libgossamer
tierney
libgossamer | tierney | |
---|---|---|
13 | 2 | |
31 | 11 | |
- | - | |
2.6 | 0.0 | |
over 2 years ago | over 1 year ago | |
PHP | Scala | |
ISC License | Apache License 2.0 |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
libgossamer
-
Gossamer: Supply Chain Security for Open-Source Software
See the definition of AppendKey:
-
Backdoor in several WP Themes and Plugins from AccessPress
That's why Gossamer exists, though. (I would talk about it more on here, but I figured everyone's still sick of hearing about it.) :)
- Gossamer: Supply Chain Security for the PHP Ecosystem.
- GnuPG used to ask for your support to help protect online privacy
-
Composer Security Hardening
Anyway, Github is still online -- https://github.com/paragonie/libgossamer
-
I am Filippo Valsorda, Go cryptography lead and tool author, Ask Me Anything
More recently, I wrote a blog post about end-to-end encryption, and mentioned integrating with some sort of decentralized authority-free identity system like Gossamer.
tierney
-
GnuPG used to ask for your support to help protect online privacy
It's not quite flick a switch, but with maven you can specify which keys you trust to sign which of your dependencies (anything published to maven central is required to be signed). E.g. here's one of my libraries: https://github.com/m50d/tierney/blob/master/free/keys.proper...
What are some alternatives?
Composer - Dependency Manager for PHP
passage - A fork of password-store (https://www.passwordstore.org) that uses age (https://age-encryption.org) as backend.
zenbot-sim-runner - A sim run batch aggregator / automator for Zenbot. Eases the process of backtesting and subsequent analysis of results.
PGPy - Pretty Good Privacy for Python
rage - A simple, secure and modern file encryption tool (and Rust library) with small explicit keys, no config options, and UNIX-style composability.
advanced-custom-fields-pro - Advanced Custom Fields Pro, Git-ified. Automatically synced via GitHub Actions! This repository is just a mirror of the Advanced Custom Fields Pro plugin. Please do not send pull requests and issues.
trillian - A transparent, highly scalable and cryptographically verifiable data store.
sodium_compat - Pure PHP polyfill for ext/sodium