homebrew-core
libarchive
homebrew-core | libarchive | |
---|---|---|
133 | 33 | |
13,236 | 2,886 | |
0.6% | 3.0% | |
10.0 | 9.1 | |
2 days ago | 3 days ago | |
Ruby | C | |
BSD 2-clause "Simplified" License | GNU General Public License v3.0 or later |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
homebrew-core
-
Is Go Used in Production more than Rust ?
$ brew info eza ==> eza: stable 0.18.13 (bottled) Modern, maintained replacement for ls https://github.com/eza-community/eza Not installed From: https://github.com/Homebrew/homebrew-core/blob/HEAD/Formula/e/eza.rb License: MIT ==> Dependencies Build: pandoc ✘, pkg-config ✔, rust ✘ Required: libgit2 ✘ ==> Analytics install: 12,792 (30 days), 38,295 (90 days), 68,375 (365 days) install-on-request: 12,790 (30 days), 38,293 (90 days), 68,375 (365 days) build-error: 0 (30 days)
-
GitHub Disabled the Xz Repo
Is disabling the compromised repo the typical GitHub policy? My concern is there are monorepos used by package managers, like brew, that are a collection of thousands of projects [1]. These monorepos seem like a prime target for attack and if GitHub disables one because a malicious commit was merged then you've taken down an entire ecosystem.
[1] https://github.com/Homebrew/homebrew-core
-
Backdoor in upstream xz/liblzma leading to SSH server compromise
> Correct. Though we do not appear to be affected, this revert was done out of an abundance of caution.
[1] https://github.com/Homebrew/homebrew-core/pull/167512
-
Pyenv – lets you easily switch between multiple versions of Python
> right, but now you know even less about your setup when you some roadblock
This is the same with a binary though. And with homebrew, you can't follow patches or flags used or if they change.
- https://github.com/Homebrew/homebrew-core/blob/c964ad7fa53ad...
- Apple curl security incident 12604
-
Cowsay
definitely be careful about using fortune in a corporate environment or public space if you don't know what dat files you are using or you might just get an extremely unwelcome surprise.
I was practicing a presentation and used to use "fortune" all the time. I forget exactly what it output but I remember being absolutely mortified about what could have happened if that had popped up during an internal company tech talk.
Kudos to brew for keeping unsuspecting people safe
https://github.com/Homebrew/homebrew-core/commit/3fb3c4c3e55...
-
Ask HN: Trouble with a Stargate
I'm sorry to be asking this as I find it a bit silly, but it's blocking my PR [3], so could a few of you star the project on Github [1] to get my PR to run?
[1] https://github.com/laktak/chkbit-py
[2] https://brew.sh
[3] https://github.com/Homebrew/homebrew-core/pull/160018
- Simulate an Ubuntu-like VM inside macOS
- When open source platforms are worse than closed source
- Homebrew Rejects the Idea for Post-Install Notes
libarchive
-
The XZ attack and timeline
29. October 2021 At this point Jia Tan pops up, and the first thing we see from him is an innocuous patch to the xz repository, and while a lot of people believe he started out trying his luck with another library also known as libarchive, this is not the case, I would bet it’s more of a backup looking at the dates, being that there are a few days in between as shown in this commit.
- Zip entry size unset now honors user requested compression level
- Suspicious libarchive pull request
-
Backdoor in upstream xz/liblzma leading to SSH server compromise
Potentially malicious commit by same author on libarchive: https://github.com/libarchive/libarchive/pull/1609
- WinRAR musste shady werden.
-
Making Amiga IFF Thumbnails Work in Linux
Full agreement, and with the addition of xpk¹/xfd² as natural extensions to that extensibility too. I see things like xfd supporting xz¹, and I'm simultaneously amazed that it exists and happy that I don't need to do xz {,de}compression on 68k ;)
I guess we have something similar-ish with libarchive⁴, but nobody(including me) has pushed the extra mile to get file dialogs to support random compression and decompression formats.
Beyond OT: I didn't realise how much stuff was still going on at aminet, but I love love LOVE that people are still dropping new car sets for Geoff Crammond's F1GP.
¹ http://aminet.net/package/util/pack/xpk_User
² http://aminet.net/package/util/pack/xfdmaster
³ http://aminet.net/package/util/pack/xfd_lzma.lha
⁴ https://www.libarchive.org/
-
WinRAR zero-day exploited since April to hack trading accounts
I don't have a preview channel install handy to check, but apparently they're using libarchive so here's the full list assuming they expose everything it supports:
https://github.com/libarchive/libarchive/wiki/LibarchiveForm...
-
Announcing Windows 11 Insider Preview Build 23493 for the Dev Channel
As announced at the Build conference back in May, this build adds native support for reading additional archive file formats using the libarchive open-source project such as
-
Poor winrar
LibarchiveFormats · libarchive/libarchive Wiki · GitHub
-
Windows 11 getting native support for 7-Zip, RAR, and GZ archives
Seems what they're using is BSD-liscensed: https://github.com/libarchive/libarchive/wiki
What are some alternatives?
yt-dlp - A feature-rich command-line audio/video downloader
ZLib - A massively spiffy yet delicately unobtrusive compression library.
asdf-python - Python plugin for the asdf version manager
7z - Because 7-zip source code was in a 7z archive [mirror]
HomeBrew - 🍺 The missing package manager for macOS (or Linux)
p7zip - A new p7zip fork with additional codecs and improvements (forked from https://sourceforge.net/projects/sevenzip/ AND https://sourceforge.net/projects/p7zip/).
homebrew-php - :beer: Homebrew tap for PHP 5.6 to 8.4. PHP 8.4 is built nightly.
fpart - Sort files and pack them into partitions
osxfuse - FUSE extends macOS by adding support for user space file systems
pixz - Parallel, indexed xz compressor
homebrew-cask-versions - 🔢 Alternate versions of Casks
Klib - A standalone and lightweight C library