profile
viewpoint
If you are wondering where the data of this site comes from, please visit https://api.github.com/users/digitalcoyote/events. GitMemory does not store any data, but only uses NGINX to cache data for a period of time. The idea behind GitMemory is simply to give users a better reading experience.
Curtis Carter digitalcoyote NorthEast Arkansas https://digitalcoyote.github.io/NuGetDefense/ Cross-Platform .Net Developer

digitalcoyote/NuGetDefense 41

An MSBuildTask that checks for known vulnerabilities. Inspired by OWASP SafeNuGet.

digitalcoyote/chocolatey-packages 3

Template repository for Chocolatey Automatic Package Updater Module

digitalcoyote/bazelisk 0

A user-friendly launcher for Bazel.

digitalcoyote/bit 0

Bit is a modern Git CLI

digitalcoyote/BuildTaskNuGetPackageTemplate 0

A template for creating a NuGet Package that runs an exec task at build

digitalcoyote/ferdi 0

🧔🏽 Community fork of @meetfranz. Ferdi allows you to combine your favorite messaging services into one application

digitalcoyote/gitextensions 0

Git Extensions is a standalone UI tool for managing git repositories. It also integrates with Windows Explorer and Microsoft Visual Studio (2010/2012/2013/2015/2017).

digitalcoyote/guac-install 0

Script for installing Guacamole on Ubuntu

digitalcoyote/HIDInterface 0

C# Wrapper of HIDAPI from signal11, wrapper multiplatform, used for interfaction with generic HID Devices, USB or bluetooth

issue openeddigitalcoyote/NuGetDefense

Requesting Vulnerability Source jQuery v3.5.1

Hi, I use jQuery v3.5.1 (latest stable) with Visual Studion 2019. When I scan for security vulnerabilities with NuGetDefense I get the following report:

"CVE-2016-10707 : jQuery 3.0.0-rc.1 is vulnerable to Denial of Service (DoS) due to removing a logic that lowercased attribute names. Any attribute getter using a mixed-cased name for boolean attributes goes into an infinite recursion, exceeding the stack call limit."

This is a link to the full description: https://nvd.nist.gov/vuln/detail/CVE-2016-10707

I opened a ticket in jquery support, they answered me as follows:

"You should contact the creators of the scanner to report a bug. The CVE references a version that is not the one you are running. See #3133."

Please advise how to proceed to fix this issue.

Thanks in advance!

created time in 14 hours

push eventwarmuuh/milkman

Peter Mucha

commit sha c765c3ecf4f0f59c4e2c1276a86c4d09469a0b70

added oauth token auto-refresh

view details

push time in 15 hours

push eventwarmuuh/milkman

Peter Mucha

commit sha c2ba76dc9cbb123ee65e558cfc91392bdf9b5de3

added first oauth2 key support

view details

Peter Mucha

commit sha 89dd21217f52862192397597a74bddf1665ad871

added password grant support

view details

Peter Mucha

commit sha 18dec269765b8303552fc43c65e3227160889171

streamlined oauth tokens

view details

Peter Mucha

commit sha 83d5da0144f16110223d38d3425900ff10da2b6b

changelog

view details

push time in 20 hours

push eventwarmuuh/milkman

Peter Mucha

commit sha 18dec269765b8303552fc43c65e3227160889171

streamlined oauth tokens

view details

push time in 20 hours

starteddigitalcoyote/NuGetDefense

started time in 20 hours

pull request commentdigitalcoyote/chocolatey-packages

oh-my-posh to v3

@digitalcoyote good to know. The use case is legit, and for V2 it made sense. As V3 can be used on the WSL too, it should ideally bundle the executables and not the module. I'll draft something 😉

adehad

comment created time in a day

pull request commentdigitalcoyote/chocolatey-packages

oh-my-posh to v3

A general remark on my end. It makes zero sense to use chocolatey to install a Powershell module (it might have been OK for V2, but not for V3). However, looking at what scoop does for V3, that would be perfect for chocolatey too. I'd love to take ownership of the package, or guide this direction as that fits best with the use-case of V3.

adehad

comment created time in a day

PR opened digitalcoyote/chocolatey-packages

oh-my-posh to v3

Changes

  1. Allow use of v3 of oh-my-posh, by picking up new release tags format.
  2. Change v2 reference to Set-Theme to v3's Set-PoshPrompt.

FYI @JanDeDobbeleer, in case you spot anything else in the chocolateyinstall.ps1 that may need changing. @digitalcoyote I imagine the oh-my-posh.nuspec could use changing, but might leave that with you.

Background

Seems like v3 was in a pre-release/beta state until recently, I'm a complete novice with chocolatey/powershell, but noticed that oh-my-posh has a new major version and was wondering why it wasn't getting picked up, looks to be that the version tags are prefixed with v now.

I was able to get the below terminal output, but couldn't figure out how to run chocolateyinstall.ps1 after it unpacked the nupkg, so couldn't test it beyond that. <details> <summary>My amateur attempt at running update.ps1</summary> <p>

❯ .\update.ps1
oh-my-posh - checking updates using au version 2020.11.21
Install-PackageProvider: C:\Users\adehad\Documents\GitHub\chocolatey-packages\oh-my-posh\update.ps1:15
Line |
  15 |    Install-PackageProvider -Name NuGet -MinimumVersion 2.8.5.201 -Forc …
     |    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
     | Administrator rights are required to install packages in ''. Log
     | on to the computer with an account that has Administrator rights,
     | and then try again, or install in
     | 'C:\Users\adehad\AppData\Local\PackageManagement\ProviderAssemblies' by adding "-Scope CurrentUser" to your command. You can also try running the Windows PowerShell session with elevated rights (Run as Administrator).

Saved Module
Remove-Item: C:\Users\adehad\Documents\GitHub\chocolatey-packages\oh-my-posh\update.ps1:25
Line |
  25 |    Remove-Item -Path "./oh-my-posh/$version/Build" -Force -Recurse
     |    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
     | Cannot find path
     | 'C:\Users\adehad\Documents\GitHub\chocolatey-packages\oh-my-posh\oh-my-posh\3.106.4\Build' because it does not exist.

Remove-Item: C:\Users\adehad\Documents\GitHub\chocolatey-packages\oh-my-posh\update.ps1:26
Line |
  26 |    Remove-Item -Path "./oh-my-posh/$version/.vscode" -Force -Recurse
     |    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
     | Cannot find path
     | 'C:\Users\adehad\Documents\GitHub\chocolatey-packages\oh-my-posh\oh-my-posh\3.106.4\.vscode' because it does not exist.

Remove-Item: C:\Users\adehad\Documents\GitHub\chocolatey-packages\oh-my-posh\update.ps1:27
Line |
  27 |    Remove-Item -Path "./oh-my-posh/$version/TestsResults.xml" -Force
     |    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
     | Cannot find path
     | 'C:\Users\adehad\Documents\GitHub\chocolatey-packages\oh-my-posh\oh-my-posh\3.106.4\TestsResults.xml' because it does not exist.


URL check
nuspec version: 2.0.496
remote version: 3.106.4
New version is available
Automatic checksum skipped
Updating files
  $Latest data:
    NuspecVersion             (String)     2.0.496
    PackageName               (String)     oh-my-posh
    Version                   (String)     3.106.4
  oh-my-posh.nuspec
    setting id: oh-my-posh
    updating version: 2.0.496 -> 3.106.4
Attempting to build package from 'oh-my-posh.nuspec'.
Successfully created package 'C:\Users\adehad\Documents\GitHub\chocolatey-packages\oh-my-posh\oh-my-posh.3.106.4.nupkg'

Package updated

Path          : C:\Users\adehad\Documents\GitHub\chocolatey-packages\oh-my-posh
Name          : oh-my-posh
Updated       : True
Pushed        : False
RemoteVersion : 3.106.4
NuspecVersion : 2.0.496
Result        : {oh-my-posh - checking updates using au version 2020.11.21, , URL
                check, nuspec version: 2.0.496…}
Error         :                                                                                                          
NuspecPath    : C:\Users\adehad\Documents\GitHub\chocolatey-packages\oh-my-posh\oh-my-posh.nuspec                                                                                          NuspecXml     : #document
Ignored       : False                                                                                                    
IgnoreMessage :
StreamsPath   : C:\Users\adehad\Documents\GitHub\chocolatey-packages\oh-my-posh\oh-my-posh.json
Streams       :

</p> </details>

+6 -6

0 comment

4 changed files

pr created time in a day

fork adehad/chocolatey-packages

Template repository for Chocolatey Automatic Package Updater Module

fork in 2 days

issue commentdigitalcoyote/NuGetDefense

Requesting Vulnerability Source `dotnet list package --vulnerable`

Will this be an extra source for finding vulnerabilities that automatically can be ran? It would be a welcome addition since we cannot really use the dotnet list command as is in a CI/CD scenario without adding string comparison scripts around it. :-)

digitalcoyote

comment created time in 2 days

push eventwarmuuh/milkman

Peter Mucha

commit sha 89dd21217f52862192397597a74bddf1665ad871

added password grant support

view details

push time in 3 days

push eventbchavez/Bogus

bchavez

commit sha b9049abf8b40203c09079741bcb328da95899f81

Add answer to StackOverflow question: https://stackoverflow.com/questions/66444118/how-to-use-bogus-faker-with-initialization-properties Re: #213

view details

push time in 3 days

push eventbchavez/Bogus

bchavez

commit sha fe28f91c7e457c2e7bd6256aafe2485043b301d7

Add answer to StackOverflow question: https://stackoverflow.com/questions/66444118/how-to-use-bogus-faker-with-initialization-properties

view details

push time in 3 days

issue commentdigitalcoyote/chocolatey-packages

n3dr not updated

Thank you for your support!

030

comment created time in 4 days

create barnchwarmuuh/milkman

branch : feature/oauth

created branch time in 4 days

push eventwarmuuh/milkman

Peter Mucha

commit sha adf4bb630f26915d2b30191607b8d0f9b61d920d

added manage keyset dialog

view details

Peter Mucha

commit sha 16ed72e71ddd9c720b7d5664220eae23773e35ef

added plain key support

view details

Peter

commit sha 7f5b20d5962f583d8a78719d1ef8b9073b11ec5d

Merge pull request #98 from warmuuh/feature/secrets adds separate secrets. fixes #74

view details

push time in 4 days

issue closedwarmuuh/milkman

dont export secret environment variables

allow env-vars to be marked as secret. this leads to them not being replaced during export except if the corresponding checkmark is set ("export secrets") on sync, the variable names should be exported but no values, merging should ignore these "changes" similar for privatebin export

closed time in 4 days

warmuuh

PR merged warmuuh/milkman

adds separate secrets

this adds secrets which are handled differently than normal environment variables and are not synced. base for oauth support

+456 -88

0 comment

20 changed files

warmuuh

pr closed time in 4 days

PR opened warmuuh/milkman

adds separate secrets

this adds secrets which are handled differently than normal environment variables and are not synced. base for oauth support

+456 -88

0 comment

20 changed files

pr created time in 4 days

push eventwarmuuh/milkman

Peter Mucha

commit sha 16ed72e71ddd9c720b7d5664220eae23773e35ef

added plain key support

view details

push time in 5 days

create barnchwarmuuh/milkman

branch : feature/secrets

created branch time in 5 days

issue closedwarmuuh/milkman

Request Collection context menu unreadable in light theme

Request Collection context menu unreadable in light theme

closed time in 5 days

warmuuh

push eventwarmuuh/milkman

Peter Mucha

commit sha 5c086b8c06a58ac63ed034e12991ea7f548a72c3

fixing context menu css. fixes #94

view details

push time in 5 days

issue commentdigitalcoyote/chocolatey-packages

n3dr not updated

@digitalcoyote I will have a look.

030

comment created time in 5 days

issue openeddigitalcoyote/chocolatey-packages

n3dr not updated

Could the auto bot be updated so that the latest package of n3dr will become available on chocolatey?

created time in 6 days

starteddmjio/stripe

started time in 6 days

push eventbchavez/Bogus

Bill Robertson

commit sha e6fa4088ad17e6cd39130cd773fc138d3bd8e428

Fixes inconsistent space vs tabs on readme (#364) * Fixes inconsistent space vs tabs on readme This was creating additional nesting on the readme that was confusing. It made methods appear as nested methods of siblings. * Revert LoremPixelUrl; spacing is intended, but Port spacing is not intended. Co-authored-by: bchavez <bchavez@bitarmory.com>

view details

push time in 6 days

PR merged bchavez/Bogus

Fixes inconsistent space vs tabs on readme

This was creating additional nesting on the readme that was confusing. It made methods appear as nested methods of siblings.

+1 -1

0 comment

1 changed file

billrob

pr closed time in 6 days

PR opened bchavez/Bogus

Fixes inconsistent space vs tabs on readme

This was creating additional nesting on the readme that was confusing. It made methods appear as nested methods of siblings.

+14 -14

0 comment

1 changed file

pr created time in 6 days

startedyesodweb/yesod

started time in 6 days