Josh Brown

icon indicating a website link https://ropware.com

icon company ROPWARE icon location Seattle icon location did you vaccuum the database?!

Results 9 issues of Josh Brown

Jb1/zipslip performance fix upstream

Original: https://github.com/github/codeql/pull/13281 (with performance improvements) ### Summary + Patched False negative case with original GH query (see bottom of post) + Patched False positive case with sanitizer wrappers (see below...

C#
documentation

Extraneous WS Message after error

1 comment

After an error is sent to the client via a websocket subscription, there is a following websocket message that is truncated: 1. The error message to the client ![image](https://github.com/morpheusgraphql/morpheus-graphql/assets/1904543/f681a6d1-dc51-4466-bbc1-eac871b92bcc) 2....

Custom Wrapper

How do we define a custom record wrapper? I see that there is the `EncodeWrapper` and `DecodeWrapper` type classes, by I'm not sure if this is the full story: https://hackage.haskell.org/package/morpheus-graphql-0.18.0/docs/Data-Morpheus-Types.html#t:EncodeWrapper...

Update isomorphic-fetch, allow fetch implementation to be passed in

https://github.com/nordsimon/graphql-client/pull/10 is favourable if working with node backend and `isomorphic-fetch`, but it wasn't on my environment. Allows the fetch implementation to be passed in, as `isomorphic-fetch` was seemingly ignoring proxy/agent...

Foreign Library Stanza

8 comment

- [Y ] Did you add a new feature to `hpack`? - [Y] Did you add an acceptance test for that new feature to `test/EndToEndSpec.hs`? Addresses https://github.com/sol/hpack/issues/258. Adds the following...

Pipenv Added

### Purpose Pin package and lib versions / dependencies https://github.com/jeffhacks/smbscan/issues/27 ### Description Creates a pipenv `Pipeifle` and associated `Pipfile.lock` for pinned version of the dependencies. ### Verification and Testing -...

CPP SimpleRangeAnalysis::getTruncatedUpperBounds NegativeArraySizeException

6 comment

**Description of the issue** Upon execute of cpp `Security\CWE\CWE-120\OverrunWrite.ql` against a 1.2GB compressed snapshot, the CodeQL CLI throws the following exception: ``` Starting evaluation of ...\Security\CWE\CWE-120\OverrunWrite.ql. Oops! A fatal internal...

question
awaiting-response

Change Polyfill.io URL to Cloudflare alternative

Changes import of compromised domain `polyfill.io` utilized in Supply Chain Attacks: https://sansec.io/research/polyfill-supply-chain-attack to cloudflare alternative

Add grafana proxy host forwarding

Sets the host header for requests to Grafana, as origin requests are required for some endpoints with mutations, namely changing the default account password. See: https://github.com/grafana/grafana/issues/54641#issuecomment-1236942863