Skip to content

Instantly share code, notes, and snippets.

View tvjames's full-sized avatar
🇦🇺

Thomas James tvjames

🇦🇺
24 followers · 36 following
View GitHub Profile
@arianvp
arianvp / SSH_MACOS_SECURE_ENCLAVES.md
Last active December 9, 2025 01:32
Native Secure Enclaved backed ssh keys on MacOS

Native Secure Enclave backed ssh keys on MacOS

It turns out that MacOS Tahoe can generate and use secure-enclave backed SSH keys! This replaces projects like https://github.com/maxgoedjen/secretive

There is a shared library /usr/lib/ssh-keychain.dylib that traditionally has been used to add smartcard support to ssh by implementing PKCS11Provider interface. However since recently it also implements SecurityKeyProivder which supports loading keys directly from the secure enclave! SecurityKeyProvider is what is normally used to talk to FIDO2 devices (e.g. libfido2 can be used to talk to your Yubikey). However you can now use it to talk to your Secure Enclave instead!

@cpursley
cpursley / postgresql_is_enough.md
Last active December 8, 2025 23:20
Postgres is Enough
@larenelg
larenelg / README.md
Last active October 11, 2019 05:06
Brisbane Tech Meetup Code of Conduct

Script for organisers to say during the welcome / kickoff for a meetup:

"A reminder that this Meetup is a respectful community of professionals with a code of conduct. Our meetup's code of conduct is available on our Meetup page."

Brisbane Tech Meetup Code of Conduct

This meetup is dedicated to providing a respectful, harassment-free community for everyone. We do not tolerate harassment or bullying of any community member in any form. This does not only extend to members to local meetup communities, but to anyone who chooses to become involved in the larger meetup community of users, developers and integrators through events or interactions.

Harassment includes offensive verbal/electronic comments related to personal characteristics or choices, sexual images or comments in public or online spaces, deliberate intimidation, bullying, stalking, following, harassing photography or recording, sustained disruption of talks, IRC chats, electronic meetings, physical meetings or other events, inappropriate physi

@swlaschin
swlaschin / effective-fsharp.md
Last active November 27, 2025 00:18
Effective F#, tips and tricks

Architecture

  • Use Onion architecture

    • Dependencies go inwards. That is, the Core domain doesn't know about outside layers

  • Use pipeline model to implement workflows/use-cases/stories

    • Business logic makes decisions
    • IO does storage with minimal logic
    • Keep Business logic and IO separate

  • Keep IO at edges

@samsch
samsch / stop-using-jwts.md
Last active November 5, 2025 21:39
Stop using JWTs

Stop using JWTs!

TLDR: JWTs should not be used for keeping your user logged in. They are not designed for this purpose, they are not secure, and there is a much better tool which is designed for it: regular cookie sessions.

If you've got a bit of time to watch a presentation on it, I highly recommend this talk: https://www.youtube.com/watch?v=pYeekwv3vC4 (Note that other topics are largely skimmed over, such as CSRF protection. You should learn about other topics from other sources. Also note that "valid" usecases for JWTs at the end of the video can also be easily handled by other, better, and more secure tools. Specifically, PASETO.)

A related topic: Don't use localStorage (or sessionStorage) for authentication credentials, including JWT tokens: https://www.rdegges.com/2018/please-stop-using-local-storage/

The reason to avoid JWTs comes down to a couple different points:

  • The JWT specification is specifically designed only for very short-live tokens (~5 minute or less). Sessions
@gboudreau
gboudreau / AuthyToOtherAuthenticator.md
Last active December 8, 2025 04:45 — forked from Ingramz/AuthyToOtherAuthenticator.md
Export TOTP tokens from Authy

Exporting your 2FA tokens from Authy to transfer them into another 2FA application

IMPORTANT - Update regarding deprecation of Authy desktop apps

Past August 2024, Authy stopped supported the desktop version of their apps:
See Authy is shutting down its desktop app | The 2FA app Authy will only be available on Android and iOS starting in August for details.

And indeed, after a while, Authy changed something in their backend which now prevents the old desktop app from logging in. If you are already logged in, then you are in luck, and you can follow the instructions below to export your tokens.

If you are not logged in anymore, but can find a backup of the necessary files, then restore those files, and re-install Authy 2.2.3 following the instructions below, and it should work as expected.

@mihow
mihow / load_dotenv.sh
Last active November 21, 2025 08:36
Load environment variables from dotenv / .env file in Bash
# The initial version
if [ ! -f .env ]
then
export $(cat .env | xargs)
fi
# My favorite from the comments. Thanks @richarddewit & others!
set -a && source .env && set +a
@swlaschin
swlaschin / ndcoslo2015_fp_track.md
Last active October 22, 2021 13:04
Functional Track talks from NDC Oslo 2015
@parmentf
parmentf / GitCommitEmoji.md
Last active December 3, 2025 06:56
Git Commit message Emoji
@aembleton
aembleton / docx2md.md
Last active May 17, 2023 07:04 — forked from vdavez/docx2md.md
Convert a Word Document into MD

Converting a Word Document to Markdown in One Move

The Problem

A lot of important government documents are created and saved in Microsoft Word (*.docx). But Microsoft Word is a proprietary format, and it's not really useful for presenting documents on the web. So, I wanted to find a way to convert a .docx file into markdown.

Installing Pandoc

On a mac you can use homebrew by running the command brew install pandoc.

The Solution