security-txt
joystick
security-txt | joystick | |
---|---|---|
9 | 50 | |
1,738 | 198 | |
0.0% | 6.1% | |
10.0 | 9.9 | |
over 1 year ago | about 14 hours ago | |
HTML | JavaScript | |
GNU General Public License v3.0 or later | GNU General Public License v3.0 or later |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
security-txt
- Ask HN: I found a security issue on a (known) website, should I report it? How?
-
Why should you care about the "security.txt" file on your website?
A very, very long article to say "you should have a security.txt file, find an example at https://securitytxt.org/".
-
Ask HN: How to Submit Bugs to Shopify?
https://www.shopify.com/.well-known/security.txt (https://securitytxt.org/ standard)
- Security.txt now mandatory for Dutch government websites
-
Security.txt file now mandatory for Dutch government websites
You are looking in the wrong place. https://securitytxt.org/ proposes to create a text file called security.txt under the .well-known directory of your project.
So, the URL becomes:
- I have gained access to numerous GCloud Organizations by accident
-
I reported an IT security issue to Ecoflow and have been incredibly frustrated with the process
This is great. Would you please also implement RFC 9116 (https://www.rfc-editor.org/rfc/rfc9116 or https://securitytxt.org) and give ever security researcher the chance to get in contact with you.
- [ENG] KeePass 2.X Master Password Dumper (CVE-2023-32784)
-
We should start to add “ai.txt” as we do for “robots.txt”
security.txt https://github.com/securitytxt/security-txt :
> security.txt provides a way for websites to define security policies. The security.txt file sets clear guidelines for security researchers on how to report security issues. security.txt is the equivalent of robots.txt, but for security issues.
Carbon.txt:
> A proposed convention for website owners and digital service providers to demonstrate that their digital infrastructure runs on green electricity.
"Work out how to make it discoverable - well-known, TXT records or root domains" https://github.com/thegreenwebfoundation/carbon.txt/issues/3... re: JSON-LD instead of txt, signed records with W3C Verifiable Credentials (and blockerts/cert-verifier-js)
joystick
-
Simplicity Is an Advantage but Sadly Complexity Sells Better
I built a full-stack JS framework [1] that I thought would be a hit. As best as I can tell, because it lacks the complexity/word salad of existing solutions, it's mostly been ignored despite being (imo) an elegant solution to a long-standing problem.
[1] https://cheatcode.co/joystick
- Show HN: Joystick – A Full-Stack JavaScript Framework
-
Ask HN: Freelancer? Seeking freelancer? (April 2024)
SEEKING WORK, Tennessee, United States
Remote: Yes
I'm a full-stack, JavaScript/Node.js developer and designer. I'm the creator of the Joystick JavaScript framework [1], Push deployment service [2], and Mod CSS framework [3].
I also have experience with MongoDB, PostgreSQL, and MariaDB (limited but competent) and devops (K8s + Docker and bare-metal linux admin, the latter preferred for simplicity/stability).
Currently looking to take on clients who are open to using Joystick, Push, and Mod to design and develop their app. Because it's still at a pre-release version, I'm willing to work out deals around pricing to get some more test-cases under my belt. Ideal client is a solopreneur w/ funding or entrepreneur with previous experience + funding. Open to working with startups (early or established), but only on greenfield projects where use of Joystick is ok.
Email: [email protected].
[1] https://cheatcode.co/joystick
[2] https://cheatcode.com/push
[3] https://cheatcode.co/mod
- Ask HN: Freelance website builders/maintainers, what's in your 2024 toolkit?
-
Web Components Eliminate JavaScript Framework Lock-In
There is. I was frustrated by all of the chaos and built a solution [1]. Not too far of from an RC1 and then a 1.0 (which is being done slowly so I can freeze APIs and avoid the typical JS rug pulls).
[1] https://github.com/cheatcode/joystick
- Web Components Will Outlive Your JavaScript Framework
-
We should start to add “ai.txt” as we do for “robots.txt”
I've been (slowly) writing a new type of OSS license around this exact concept so it's easier to (legally) stop LLMs hoovering up IP [1] (under "derivative works not permitted").
[1] https://github.com/cheatcode/joystick/blob/development/LICEN...
- GitHub - cheatcode/joystick: A full-stack JavaScript framework for building web apps and websites.
- Joystick: A full-stack JavaScript framework for building web apps and websites
-
React is a fractal of bad design
Joystick [1] will let you go. No Stockholm syndrome. No lotion in the basket.
[1] https://github.com/cheatcode/joystick
What are some alternatives?
carbon.txt - A proposed convention for making it possible demonstrate that your infrastucture uses green power
SvelteKit - web development, streamlined
keepass-password-dumper - Original PoC for CVE-2023-32784
react-use - React Hooks — 👍
bugbounty-resources
concise-encoding - The secure data format for a modern world
well-known-uris - Registry for Well Known URIs
svelte-native - Svelte controlling native components via Nativescript
datatxt-spec - data.txt: Specification
next-runtime - The Next.js Runtime allows Next.js to run on Netlify with zero configuration
opengraph - A python module to parse the Open Graph Protocol
arduino-cli - Arduino command line tool