insane
keybase-issues
insane | keybase-issues | |
---|---|---|
2 | 7 | |
457 | 899 | |
0.9% | -0.1% | |
0.0 | 0.0 | |
9 months ago | 7 months ago | |
JavaScript | ||
MIT License | - |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
insane
-
Show HN: Markdown HN profiles at {user}.at.hn
Since marked doesn't do it for you, make sure you sanitize the user input (the text on the user profiles) before rendering it to visitors.
Some libraries for doing that with good defaults:
- https://github.com/cure53/DOMPurify
- https://github.com/apostrophecms/sanitize-html
- https://github.com/bevacqua/insane
(right now your site looks vulnerable to XSS)
-
How To Parse and Render Markdown In Vuejs
Vue does not have as much support for Vue as there is for React. Examples are markdown-it, Remark.js, marked.js. But hopefully in the future, there should be more support, and after much research, I picked marked.js because it has the most stars and has zero vulnerability. Marked does not sanitize (meaning it does not secure HTML documents from attacks like cross-site scripting (XSS) ) marked output HTML as that feature is deprecated and has vulnerability but however, it supports the use of other libraries to secure output HTML such as DOMPurify (recommended), sanitize-html or insane.
keybase-issues
-
Show HN: Markdown HN profiles at {user}.at.hn
Possibly, although according to this[0] the main profile URL used to be case-sensitive too. It must've changed recently, but I have no idea when.
[0] https://github.com/keybase/keybase-issues/issues/939
-
We updated our RSA SSH host key
https://github.com/keybase/keybase-issues/issues/2963
- "Overview of Certification Systems: X.509, CA, PGP and SKIP"
...
- k8s docker vault secrets [owasp, inurl:awesome] https://www.google.com/search?q=k8s+docker+vault+secrets+owa... https://github.com/gites/awesome-vault-tools
- Why secrets shouldn't be passed in $ENVIRONMENT variables; though e.g. the "12 Factor App" pattern advises to parametrize applications mostly with environment variables that show in /proc/pid/environ but not /proc/pid/cmdline
W3C DID supports GPG proofs and revocation IIRC:
"9.6 Key and Signature Expiration"
-
error 202 device revoked
You could try asking over at https://github.com/keybase/keybase-issues/issues but I'd be surprised if they can do anything. Also, judging by the recent history on there it's dead.
-
Empty Git repository?
Keybase seems to hardcode and show the master branch. Maybe your master branch is missing? Refer to this github issue
- anyone getting an expired cert error today on keybase?
- Issue #4120: SSL Cert EXPIRED for HTTPS://API-0.core.keybaseapi.com
-
Online validation of email address in GPG keys?
Thanks, but unfortunately not. (#3066, among others. Under no circumstances will I allow Keybase or its software to access my private key - just give me something to sign and return to prove ownership, already...)
What are some alternatives?
sanitize-html - Clean up user-submitted HTML, preserving whitelisted elements and whitelisted attributes on a per-element basis. Built on htmlparser2 for speed and tolerance
awesome-vault-tools - Awesome tools around HashiCorp Vault
remark - markdown processor powered by plugins part of the @unifiedjs collective
ssh
DOMPurify - DOMPurify - a DOM-only, super-fast, uber-tolerant XSS sanitizer for HTML, MathML and SVG. DOMPurify works with a secure default, but offers a lot of configurability and hooks. Demo:
certificate-transparency - Auditing for TLS certificates.
marked - A markdown parser and compiler. Built for speed.
openssh-portable - Portable OpenSSH
blog - Jeff Schnitzer's Blog
cli - GitHub’s official command line tool
at.hn
github-keygen - Easy creation of secure SSH configuration for your GitHub account(s)