Weekly Digest Week 16
- id: b7a9c1dc-9ff2-4d75-a955-6d819f1faf05
- id: f94169af-e0b9-4c2a-934b-5f82ba503641
- id: aa8c02e0-243b-437e-97d1-fbc08b1959c6
- id: 71e4a3b5-6e83-4d71-96cf-1b280e08cea7
- id: aa773ea7-a217-4a5c-b72b-4cd380277b61
- id: bec50e0f-16bd-47d5-8f1c-77b173e1b6d3
- id: 05bbbf78-4f81-4a1e-ad48-7da921ab5713
- id: 71203ca0-fb50-11ee-b6d6-3f20b3e05279
- id: a78ac1e7-09d0-44ef-9d55-6710faa81d88
- id: a3dec0c9-fd13-4161-afb4-c8c8c15e8381
%%b7a9c1dc-9ff2-4d75-a955-6d819f1faf05_start%%
An Obscure Actions Workflow Vulnerability in Google’s Flank – Adnan Khan's Blog
Learn about how I used a custom tool to find a Google-owned repository vulnerable to GitHub Actions Poisoned Pipeline Execution Attack and earned a $7,500 bug bounty!
%%b7a9c1dc-9ff2-4d75-a955-6d819f1faf05_end%%
%%f94169af-e0b9-4c2a-934b-5f82ba503641_start%%
Go Wiki: SliceTricks - The Go Programming Language
Since the introduction of the append built-in, most of the functionality of the container/vector package, which was removed in Go 1, can be replicated using append and copy.
%%f94169af-e0b9-4c2a-934b-5f82ba503641_end%%
%%aa8c02e0-243b-437e-97d1-fbc08b1959c6_start%%
Go’s features of last resort
A “Feature of Last Resort” (FOLR) is a useful feature which solves certain otherwise hard-to-solve problems, but are often best avoided.
Highlights
var ( geodbOnce sync.Once geodb *geo.DB )func getGeo(ip string) string {// Will be run once only; if this is called again while it's still // running the second call will be blocked until the function completes // (but won't run it). geodbOnce.Do(func() { g, err := geoip2.FromBytes(pack.GeoDB)if err != nil {panic(err) } geodb = g })return geodb.Lookup(ip).CountryCode } ⤴️ ^d61d280c
Interesting way to init globally once on access.
%%aa8c02e0-243b-437e-97d1-fbc08b1959c6_end%%
%%71e4a3b5-6e83-4d71-96cf-1b280e08cea7_start%%
How to Build an Anycast Network | Render Blog
Render is a unified cloud to build and run all your apps and websites with free TLS certificates, global CDN, private networks and auto deploys from Git.
%%71e4a3b5-6e83-4d71-96cf-1b280e08cea7_end%%
%%aa773ea7-a217-4a5c-b72b-4cd380277b61_start%%
A deep dive into QEMU: a new machine | QEMU internals
A series of posts about QEMU internals:
%%aa773ea7-a217-4a5c-b72b-4cd380277b61_end%%
%%bec50e0f-16bd-47d5-8f1c-77b173e1b6d3_start%%
Thales technology and the Rafale's core capabilities - Thales Aerospace BlogThales Aerospace Blog
[…]
%%bec50e0f-16bd-47d5-8f1c-77b173e1b6d3_end%%
%%05bbbf78-4f81-4a1e-ad48-7da921ab5713_start%%
An Overview of The Integrated Modular Avionics (Ima) Concept | PDF | Computing | Application Software
AN OVERVIEW OF THE INTEGRATED MODULAR AVIONICS (IMA) CONCEPT - Free download as PDF File (.pdf), Text File (.txt) or read online for free.
%%05bbbf78-4f81-4a1e-ad48-7da921ab5713_end%%
%%71203ca0-fb50-11ee-b6d6-3f20b3e05279_start%%
Use of Open Source in Integrated Modular Avionics for A380 Program
Computer Science [cs], Computer Science [cs]/Embedded Systems
%%71203ca0-fb50-11ee-b6d6-3f20b3e05279_end%%
%%a78ac1e7-09d0-44ef-9d55-6710faa81d88_start%%
Actually Portable Executable
One day, while studying old code, I found out that it's possible to encode Windows Portable Executable files as a UNIX Sixth Edition shell script, due to the fact that the Thompson Shell didn't use a shebang line. Once I realized it's possible to create a synthesis of the binary formats being used by Unix, Windows, and MacOS, I couldn't resist the temptation of making it a reality, since it means that high-performance native code can be almost as pain-free as web apps. Here's how it works:
%%a78ac1e7-09d0-44ef-9d55-6710faa81d88_end%%
%%a3dec0c9-fd13-4161-afb4-c8c8c15e8381_start%%
jart/cosmopolitan: build-once run-anywhere c library
build-once run-anywhere c library. Contribute to jart/cosmopolitan development by creating an account on GitHub.
%%a3dec0c9-fd13-4161-afb4-c8c8c15e8381_end%%