blueboat
chromium
Our great sponsors
blueboat | chromium | |
---|---|---|
18 | 223 | |
1,918 | 17,358 | |
- | 2.1% | |
0.0 | 10.0 | |
about 1 year ago | about 15 hours ago | |
Rust | ||
Apache License 2.0 | BSD 3-clause "New" or "Revised" License |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
blueboat
-
What's with All the Runtimes for JavaScript?
Right now it is an exciting time for JavaScript. We just got a new shiny fast runtime Bun, with the last new kid Deno being released only 4 years ago, and we have edge computing/serverless runtimes like Cloudflare worker and Blueboat. With all these hypes for the JavaScript community, I could not help but ask, how come only JavaScript gets all these fancy new runtimes? Why don’t we hear these more often in other languages?
-
Show HN: Distributed SQLite on FoundationDB
Hello HN! I'm building mvsqlite, a distributed variant of SQLite with MVCC transactions, that runs on FoundationDB. It is a drop-in replacement that just needs an `LD_PRELOAD` for existing applications using SQLite.
I made this because [Blueboat](https://github.com/losfair/blueboat) needs a native SQL interface to persistent data. Apparently, just providing a transactional key-value store isn’t enough - it is more easy and efficient to build complex business logic on an SQL database, and it seems necessary to bring a self-hostable distributed SQL DB onto the platform. Since FoundationDB is Blueboat’s only stateful external dependency, I decided to build the SQL capabilities on top of it.
At its core, mvsqlite’s storage engine, mvstore, is a multi-version page store built on FoundationDB. It addresses the duration and size limits (5 secs, 10 MB) of FDB transactions, by handling multi-versioning itself. Pages are fully versioned, so they are always snapshot-readable in the future. An SQLite transaction fetches the read version during `BEGIN TRANSACTION`, and this version is used as the per-page range scan upper bound in future page read requests.
For writes, pages are first written to a content-addressed store keyed by the page's hash. At commit, hashes of each written page in the SQLite transaction is written to the page index in a single FDB transaction to preserve atomicity. With 8K pages and ~60B per key-value entry in the page index, each SQLite transaction can be as large as 1.3 GB (compared to FDB's native txn size limit of 10 MB).
mvsqlite is not yet "production-ready", since it hasn’t received enough testing, and I may still have a few changes to make to the on-disk format. But please ask here if you have any questions!
-
Show HN: Blueboat is an all-in-one, multi-tenant serverless JavaScript runtime
This sounds quite a bit like Cloudflare Workers, and they have a comparison page - https://github.com/losfair/blueboat/wiki/Comparison-with-Clo....
-
Are V8 isolates the future of computing?
Blueboat may be what you’re looking for
> If one writes Go or Rust, there are much better ways to run them than targeting WASM
wasm has its place, especially for contained workloads that can be wrapped in its strict capability boundaries (think, file-encoding jobs that shouldn't access anything else but said files: https://news.ycombinator.com/item?id=29112713).
> Containers are still the defacto standard.
wasmedge [0], atmo [1], krustlet [2], blueboat [3] and numerous other projects are turning up the heat [4]!
[0] https://github.com/WasmEdge/WasmEdge
[1] https://github.com/suborbital/atmo
[2] https://github.com/krustlet/krustlet
- Blueboat, an open-source alternative to Cloudflare Workers
-
Deno Deploy Beta 2
https://github.com/losfair/rusty-workers
They're not perfectly isolated to a high security standard such that you could deploy your own v8 workers SaaS. And they do have quirks and development woes. I haven't tested in production but if it's just your trusted apps wanting to exceed the cloudflare workers 30 scripts limit then both are wonderfully powerful solutions to put behind a https proxy.
chromium
-
Detect when your installed Chrome extensions have changed owners
Recently my favorite open source mouse gestures extension SmartUp Gestures was taken over by some shady entity (with github no longer being updated of course).
I opened Chrome ticket that they should ask to re-enable extension when ownership changes. They just closed the ticket replying with this link:
https://chromium.googlesource.com/chromium/src/+/main/extens...
:(
-
Supermium – Chromium fork for Win 2003 and newer
Hmm. It looks like files with the .lnk or .pif file extension can only be downloaded on a user gesture: https://chromium.googlesource.com/chromium/src/+/39841e54180...
So it can't be done silently. Although, I do wish the type was marked "DANGEROUS" a la dll files.
-
New Linux glibc flaw lets attackers get root on major distros
On Linux, Chromium uses setuid or user namespaces to restrict the access of sandboxed components and seccomp-bpf to reduce the kernel attack surface.
Check out the Chromium docs on this topic: https://chromium.googlesource.com/chromium/src/+/HEAD/docs/l...
-
Microsoft Edge ignores user wishes, slurps tabs from Chrome without permission
You can also disable JIT in Firefox by setting javascript.options.baselinejit to false in about:config, although you won't get CET.
[1] https://github.com/chromium/chromium/blob/12c232c43ce7324d30...
-
Apple Announces Changes to iOS, Safari, and the App Store in the European Union
Chromium targets iOS already: https://chromium.googlesource.com/chromium/src/+/main/docs/i...
- We build X.509 chains so you don't have to
-
Google Is Tracking You Even in Incognito Mode, New Disclaimer Is Up
For the sake of completeness, I've traced the evolution of the notice over time:
From 2008-07-26: "Going incognito doesn't affect the behavior of other people, servers, or software. Be wary of: / • Websites that collect or share information about you / • Internet service providers or employers that track the pages you visit / • Malicious software that tracks your keystrokes in exchange for free smileys / • Surveillance by secret agents / • People standing behind you" (https://chromium.googlesource.com/chromium/src/+/09911bf300f...)
From 2013-12-07: "Going incognito doesn't affect the behavior of other people, servers, software, or people standing behind you." (https://chromium.googlesource.com/chromium/src/+/c5e36c57178...)
From 2013-12-13: "However, you aren't invisible. Going incognito doesn't hide your browsing from your employer, your internet service provider, or the websites you visit." (https://chromium.googlesource.com/chromium/src/+/70821506825...)
From 2014-02-27: "However, you aren't invisible. Going incognito doesn't hide your browsing from your employer, your internet service provider, governments and other sophisticated attackers, or the websites you visit." (https://chromium.googlesource.com/chromium/src/+/ab54bd65701...)
From 2014-04-29: "Going incognito doesn't hide your browsing from your employer, your internet service provider, or the websites you visit." (https://chromium.googlesource.com/chromium/src/+/eb09a62ef40...)
From 2016-01-15: "However, you aren't invisible. Going incognito doesn’t hide your browsing from your employer, your internet service provider, or the websites you visit." (https://chromium.googlesource.com/chromium/src/+/b7dac1a6a79...)
From 2017-02-27: "Your activity might still be visible to: / • Websites you visit / • Your employer / • Your internet service provider" (https://chromium.googlesource.com/chromium/src/+/cfe102adddc...)
From 2017-03-29: "Your activity might still be visible to: / • Websites you visit / • Your employer or school / • Your internet service provider" (https://chromium.googlesource.com/chromium/src/+/7ca3ccf74e8...)
(Note that some of these were behind a feature flag for a few months.) Also, it looks like they've been intending to modify the new-tab page text for Incognito windows for some time, as part of the "Revamped Incognito NTP" project. You can view the modified text with 'chromium --enable-features=IncognitoNtpRevamp':
From 2021-08-13: "What Incognito doesn't do / Incognito does not make you invisible online: / • Sites know when you visit them / • Employers or schools can track browsing activity / • Internet service providers may monitor web traffic" (https://chromium.googlesource.com/chromium/src/+/e6ae57ba385...)
From 2022-01-25: "What Incognito doesn't do / Incognito does not make you invisible online: / • Sites and the services they use can see visits / • Employers or schools can track browsing activity / • Internet service providers can monitor web traffic" (https://chromium.googlesource.com/chromium/src/+/8b349f6c984...)
The incognito warning has always said that websites can still track you.* Point (b) won't be helped much by letting people know that Google is also a website.
*https://chromium.googlesource.com/chromium/src/+/09911bf300f...
-
What Progressive Web App (PWA) Can Do Today
Blink can now be compiled for iOS, but without JIT or WASM:
https://chromium.googlesource.com/chromium/src/+/main/docs/i...
https://bugs.chromium.org/p/chromium/issues/detail?id=141170...
-
People like me are why you shouldn't run a hosting company
I think its weird that Vercel has this limit. There is no practical reason I can think of for having such a limit on URL characters that is so small. Chrome suggests a 2MB limit[0] for example. The platform itself doesn't have one, and Firefox I believe if memory serves (I can't find the source for this claim atm) is 1 MB effectively, and I don't think Safari is any lower than that either (and may well be more inline with Chrome on this, at 2 MB)
[0]: https://chromium.googlesource.com/chromium/src/+/master/docs...
What are some alternatives?
ungoogled-chromium - Google Chromium, sans integration with Google
WebKit - Home of the WebKit project, the browser engine used by Safari, Mail, App Store and many other applications on macOS, iOS and Linux.
termux-packages - A package build system for Termux.
bromite - Bromite is a Chromium fork with ad blocking and privacy enhancements; take back your browser!
brave-browser - Next generation Brave browser for Android, Linux, macOS, Windows.
gecko-dev - Read-only Git mirror of the Mercurial gecko repositories at https://hg.mozilla.org. How to contribute: https://firefox-source-docs.mozilla.org/contributing/contribution_quickref.html
sciter-js-sdk - Sciter.JS - Sciter but with QuickJS on board instead of my TIScript
iceraven-browser - Iceraven Browser
fingerprintjs - Browser fingerprinting library. Accuracy of this version is 40-60%, accuracy of the commercial Fingerprint Identification is 99.5%. V4 of this library is BSL licensed.
brave-core - Core engine for the Brave browser for Android, Linux, macOS, Windows. For issues https://github.com/brave/brave-browser/issues
aniyomi - An app for manga and anime
Fenix - ⚠️ Fenix (Firefox for Android) moved to a new repository. It is now developed and maintained as part of: https://github.com/mozilla-mobile/firefox-android