s2n
.NET Runtime
Our great sponsors
| s2n | .NET Runtime | |
|---|---|---|
| 9 | 605 | |
| 4,446 | 14,047 | |
| 0.3% | 2.2% | |
| 9.4 | 10.0 | |
| 7 days ago | 2 days ago | |
| C | C# | |
| Apache License 2.0 | MIT License |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
s2n
-
S2n-TLS – A C99 implementation of the TLS/SSL protocol
It seems to support multiple options but requires you pick at least one of them. https://github.com/aws/s2n-tls/blob/main/docs/BUILD.md#build...
-
OpenSSL 1.1.1 End of Life
I think GnuTLS is probably the second most popular TLS library, after openssl.
I'll also mentions s2n and rustls-ffi for completeness as C libraries, though the former isn't widely used, and the latter is very experimental still. https://github.com/aws/s2n-tls and https://github.com/rustls/rustls-ffi respectively.
-
I want XAES-256-GCM/11
I've seen operating on unauthenticated plaintext enough times to list it as my own pet peeve with AES-GCM. But it's a problem for chunked messages too. A few years ago we released a SCRAM mode that makes very minimal changes to AES-GCM so that it mathematically can't operate on unauthenticated plaintext. https://github.com/aws/s2n-tls/tree/main/scram
-
Golang is evil on shitty networks
> The documentation is kind of vague, but apparently you have to re-enable it regularly.[3]
This is correct. And in the end it means more or less that setting the socket option is more of a way of sending an explicit ACK from userspace than a real setting.
It's not great for common use-cases, because making userspace care about ACKs will obviously degrade efficiency (more syscalls).
However it can make sense for some use-cases. E.g. I saw the s2n TLS library using QUICKACK to avoid the TLS handshake being stuck [1]. Maybe also worthwhile to be set in some specific RPC scenarios where the server might not immediately send a response on receiving the request, and where the client could send additional frames (e.g. gRPC client side streaming, or in pipelined HTTP requests if the server would really process those in parallel and not just let them sit in socket buffers).
[1] https://github.com/aws/s2n-tls/blob/46c47a71e637cabc312ce843...
-
S2n-QUIC (Rust implementation of QUIC)
It looks like by default s2n-quic uses this TLS implementation, which is not based on the ring crate (though it is written in C)
-
LibreSSL Languishes on Linux
I would be interested in the other SSL implementations:
- https://github.com/awslabs/s2n
- https://boringssl.googlesource.com/boringssl
Are these subpar implementations or there are other reasons not to use these?
.NET Runtime
-
Java 23: The New Features Are Officially Announced
If you care about portable SIMD and performance, you may want to save yourself trouble and skip to C# instead, it also has an extensive guide to using it: https://github.com/dotnet/runtime/blob/69110bfdcf5590db1d32c...
CoreLib and many new libraries are using it heavily to match performance of manually intensified C++ code.
-
Locally test and validate your Renovate configuration files
DEBUG: packageFiles with updates (repository=local) "config": { "nuget": [ { "deps": [ { "datasource": "nuget", "depType": "nuget", "depName": "Microsoft.Extensions.Hosting", "currentValue": "7.0.0", "updates": [ { "bucket": "non-major", "newVersion": "7.0.1", "newValue": "7.0.1", "releaseTimestamp": "2023-02-14T13:21:52.713Z", "newMajor": 7, "newMinor": 0, "updateType": "patch", "branchName": "renovate/dotnet-monorepo" }, { "bucket": "major", "newVersion": "8.0.0", "newValue": "8.0.0", "releaseTimestamp": "2023-11-14T13:23:17.653Z", "newMajor": 8, "newMinor": 0, "updateType": "major", "branchName": "renovate/major-dotnet-monorepo" } ], "packageName": "Microsoft.Extensions.Hosting", "versioning": "nuget", "warnings": [], "sourceUrl": "https://github.com/dotnet/runtime", "registryUrl": "https://api.nuget.org/v3/index.json", "homepage": "https://dot.net/", "currentVersion": "7.0.0", "isSingleVersion": true, "fixedVersion": "7.0.0" } ], "packageFile": "RenovateDemo.csproj" } ] }
-
Chrome Feature: ZSTD Content-Encoding
https://github.com/dotnet/runtime/issues/59591
Support zstd Content-Encoding:
- Writing x86 SIMD using x86inc.asm (2017)
-
Why choose async/await over threads?
We might not be that far away already. There is this issue[1] on Github, where Microsoft and the community discuss some significant changes.
There is still a lot of questions unanswered, but initial tests look promising.
-
Redis License Changed
https://github.com/dotnet/dotnet exists for source build that stitches together SDK, Roslyn, runtime and other dependencies. A lot of them can be built and used individually, which is what contributors usually do. For example, you can clone and build https://github.com/dotnet/runtime and use the produced artifacts to execute .NET assemblies or build .NET binaries.
-
Garnet – A new remote cache-store from Microsoft Research
Yeah, it kind of is. There are quite a few of experiments that are conducted to see if they show promise in the prototype form and then are taken further for proper integration if they do.
Unfortunately, object stack allocation was not one of them even though DOTNET_JitObjectStackAllocation configuration knob exists today, enabling it makes zero impact as it almost never kicks in. By the end of the experiment[0], it was concluded that before investing effort in this kind of feature becomes profitable given how a lot of C# code is written, there are many other lower hanging fruits.
To contrast this, in continuation to green threads experiment, a runtime handled tasks experiment[1] which moves async state machine handling from IL emitted by Roslyn to special-cased methods and then handling purely in runtime code has been a massive success and is now being worked on to be integrated in one of the future version of .NET (hopefully 10?)
[0] https://github.com/dotnet/runtime/issues/11192
[1] https://github.com/dotnet/runtimelab/blob/feature/async2-exp...
-
Common Sorting Algorithms in C# - From My Experience
Orderby Linq Code Reference
-
The Mechanics of Silicon Valley Pump and Dump Schemes
The math of the above is really simple. Microsoft has 13,000 stars on their GitHub profile for their flagship product. SupaBase has 63,000 stars on their GitHub project for their flagship product. 27% of all software developers in the world are using .Net. SupaBase has 4.5 times as many likes as the .Net Core runtime, so they must be 4.5 times as large, right? 4.5 multiplied by 27% becomes 130%. Implying 130% of all software developers that exists on earth are using SupaBase (apparently!)
-
OpenD, a D language fork that is open to your contributions
> The amount of unsafe code used to implement C# vastly outweighs the amount in Rust's standard library.
According to bing.com chat, https://github.com/dotnet/runtime has 3.5M LOC, and https://github.com/rust-lang/rust has 6M LOC. The left panel of https://github.com/dotnet/runtime says 80% of the .NET runtime is written in C#.
This makes me wonder, do you happen to have a link for your “vastly outweighs” statement?
What are some alternatives?
OpenSSL - TLS/SSL and crypto library
Ryujinx - Experimental Nintendo Switch Emulator written in C#
mbedTLS - An open source, portable, easy to use, readable and flexible TLS library, and reference implementation of the PSA Cryptography API. Releases are on a varying cadence, typically around 3 - 6 months between releases.
ASP.NET Core - ASP.NET Core is a cross-platform .NET framework for building modern cloud-based web applications on Windows, Mac, or Linux.
LibTomCrypt - LibTomCrypt is a fairly comprehensive, modular and portable cryptographic toolkit that provides developers with a vast array of well known published block ciphers, one-way hash functions, chaining modes, pseudo-random number generators, public key cryptography and a plethora of other routines.
actix-web - Actix Web is a powerful, pragmatic, and extremely fast web framework for Rust.
LibreSSL - LibreSSL Portable itself. This includes the build scaffold and compatibility layer that builds portable LibreSSL from the OpenBSD source code. Pull requests or patches sent to [email protected] are welcome.
WASI - WebAssembly System Interface
Botan - Cryptography Toolkit
CoreCLR - CoreCLR is the runtime for .NET Core. It includes the garbage collector, JIT compiler, primitive data types and low-level classes.
libsodium - A modern, portable, easy to use crypto library.
vgpu_unlock - Unlock vGPU functionality for consumer grade GPUs.