Pack
github-explorer
Pack | github-explorer | |
---|---|---|
1 | 13 | |
234 | 133 | |
10.7% | 3.0% | |
6.0 | 4.3 | |
about 2 months ago | 4 months ago | |
Pascal | HTML | |
Apache License 2.0 | - |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
Pack
-
Backdoor in upstream xz/liblzma leading to SSH server compromise
The `pack`[0] compression utility that reached the HN front page the other day[1] is setting off my alarm bells right now. (It was at the time too, but now doubly so)
It's written in Pascal, and the only (semi-)documented way to build it yourself is to use a graphical IDE, and pull in pre-compiled library binaries (stored in the git repo of a dependency which afaict Pack is the only dependent of - appears to be maintained by the same pseudonymous author but from a different account).
I've opened an issue[2] outlining my concerns. I'm certainly not accusing them of having backdoored binaries, but if I was setting up a project to be deliberately backdoorable, it'd look a lot like this.
[0] https://pack.ac/
[1] https://news.ycombinator.com/item?id=39793805
[2] https://github.com/PackOrganization/Pack/issues/10
github-explorer
-
Backdoor in upstream xz/liblzma leading to SSH server compromise
clickhouse has pretty good github_events dataset on their playground that folks can use to do some research - some info on the dataset https://ghe.clickhouse.tech/
Example of what user JiaT75 did so far:
https://play.clickhouse.com/play?user=play#U0VMRUNUICogRlJPT...
pull requests mentioning xz, 5.6 without downgrade, cve being mentioned in the last 60 days:
https://play.clickhouse.com/play?user=play#U0VMRUNUIGNyZWF0Z...
- Everything You Always Wanted to Know About GitHub (But Were Afraid to Ask)
-
Stargazers intersections for most popular GitHub projects in Venn diagrams
It shouldn’t be hard to implement: https://ghe.clickhouse.tech/#how-to-download-the-data
- GitHub Profile Achievements
-
Getting 10TB of GitHub Logs and Extracting Details of All Users and Repositories
The article leaves a bitter taste of unnecessary complexity. Data engineering should not be hard.
For example, you can load the GitHub Archive to ClickHouse, and it will be accessible with interactive real-time queries: https://ghe.clickhouse.tech/
See also https://til.simonwillison.net/clickhouse/github-explorer
-
Hundreds of millions of stars turned into a map of GitHub projects
I recommend checking https://ghe.clickhouse.tech/
It explains the full pipeline - how to download, collect, and analyze this sort of data.
- Everything you always wanted to know about GitHub (but were afraid to ask)
-
Cached Chrome Top Million Websites
Yes, it's continuously updated.
The source code is here: https://github.com/ClickHouse/github-explorer
This shell scripts updates it: https://github.com/ClickHouse/github-explorer/blob/main/upda...
What are some alternatives?
rust1 - rust1
map-of-github - Inspirational Mapping
tukaani-project
crux-top-lists - Downloadable snapshots of the Chrome Top Million Websites pulled from public CrUX data in Google BigQuery.
stencil-golang - Template repository for Golang applications
map-of-reddit - Interactive map of reddit
github-profile-trophy - 🏆 Add dynamically generated GitHub Stat Trophies on your readme
demo - A new issue is created in this repo every minute
hn-search - Hacker News Search
Comcast - Simulating shitty network connections so you can build better systems.
Anime-Girls-Holding-Programming-Books - Anime Girls Holding Programming Books
Anime-Girls-Holding-Programming-