Muniu Kariuki muniu

Security Checklist (What can be done in CursorAI & software-level not infrastructure!)

Configuration Security

Detect secrets in code
Identify secrets committed to version control
Flag hardcoded credentials

Authentication & Authorization

Identify missing authentication checks
Detect improper authorization patterns

🗺️ OSM - self host the entire planet 🌎 in ~30 minutes 🚀

TL;DR

mkdir osm
wget -O osm/planet.mbtiles https://hidrive.ionos.com/api/sharelink/download?id=SYEgScrRe
podman run -ti --rm -p 9000:9000 --name sms -v $(pwd)/osm/:/data/ registry.gitlab.com/markuman/sms:latest
firefox http://localhost:9000

IT Department Tech Due Diligence Checklist

NOTE: An updated version is available over here: https://www.raphaelbauer.com/posts/due-diligence/

General organization of the IT department

Do your employees have a purpose. Do they know why they work with you?
- How KPMG supercharged purpose: https://hbr.org/2015/10/how-an-accounting-firm-convinced-its-employees-they-could-change-the-world
- https://hbr.org/2019/09/put-purpose-at-the-core-of-your-strategy
- Purpose framework and guide from HBR: https://hbr.org/2018/07/creating-a-purpose-driven-organization
Is there a product roadmap? Short term (next sprint), mid term (up to one year), long term (3 years and more)

Moved to Shopify/graphql-design-tutorial

System Design Cheatsheet

Picking the right architecture = Picking the right battles + Managing trade-offs

Basic Steps

Clarify and agree on the scope of the system

User cases (description of sequences of events that, taken together, lead to a system doing something useful)
- Who is going to use it?
- How are they going to use it?

	# whatsapp_server.py

	import os
	from typing import Annotated

	from pydantic import Field, BeforeValidator
	from pydantic_settings import BaseSettings, SettingsConfigDict
	from twilio.rest import Client as TwilioClient
	from twilio.base.exceptions import TwilioRestException

	This is free and unencumbered software released into the public domain.

	Anyone is free to copy, modify, publish, use, compile, sell, or
	distribute this software, either in source code form or as a compiled
	binary, for any purpose, commercial or non-commercial, and by any
	means.

	In jurisdictions that recognize copyright laws, the author or authors
	of this software dedicate any and all copyright interest in the
	software to the public domain. We make this dedication for the benefit

	package bill.boottest;

	import org.slf4j.Logger;
	import org.slf4j.LoggerFactory;
	import org.springframework.boot.CommandLineRunner;
	import org.springframework.boot.SpringApplication;
	import org.springframework.boot.autoconfigure.SpringBootApplication;
	import org.springframework.cloud.aws.messaging.listener.annotation.SqsListener;

	import com.fasterxml.jackson.annotation.JsonCreator;

	homeassistant:
	# Name of the location where Home Assistant is running
	name: [redacted]
	# Location required to calculate the time the sun rises and sets
	latitude: [redacted]
	longitude: [redacted]
	# C for Celcius, F for Fahrenheit
	temperature_unit: C
	# Pick yours from here: http://en.wikipedia.org/wiki/List_of_tz_database_time_zones
	time_zone: America/Los_Angeles

	# -- coding: utf-8 --
	"""
	Scrape a table from wikipedia using python. Allows for cells spanning multiple rows and/or columns. Outputs csv files for
	each table
	url: https://gist.github.com/wassname/5b10774dfcd61cdd3f28
	authors: panford, wassname, muzzled, Yossi
	license: MIT
	"""

	from bs4 import BeautifulSoup