meta-code-verify
FastTreeSHAP
meta-code-verify | FastTreeSHAP | |
---|---|---|
5 | 7 | |
135 | 493 | |
1.5% | 1.0% | |
8.6 | 4.4 | |
7 days ago | 11 months ago | |
TypeScript | Python | |
MIT License | BSD 2-clause "Simplified" License |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
meta-code-verify
-
Code Verify: An open source browser extension for verifying code authenticity
(2022)
https://github.com/facebookincubator/meta-code-verify is the goods, and is MIT
https://github.com/facebookincubator/meta-code-verify#instal... says Safari support is "coming soon" (from 2022) so I guess they think those users don't need to "verify[..] the integrity of a web page."
-
Open Source Hacktivism, Open Source Gains Traction in the Enterprise, and More: Open Source Matters
Code Verify - A browser extension from Meta for verifying the integrity of web pages and detect executed code that’s not included in the site manifest.
-
Security experts declare all Proton apps secure after security audit
> The server can at any time start serving malicious payloads
True, and I call this threat model "Beware Each and Every Fetch" (BEEF) in contrast to the more common TOFU model (although if you trust a desktop app to auto-update itself then these two models might not be all that different).
In any case, I think you're being a little quick to dismiss the idea of server-hosted applications. It's true that browsers don't natively have a nice way of pinning specific versions of a web app, but there is the clever hack of SecureBookmarks[0] (if you're prepared to sacrifice the UX), or, more realistically, you can pin the web app version using some sort of browser extension.
Examples of the latter include the Signed Pages extension[1], and Code Verify[2], which is the result of a collaboration between Meta and Cloudflare (for securing the WhatsApp Web code, currently, but should eventually support other sites like Proton's too). Of course, it would be much better if this capability was natively included in browsers themselves, but hopefully adoption of this technology will pressure browsers and standards bodies to take ownership of this.
[0] https://coins.github.io/secure-bookmark/
[1] https://github.com/tasn/webext-signed-pages
[2] https://github.com/facebookincubator/meta-code-verify
- Code Verify – MIT extension that confirms that your WhatsApp Web not tampered
FastTreeSHAP
-
Open Source Hacktivism, Open Source Gains Traction in the Enterprise, and More: Open Source Matters
FastTreeSHAP - A Python package from LinkedIn for fast interpretation of the TreeSHAP algorithm.
-
[N] LinkedIn open sources FastTreeSHAP Python package for interpretation of tree-based ML models
LinkedIn open sources the FastTreeSHAP Python package for efficient interpretation of tree-based ML models using SHAPLEY. FastTreeSHAP v2 would be 2.5x faster than TreeSHAP. Let's reminder that SHAP (SHapley Additive exPlanation) values quantify the contribution of each feature to the model prediction, a bit like how each player contributes to the success of a sports team. SHAP does it by incorporating concepts from game theory and local explanations. LinkedIn blog post, scientific paper, and GitHub repo with IPython Notebooks.
- LinkedIn Researchers Open-Source ‘FastTreeSHAP’: A Python Package That Enables An Efficient Interpretation of Tree-Based Machine Learning Models
What are some alternatives?
ongdb - ONgDB is an independent fork of Neo4j® Enterprise Edition version 3.4.0.rc02 licensed under AGPLv3 and/or Community Edition licensed under GPLv3
peacenotwar - Attempts to determine if the computer its running on has an IP originating from Russia or Belarus. If it is then depending on the version of the malware either attempts to delete all files on the computer, or creates a text file on the computers desktop protesting the war in ukraine.
xGitGuard - AI based Secrets Detection Python Framework
access-undenied-aws - Access Undenied parses AWS AccessDenied CloudTrail events, explains the reasons for them, and offers actionable remediation steps. Open-sourced by Ermetic.
dagger - Application Delivery as Code that Runs Anywhere
EdenSCM - A Scalable, User-Friendly Source Control System. [Moved to: https://github.com/facebook/sapling]
ferret - A python package for benchmarking interpretability techniques on Transformers.