git-secret VS deno

I've happily been using git-secret (https://sobolevn.me/git-secret/) for encrypting non-critical (i.e. non-production) secrets for a while now. It sounds like Gittuf will do a lot more than git-secret, but for the use case of encrypted files specifically, is there a significant different about with the approach that Gittuf has taken?

Secrets inside the repo. All the credentials, ssh keys, VPN configs can be stored directly in the repo with support of the git secret. gpg key is optional: config works fine if it is not provided and secrets are not decrypted.

You might notice that some of the environmental variables have funky values that look more like template placeholders. For example "SESSION_STORAGE_SECRET=${SESSION_STORAGE_SECRET}". That's because there's a .env file that contains those (you can see it in the root of the GitHub repository page. As a good practice I try to isolate anything that needs to be secret right off the top. So even though this is a development setup and would need work to turn it into a something suitable for production let's try to start off right not doing the wrong thing by hardcoding all our secrets into various files. At least now there's just one file to secure. And later on if you move to something really secure like Hashicorp's Vault product, or even something open source like git secret you won't have to hunt all over the place for the secrets to keep. Lets now look at the rest of the Catalyst application setup:

Checkout git-secret. https://git-secret.io/

There‘s plugins like https://github.com/AGWA/git-crypt or https://git-secret.io that you can use to encrypt the files for yourself, so that they are available on multiple machines to you

If you really want to have private repositories in GitHub, you will need to set up something like https://git-secret.io on top of git.

If you want a low config solution and not scared of gpg, https://git-secret.io/

Hey guys, so I'm using git-secret as of now. Just stumbled across Mozilla SOPS today and finding it interesting. Which one you guys recommend and why? Advantages and disadvantages of each? I think SOPS is more robust and stable since it is being maintained by a large organization? Please correct me if I'm wrong. Help is appreciated.

NodeJS is the dominant Javascript server runtime environment for Javascript and Typescript (sort of) projects. But over the years, we have seen several attempts to build alternative runtime environments such as Deno and Bun, today’s subject, among others.

https://github.com/denoland/deno/issues is the ideal place -- we try to triage all incoming issues, the more specific the repro the easier it is to address but we will take a look at everything that comes in.

Install Node.js (or Bun, or Deno, or whatever JS runtime you prefer) if it's not there

QUIC is very exciting, after seeing what it can do for performance in Cloudflare network and Cloudflare workers, I can't wait to finally see it in Deno[0] 1.41.

[0] https://github.com/denoland/deno/pull/21942#issuecomment-192...

So as an end user it's kind of like https://deno.com/ where you buy into a runtime + comes prepacked with DBs (k/v stores), scheduling, and deploy stuff?

> by storing Unison code in a database, keyed by the hash of that code, we gain a perfect incremental compilation cache which is shared among all developers of a project. This is an absolutely WILD feature, but it's fantastic and hard to go back once you've experienced it. I am basically never waiting around for my code to compile - once code has been parsed and typechecked once, by anyone, it's not touched again until it's changed.

Interesting. Whats it like upgrading and managing dependencies in that code? I'd assume it gets more complex when it's not just the Union system but 3rd party plugins (stuff interacting with the OS or other libs).

~90MB+ at this stage and do now allow compression without erroring out. Deploying ala Golang is not feasible at that level but could well be down the line if this dev branch is picked up again!

The exe output grew from from ~50MB to plus ~90MB from 2021 to 2024: https://github.com/denoland/deno/discussions/9811 which mean Deno is worse than Node.js's pkg solution by a decent margin.

Behind the scenes is a simple Sveltekit-powered server function to fetch a Spotify client token then find a user's recommendation playlist and its track information. A Deno edge function to performs this data fetch and renders server-side Svelte.

If your application is written in JavaScript, integrating it with JavaScript extensions is a no-brainer. However, Secutils.dev is entirely written in Rust. How would I even begin? Fortunately, I recently came across an excellent blog post series explaining how to implement your JavaScript runtime in a Rust application with Deno: