| Security Measure | Description | |
|---|---|---|
| ☐ | Use HTTPS everywhere | Prevents basic eavesdropping and man-in-the-middle attacks |
| ☐ | Input validation and sanitization | Prevents XSS attacks by validating all user inputs |
| ☐ | Don't store sensitive data in the browser | No secrets in localStorage or client-side code |
| ☐ | CSRF protection | Implement anti-CSRF tokens for forms and state-changing requests |
| ☐ | Never expose API keys in frontend | API credentials should always remain server-side |
radoslav-stefanov
/ gh_dependabot.sh
Last active
June 3, 2025 14:18
— forked from robcowie/gh_dependabot.sh
gh cli commands to work with Dependabot PRs
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Github CLI commands to work with dependabot PRs | |
| # List dependabot PRs that need review | |
| gh pr list -l dependencies --search "status:success review:none" | |
| gh pr list -A app/dependabot --search "status:success review:none" | |
| # Instruct dependabot to merge all reviewed PRs, oldest first | |
| gh pr list | |
| -A app/dependabot \ | |
| --search "status:success" \ |
radoslav-stefanov
/ security-checklist.md
Created
April 12, 2025 21:27
— forked from mattppal/security-checklist.md
A simple security checklist for your vibe coded apps
radoslav-stefanov
/ k8s.sh
Created
April 26, 2024 15:57
— forked from lucasrenan/k8s.sh
Kubernetes get all pods/containers resources requests/limits
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| kubectl get pods --all-namespaces --sort-by='.metadata.name' -o jsonpath='{.items[*].spec.containers[*].resources.limits.memory}' | |
| kubectl get pod --all-namespaces --sort-by='.metadata.name' -o json | jq -r '[.items[] | {pod_name: .metadata.name, containers: .spec.containers[] | [ {container_name: .name, memory_requested: .resources.requests.memory, cpu_requested: .resources.requests.cpu} ] }]' |
radoslav-stefanov
/ create-win10-usb-on-mac.sh
Created
April 10, 2024 17:46
— forked from oxer-0/create-win10-usb-on-mac.sh
Create a Bootable UEFI Windows USB stick from an ISO on Apple macOS
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Just a quick update for GPT and to use `rsync` instead of `cp`! | |
| # That means this applies to UEFI boot, though for legacy BIOD boot, feel free to swap | |
| # GPT to MBR below. | |
| # Requires https://homebrew.sh to split the install.wim file | |
| brew install wimlib | |
| # First, we need to find our device. BEFORE inserting your USB drive, run the | |
| # following: | |
| diskutil list |
radoslav-stefanov
/ create-win10-usb-on-mac.sh
Created
April 10, 2024 15:45
— forked from ryanmaclean/create-win10-usb-on-mac.sh
Create a Bootable UEFI Windows USB stick from an ISO on Apple macOS
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Just a quick update for GPT and to use `rsync` instead of `cp`! | |
| # That means this applies to UEFI boot, though for legacy BIOD boot, feel free to swap | |
| # GPT to MBR below. | |
| # Requires https://homebrew.sh to split the install.wim file | |
| brew install wimlib | |
| # First, we need to find our device. BEFORE inserting your USB drive, run the | |
| # following: | |
| diskutil list |
radoslav-stefanov
/ gist:fc920499b4c86cf501bcfe944430802d
Created
July 18, 2023 14:17
Check which engine versions are available for serverless AWS Postgre RDS
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| aws rds describe-db-engine-versions --engine aurora-postgresql --filters Name=engine-mode,Values=serverless |
radoslav-stefanov
/ git-find-me-the-fucking-deleted-file.sh
Created
February 20, 2023 14:50
— forked from joakin/git-find-me-the-fucking-deleted-file.sh
finding a deleted file in a git repository
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # If you don't remember the exact path/name, search the log for deleted files | |
| git log --diff-filter=D --summary | grep delete | |
| # Find the file you want to get from the ouput, and use the path | |
| # Find the commits that involved that path | |
| git log --all -- some/path/to/deleted.file | |
| # Bring the file back to life to the current repo (sha commit of parent of commit that deleted) | |
| git checkout shaofthecommitthatdeletedthefile^ -- some/path/to/deleted.file |
radoslav-stefanov
/ php.md
Created
September 8, 2022 16:41
— forked from iamstoick/php.md
How to check an average memory usage by single PHP-FPM process
ps --no-headers -o "rss,cmd" -C php-fpm | awk '{ sum+=$1 } END { printf ("%d%s\n", sum/NR/1024,"M") }'
ps --no-headers -o "rss,cmd" -C apache2 | awk '{ sum+=$1 } END { printf ("%d%s\n", sum/NR/1024,"M") }'
radoslav-stefanov
/ The new version v1.24.0 kubectl cli uses an invalid workaround on aws eks.md
Created
July 8, 2022 08:18
— forked from Zheaoli/The new version v1.24.0 kubectl cli uses an invalid workaround on aws eks.md
新版 v1.24.0 kubectl cli 在 aws eks 上使用失效的解决方法.md
Please update your awscli to 2.6.3
In v1.24.0, kubectl will report the following error when relying on the kubeconfig generated by aws-cli
> error: exec plugin: invalid apiVersion "client.authentication.k8s.io/v1alpha1"
The reason is that Kubernetes deprecated client.authentication.k8s.io/v1alpha1" from the exec plugin in PR108616
And the aws-cli update PR6476 has not been merged. There are two solutions
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| - name: generate PSK | |
| shell: openssl rand -base64 48 | |
| register: psk | |
| delegate_to: 127.0.0.1 | |
| run_once: true | |
| - set_fact: | |
| psk={{ psk.stdout }} | |
| - debug: var=psk |
NewerOlder