TIL `github` CLI & Public Suffix List
Published
While attending the Web Security workshop by Steve Kinney at Frontend Masters today he demoed a neat feature of the GitHub Desktop app: you can install it as a command line tool e.g. github
. This becomes useful in the same way installing VS Code as code
: when in the directory of your (Git) repo, you can simply do github .
to quickly get a GUI. I personally rarely use a Git GUI, but Iโve used the GitHub Desktop app in the past and enjoyed it, so if it at all fits your workflow I think itโs a great tip. As an aside, this is different from GitHubโs CLI e.g. gh
.
Another TIL is the Public Suffix List (PSL) contains entries like github.io
and vercel.app
since users get subdomains on those websites and itโs important that SameSite
cookies arenโt shared arbitrarily. Previously, when I first discovered the PSL, I only thought it contained various TLDs. This Stack Exchange has additional context: https://security.stackexchange.com/questions/223473/for-samesite-cookie-with-subdomains-what-are-considered-the-same-site
I love hearing from readers so please feel free to reach out.