Skip to content

Instantly share code, notes, and snippets.

View grushetsky's full-sized avatar

Konstantin Grushetsky grushetsky

36 followers · 59 following
  • Wink
View GitHub Profile
@hackermondev
hackermondev / research.md
Last active November 21, 2025 20:06
Unique 0-click deanonymization attack targeting Signal, Discord and hundreds of platform

hi, i'm daniel. i'm a 15-year-old high school junior. in my free time, i hack billion dollar companies and build cool stuff.

3 months ago, I discovered a unique 0-click deanonymization attack that allows an attacker to grab the location of any target within a 250 mile radius. With a vulnerable app installed on a target's phone (or as a background application on their laptop), an attacker can send a malicious payload and deanonymize you within seconds--and you wouldn't even know.

I'm publishing this writeup and research as a warning, especially for journalists, activists, and hackers, about this type of undetectable attack. Hundreds of applications are vulnerable, including some of the most popular apps in the world: Signal, Discord, Twitter/X, and others. Here's how it works:

Cloudflare

By the numbers, Cloudflare is easily the most popular CDN on the market. It beats out competitors such as Sucuri, Amazon CloudFront, Akamai, and Fastly. In 2019, a major Cloudflare outage k

@kconner
kconner / macOS Internals.md
Last active November 6, 2025 09:43
macOS Internals

macOS Internals

Understand your Mac and iPhone more deeply by tracing the evolution of Mac OS X from prelease to Swift. John Siracusa delivers the details.

Starting Points

How to use this gist

You've got two main options:

@sindresorhus
sindresorhus / esm-package.md
Last active November 21, 2025 09:14
Pure ESM package

Pure ESM package

The package that linked you here is now pure ESM. It cannot be require()'d from CommonJS.

This means you have the following choices:

  1. Use ESM yourself. (preferred)
    Use import foo from 'foo' instead of const foo = require('foo') to import the package. You also need to put "type": "module" in your package.json and more. Follow the below guide.
  2. If the package is used in an async context, you could use await import(…) from CommonJS instead of require(…).
  3. Stay on the existing version of the package until you can move to ESM.
@stonehippo
stonehippo / nodejs_raspberry_pi.md
Last active October 14, 2025 19:48
Methods for installing Node.js on Raspberry Pi

Setting Up Node.js On Raspberry Pi

There are several ways that you can set up Node.js on a Raspberry Pi when running Raspbian/Rapberry Pi OS. Depending on your needs, the version of the RPi that you're using, and how you like to manage installs, you have a lot of options.

A brief aside: alternative runtimes

Node.js was an early entrant to the Javascript runtime and I think it's still the most widely used. But it's not the only runtime out there these days. Some of the alternatives might be better choices for your Raspberry Pi setup.

The two other Javascript runtimes I've used are deno and bun. Both are newer than Node.js and have incorporated a modern features nicely, like built-in support for Typescript. They also have a more compact install, since they bundle everything into a single CLI executable.

@imevro
imevro / readme.md
Last active February 12, 2023 11:59
Дизайн REST API — основан на 4-летнем опыте работы
@threepointone
threepointone / for-snook.md
Last active December 3, 2024 21:48
For Snook

https://twitter.com/snookca/status/1073299331262889984?s=21

‪“‬In what way is JS any more maintainable than CSS? How does writing CSS in JS make it any more maintainable?”

‪Happy to chat about this. There’s an obvious disclaimer that there’s a cost to css-in-js solutions, but that cost is paid specifically for the benefits it brings; as such it’s useful for some usecases, and not meant as a replacement for all workflows. ‬

‪(These conversations always get heated on twitter, so please believe that I’m here to converse, not to convince. In return, I promise to listen to you too and change my opinions; I’ve had mad respect for you for years and would consider your feedback a gift. Also, some of the stuff I’m writing might seem obvious to you; I’m not trying to tell you if all people of some of the details, but it might be useful to someone else who bumps into this who doesn’t have context)‬

So the big deal about css-in-js (cij) is selectors.

@gaearon
gaearon / prepack-gentle-intro-1.md
Last active March 22, 2025 07:22
A Gentle Introduction to Prepack, Part 1

Note:

When this guide is more complete, the plan is to move it into Prepack documentation.
For now I put it out as a gist to gather initial feedback.

A Gentle Introduction to Prepack (Part 1)

If you're building JavaScript apps, you might already be familiar with some tools that compile JavaScript code to equivalent JavaScript code:

  • Babel lets you use newer JavaScript language features, and outputs equivalent code that targets older JavaScript engines.
@sebmarkbage
sebmarkbage / Infrastructure.js
Last active February 26, 2025 13:57
SynchronousAsync.js
let cache = new Map();
let pending = new Map();
function fetchTextSync(url) {
if (cache.has(url)) {
return cache.get(url);
}
if (pending.has(url)) {
throw pending.get(url);
}
@rondy
rondy / Effective_Engineer.md
Last active November 20, 2025 15:59

FWIW: I (@rondy) am not the creator of the content shared here, which is an excerpt from Edmond Lau's book. I simply copied and pasted it from another location and saved it as a personal note, before it gained popularity on news.ycombinator.com. Unfortunately, I cannot recall the exact origin of the original source, nor was I able to find the author's name, so I am can't provide the appropriate credits.

Effective Engineer - Notes

What's an Effective Engineer?

@garybernhardt
garybernhardt / types.markdown
Last active April 11, 2025 17:07

This document has moved!

It's now here, in The Programmer's Compendium. The content is the same as before, but being part of the compendium means that it's actively maintained.