Skip to content

Instantly share code, notes, and snippets.

View maxgfr's full-sized avatar
🎯
Focusing

Maxime Golfier maxgfr

🎯
Focusing
152 followers · 519 following
View GitHub Profile
@maxgfr
maxgfr / github-org-backup.sh
Created February 8, 2026 11:32
Bash script to clone all public and private repositories from a GitHub organization using the GitHub REST API and a Personal Access Token. Handles pagination, skips already cloned repositories, and works out-of-the-box for full org backups or migrations.
#!/bin/bash
# ===== CONFIG =====
ORG_NAME="org"
GITHUB_TOKEN="abcdefgh"
CLONE_DIR="."
PER_PAGE=100
# ==================
mkdir -p "$CLONE_DIR"
@maxgfr
maxgfr / .zshrc
Last active January 29, 2026 12:00
My personal .zshrc setup, optimized for daily development with custom aliases, functions, and quality-of-life improvements.
export ZSH="/Users/max/.oh-my-zsh"
ZSH_THEME="robbyrussell"
plugins=(git
zsh-autosuggestions
zsh-syntax-highlighting
)
source $ZSH/oh-my-zsh.sh
@maxgfr
maxgfr / script.sh
Last active January 23, 2026 19:38
Mattermost teams leaving script
#!/usr/bin/env bash
set -euo pipefail
# Leave a Mattermost "organization" (team) interactively.
#
# Usage:
# ./script.sh -u <username> -p <password> -n <server_url> [-y]
#
# Notes:
@maxgfr
maxgfr / script.sh
Last active January 23, 2026 18:42
Mattermost read all notification script
#!/usr/bin/env bash
set -euo pipefail
# Requirements:
# - bash >= 4 (associative arrays + mapfile)
# - curl
# - jq
if [[ -z "${BASH_VERSINFO:-}" || "${BASH_VERSINFO[0]}" -lt 4 ]]; then
echo "❌ This script requires bash >= 4 (current: ${BASH_VERSION:-unknown})." >&2
@maxgfr
maxgfr / 0_how_to.md
Last active December 16, 2025 19:54
React2Shell Vulnerability scanner (only for Next.js projects)

React2Shell vulnerable versions list for use with package-checker.sh.

Note: This JSON file is intended only for Next.js projects using React Server Components. It provides a list of vulnerable versions to help detect affected packages in your project.

GitHub: https://github.com/maxgfr/package-checker.sh

Run the scan with:

curl -sS https://raw.githubusercontent.com/maxgfr/package-checker.sh/refs/heads/main/script.sh | bash -s -- --source https://gist.githubusercontent.com/maxgfr/e0ea8a2cabc53ed476cabda4709f6bd6/raw/633a44792d783f63156296fedcdb5cd37dfe0d85/react2shell_vuln.json
@maxgfr
maxgfr / 0_how_to.md
Last active November 28, 2025 18:02
Shai-Hulud Second Coming Vulnerability Checker

Shai-Hulud Second Coming Vulnerability Checker

A lightweight shell script to detect vulnerable npm packages related to the Shai-Hulud "Second Coming" supply chain attack.

What it does

This script recursively scans your entire Node.js monorepo or project for packages that match the vulnerable versions listed in:

  • Tenable's official database (JSON format)
  • Datadog's Indicators of Compromise (CSV format)
@maxgfr
maxgfr / remove_cache_macos.sh
Created October 24, 2025 13:11
Command to remove all cache on macos
rm -rf ~/Library/Caches/* && sudo rm -rf /Library/Caches/* /System/Library/Caches/* && killall Finder
@maxgfr
maxgfr / calendar.tsx
Last active June 6, 2025 09:55
Shadcn Calendar UI Picker with months selections
"use client";
import * as React from "react";
import { ChevronLeft, ChevronRight } from "lucide-react";
import { DayPicker } from "react-day-picker";
import { format } from "date-fns";
import { cn } from "~/lib/utils";
import { buttonVariants } from "~/components/ui/button";
import { fr } from "date-fns/locale";
@maxgfr
maxgfr / spotlight.sh
Created January 4, 2025 10:42
Re-index spotlight on MacOS
sudo -i
mdutil -Ea
mdutil -ai off
mdutil -ai on
@maxgfr
maxgfr / bypass.js
Created November 10, 2024 10:00
Bypass copy and paste restriction on a webpage by using Console
// Désactive toutes les restrictions de copier-coller
document.addEventListener('copy', function(e) {
e.stopPropagation();
}, true);
document.addEventListener('paste', function(e) {
e.stopPropagation();
}, true);
document.addEventListener('cut', function(e) {