Elm
Our great sponsors
bad_actor_poc | Elm | |
---|---|---|
12 | 198 | |
322 | 7,447 | |
- | 0.6% | |
0.0 | 5.4 | |
almost 3 years ago | about 2 months ago | |
Rust | Haskell | |
MIT License | BSD 3-clause "New" or "Revised" License |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
bad_actor_poc
-
Why is `const fn` different from other “const” things?
I'm not suggesting people in this thread are wrong, but working for a security company gives a slightly different perspective. For example, there's really nothing stopping a rogue crate from exporting your private keys, just by using VS code. I wasn't thinking about this when I helped write that proposal, though.
- Did somebody play around with macros yet?
-
todo-or-die!
Having less tools that can do things like https://github.com/lucky/bad_actor_poc is a relief.
-
Workspace Trust in VS Code
Code execution that may not be so obvious could be the preLaunchTask that runs before starting the app and can run a build that has an extra task executing arbitrary code unrelated to the build. What about the npm module that steals your crypto wallet private keys? Make a simple edit and a malicious linter is loaded from the node_modules folder, instead of the one that is installed globally. Even reading the code can be deceptive, attackers can use Unicode hacks to hide malicious code in plain sight. Heck, you don't even have to open any source code to be owned.
- lucky/bad_actor_poc - Stealing secrets with Rust Macros proof-of-concept via VSCode: This shows a trivial example of exfiltrating secrets just by the developer opening up the source
- Visual Studio Code May 2021
-
Carnet: A Tool for Sandboxing Cargo and Buildscripts
https://github.com/lucky/bad_actor_poc is one example
-
Fixated on end-user security, FOSS developers neglect their own...
It turns out that because Rust can execute code at compile time, simply opening a Rust source file in an editor with code completion support can cause a virus to be installed on my computer. Apparently I can't trust anything but basic text editors anymore...
- Using Rust Macros to exfiltrate secrets
Elm
-
Ludic: New framework for Python with seamless Htmx support
Elm [1] is based on a similar idea. Build your app from pure functions that return HTML tags.
[1] https://elm-lang.org/
- Learning Elm by porting a medium-sized web front end from React (2019)
-
Can you make your own JavaScript by implementing ECMAScript standard?
You also wouldn't really be creating your own new programing language. You would be creating something that can run JavaScript by following JavaScript standards and syntax. You might be able to add some non-standard features of your own on top of those standards, or include your own standard library of helpers or utilities, but you can't completely make a new or alternative language and then load it in the browser (or at least not by reimplementing ECMAScript standards... you actually can make your own language that runs within any Javascript enviroment, if you provide an interpreter or compiler that transforms it into valid JS. Some people have done something like this, eg Elm: https://elm-lang.org/).
-
What is the best way to present the user the results of Haskell computations?
You should at least have a look at https://elm-lang.org/ it is a pure functional language like Haskell (although with fewer fancy syntax/type classes) but it has some lovely libraries for visualisation and even with plain elm (+ elm-ui) doing string transformations can be easily done.
- Course using F#: Write your own tiny programming system(s)
-
Building React Components Using Unions in TypeScript
I get it. However, the whole point of using Unions to narrow your types, ensure only a set of possible scenarios can occur, and only access data of a particular union when it’s safe to do so. That’s some of what pattern matching can provide, and 100% of what using switch statements in TypeScript with their Discriminated Unions can provide. Yes, it’s not 100% exhaustive, but TypeScript is not soundly typed, and even Elm which is still has the same issue TypeScript does: You’re running in JavaScript where anything is possible. So it’s good enough to build with and much better than what you had.
- What's the state of the Elm repo? · Issue #2308 · elm/compiler
-
How to render a basic calendar UI in Elm
The beauty of a language like Elm (and other lambda-calculus / functional programming inspired languages) is that there's very little transformation involved in going from an idea to code. And that seems to have a big impact on getting things done.
- Como desenvolvi um backend web em Clojure
-
Is it possible to write games like Pac-Man in a functional language?
I think the most fun and approachable way for beginners to build games with functional programming is with Elm [1].
See a few (small, demo) games built by the community in [2] .
Notice Elm has abandoned the FRP approach in favor of Model-View-Update [3].
[1] https://elm-lang.org/
What are some alternatives?
language - Design of the Dart language
rescript-compiler - The compiler for ReScript.
carnet - A Tool for Sandboxing Cargo and Buildscripts
haskelm - Haskell to Elm translation using Template Haskell. Contains both a library and executable.
Visual Studio Code - Visual Studio Code
purescript - A strongly-typed language that compiles to JavaScript
macro_prototype - A very basic prototype of macros using build_runner
yew - Rust / Wasm framework for creating reliable and efficient web applications
code-it-later-rs - Filter crumbs you left in comments of code to remind where you were
idris - A Dependently Typed Functional Programming Language
security - Embargoed security issues that will be made public after a fix is made available. Use https://github.com/nim-lang/security/security
reflex - Interactive programs without callbacks or side-effects. Functional Reactive Programming (FRP) uses composable events and time-varying values to describe interactive systems as pure functions. Just like other pure functional code, functional reactive code is easier to get right on the first try, maintain, and reuse.