compromised
wg-metrics-and-metadata
compromised | wg-metrics-and-metadata | |
---|---|---|
1 | 4 | |
18 | 221 | |
- | 0.9% | |
0.0 | 5.9 | |
over 1 year ago | 15 days ago | |
Go | ||
BSD 3-clause "New" or "Revised" License | Apache License 2.0 |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
compromised
-
Have I Been Pwned: Open-Source in the .NET Foundation and Working with the FBI
It is a big contribution to opensource it. The work behind the data is huge and extremely significant. Thanks Troy!
The service implementation that I did with a bit different technical requirement is here https://github.com/janos/compromised as an alternative. It is actively used behind the NewReleases.io service.
wg-metrics-and-metadata
-
Have I Been Pwned: Open-Source in the .NET Foundation and Working with the FBI
Issue is that .net is a language oriented foundation, not a cyber security one. Sending the project there looks like an ad for a Microsoft initiative and not something done with the best interest of HIBP in mind. Just an example, there is foundation literally called Open Source Security Foundation.1 If I write a python security tool and it is useful for the community, I'd think first of transferring it to them, not to the Python foundation.
1. https://openssf.org/
-
Open Source Security Foundation
I work at Microsoft and lead one of the OpenSSF working groups (https://github.com/ossf/wg-identifying-security-threats). We're always looking for folks to join the conversation and contribute to any working groups. There is a public calendar for those meetings, and there is a recording of our last town hall at https://openssf.org under the Community menu at the top.
I'm also looking to hire a software/security engineer to join our team at Microsoft, to improve security tooling and analysis around open source. This work will align/contribute to OpenSSF projects. If you like having one foot in software development and the other in security, please take a look: https://careers.microsoft.com/us/en/job/1009857
What are some alternatives?
copper - πβββ ββββββββββββCopper is a Go toolkit complete with everything you need to build web apps.
do - βοΈ A dependency injection toolkit based on Go 1.18+ Generics.
kala - Modern Job Scheduler
fx - A dependency injection based application framework for Go.
casbin-server - Casbin as a Service (CaaS)
vertex - Serverless GraphQL API Gateway