Featured Articles

Trusted Boot (Anti-Evil-Maid, Heads, and PureBoot)
WordPress Profiling with XHProf (Debugging & Optimizing Speed)
Continuous Documentation: Hosting Read the Docs on GitHub Pages (2/2)
Introducing BusKill: A Kill Cord for your Laptop
Nightmare on Lemmy Street (A Fediverse GDPR Horror Story)
WordPress Multisite on the Darknet (Mercator .onion alias)
Hardening Guide for phpList
Crowdfunding on Crowd Supply (Review of my experience)
Detecting (Malicious) Unicode in GitHub PRs
previous arrow
next arrow

Detecting (Malicious) Unicode in GitHub PRs

By Michael Altfield, on November 22nd, 2021
Detecting Malicious Unicode in GitHub Pull Requests

This article will describe how you can utilize GitHub Actions to scan user-contributed PRs for unicode and automatically warn you if such commits contain (potentially invisible & malicious) unicode characters.

Why

Last month Trojan Source was published --- which described how malicious unicode characters could make source code appear benign, yet compile to something quite malicious.

Michael Altfield

Hi, I’m Michael Altfield. I write articles about opsec, privacy, and devops ➡

About Michael


. . . → Read More: Detecting (Malicious) Unicode in GitHub PRs

Leave a comment  

Continuous Documentation: Hosting Read the Docs on GitHub Pages (2/2)

By Michael Altfield, on July 23rd, 2020
Continuous Documentation with Read the Docs (2/2)

This post will describe how add translations (i18n), pdf/epub builds, and branch-specific versioned documentation to a Read-the-Docs-themed sphinx site hosted with GitHub Pages and built with GitHub's free CI/CD tools.

This is part two of a two-part series. Before reading this, you should already be familiar with Continuous Documentation: Hosting Read the Docs on GitHub Pages (1/2).

ⓘ Note: If you don't care about how this works and you just want to make a functional repo, you can just fork my 'rtd-github-pages' GitHub repo.

Michael Altfield

Hi, I’m Michael Altfield. I write articles about opsec, privacy, and devops ➡

About Michael


. . . → Read More: Continuous Documentation: Hosting Read the Docs on GitHub Pages (2/2)

4 comments  

Continuous Documentation: Hosting Read the Docs on GitHub Pages (1/2)

By Michael Altfield, on July 18th, 2020
Continuous Documentation with Read the Docs (1/2)

This post will describe how to host a sphinx-powered site (using the Read the Docs theme) on your own GitHub Pages site, built with GitHub's free CI/CD tools.

ⓘ Note: If you don't care about how this works and you just want to make a functional repo, you can just fork my 'rtd-github-pages' GitHub repo.

Michael Altfield

Hi, I’m Michael Altfield. I write articles about opsec, privacy, and devops ➡

About Michael


. . . → Read More: Continuous Documentation: Hosting Read the Docs on GitHub Pages (1/2)

9 comments