Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
pass
-
Show HN: I store my critical secrets and document, and communicate privately
Age is amazing. I'm using a Yubikey in conjunction with it to encrypt {passwords, docs} and commit them to a private GitHub repo.
See here if interested: https://github.com/mihaigalos/pass
-
How to Store an SSH Key on a Yubikey
I backup everything directly to GitHub. I first encrypt/seal my passwords/files using a Yubikey+PIN then git push them.
Here's my take on the automation: https://github.com/mihaigalos/pass
- Ask HN: Could you share the notes you took on a typical work day?
gitlab
-
Gitlab Duo
Since the relevant code appears to be in the "ee" directory <https://gitlab.com/gitlab-org/gitlab/-/blob/v16.11.0-ee/ee/l...> and is not present in the foss repo, I'm guessing the answer is no, at least for now. They do have a history of "releasing" features from EE back to CE but my suspicion is not for LLM stuff
- Code Search Is Hard
- XZ Backdoor Investigation Request to Gitlab Team
-
Client side Git hooks 101
(Side note: Issues are usually hash-prefixed like #1234 both on GitLab and GitHub. However, commit messages must not begin with a hash, they would be considered a comment and ignored. Therefore, GitHub has introduced the alternative prefix GH- and I've contributed a similar prefix GL- to GitLab a while ago.)
- Assign Issue to an AI Developer
-
BuildKit in depth: Docker's build engine explained
and its "oh, you want multi-arch, do you?" friend. While prosecuting this <https://gitlab.com/gitlab-org/gitlab/-/issues/339567> I learned that https://hub.docker.com/layers/multiarch/qemu-user-static/7.2... actually mutates the binfmt_misc in buildx's context in order to exec the static copy of qemu in it https://github.com/multiarch/qemu-user-static/blob/v7.2.0-1/...
and, that the buildx plugin itself has some qemu magick in it, which got addressed in a minor version bump but I couldn't track down the relevant GitHub issue this second (I've flushed it from my mind, only recalling that there were a lot of actors in that tire fire)
-
Gitlab password reset bug leaves more than 5.3K servers up for grabs
This is actually a follow-up refactor, the fix is here: https://gitlab.com/gitlab-org/gitlab/-/commit/abe79e4ec43798...
- ExifTool CVE-2021-22204 – Arbitrary Code Execution
- Critical Gitlab vulnerability exposes 2FA-less users to account takeovers
- Upcoming critical Gitlab security issue
What are some alternatives?
gpg-hd - A BIP-39 / seed-phrase / brain-wallet based Hierarchical Deterministic GPG / SSH key generator that also provisions OpenPGP smartcards for easy key backup and recovery.
Gitea - Git with a cup of tea! Painless self-hosted all-in-one software development service, including Git hosting, code review, team collaboration, package registry and CI/CD
otp - Serverless Magic Links and Magic Codes for Auth
Harbor - An open source trusted cloud native registry project that stores, signs, and scans content.
seeding-webauthn - A spec for deriving FIDO key pairs from a seed
onedev - Git Server with CI/CD, Kanban, and Packages. Seamless integration. Unparalleled experience.
zsca - Zero-trust SSH CA
rich-markdown-editor - The open source React and Prosemirror based markdown editor that powers Outline. Want to try it out? Create an account:
encrypted-html-vault - A utility for creating a secret vault inside an HTML file for maximum portability.
gitlab-foss
isomorphic-webcrypto - :game_die: webcrypto library for Node, React Native and IE11+
chatwoot - Open-source live-chat, email support, omni-channel desk. An alternative to Intercom, Zendesk, Salesforce Service Cloud etc. 🔥💬