Skip to content

Instantly share code, notes, and snippets.

View mgreenly's full-sized avatar

Michael Greenly mgreenly

21 followers · 4 following
View GitHub Profile
@mgreenly
mgreenly / gemini.md
Created June 17, 2025 21:06
github

Excellent question. This is a common security and organizational challenge when working with third-party tools and automations.

The short answer is no, it is not possible to directly authorize a GitHub App or OAuth App to access only specific directories within a repository.

GitHub's permission model operates at the repository level. When you grant an app access to a repository, you grant it permissions (like Read on code, or Read & write on issues) for the entire repository. There is no native feature to scope that access down to a file or directory path.

However, there are several effective workarounds and architectural patterns to achieve a similar result. The best choice depends on your specific use case (e.g., CI/CD, code analysis, a custom bot).

@mgreenly
mgreenly / Dockerfile
Last active April 28, 2025 02:52
nix-docker
FROM nixos/nix AS build
RUN nix-channel --update
# Build a profile and package store in the /scratch directory. Only the files we install
# during this docker build will end up in this profile.
RUN mkdir -p /scratch/store
# Install all desired packages into the scratch profile. It's important to know that the
# packages themselve are installed in /nix/store during this step and the /scratch/profile
@mgreenly
mgreenly / shell.nix
Created April 8, 2025 12:41
simple ruby shell.nix
let
tarball = fetchTarball "https://github.com/NixOS/nixpkgs/archive/refs/tags/24.11.tar.gz";
pkgs = import tarball { config = {}; overlays = []; };
in
pkgs.mkShell {
packages = with pkgs; [
nodejs
ruby
@mgreenly
mgreenly / foo.rb
Created March 15, 2023 04:52
qty, size, bonus = "3d6-1"
.match(/^(\d+)d(\d+)([+-]\d+)?/)
.captures
.map(&:to_i)
@mgreenly
mgreenly / record.rb
Created December 17, 2021 00:32
class Record
class MissingField < Error; end
class << self
def build(hash)
new(*members.map{|m| hash[m.to_s] })
end
end
def initialize(*values)
self.class.members.zip(values).each do |member, value|
raise MissingField, "Unable to initialize #{self.class}, missing field: '#{member}'." if value.nil?
@mgreenly
mgreenly / simple-purescript.md
Created October 15, 2021 00:50

Quick and dirty https://www.purescript.org/ sample.

create a directory and enter it.

mkdir sample
cd sample

Use npm to install purescript and it's package manager spago.

@mgreenly
mgreenly / limited_polling_workers.rb
Created March 2, 2021 03:19
class Job
def self.fetch
return new if rand(100) > 85 # only return a job 15% of the time
end
attr_reader :count
def initialize
@count = rand(5) # some random data
end
@mgreenly
mgreenly / init-dev
Last active September 15, 2020 03:14
#!/bin/sh
# $1 is session/window name
# $2 is command to run in that session
mk_tmux_session() {
if [ -z "$1" ]; then
echo 'usage: startdev NAME'
exit 1
fi
@mgreenly
mgreenly / proxy.hs
Last active June 17, 2020 01:50
{-# LANGUAGE RecordWildCards #-}
import Data.Maybe
import Data.List
-- this defines the data type that will be read from the config file, all of the values are optional
data Proxy = Proxy
{ proxyKey :: Maybe String
, proxyUser :: Maybe String
@mgreenly
mgreenly / tuples.rb
Last active June 3, 2020 01:57
# The point is that only functions and function application are required to create all
# higher level language abstractions. You can use church encoding to turn functions
# into numbers, boolean values, logical operators, math operators, and in this case
# data structures.
fst = -> (a,_) { a } # no matter what 2 values are passed in return the 1st
snd = -> (_,b) { b } # no matter what 2 values are passed in return the snd
# a tuple is a function, that takes a function as an argument and applies it to the constant values of the tuple
tuple1 = ->(f){ f.('alpha', 'omega') }