notation
Dagger2
Our great sponsors
notation | Dagger2 | |
---|---|---|
7 | 50 | |
289 | 17,311 | |
6.6% | 0.3% | |
8.9 | 9.1 | |
6 days ago | 7 days ago | |
Go | Java | |
Apache License 2.0 | Apache License 2.0 |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
notation
-
Securing CI/CD Images with Cosign and OPA
Notary v2: The evolution to Notary v2 brought improvements in signature portability and integration with third-party key management solutions. However, it does not provide a certificate authority, leaving public key discovery for open-source image verification as an unresolved issue.
-
Automating Kubernetes Deployments with FluxCD for Patched and Signed Container Images
Notation
-
Level-up Container Security: 4 Open-Source Tools for Secure Software Supply Chain
Notation is another command-line too that lets you digitally sign artifacts. And those signatures essentaily become the stamps of approval for the different things in your software supply chain. For example, container images.
- notaryproject/notation: Notation is a project to add signatures as standard items in the registry ecosystem, and to build a set of simple tooling for signing and verifying these signatures. Based on Notary V2 standard.
-
Getting Started with Notary
Notary is the CNCF project name and is often referenced when referring to the process of signing digital artifacts, but Notation is the command line tool that does the heavy lifting. Run the following commands to install Notation.
- Dagger: a new way to build CI/CD pipelines
-
Making the Internet more secure one signed container at a time
It should be interoperable, that's the goal. I proposed some idea for nv2 here: https://github.com/notaryproject/nv2/issues/39 and here: https://github.com/notaryproject/nv2/issues/40 too.
Dagger2
- Dagger 2.49 (KSP, @AssistedInject with @HiltViewModel, more)
- Dagger 2.48 adds alpha KSP support
- Dagger KSP update & Breaking changes required to use Dagger KSP
-
Performance and memory impact of the @Singleton annotation in Dagger
There used to be a thing called "releasable references" which was that. It was removed, though: https://github.com/google/dagger/issues/1117
-
Dependency injection with AWS Lambdas in java
As said in the title, we will focus on the dependency inversion principle and one of its application : dependency injection. For production-ready applications, it would be better to rely on a framework and not implement its own container. For it, the java ecosystem have 3 frameworks available : Spring, Guice and Dagger.
-
Refactoring our Dependency Injection using Anvil
At Reddit, we use Dagger 2 for handling dependency injection (DI) in our Android application. As we’ve scaled the application over the years, we’ve accrued a bit of technical debt in how we have approached this problem.
-
Dagger Python SDK: Develop Your CI/CD Pipelines as Code
Confusing. I initially thought someone ported the Dagger DI framework to Python: https://dagger.dev/
-
Multiplatform dependency injection libraries equivalent to Dagger/Anvil
I'm currently using Dagger and Anvil for my DI needs. It's been working really well, especially around what Anvil permits in terms of multibindings defined on the type declaration rather than in a module. For example:
-
Dagger 2.43 released with support for multiple instances of the same ViewModel using keys 🎉
Great job, I have been waiting for this feature/fix for a long time https://github.com/google/dagger/issues/2328
-
Best libraries for Android Developers
Dagger
What are some alternatives?
cosign - Code signing and transparency for containers and binaries
Guice - Guice (pronounced 'juice') is a lightweight dependency injection framework for Java 11 and above, brought to you by Google.
net-monitor - The sample net-monitor software, used as samples in Notary v2 (https://github.com/notaryproject/notaryproject)
Toothpick - A scope tree based Dependency Injection (DI) library for Java / Kotlin / Android.
ratify - Artifact Ratification Framework
Weld - Weld, including integrations for Servlet containers and Java SE, examples and documentation
grafeas - Artifact Metadata API
butterknife - Bind Android views and callbacks to fields and methods.
secure-supply-chain-on-aks - Learn how to use open-source tools to secure your container deployments on Azure Kubernetes Service.
HK2
distribution - distribution with reference types
Dynamic CDI - Dynamic Context Dependency Injection