go-licenses
sudo
go-licenses | sudo | |
---|---|---|
1 | 48 | |
767 | 1,105 | |
1.4% | 2.9% | |
3.4 | 9.5 | |
14 days ago | 5 days ago | |
Go | C | |
Apache License 2.0 | GNU General Public License v3.0 or later |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
go-licenses
-
Shouldn't have happened: A vulnerability postmortem
> I don't think the exact URL is the problem, it is the fact that it is so easy to include dependencies from external repository that is the problem. In Rust every non-trivial library pulls in 10s or even 100s of dependencies.
But it's also quite a lot easier to audit those dependencies, even automatically (incidentally, GitHub provides dependency scanning for free for many languages).
> Then there is the issue of licencing - how to verify that I am not using some library in violation of its licence and what happens if the licence changes down the road and I don't notice it because I am implicitly using 500 dependencies due to my 3 main libraries?
This is also an automated task. For example, https://github.com/google/go-licenses
> go-licenses analyzes the dependency tree of a Go package/binary. It can output a report on the libraries used and under what license they can be used. It can also collect all of the license documents, copyright notices and source code into a directory in order to comply with license terms on redistribution.
> Rust and Go have solved memory safety compared to C and C++ but have introduced dependency hell of yet unknown proportions.
I mean, it's been a decade and things seem to be going pretty well. Also, I don't think anyone who has actually used these languages seriously has ever characterized their dependency management as "dependency hell"; however, lots of people talk about the "dependency hell" of managing C and C++ dependencies.
> Python and other dynamically typed languages are in a league of their own in that on top of the dependency hell they also do not provide compiler checks that would allow user to see the problem before the exact conditions occur at runtime.
I won't argue with you there.
sudo
-
Run0 – systemd based alternative to sudo announced
It depends on whether sudo was compiled with --disable-env-reset or not, it's on by default[1].
Also some variables are inherited regardless (e.g. DISPLAY, TERM), and some useful ones (e.g. HOME) are initialized by sudo, but I can't tell where that's done.
[1]: https://github.com/sudo-project/sudo/blob/ef52db46f9b375d7ff...
- Sudo Contributors
-
Sudo for Windows
Side note that I've always found interesting: sudo is almost entirely maintained by one dude: https://github.com/sudo-project/sudo/graphs/contributors
-
Rowhammer Resistant Coding in Sudo
The n=2 case also occurs in the commit: https://github.com/sudo-project/sudo/commit/7873f8334c8d3103...
And indeed, the two values ate bitwise complements.
-
The First Stable Release of a Rust-Rewrite Sudo Implementation
One feature they didn't mention they left out was the ability to run `make me a sandwich` (https://github.com/sudo-project/sudo/blob/main/Makefile.in#L...)
-
to Linus Torvalds, maybe?
It's (kind of) back - https://github.com/sudo-project/sudo/commit/9757d29a24ac1872872cf09757b0439c54089707
-
Testing the memory safe Rust implementation of Sudo/Su
└───────────────────────────────────────────────────────────────────────────────────────┘
As a comparison, this is the output for https://github.com/sudo-project/sudo:
0.0439 secs
-
what is funniest prompt u have got from the terminal for incorrect password
Complete list (can be found here, files ins_*.h):
-
Get gnu gnu'd
Fun fact, the “incident will be reported” message was close to being removed from sudo recently: https://github.com/sudo-project/sudo/commit/6aa320c96a37613663e8de4c275bd6c490466b01
- ‘Godfather of AI’ quits Google and gives terrifying warning
What are some alternatives?
gitgen - Generate license and gitignore files from Go without an internet connection. It also has a convenience CLI, but can be used as a library as well
doas - A port of OpenBSD's doas which runs on FreeBSD, Linux, NetBSD, and illumos
automaxprocs - Automatically set GOMAXPROCS to match Linux container CPU quota.
cosmopolitan - build-once run-anywhere c library
addlicense - A program which ensures source code files have copyright license headers by scanning directory patterns recursively
php-docker - Docker Official Image packaging for PHP
JDK - JDK main-line development https://openjdk.org/projects/jdk
sudo-rs - A memory safe implementation of sudo and su.
dotfiles
CppCoreGuidelines - The C++ Core Guidelines are a set of tried-and-true guidelines, rules, and best practices about coding in C++
systemd - The systemd System and Service Manager
please