bagder

Slop

This collection is limited to only include the reports that were submitted as security vulnerabilities to the curl bug-bounty program on Hackerone.

Several other issues not included here are highly suspcious as well.

Reports

1. [Critical] Curl CVE-2023-38545 vulnerability code changes are disclosed on the internet. #2199174

wong2

Task

Launch a new agent that has access to the following tools: Bash, Glob, Grep, LS, exit_plan_mode, Read, Edit, MultiEdit, Write, NotebookRead, NotebookEdit, WebFetch, TodoRead, TodoWrite, WebSearch. When you are searching for a keyword or file and are not confident that you will find the right match in the first few tries, use the Agent tool to perform the search for you.

When to use the Agent tool:

• If you are searching for a keyword like "config" or "logger", or for questions like "which file does X?", the Agent tool is strongly recommended

When NOT to use the Agent tool:

• If you want to read a specific file path, use the Read or Glob tool instead of the Agent tool, to find the match more quickly
• If you are searching for a specific class definition like "class Foo", use the Glob tool instead, to find the match more quickly
• If you are searching for code within a specific file or set of 2-3 files, use the Read tool instead of the Agent tool, to find the match more quickly

NoteAfterNote

NoteAfterNote-7
Reading and writing a USB drive connected to a Linux server using Termux, termux-usb, usbredirect, and QEMU on a smartphone that is not rooted
Published: May 19, 2024
Link: https://gist.github.com/NoteAfterNote/7a197233de3d60ff1e23ca90ed2f595a
Updated: May 29, 2024

Termux: Enable Wake-Lock

---

Smartphone Configuration

thesamesam

FAQ on the xz-utils backdoor (CVE-2024-3094)

This is a living document. Everything in this document is made in good faith of being accurate, but like I just said; we don't yet know everything about what's going on.

Update: I've disabled comments as of 2025-01-26 to avoid everyone having notifications for something a year on if someone wants to suggest a correction. Folks are free to email to suggest corrections still, of course.

Background

boppreh

 Programming Language Checklist
by Colin McMillen, Jason Reed, and Elly Fong-Jones, 2011-10-10
updated by BoppreH, 2024-01-24

You appear to be advocating a new:
[ ] functional  [ ] imperative  [ ] object-oriented  [ ] stack-based  [ ] concurrent
[ ] interpreted  [ ] compiled  [ ] JIT  [ ] cloud  [ ] AI  [ ] beginner-friendly
[ ] academic-friendly  [ ] visual  [ ] sharable  [ ] esoteric
[ ] memory safe  [ ] memory unsafe  [ ] provable  [ ] Turing-incomplete
[ ] statically-typed  [ ] dynamically-typed  [ ] completely incomprehensible

o11c

Note: this was originally several Reddit posts, chained and linked. But now that Reddit is dying I've finally moved them out. Sorry about the mess.

---

URL: https://www.reddit.com/r/ProgrammingLanguages/comments/up206c/stack_machines_for_compilers/i8ikupw/ Summary: stack-based vs register-based in general.

There are a wide variety of machines that can be described as "stack-based" or "register-based", but not all of them are practical. And there are a lot of other decisions that affect that practicality (do variables have names or only address/indexes? fixed-width or variable-width instructions? are you interpreting the bytecode (and if so, are you using machine stack frames?) or turning it into machine code? how many registers are there, and how many are special? how do you represent multiple types of variable? how many scopes are there(various kinds of global, local, member, ...)? how much effort/complexity can you afford to put into your machine? etc.)

• a pure stack VM can only access the top elemen

Briar503

What I wish I knew going into Wii U hacking

For the past six months I've been learning about hacking my Wii U. I could have completed this project in a weekend, but sometimes I get an itch to go further.

My goal has been to have the ultimate couch console where friends can play video games in the same place in front of the same screen (plus gamepad screen). After that first weekend I was able to play homebrew, and make game backups to play. It even came with new software to use PS3 controllers on the console as pro controllers. My console had become really cool, but it wasn't perfect. So, I began working on getting it from 75% to perfect to 95% perfect (see unfixed cons below).

The documentation for that first 75% is really good and simple, but it's so simple the learning curve to do more advance things is steep. The research involved included digging through decade old forum posts, out of date wikis, finding files in abandoned MEGA drive downloads, reading source code in a dozens of repos, and lots of t

Dan-Q

<?php
// half-hearted CSS minification
$css = preg_replace(
  array('/\s*(\w)\s*{\s*/','/\s*(\S*:)(\s*)([^;]*)(\s|\n)*;(\n|\s)*/','/\n/','/\s*}\s*/'), 
  array('$1{ ','$1$3;',"",'} '),
  file_get_contents('linked.css')
);

// embed as a data: uri
$base64css = rtrim(strtr(base64_encode($css), '+/', '-_'), '=');

Gavinok

;;; chatgpt.el --- Simple ChatGPT frontend for Emacs  -*- lexical-binding: t -*-

;; Copyright (C) Gavin Jaeger-Freeborn

;; This package is free software; you can redistribute it and/or modify
;; it under the terms of the GNU General Public License as published by
;; the Free Software Foundation; either version 3, or (at your option)
;; any later version.

;; This package is distributed in the hope that it will be useful,

Nidal-Bakir

Enforce Conventional-Commit messages locally

See how a minor change to your commit message style can make a difference. Examples

Have a look at CLI util git-conventional-commits to ensure this conventions and generate changelogs

Commit Formats

Default