Getting paranoid about your Rails application params? Try paramoid!

Paramoid is an extension for Rails Strong Parameters that allows to sanitize complex params structures with a super cool DSL, supporting:

• Required params and default values
• A simplified nested structures management
• Conditional sanitization, based on user auth, role or custom logic
• Renaming and remapping parameter names

Add the gem to your Gemfile

gem 'paramoid'

and run the bundle install command.

Declare a class extending Paramoid::Base.

class PersonParamsSanitizer < Paramoid::Base
  # @param [User] user
  def initialize(user = nil)
    params! :first_name, :last_name

    group! :address_attributes do
      params! :id, :road, :town, :state, :zip_code, :country
    end
  end
end

Then use it in your controller:

class PeopleController < ApplicationController

  def create
    @person = Person.create!(person_params)
  end

  private

  def person_params
    # The name is automatically inferred by the controller name
    sanitize_params!
    # Or you can instantiate a custom one
    # You can pass the current user or nil
    # CustomPersonParamsSanitizer.new(current_user).sanitize(params)
  end
end

Paramoid is based on Rails Strong Parameters and it’s inheriting its behaviour.

• param! is used to permit a single scalar parameter. param! :name is equivalent of params.permit(:name, ...)
• params! is just a shortcut to sanitize in mass a list of parameters having the same options
• group! is used to sanitize objects or arrays, like params.permit(my_key: [:list, :of, :keys])
• array! is an alias of group! and it’s added for readability: in Strong Parameters, params.permit(name: [:some_key]) accepts both a single object or an array of objects, and this is preserved here.

So the previous example:

class PersonParamsSanitizer < Paramoid::Base
  # @param [User] user
  def initialize(user = nil)
    params! :first_name, :last_name

    group! :address_attributes do
      params! :id, :road, :town, :state, :zip_code, :country
    end
  end
end

Is equivalent to:

params.permit(:first_name, :last_name, address_attributes: [:id, :road, :town, :state, :zip_code, :country])

Declaring a parameter as required, will raise a ActionController::ParameterMissing error if that parameter is not passed by to the controller. This also works with nested structures.

class UserParamsSanitizer < Paramoid::Base
  def initialize(user = nil)
    params! :first_name, :last_name, required: true
    group! :contact_attributes do
      param! :phone, required: true
    end
  end
end

You can declare a default value to a certain parameter. That value is assigned only if that value is not passed in the parameters.

Example:

class PostParamsSanitizer < Paramoid::Base
  def initialize(user = nil)
    param! :status, default: 'draft'
    param! :approved, default: false
  end
end

Input:

<ActionController::Parameters {"status"=>"published","another_parameter"=>"this will be filtered out"} permitted: false>

Output:

<ActionController::Parameters {"status"=>"published","approved":false} permitted: true>

You can also remap the name of a parameter.

class PostParamsSanitizer < Paramoid::Base
  def initialize(user = nil)
    param! :status, as: :state
  end
end

Input:

<ActionController::Parameters {"status"=>"draft","another_parameter"=>"this will be filtered out"} permitted: false>

Output:

<ActionController::Parameters {"state"=>"draft"} permitted: true>

By using the reference of the current_user in the constructor, you can permit certain parameters based on a specific condition.

Example:

class PostParamsSanitizer < Paramoid::Base
  def initialize(user = nil)
    params! :first_name, :last_name
    param! :published if user&.admin?
  end
end

You can also use the sanitizer DSL inline directly in your controller:

class PeopleController < ApplicationController
  def create
    @person = Person.create!(person_params)
  end

  private

  def person_params
    sanitize_params! do
      params! :first_name, :last_name, required: true
    end
  end
end

class PersonParamsSanitizer < Paramoid::Base
  # @param [User] user
  def initialize(user = nil)
    params! :first_name, :last_name, :gender

    param! :current_user_id, required: true

    param! :an_object_filtered
    param! :an_array_filtered

    array! :an_array_unfiltered

    param! :role if user&.admin?

    default! :some_default, 1

    group! :contact, as: :contact_attributes do
      params! :id, :first_name, :last_name, :birth_date, :birth_place, :phone, :role, :fiscal_code
    end
  end
end

• Params type checking and regexp-based validations

Paramoid is maintained by mònade srl.

We <3 open source software. Contact us for your next project!

Translate ( Indonesian )

Jika Anda menggunakan browser Chrome, ketuk titik tiga di sudut kanan atas untuk opsi “Terjemahkan…”

Starting from v2.3.0 and above, installation and environment setup are now handled automatically through the ( Vikaru-Installer ) repository.

After installation via the Vikaru-Installer, simply run:

• [1] Start Bot

Enter your WhatsApp number in international format ( e.g., +62 895-0889-9033 ).
Then, copy and link the pairing code to your WhatsApp application.

Once the connection is successful, the bot will be ready for use.
Try sending a simple command:

/menu

Manage sessions in real time while Node.js is running — just press “Enter” to open.

• [1] Stop: Stop all running sessions.
• [2] Add: Add a new WhatsApp session.
• [3] Run: Start a saved session from the session list.

Vikaru-Md is a multi-device WhatsApp bot designed for automation, AI integration, group moderation, and business support — with a clean, extensible, and developer-friendly architecture.

• Pairing Code & QR Code login
• Custom Pairing ID
• CLI Interactive Menu
• Whitelist system for index.js
• Clean & readable codebase
• Multi-prefix support
• Multi-session (run multiple bots simultaneously)
• Interactive interface/log viewer
• Anti Call / Anti Spam / Anti Link / Anti Virtex
• Group event responses (welcome, leave, promote, demote)
• Broadcast / Push Contact / Auto AI / Auto VN

• Other Menu
• AI Menu
• Convert Menu
• Search Menu
• Anime Menu
• Bug Menu
• Tools Menu
• Group Menu
• System Menu

You can purchase the script through Telegram or WhatsApp

Buyer Benefits:

• Lifetime updates (no expiration)
• Weekly feature updates
• Developer modification guidance
• Personal mentoring to build your own bot

We welcome contributions!
Open an issue or pull request — feedback and improvements are highly appreciated.

This project is licensed under the MIT License.

Please consider supporting the development of this project by ♡ GitHub Sponsorship. You’ll have profile badge displayed on the sponsors page!

New in v0.2: Type Script Preview and Hot Update https://vimeo.com/334605913

MDX Preview lets you preview MDX seamlessly. Write markdown / JSX, see it live refresh and get instant visual feedback.

To get started:

1. Run yarn install or npm install if necessary so that you have the npm dependencies in your workspace, and navigate to your md or mdx file; or just create an untitled file, change language mode (from command palette) to mdx and type some mdx code.
2. Open command palette, and type “MDX: Open Preview”; or click the magnifying glass.

Preview will automatically update when you change the file you are previewing or the files that currently previewed file depends on.

MDX Extension is recommended for syntax highlighting of MDX files.

You can apply custom layout to the MDX file by

1. Exporting a default layout value using export default

import Layout from '../components/Layout';

export default Layout

## Hello

2. Specifying a path to a custom layout config file in mdx-preview.preview.mdx.customLayoutFilePath extension setting. For example, the absolute path to the ../components/Layout file above.

3. When nothing is specified, by default it will apply VS Code Markdown styles. You can turn that off by mdx-preview.preview.useVscodeMarkdownStyles extension settings or “MDX: Toggle VSCode Markdown Styles” command.

You can import other files with .md or .mdx extension.

import AnotherMDX from './AnotherMDX.mdx'

<AnotherMDX></AnotherMDX>

If you have a JavaScript or TypeScript file that renders to the #root element, you can also preview that using MDX Preview. For example, you can preview the index.js file from your react app:

// index.js
import ReactDOM from 'react';
import App from './App';
ReactDOM.render(
  <App />,
  document.getElementById('root')
);

• Service worker / Local storage are not available.
• Use MemoryRouter if you are using React Router.

Code will only be evaluated inside VS Code extension webview’s isolated iframe. The MDX files can only require dependencies within your active workspace folders. By default, only HTTPS content is allowed within the webview. Of course, you still need to make sure you trust the MDX file you preview, AND trust the files inside your workspace. Note that with the default Content Security Policy, you would not be able to preview a LiveEditor.
You can change your security settings through mdx-preview.preview.security extension setting or “MDX: Change Security Settings” command.

This extension contributes the following settings:

• mdx-preview.preview.previewOnChange: If set to true, previews on file change; If set to false, previews on file save
• mdx-preview.preview.security: Security policy settings
• mdx-preview.preview.useVscodeMarkdownStyles: Use VS Code Markdown Styles for layout.
• mdx-preview.preview.useWhiteBackground: Use white background regardless of current theme settings.
• mdx-preview.preview.mdx.customLayoutFilePath: Path of custom layout file to use
• mdx-preview.build.useSucraseTranspiler: Use sucrase as transpiler (A faster alternative to babel) instead of Babel/TypeScript transpiler

MDX Preview transpiles your .mdx file using @mdx-js/mdx, sends the initial file to the webview, and recursively fetches local dependencies (from your workspace) and npm dependencies (from node_modules directory) from your workspace using polestar, a commonjs-ish module loader for browsers. MDX Preview has provided built-in dependencies for MDX rendering like react, react-dom and @mdx-js/tag.

In most cases runtime errors will surface in react-error-overlay. If it doesn’t, you can open “Developer: Open Webview Developer Tools” (from command palette) to inspect the error. Note that VS Code webview has some inherent limitations that might cause errors. For example, components that use local storage but without a try/catch block.

Build issues? Try checking mdx-preview.build.useSucraseTranspiler extension setting. It might solve it.

• TypeScript support
• Scroll Sync
• remark/rehype plugins
• Integrations with gatsby / x0 /…

This extension is not possible without the help from James and the open source polestar library.

Saying thanks to these awesome open source projects as well:

• Codesandbox preview for Atom for the idea of recursively resolving dependencies in the workspace and presenting in a preview.
• @mdx-js/mdx for creating the authorable format
• gatsby-mdx for properly doing MDX layout
• markdown-language-features for the markdown stylings and lessons on how to write a preview extension
• codesandbox for inspirations on a rapid feedback loop
• mdx extension for mdx language contrib

My name is Felipe Fernandes Secato and I am a Bachaelor of Information Systems at UFES (Federal University of Espírito Santo).
This repository has all the files and results of my bachelor dissertation.

Application of Augmented Reality without markers for visualization of online products through a mobile application.

Augmented reality is a technology that has gained a lot of space in recent years primarily because of the popularity and ease of access of mobile devices, but the most common use of augmented reality is still very restricted to marketing and games. This work aimed to evaluate the use of augmented reality without markers as an alternative in the visualization of products of a virtual store, a mobile application capable of obtaining a 3D model of the Internet and making use of augmented reality without markers with the SLAM tracking technique, allowing the application to work in any environment without the need for prior knowledge of the site. The validation of the application was made through a qualitative questionnaire, where it was analyzed questions such as ease of use, main problems found and usefulness of the application. Augmented reality without the use of markers has proven to be a viable alternative for viewing online products, enabling the user to preview the product in their own environment before purchasing it.

• Unity 3D
• Kudan AR SDK (SLAM tracking technique)

- app                  -> unity project
- loja                 -> support site
- felipesecato_tcc.pdf -> full work (only portuguese)

Requirements:
– Android 4.4.2 or above
– Internet access

1 – Download the app from play store.

2 – Access the virtual store created for this work, this store offers the 3D models of the products.

https://secato.github.io/tcc/loja/index.html

3 – With the application open, click the scan button and scan the barcode of the product you want to see in your environment.

4 – Click the RA button, choose the height between your mobile device and the floor and click the middle button (eye icon), the 3D object will be positioned in place of the red marker.

For questions and information regarding the work contact me at the email contact@felipesecato.com

Meu nome é Felipe Fernandes Secato e sou Bacharel de Sistemas de Informação pela UFES (Universidade Federal do Espírito Santo).
Este repositório conta com todos os arquivos e resultados do meu Trabalho de Conclusão de Curso, a seguir mais informações do mesmo:

Aplicação de realidade aumentada sem marcadores para a visualização de produtos online através de uma aplicação móvel.

A realidade aumentada é uma tecnologia que tem ganhado muito espaço nos últimos anos principalmente por conta da popularidade e facilidade de acesso dos dispositivos móveis, mas o uso mais comum da realidade aumentada ainda é muito restrito a ações de marketing e jogos. Este trabalho teve como objetivo avaliar o uso da realidade aumentada sem marcadores como alternativa na visualização de produtos de uma loja virtual, sendo desenvolvido uma aplicação móvel capaz de obter um modelo 3D da Internet e que faz uso da realidade aumentada sem marcadores com a técnica de rastreio SLAM, permitindo assim que o aplicativo funcionasse em qualquer ambiente sem a necessidade de um conhecimento prévio do local. A validação da aplicação foi feita por meio de questionário qualitativo, onde foi analisado questões como facilidade de uso, principais problemas encontrados e utilidade da aplicação. A realidade aumentada sem uso de marcadores se mostrou uma alternativa viável para visualização de produtos online, possibilitando que o usuário visualize o produto préviamente em seus próprio ambiente, antes mesmo de realizar a compra.

• Unity 3D
• Kudan AR SDK (rastreio com a técnica SLAM)

- app                   -> projeto da aplicação móvel
- loja                  -> loja virtual de apoio
- felipesecato_tcc.pdf  -> trabalho completo

Requisitos:
– Android 4.4.2 ou acima
– Internet

1 – Baixe a aplicação disponível na google play no link a seguir.

2 – Acesse a loja virtual criada para este trabalho, essa loja disponibiliza os modelos 3D dos produtos.

https://secato.github.io/tcc/loja/index.html

3 – Com a aplicação aberta, clique no botão scan e escanei o código de barras do produto que deseja visualizar no seu ambiente.

4 – Clique no botão RA, escolha a altura entre o seu dispositivo móvel e o chão e clique no botão do meio (ícone de olho), o objeto 3D será posicionado no lugar do marcador vermelho.

Para dúvidas e informações a respeito do trabalho entre em contato através do e-mail contact@felipesecato.com

https://www.thingiverse.com/dutchmogul/collections/4th-edition-pocket-tactics

The data in the json and template Wordings are in German.
It currently covers the Core Set 1 and 2 from the 4th Edition of Pocket Tactics.
The CSS is optimized for printing 9 Cards on 1 DIN A4 page.
The Game Rules are also available in german in the file Pocket Tactics Regeln deutsch.pdf

Just add new units or terrain to the db.json and they will be rendered automatically

This project was bootstrapped with Create React App.

In the project directory, you can run:

Runs the app in the development mode.
Open http://localhost:3000 to view it in the browser.

The page will reload if you make edits.
You will also see any lint errors in the console.

Launches the test runner in the interactive watch mode.
See the section about running tests for more information.

Builds the app for production to the build folder.
It correctly bundles React in production mode and optimizes the build for the best performance.

The build is minified and the filenames include the hashes.
Your app is ready to be deployed!

See the section about deployment for more information.

Note: this is a one-way operation. Once you eject, you can’t go back!

If you aren’t satisfied with the build tool and configuration choices, you can eject at any time. This command will remove the single build dependency from your project.

Instead, it will copy all the configuration files and the transitive dependencies (Webpack, Babel, ESLint, etc) right into your project so you have full control over them. All of the commands except eject will still work, but they will point to the copied scripts so you can tweak them. At this point you’re on your own.

You don’t have to ever use eject. The curated feature set is suitable for small and middle deployments, and you shouldn’t feel obligated to use this feature. However we understand that this tool wouldn’t be useful if you couldn’t customize it when you are ready for it.

You can learn more in the Create React App documentation.

To learn React, check out the React documentation.

This section has moved here: https://facebook.github.io/create-react-app/docs/code-splitting

This section has moved here: https://facebook.github.io/create-react-app/docs/analyzing-the-bundle-size

This section has moved here: https://facebook.github.io/create-react-app/docs/making-a-progressive-web-app

This section has moved here: https://facebook.github.io/create-react-app/docs/advanced-configuration

This section has moved here: https://facebook.github.io/create-react-app/docs/deployment

This section has moved here: https://facebook.github.io/create-react-app/docs/troubleshooting#npm-run-build-fails-to-minify

This is an example setup to run a self-hosted Invoice Ninja instance via Docker
container. The idea is to run everything inside a container and to not expose
any involved services to the public, except for the web interface via a reverse
proxy supporting HTTPS.

As a bonus, the SQL database can be accessed directly via phpmyadmin. This
shouldn’t be necessary, but I have experienced situations where this became
necessary. This interface is also not for public use.

** Caution: Services not intended for public use should NEVER be made available
publicly. **

This multi-container setup requires a running server with
a recent operating system supporting Docker. The containers involved are:

• invoiceninja_web: web-server to provide HTTP
  access to the Invoice Ninja application; it’s interface will be made
  available on localhost only and can be accessed through a reverse proxy
  providing HTTPS. It can be tweaked via its own config file.

• invoiceninja_app: The application’s backend
  container, provided by the Invoice Ninja application. It will store its
  files in a persistent storage and share the public files with the
  web-server container. No ports will be published.

• invoiceninja_db: The official MySQL 8
  Docker container running the database for the instance. It contains the
  data entered through the app’s web interface. The data is stored in a
  persistent mount point.

• invoiceninja_dbadmin: The official
  phpMyAdmin container running a web interface to the database. This
  container is completely optional. Its interface is not made public, but
  available via localhost. We can access it through a temporary forward SSH
  tunnel.

The containers share the same network to be able
to communicate with each other.

The full setup further requires a reverse-proxy configuration for
Apache2 or Nginx, and a systemd system
service to automatically start and restart the
container union.

This software is required:

• docker.io | docker-ce | docker
• optional: docker-compose (one can use docker compose command as well)
• apache2 | nginx-light | nginx

The docker version shipped in most distributions might already be fine. It
definitely is for Debian Bullseye, for example. There is not really a reason to
get the docker CE packages.

If SysVinit is used instead of systemd, then the service file contains every
necessary to write an init script based on it.

Although one can change the docker-compose.yml file,
most configuration takes place in the .env file. There is an example
configuration in the .env.example file.

Let’s go though each item:

• INVOICE_NINJA_HOME: This is used in the docker-compose.yml file to define the local path where the database and the application files should be stored outside the container in a persistent location. The variable in the systemd service file overwrites the variable defined here.

It is intended to not expose the port to access the phpMyAdmin service to the
public. To use it, we can create an SSH forward tunnel from our host to the
server running the container. A forward tunnel is basically a tunnel, that
starts on a local IP and port and forwards all packetsi from there to a remote
IP and port. So, if phpMyAdmin is available on the remote server on localhost
port 8000, we can do:

ssh -N -L localhost:8000:localhost:8000 <remote server>

then we can access phpMyAdmin locally via http://localhost:8000/ as long as
the tunnel exists, and we can view, change, and backup the remote database.

I: The interface shows only a few languages and currencies and misses most
after the first login

Open http://your.domain.tld/update?secret=secret in the browser. Of course
replace the placeholder here by the real domain.

Thanks to
https://forum.invoiceninja.com/t/missing-languages-currencies/12026/3.

I: There is an update available

If we run the systemd service, we just restart the server:

sudo systemctl restart invoiceninja.service

If we run the containers manually, then we basically have to shut the
containers down, pull the updates, and start them again:

docker-compose down
docker-compose pull --include-deps
docker-compose up (-d)

Scala Bcrypt is a scala friendly wrapper of jBCRYPT

The safe APIs will result in scala.util.Failures and scala.util.Successs when executing operations to explicitly indicate the possibility that certain bcrypt operations can fail due to providing incorrect salt versions or number of rounds (eg. > 30 rounds).

    scala>  import com.github.t3hnar.bcrypt._
    import com.github.t3hnar.bcrypt._

    scala>  "password".bcryptSafeBounded
    res1: Try[String] = Success($2a$10$iXIfki6AefgcUsPqR.niQ.FvIK8vdcfup09YmUxmzS/sQeuI3QOFG)

    scala>  "password".isBcryptedSafeBounded("$2a$10$iXIfki6AefgcUsPqR.niQ.FvIK8vdcfup09YmUxmzS/sQeuI3QOFG")
    res2: Try[Boolean] = Success(true)

Since Try is monadic, you can use a for-comprehension to compose operations that return Success or Failure with fail-fast semantics. You can also use the desugared notation (flatMaps and maps) if you prefer.

    scala>  val bcryptAndVerify = for {
      bcrypted <- "hello".bcryptBounded(12)
      result <- "hello".isBcryptedSafeBounded(bcrypted)
    } yield result
    res: Try[Boolean] = Success(true)

By default, the salt generated internally, and developer does not need to generate and store salt. But if you decide that you need to manage salt, you can use bcrypt in the following way:

    scala>  val salt = generateSalt
    salt: String = $2a$10$8K1p/a0dL1LXMIgoEDFrwO

    scala>  "password".bcryptBounded(salt)
    res3: Try[String] = Success($2a$10$8K1p/a0dL1LXMIgoEDFrwOfMQbLgtnOoKsWc.6U6H0llP3puzeeEu)

The Unsafe APIs will result in Exceptions being thrown when executing operations as certain bcrypt operations can fail due to providing incorrect salt versions or number of rounds (eg. > 30 rounds or password longer than 71 bytes). These Unsafe APIs are present for backwards compatibility reasons and should be avoided if possible.

    scala>  import com.github.t3hnar.bcrypt._
    import com.github.t3hnar.bcrypt._

    scala>  "password".bcryptBounded
    res1: String = $2a$10$iXIfki6AefgcUsPqR.niQ.FvIK8vdcfup09YmUxmzS/sQeuI3QOFG

    scala>  "password".isBcryptedBounded("$2a$10$iXIfki6AefgcUsPqR.niQ.FvIK8vdcfup09YmUxmzS/sQeuI3QOFG")
    res2: Boolean = true

    scala>  val salt = generateSalt
    salt: String = $2a$10$8K1p/a0dL1LXMIgoEDFrwO

    scala>  "password".bcryptBounded(salt)
    res3: String = $2a$10$8K1p/a0dL1LXMIgoEDFrwOfMQbLgtnOoKsWc.6U6H0llP3puzeeEu

libraryDependencies += "com.github.t3hnar" %% "scala-bcrypt" % "4.3.1"

<dependency>
    <groupId>com.github.t3hnar</groupId>
    <artifactId>scala-bcrypt_2.13</artifactId>
    <version>4.3.1</version>
</dependency>