sdk
Our great sponsors
bad_actor_poc | sdk | |
---|---|---|
12 | 306 | |
322 | 9,792 | |
- | 1.0% | |
0.0 | 10.0 | |
almost 3 years ago | 4 days ago | |
Rust | Dart | |
MIT License | BSD 3-clause "New" or "Revised" License |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
bad_actor_poc
-
Why is `const fn` different from other “const” things?
I'm not suggesting people in this thread are wrong, but working for a security company gives a slightly different perspective. For example, there's really nothing stopping a rogue crate from exporting your private keys, just by using VS code. I wasn't thinking about this when I helped write that proposal, though.
- Did somebody play around with macros yet?
-
todo-or-die!
Having less tools that can do things like https://github.com/lucky/bad_actor_poc is a relief.
-
Workspace Trust in VS Code
Code execution that may not be so obvious could be the preLaunchTask that runs before starting the app and can run a build that has an extra task executing arbitrary code unrelated to the build. What about the npm module that steals your crypto wallet private keys? Make a simple edit and a malicious linter is loaded from the node_modules folder, instead of the one that is installed globally. Even reading the code can be deceptive, attackers can use Unicode hacks to hide malicious code in plain sight. Heck, you don't even have to open any source code to be owned.
- lucky/bad_actor_poc - Stealing secrets with Rust Macros proof-of-concept via VSCode: This shows a trivial example of exfiltrating secrets just by the developer opening up the source
- Visual Studio Code May 2021
-
Carnet: A Tool for Sandboxing Cargo and Buildscripts
https://github.com/lucky/bad_actor_poc is one example
-
Fixated on end-user security, FOSS developers neglect their own...
It turns out that because Rust can execute code at compile time, simply opening a Rust source file in an editor with code completion support can cause a virus to be installed on my computer. Apparently I can't trust anything but basic text editors anymore...
- Using Rust Macros to exfiltrate secrets
sdk
- Lançamento do App Edudu
- Dart: Improve JavaScript Interop
-
Top Paying Programming Technologies 2024
50. Dart - $55,862
-
What are your thoughts about gerrit?
Gerrit is optimized for in-house work lead by engineers who would rather be using Subversion. ("Subversion merge isn't worth using so I don't see why we need it.") It tends to be hostile to community contribution: outsiders get a second-class experience, so if community participation is your goal it's a bad choice.
-
Understanding Flutter Architecture Part 1 - Introduction
First off, Flutter uses Dart for its codebase. This means that the Dart programming language is used to develop the UIs, logic, and functionalities of applications and software built with Flutter.
-
The Road to Enhanced Flutter Development Part 1
The methods and other important information are documented in detail here. I have been exploring it and received some advice from Norbert 🙌.
- Flutter 3 on Devuan 4: 始め方
-
Flutter 3 on Devuan 4: Getting started
Programming Language: Dart
-
Flutter: Unleashing the Power of Cross-Platform App Development!
Official Dart website: dart.dev Dart Language Tour: dart.dev/guides/language/language-tour Dart API Reference: api.dart.dev
-
Is it possible to create Android apps using Rust?
Flutter is written in Dart, and its C interop story isn't strong (all functions that have to be callable from C have to be specifically annotated, and it doesn't support named parameters, which are used all over the place in Flutter). Here is my ticket for that.
What are some alternatives?
language - Design of the Dart language
obs-websocket - Remote-control of OBS Studio through WebSocket
carnet - A Tool for Sandboxing Cargo and Buildscripts
asdf - Extendable version manager with support for Ruby, Node.js, Elixir, Erlang & more
Visual Studio Code - Visual Studio Code
flutterfire - 🔥 A collection of Firebase plugins for Flutter apps.
macro_prototype - A very basic prototype of macros using build_runner
starter_architecture_flutter_firebase - Time Tracking app with Flutter & Firebase
code-it-later-rs - Filter crumbs you left in comments of code to remind where you were
buildozer - Generic Python packager for Android and iOS
security - Embargoed security issues that will be made public after a fix is made available. Use https://github.com/nim-lang/security/security
TypeScript - TypeScript is a superset of JavaScript that compiles to clean JavaScript output.