profile
viewpoint
If you are wondering where the data of this site comes from, please visit https://api.github.com/users/ksjogo/events. GitMemory does not store any data, but only uses NGINX to cache data for a period of time. The idea behind GitMemory is simply to give users a better reading experience.
Johannes Bernhard Goslar ksjogo http://kronberger-spiele.de TypeScript, Godot, F#, Obj-C & Emacs Lisp when not designing board games or riding bicycles.

ahungry/geben 85

Geben - PHP xdebug for Emacs

ksjogo/emacs-libgit2 20

emacs module for libgit2

KronbergerSpiele/ks-godot-ci 0

Tuned Godot CI Docker Image

ksjogo/ac-php 0

emacs auto-complete & company-mode for php

issue commentpluspol-interactive/templavoilaplus

TYPO3 v10 compatibility

I don't have any multilang sites with TV. But going nearer to the core seems a reasonable approach long term.

opi99

comment created time in 4 days

push eventKronbergerSpiele/ks-godot

Johannes Goslar

commit sha 1f92811ab25f07e746ee3424ab58985cfce8e1a3

sharpen

view details

push time in 24 days

push eventKronbergerSpiele/ks-godot

Johannes Goslar

commit sha e4b487f8858ab9b5ddc87c964a11d1e1589445bb

globalize fsharp

view details

push time in a month

push eventKronbergerSpiele/ks-godot

Johannes Goslar

commit sha 4662c36fb3c44bdb7020cdb4998cba41d576d81d

enable prod

view details

push time in a month

push eventKronbergerSpiele/ks-godot

Johannes Goslar

commit sha 0d972d65dac5357b4d374b7f38c36b5715480851

try to fs

view details

push time in a month

push eventKronbergerSpiele/ks-godot

Johannes Bernhard Goslar

commit sha ed75abdb54916188d3779a4daee2e7a90193a540

Create README.md

view details

push time in a month

delete branch KronbergerSpiele/ks-godot

delete branch : dev

delete time in a month

create barnchKronbergerSpiele/ks-godot

branch : dev

created branch time in a month

push eventKronbergerSpiele/ks-godot

Johannes Goslar

commit sha 3a6d63da85085b9538a9c68d8493f169e9aa1a6c

in the beginning was the deed

view details

push time in a month

create barnchKronbergerSpiele/ks-godot

branch : master

created branch time in a month

created repositoryKronbergerSpiele/KSGodot

created time in a month

push eventKronbergerSpiele/ks-stick

Johannes Goslar

commit sha a503e525abf38060d06c76ae8dbb0721b53afec7

fix imports

view details

push time in a month

push eventKronbergerSpiele/ks-page

Johannes Goslar

commit sha 89720b3da2c1a2be46fb72db12b3a6483522a190

fix comments

view details

push time in a month

push eventKronbergerSpiele/ks-godot-ci

Johannes Goslar

commit sha 7aa6790b4f95553eb526ad10b011ce4021ae5703

add workflow

view details

push time in a month

push eventKronbergerSpiele/ks-godot-ci

Johannes Goslar

commit sha 41c57335e806f1e834af80f179836f12c241557e

switch to latest/3.3.2

view details

push time in a month

pull request commentuber/baseweb

feat: resolve #1282 exposing events in handlers and supporting onClick

Are the TypeScript types missing this onClick handler?

jh3y

comment created time in 2 months

issue commentbenmosher/eslint-plugin-import

pathGroups using minimatch instead of real regexes

Coincidentally Dan wrote something about regex vulns: https://overreacted.io/npm-audit-broken-by-design/

Then it won’t include outdated flexbox hacks in the output. Since multiple tools rely on the same configuration format for the browsers you target, Create React App uses the shared browserslist package to parse the configuration file.

So what’s the vulnerability here? “Regular Expression Denial of Service” means that there is a regex in browserslist that, with malicious input, could become very slow. So an attacker can craft a special configuration string that, when passed to browserslist, could slow it down exponentially. This sounds bad…

Wait, what?! Let’s remember how your app works. You have a configuration file on your machine. You build your project. You get static HTML+CSS+JS in a folder. You put it on static hosting. There is simply no way for your application user to affect your package.json configuration. This doesn’t make any sense. If the attacker already has access to your machine and can change your configuration files, you have a much bigger problem than slow regular expressions!

Okay, so I guess this “Moderate” “vulnerability” was neither moderate nor a vulnerability in the context of a project. Let’s keep going.

Verdict: this “vulnerability” is absurd in this context.

Let's hope the tooling will change.

ksjogo

comment created time in 2 months

issue closedbenmosher/eslint-plugin-import

pathGroups using minimatch instead of real regexes

The new pathGroup addition is using minimatch, this being based on shell glob expansions makes it incredible hard to do differing matching on paths containing ../ updots, as these are not easily (if at all) added to the minimatch expression in unspecified depth. Yes, the codebase should import from the roots and not jump up arbitrarily, but sometimes the world is at it is. This shortcoming is not evident inside the PR tests themselves, as all these prefix with special characters: https://github.com/benmosher/eslint-plugin-import/pull/1386/files I didn't find a way to express my wanted regex with minimatch, it would be great to have a shortcutting flag to just supply a real regex.

closed time in 3 months

ksjogo

issue commentbenmosher/eslint-plugin-import

pathGroups using minimatch instead of real regexes

Ah, okay, I wasn't aware of that angle. That indeed would be quite annoying.

Maybe I should generate some exploit report related to ../../../ paths and force prefixes on everyone. :D

ksjogo

comment created time in 3 months

issue commentbenmosher/eslint-plugin-import

pathGroups using minimatch instead of real regexes

I am still not clear in which case someone being able to add a regex inside my eslint config is the worst thing that party would be able to do, i.e. in which case would a party be able to add a regex to my config but not to be able to modify my codebase in some other way?

ksjogo

comment created time in 3 months

issue commentbenmosher/eslint-plugin-import

pathGroups using minimatch instead of real regexes

The issue remains. And I enthusiastically think that not much if anything is gained by not having regexs. But if the powers that be want to restrict the power, it probably wont fix.

ksjogo

comment created time in 3 months

issue commentsyl20bnr/spacemacs

Emacs gets stuck on "Indexing layers..." during boot.

Also started running into this with layers apparently not being loaded, will have a look.

Martinsos

comment created time in 3 months

issue commentsupasate/connected-react-router

Types problem whit connected-react-router

Also ran into that with strict turned on.

11ume

comment created time in 3 months