expr: Any valid Rust expression (e.g.,2 + 2,func()).ident: An identifier, such as function names or variable names.ty: A Rust data type (e.g.,i32,Vec<String>).path: A qualified path (e.g.,std::collections::HashMap).stmt: A single statement.block: A block of code surrounded by curly braces{}.
Gabriel Falcão gabrielfalcao
gabrielfalcao
/ stop-using-jwts.md
Created
June 17, 2026 01:14
— forked from samsch/stop-using-jwts.md
Stop using JWTs
TLDR: JWTs should not be used for keeping your user logged in. They are not designed for this purpose, they are not secure, and there is a much better tool which is designed for it: regular cookie sessions.
If you've got a bit of time to watch a presentation on it, I highly recommend this talk: https://www.youtube.com/watch?v=pYeekwv3vC4 (Note that other topics are largely skimmed over, such as CSRF protection. You should learn about other topics from other sources. Also note that "valid" usecases for JWTs at the end of the video can also be easily handled by other, better, and more secure tools. Specifically, PASETO.)
A related topic: Don't use localStorage (or sessionStorage) for authentication credentials, including JWT tokens: https://www.rdegges.com/2018/please-stop-using-local-storage/
The reason to avoid JWTs comes down to a couple different points:
- The JWT specification is specifically designed only for very short-live tokens (~5 minute or less). Sessions
gabrielfalcao
/ README.md
Created
June 16, 2026 02:06
— forked from Fuwn/README.md
Windows XP All Editions Universal Product Keys Collection
Although Microsoft no longer supports Windows XP updates, I'm sure many users still use it due to personal habits or job demands. Therefore, XP's product keys may still be necessary. Here lies the most comprehensive list of Windows XP product keys.
The following CD keys are official and original from Microsoft, primarily used for Windows XP Professional Service Pack 2/3 VOL/VLK system images, which are among the easiest to find on the Internet.
gabrielfalcao
/ README.md
Last active
May 3, 2026 00:52
Using the wonderful tool "jaq" to perform "jq-like" operatoins in a Cargo.lock file
gabrielfalcao
/ shadow.gawk
Created
April 22, 2026 19:31
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| grep -E git /etc/passwd | gawk '{ delete parts; split($0, parts, ":"); owner=parts[1]; home=parts[6]; printf("cp -fav ~/.bashrc %s/.bashrc && chown -vR %s:%s \"%s\";\n", home, owner, owner, home) | |
| }' |
gabrielfalcao
/ pyproject.toml.jaq
Last active
April 20, 2026 09:14
using https://crates.io/crates/jaq to extract dependencies from pyproject.toml #jaq
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| jaq -r '.project.dependencies[] | match("(?<package>[a-zA-Z_-]+[a-zA-Z0-9_-]*)(?<features>.*?)(?<boolean_op>[<=>]+)(?<version>[0-9a-zA-Z._-]+)$") | .captures | map_values({key:.name,value:.string}) | from_entries' pyproject.toml | jaq -s |
gabrielfalcao
/ urls-to-clone.sh
Last active
April 19, 2026 21:01
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env bash | |
| set -umeTE | |
| set +f | |
| set -o pipefail | |
| export IFS=$'\n' | |
| declare -a owner_slash_repo_list=() | |
| declare -a github_repo_urls_to_clone=( |
gabrielfalcao
/ array-pop.sh
Last active
January 15, 2026 01:45
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| bash -c 'declare my_arr=( item{1..9});declare -i pos_last=$(( ${#my_arr[@]} - 1 ));echo ${my_arr[@]@A}; echo ${pos_last@A};until [ ${#my_arr[@]} -eq 0 ]; do pos_last=$(( ${#my_arr[@]} - 1 ));echo ${my_arr[@]@A}; echo ${pos_last@A}; set -v;my_arr=(${my_arr[@]:0:${pos_last}});set +v;echo ${my_arr[@]@A}; echo ${pos_last@A};done;' |
gabrielfalcao
/ install-dod-certificate.sh
Created
November 21, 2025 18:21
automatically download, install and trust DoD Root certificate on MacOS
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env bash | |
| set -e | |
| set -o pipefail | |
| set -u | |
| export IFS=$'\n' | |
| unset IFS | |
| declare -- cert_filename="DoD-Root-CA-3.cer" | |
| declare -A cert_checksums=( |
gabrielfalcao
/ jq-browse-npm-page-of-webpack-plugins-and-loaders.sh
Last active
November 1, 2025 23:53
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env bash | |
| set -e | |
| set -o pipefail | |
| set -o noglob | |
| set -u | |
| export IFS=$'\n' | |
| for url in $(jq -r '.dependencies as $k |.devDependencies as $d| ($k|keys) + ($d|keys) | .[] ' package.json | grep -E '(webpack-plugin|[-]loader)' | sed -E 's/^([a-z][a-z0-9-]+)$/https:\/\/www.npmjs.com\/package\/\1/g'); do | |
| open "${url}" |
NewerOlder