platform-compat
envconsul
platform-compat | envconsul | |
---|---|---|
23 | 4 | |
249 | 1,993 | |
- | 0.2% | |
1.2 | 5.9 | |
over 3 years ago | 3 months ago | |
C# | Go | |
MIT License | Mozilla Public License 2.0 |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
platform-compat
-
KeePass flaw allows retrieval of master password
DotNet offers the SecureString class to keep a string encrypted in Memory, but as long as the OS does not natively support this concept, the only advantage is that it resides in memory for a shorter time, the disadvantage is that SecureStrings are easier to search for.
- System.Net.Mail.SmtpClient is not recommended anymore; what is the alternative?
-
Bitwarden PINs can be brute-forced
Note the KeePass's resistance to the attack mentioned depends on the security of .NET's secure string, which, here's what Microsoft has to say about it (https://github.com/dotnet/platform-compat/blob/master/docs/D...)
As for KeePassXC, last I checked it didn't even bother.
-
Ever Find A Dead Man's Switch On A Network/Domain?
TIL. Looks like the deprecation note recommends MailKit.
-
Disabilities and Windows Passwords
Well of course, but it does have to be passed to the module that generates the hashes AD uses in the first place. And as I said, the standard password reset screen is bound to store the password in plain text somewhere as well.
-
Embedded logo in HTML email sent from PowerShell
This won’t help you with your question, but I figured I should warn against using send-mailmessage.
-
Alternative to PowerShell cmdlet 'send-mailmessage'
points you here.
-
API pagination help?
Some of the reasons for not using Hashtable or other non-generic collection types are outlined here. That's why Microsoft doesn't recommend their usage in new implementations across all of its API documentation.
- How to deal with credentials in automated scripts?
-
pfSense configuration backup
And if you really want to be secure you need to something better than a SecureString: https://github.com/dotnet/platform-compat/blob/master/docs/DE0001.md
envconsul
- Ask HN: Developers/DevOps, how do you manage environment variables?
-
Can one use Vault to inject environment variables needed to setup on stack up rather than saving them in environment files with docker-compose?
Might not perfectly fit but I think that was one of the ideas behind - https://github.com/hashicorp/envconsul (which can use Vault as a source), and probably to a degree consul-template (though a quick skim of the documentation and I'm not sure if can use Vault as a source.)
-
How to Handle Secrets on the Command Line
You have envchain to store secrets as ENV variables in your keyring and execute commands:
https://github.com/sorah/envchain
Not really something you would use for production web apps, I think envconsul covers that usecase:
https://github.com/hashicorp/envconsul
-
To those who have set up some kind of automatic deployment of their services on pushes to a git repo, how do you manage environment variables/.env files?
Have you looked into Hashicorp's consul + envconsul? You can also encrypt data using their vault.
What are some alternatives?
envchain - Environment variables meet macOS Keychain and gnome-keyring <3
sops - Simple and flexible tool for managing secrets
ImportExcel - PowerShell module to import/export Excel spreadsheets, without Excel
zsh-secrets - Storing GPG encrypted environment variables
MailKit - A cross-platform .NET library for IMAP, POP3, and SMTP.
s6-overlay - s6 overlay for containers (includes execline, s6-linux-utils & a custom init)
distrobuilder - System container image builder for LXC and Incus
selfhosted - docker compose + traefik + tailscale
AngleSharp - :angel: The ultimate angle brackets parser library parsing HTML5, MathML, SVG and CSS to construct a DOM based on the official W3C specifications.
dotfiles - Home directory with an absurd amount of tweaks
ShellCheck - ShellCheck, a static analysis tool for shell scripts