libu8ident
engine262
libu8ident | engine262 | |
---|---|---|
9 | 9 | |
17 | 777 | |
- | 1.5% | |
1.8 | 6.3 | |
11 months ago | 3 months ago | |
C | TypeScript | |
Apache License 2.0 | MIT License |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
libu8ident
- Roaring bitmaps are compressed bitmaps, can be 100x faster
-
International domain names: where does HTTPS://meßagefactory.ca lead you?
In programming languages it's much worse. Identifiers can either be unidentifiable, and if so everybody has a different opinion what "identifiable" means. Even the standard on identifiers, UTF-39, is buggy and has too many interpretations, leading to a complete disaster. https://github.com/rurban/libu8ident/blob/master/doc/c11.md
In punycode domain names it's quite simple still.
With other names, it's even worse. No-one cares. Linkers do not, username and filesystem drivers do not. The Apple HFS+ did care a bit one day, until someone in the higher ranks decided that no-one needs unicode security anymore and switched the new APFS to unsafe again.
-
Using Unicode in a compiler
No, it's definitely not safe to use unrestricted Unicode in a compiler. See https://github.com/rurban/libu8ident/ for identifier rules, and http://www.unicode.org/reports/tr55/ for much worse problems.
- Ask HN: What interesting problems are you working on? ( 2022 Edition)
- Unicode Utilities: Confusables
-
How can you be fooled by the U+202E trick?
That's why unicode published the security guidelines and mechanisms to avoid such attacks. In 2004 already.
The problem is that nobody cared. Browsers invented punycode instead of following tr39, email ditto. But ok, at least something. Java did it, cperl did, rust did it.
Everybody else is vulnerable. Esp. most other programming languages, filesystems and login systems. https://github.com/rurban/libu8ident/blob/master/doc/c11.md
- Prevent Trojan Source attacks with GCC 12
-
Unicode Normalization Forms: When ö = ö
I'm maintaining such a library.
coreutils, diff, grep, patch, sed and friends all cannot find Unicode strings, they have no string support. They can only mimic filesystems, finding binary garbage. Strings are so rthi g different than pure ASCII or BINARY garbage. Strings have an encoding and are Unicode.
Filesystems are even worse because they need to treat filenames as identifiers, but do not. Nobody cares about TR31, TR39, TR36 and so on.
Here is an overview of the sad state of Unicode unsafeties in programming languages: https://github.com/rurban/libu8ident/blob/master/c11.md
- Why does Windows 10 run faster than Fedora?
engine262
-
A list of JavaScript engines, runtimes, interpreters
engine262
-
Can you make your own JavaScript by implementing ECMAScript standard?
Indeed. ECMA-262 has been implemented using JavaScript https://github.com/engine262/engine262.
-
What sorts of things would you consider to be “advanced” javascript concepts?
Node.js is not the only JavaScript runtime. JavaScript runtimes have been written using JavaScript alone, see engine262. There is also Deno, QuickJS, txiki.js, Bun, none of which use COmmonJS by default, SpiderMonkey, et al.
-
Ask HN: What interesting problems are you working on? ( 2022 Edition)
for an interpreted language like JS, this project is really nice https://github.com/engine262/engine262. More or less 2 parts: parser and evaluator
-
Is there a source that shows how built in js methods/functions are built?
That is a bit complex, so here's a list of JS engines: if you pick one written *in* JS, that would probably be most useful -- engine262 for example
-
QuickJS JavaScript Engine – Fabrice Bellard
then you might be impressed by https://github.com/engine262/engine262 as well
-
And so was the C compiler.
Engine 262
-
[AskJS] is there a way to quantitatively check if a number value is copied or only the pointer to that number is copied?
It's outside of what you asked for, but here's a JavaScript engine in JavaScript. Might make for some interesting bedtime reading!
-
Enumerating and analyzing 40 non-V8 JavaScript implementations
Interesting to see a JS implementation written in JS:
https://github.com/engine262/engine262/
(The readme explains what the point of it is.)
What are some alternatives?
Confusables - Simple library for matching a string to another string that is same but has letters that only *look* the same as original string
test262 - Official ECMAScript Conformance Test Suite
featurebase - A crazy fast analytical database, built on bitmaps. Perfect for ML applications. Learn more at: http://docs.featurebase.com/. Start a Docker instance: https://hub.docker.com/r/featurebasedb/featurebase
sval - A javascript interpreter written in javascript
libredwg - Official mirror of libredwg. With CI hooks and nightly releases. PR's ok
txiki.js - A tiny JavaScript runtime
safeclib - safec libc extension with all C11 Annex K functions
v8go - Execute JavaScript from Go
nbperf - Improved NetBSD's Perfect Hash Generation Tool v3
JS-Interpreter - A sandboxed JavaScript interpreter in JavaScript.
reals - A lightweight python3 library for arithmetic with real numbers.
qtdeclarative - Qt Declarative (Quick 2)