ctf-collab
dear-github
Our great sponsors
ctf-collab | dear-github | |
---|---|---|
6 | 8 | |
69 | 5,151 | |
- | 0.0% | |
4.5 | 0.0 | |
about 1 year ago | over 3 years ago | |
Shell | ||
GNU General Public License v3.0 only | - |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
ctf-collab
-
How to collaborate code?
GitHub - jstrieb/ctf-collab: Collaborative programming environment inside GitHub Actions – like Google Docs for hacking
-
Apache Guacamole™
https://github.com/jstrieb/ctf-collab/blob/9300c57364f71fe29...
-
Apache Guacamole
I have used Apache Guacamole to use running GitHub Actions workflows as remote desktops. It worked super well for testing GUI apps on other operating systems that I didn't want to deal with setting up.
https://github.com/jstrieb/ctf-collab/blob/9300c57364f71fe29...
-
GitHub Actions update: Helping maintainers combat bad actors
One of my own projects sits in a related grey area: it automates running a reverse shell inside an Action for collaborating on programming and competitive hacking challenges/CTF problems.[0] It lets anyone log into a shared session from the terminal or the browser.
My project doesn't use anywhere near the resources of cryptomining, but I still sometimes feel guilty when I fire it up. I wonder how different it is from regular GitHub Actions usage patterns, and whether it is noticeable to those maintaining the infrastructure. My hope is that the load it incurs is comparatively insignificant, and that if noticed, it will be viewed as a good-faith attempt to use resources in a creative way.
0: https://github.com/jstrieb/ctf-collab
- GitHub - jstrieb/ctf-collab: Create a collaborative programming environment inside GitHub Actions – like Google Docs for hacking competitions
- Show HN: Collaborative programming environment inside GitHub Actions
dear-github
-
Mental Health in Open Source
GitHub makes this unnecessarily worse by refusing to let you disable Pull Requests like one can disable the other social features (Wiki etc) of a repository: https://github.com/dear-github/dear-github/issues/84
The workaround is to use GH Actions to auto-close PRs: https://github.com/marketplace/actions/repo-lockdown
-
When people assume open source also means open to contribution
There is no way to disable pull requests on GitHub. Only some weird work-arounds for auto-closing them with Actions
-
Just Say No
> don't let people waste their time creating issues in the first place
But then you don't get to use issues to track things that you personally care about. It would be nice if there were a way to enable issue creation by the repo owner / maintainers, but disallow it for the public at large. Especially now that "discussions" are a thing, which gives a place for people to comment without implicitly requesting work from the maintainer.
Apparently this is sort of possible[1] by setting `blank_issues_enabled: false`, so that you can only create issues from the Project page.
[1]: https://github.com/dear-github/dear-github/issues/293#issuec...
-
On April 7, 2022, a threat actor obtained access to a Heroku database
last I've seen the Oauth permissions for the Heroku Dashboard given by Github are excessive and include write access to all public repos - as read-only is not an option if I recall correctly, see https://github.com/dear-github/dear-github/issues/113#issuec...
Newer integrations like Github Apps are more granular and can restrict the scope , also ssh deploy keys are an option for other purposes, but specifically the tokens issued for the Heroku Dashboard can write to the public repos of a user or org.
-
No, "Open Source" does not mean "Includes Free Support"
Without active triage and maintenance, such a list would quickly become useless. Let's look at just one example that's not even for an open source project: https://github.com/dear-github/dear-github/issues/214
-
Bug in get page viewes API?
Found these ways to submit bug to github: https://support.github.com/contact/feedback https://support.github.com/request https://github.com/isaacs/github#if-you-have-an-issue-or-feature-request-for-github https://github.com/dear-github/dear-github [email protected] Submitting tickets using an enterprise account
-
GitHub Actions update: Helping maintainers combat bad actors
You're right, likely the OP thought PRs were included in settings where you can disable issues or wikis
Discussion: https://github.com/dear-github/dear-github/issues/84
What are some alternatives?
docker-xmind - Dockerized Guacamole wrapper for legacy XMind 8
csgo-osx-linux - Counter-Strike: Global Offensive
qubes-app-split-browser - Tor Browser (or Firefox) in a Qubes OS disposable, with persistent bookmarks and login credentials
linux - Linux kernel source tree
innernet - A private network system that uses WireGuard under the hood.
gatsby-plugin-s3 - Deploy your gatsby site to a S3 bucket.
MeshCentral - A complete web-based remote monitoring and management web site. Once setup you can install agents and perform remote desktop session to devices on the local network or over the Internet.
Avalonia - Develop Desktop, Embedded, Mobile and WebAssembly apps with C# and XAML. The most popular .NET UI client technology
uwt - Use Applications over Tor with Stream Isolation and Time Privacy - for better anonymity / privacy.
uBlock - uBlock Origin - An efficient blocker for Chromium and Firefox. Fast and lean.
Sshwifty - Web SSH & Telnet (WebSSH & WebTelnet client) 🔮
instant.nvim - collaborative editing in Neovim using built-in capabilities