 11:01
Docker ํ•™์Šต
Docker ๋ฅผ ๊ณต๋ถ€ํ•˜๋ฉด์„œ ๊ธฐ์–ตํ•ด๋‘˜๋งŒํ•œ ๊ฒƒ๋“ค์„ ๋ฉ”๋ชจํ•ด๋‘”๋‹ค.
1. Container์™€ Image ๊ฐœ๋…์ด ํ•ต์‹ฌ. ์ฐพ์•„๋ณด๋ฉด ๋งŽ์ด ๋‚˜์˜จ๋‹ค
- ์ข€ ์‰ฝ๊ฒŒ ์ƒ๊ฐํ•˜๋ฉด, Image๋Š” ์„ค์น˜๋œ ํ”„๋กœ๊ทธ๋žจ, Container ๋Š” ์‹คํ–‰ํ•œ ํ”„๋กœ๊ทธ๋žจ ์ •๋„์˜ ๊ฐœ๋…์œผ๋กœ ์ƒ๊ฐํ•˜๋ฉด ๋œ๋‹ค.
- docker๋Š” ๊ฒฉ๋ฆฌ๋œ ํ™˜๊ฒฝ์ด๋‹ˆ ์ฒ˜์Œ ๊ณต๋ถ€ํ• ๋•Œ Image๋“  Container๋“  ๋ง˜๋Œ€๋กœ ์˜ฌ๋ ธ๋‹ค ์ง€์› ๋‹ค ํ•˜๋ฉด์„œ ์—ฐ์Šตํ•ด๋ณด๋ฉด ๋œ๋‹ค. ์ซ„์ง€ ๋ง์ž.
@casamia918
casamia918 / README.md
Created June 11, 2023 15:36 — forked from tannerlinsley/README.md
Replacing Create React App with the Next.js CLI

Replacing Create React App with the Next.js CLI

How dare you make a jab at Create React App!?

Firstly, Create React App is good. But it's a very rigid CLI, primarily designed for projects that require very little to no configuration. This makes it great for beginners and simple projects but unfortunately, this means that it's pretty non-extensible. Despite the involvement from big names and a ton of great devs, it has left me wanting a much better developer experience with a lot more polish when it comes to hot reloading, babel configuration, webpack configuration, etc. It's definitely simple and good, but not amazing.

Now, compare that experience to Next.js which for starters has a much larger team behind it provided by a world-class company (Vercel) who are all financially dedicated to making it the best DX you could imagine to build any React application. Next.js is the ๐Ÿ’ฃ-diggity. It has amazing docs, great support, can grow with your requirements into SSR or static site generation, etc.

So why

@casamia918
casamia918 / what_is_react.md
Last active December 21, 2025 03:40
React ๋ž€ ๋ฌด์—‡์ธ๊ฐ€ (What is React)

React ๋ž€ ๋ฌด์—‡์ธ๊ฐ€

HTML5 ๊ธฐ๋ฐ˜์˜ ์›น ์–ดํ”Œ๋ฆฌ์ผ€์ด์…˜ ์‚ฌ์šฉ ์‚ฌ๋ก€๊ฐ€ ๋Š˜์–ด๋‚˜๋ฉด์„œ, ์ž์—ฐ์Šค๋Ÿฝ๊ฒŒ SPA ๊ธฐ์ˆ ์— ๋Œ€ํ•œ ๊ด€์‹ฌ๋„ ๋Š˜์–ด๋‚˜๊ณ  ์žˆ์Šต๋‹ˆ๋‹ค. SPA์˜ ์‹œ์ดˆ๋Š” Angular ์˜€์ง€๋งŒ, ์ง€๊ธˆ์€ React์™€ Vue๊ฐ€ ์‹œ์žฅ์„ ์–‘๋ถ„ํ•˜๊ณ  ์žˆ์Šต๋‹ˆ๋‹ค. React๋ฅผ ๋Œ€์ฒดํ•˜๊ณ ์ž ํ•˜๋Š” ๊ฒฝ์Ÿ ๋ผ์ด๋ธŒ๋Ÿฌ๋ฆฌ๋“ค์ด ํ•˜๋‚˜ ๋‘˜์”ฉ ๋“ฑ์žฅํ•˜๊ณ  ์žˆ๊ธด ํ•˜์ง€๋งŒ, ์•„์ง React๋Š” ์™•์ขŒ์˜ ์ž๋ฆฌ์—์„œ ๋‚ด๋ ค์˜ฌ ์ƒ๊ฐ์ด ์—†์–ด ๋ณด์ž…๋‹ˆ๋‹ค.

์ €๋Š” React ๊ธฐ๋ฐ˜์˜ app์„ ๊ฐœ๋ฐœํ•˜๋Š” ์‚ฌ๋žŒ์ž…๋‹ˆ๋‹ค. ๊ทธ๋Ÿฐ๋ฐ ์–ด๋Š๋‚ , React๊ฐ€ ๋ฌด์—‡์ธ์ง€ ์ œ๋Œ€๋กœ ์ดํ•ดํ•˜๊ณ  ์žˆ๋Š” ์‚ฌ๋žŒ์€ ์ƒ๊ฐ๋ณด๋‹ค ๋งŽ์ง€ ์•Š๋‹ค๋Š” ๊ฒƒ์„ ๊นจ๋‹ซ๊ฒŒ ๋˜์—ˆ์Šต๋‹ˆ๋‹ค. ์ œ ์ฃผ๋ณ€์—๋„ React ๋ฅผ ํ•œ๋‹ค๋Š” ์‚ฌ๋žŒ์ด ์—ฌ๋Ÿฟ ์žˆ์—ˆ์ง€๋งŒ ๋ฆฌ์•กํŠธ๊ฐ€ ์ •ํ™•ํžˆ ์–ด๋–ค ๊ธฐ์ˆ ์ธ์ง€์— ๋Œ€ํ•ด์„œ ๋ฌผ์–ด๋ณด๋ฉด, ๋Œ€๋ถ€๋ถ„ "UI Framework" "jquery ๋‹ค์Œ ์„ธ๋Œ€" ์ด๋Ÿฐ ์ถ”์ƒ์ ์ธ ์–˜๊ธฐ๋งŒ ํ•˜๋ฉด์„œ ์–ผ๋ฒ„๋ฌด๋ฆฌ๊ธฐ๋งŒ ํ•  ๋ฟ์ด์—ˆ์Šต๋‹ˆ๋‹ค.

๊ทธ๋ž˜์„œ ์ €๋Š” ์ž ๊น ์‹œ๊ฐ„์„ ๋‚ด์–ด์„œ, React ๊ฐ€ ๋ฌด์—‡์ธ์ง€ ์†Œ๊ฐœ๋ฅผ ํ•˜๊ณ ์ž ํ•ฉ๋‹ˆ๋‹ค. ๊ธ€์€ ๊ธธ์ง€ ์•Š์Šต๋‹ˆ๋‹ค. ํ•˜์ง€๋งŒ ์ด ๊ธ€์„ ์ฝ๊ณ ๋‚˜๋ฉด ๋‹น์‹ ์€ React๊ฐ€ ๋ฌด์—‡์ธ์ง€ ๋ช…ํ™•ํ•˜๊ฒŒ ์•Œ๊ฒŒ ๋  ๊ฒƒ์ž…๋‹ˆ๋‹ค.

์ž ๊ทธ๋Ÿผ ์‹œ์ž‘ํ•ด๋ณด๊ฒ ์Šต๋‹ˆ๋‹ค.

@casamia918
casamia918 / mui typescript intellisense slow issue.md
Last active July 29, 2024 18:53

keyword: material ui, mui, typescript, intellisense, vscode

microsoft/TypeScript#39326

microsoft/TypeScript#34801

When using mui with typescript, there is performance issue with vscode intellisense, because of type checking.

I've read the comments and found a clue that some csstypes given by mui might be source of issue.

@casamia918
casamia918 / addLessLoader_forCRA5.js
Created January 9, 2022 15:45
addLessLoader for create-react-app@5.0.0
/**
* addLessLoader_forCRA5
* customized addLessLoader of customize-cra for create-react-app@5.0.0
*
* CreatedAt : 2022-01-09
*
* Description: The customize-cra author copy getStyleLoaders codes from react-scripts@4.0.3 > webpack.config.js
* But as react-scripts upgrade to version 5, they also upgrade postcss-loader, which causes change of options schema.
* So, I re-copy getStyleLoaders codes from react-scripts@5.0.0 > webpack.config.js
*
@casamia918
casamia918 / deep-dive-into-npx-and-bin.md
Last active February 25, 2024 08:18
npx์™€ bin ํŒŒ๊ณ ๋“ค๊ธฐ
@casamia918
casamia918 / markdown image host
Created June 26, 2020 04:34
add to comment
@casamia918
casamia918 / Advice for the proper react project structure.md
Last active May 22, 2020 18:31

https://reactjs.org/docs/faq-structure.html#avoid-too-much-nesting

When you're working on react project, you may concern that which directory structure is better between group by features and group by types. (see above react document)

Recently, I've developed two different types of project. And here I leave a note to give advice from my experience.

In these days, there are two type of react applications.