secutils
deno
secutils | deno | |
---|---|---|
28 | 448 | |
64 | 93,007 | |
- | 0.4% | |
9.2 | 9.9 | |
8 days ago | 2 days ago | |
Rust | Rust | |
GNU Affero General Public License v3.0 | MIT License |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
secutils
-
Supercharge your app with user extensions using Deno JavaScript runtime
As a solo-developer for Secutils.dev, I operate with very limited resources and cannot accommodate every user's feature request, even if I wish to. On the other hand, prioritizing and developing features based on assumptions and limited upfront user feedback has its own challenges and risks. That's why, right from the start, I've been considering adding some sort of "extension points" into Secutils.dev that would allow users to customize the certain behavior of the utilities according to their needs.
-
How to track anything on the internet or use Playwright for fun and profit
After a refreshing winter-time blogging-break, I'd like to resume introducing new features of Secutils.dev through practical use cases. Ever wondered how to easily track something on the internet that does not offer subscribing to updates natively? If so, let me introduce you a recently released web content tracking utility that made its debut in December 2023 (v1.0.0-alpha.4). I'll explain how I use it for various tasks, well beyond its primary security focus. Additionally, I'll cover how it's made in case you're interested in developing a similar tool yourself. Read on!
-
Explore web applications through their content security policy (CSP)
Like anything we invest our time and energy in, I want to raise awareness about the work I've done, gauge interest, and hopefully receive constructive feedback. I'm not a fan of blunt self-promotion, so I'm going to try something different - demonstrating new features in action. Sometimes I'll show their business value, and other times it'll just be for fun and entertainment. In this post, I'll demonstrate how to use the new “Import content security policy” feature to learn a bit more about the websites you use every day. Let's dive in!
-
Q4 2023 iteration: tracking arbitrary web content, user-specific webhook subdomains, inherited CSP, and more
Last week, I kicked off the new "Q4 2023 – Oct-Dec" development and research iteration for Secutils.dev, the open-source toolbox designed for developing and testing secure applications. In this post, I'll take you through the significant features and changes that will be the focus of my work in the coming weeks and months: tracking arbitrary web content, user-specific webhook subdomains, inherited CSP, and more. Let's dive in!
-
Announcing 1.0.0-alpha.3 release: more powerful resource tracking, notifications and content sharing
Earlier this week, I wrapped up the "Q3 2023 – Jul-Sep" iteration and cut a new 1.0.0-alpha.3 release of Secutils.dev. In this post, I would like to quickly walk you through the major changes since 1.0.0-alpha.2: notifications, more powerful web page resource tracker, sharing capabilities and more. Let’s dive in!
-
Running web scraping service securely
In my previous post, I shared the update regarding the upcoming "Q3 2023 - Jul-Sep" milestone. While I briefly covered how I implemented the notifications subsystem in Secutils.dev, there are a few other important changes I've been working on for this milestone. One of these changes is related to the fact that I’m preparing to allow Secutils.dev users to inject custom JavaScript scripts into the web pages they track resources for (yay 🎉). As a result, I've spent some time hardening the Web Scraper environment's security and wanted to share what you should keep in mind if you’re building a service that needs to scrape arbitrary web pages.
-
Q3 2023 update - Notifications
Notifications, in general, and email notifications, specifically, are integral to any product that involves any monitoring or tracking activities. Secutils.dev already includes, and will continue to expand, features that require the ability to send notifications. Two notable examples include sending notifications for changes detected by the web page resources trackers and changes detected in the tracked content security policies (CSP).
-
The best application security tool is education
ℹ️ ASK: If you found this post helpful or interesting, please consider showing your support by starring secutils-dev/secutils GitHub repository.
-
Useful newsletters and podcasts for indie web developers
This newsletter is like JavaScript Weekly but for Rust! It provides updates from the Rust community, highlights updates from the vital Rust projects, shares new ideas and thoughts, offers guides, updates from the Rust core teams, and, sometimes, introduces brand new Rust crates. Rust is my passion and the primary programming language I use for the Secutils.dev Server. Every time I read this newsletter, I discover something new and exciting about Rust!
-
The cost of false positives in software security, Part 2: Large applications
This is the second part of my reflection sparked by the recent “2023 State of Open Source Security” report from Snyk. It got me thinking about the price we pay for false positives in software security. In my previous post, “The Cost of False Positives in Software Security, Part 1: Small Applications”, I talked about how true and false positives affect smaller applications like Secutils.dev. Now, I want to take the same idea and apply it to a much larger software that’s a big part of my daily work: Kibana.
deno
-
Bun - The One Tool for All Your JavaScript/Typescript Project's Needs?
NodeJS is the dominant Javascript server runtime environment for Javascript and Typescript (sort of) projects. But over the years, we have seen several attempts to build alternative runtime environments such as Deno and Bun, today’s subject, among others.
-
Bun 1.1
https://github.com/denoland/deno/issues is the ideal place -- we try to triage all incoming issues, the more specific the repro the easier it is to address but we will take a look at everything that comes in.
-
I have created a small anti-depression script
Install Node.js (or Bun, or Deno, or whatever JS runtime you prefer) if it's not there
-
How QUIC is displacing TCP for speed
QUIC is very exciting, after seeing what it can do for performance in Cloudflare network and Cloudflare workers, I can't wait to finally see it in Deno[0] 1.41.
[0] https://github.com/denoland/deno/pull/21942#issuecomment-192...
-
Unison Cloud
So as an end user it's kind of like https://deno.com/ where you buy into a runtime + comes prepacked with DBs (k/v stores), scheduling, and deploy stuff?
> by storing Unison code in a database, keyed by the hash of that code, we gain a perfect incremental compilation cache which is shared among all developers of a project. This is an absolutely WILD feature, but it's fantastic and hard to go back once you've experienced it. I am basically never waiting around for my code to compile - once code has been parsed and typechecked once, by anyone, it's not touched again until it's changed.
Interesting. Whats it like upgrading and managing dependencies in that code? I'd assume it gets more complex when it's not just the Union system but 3rd party plugins (stuff interacting with the OS or other libs).
-
Deno in 2023
~90MB+ at this stage and do now allow compression without erroring out. Deploying ala Golang is not feasible at that level but could well be down the line if this dev branch is picked up again!
The exe output grew from from ~50MB to plus ~90MB from 2021 to 2024: https://github.com/denoland/deno/discussions/9811 which mean Deno is worse than Node.js's pkg solution by a decent margin.
-
Mini site for recommending songs using Svelte & Deno
Behind the scenes is a simple Sveltekit-powered server function to fetch a Spotify client token then find a user's recommendation playlist and its track information. A Deno edge function to performs this data fetch and renders server-side Svelte.
-
Supercharge your app with user extensions using Deno JavaScript runtime
If your application is written in JavaScript, integrating it with JavaScript extensions is a no-brainer. However, Secutils.dev is entirely written in Rust. How would I even begin? Fortunately, I recently came across an excellent blog post series explaining how to implement your JavaScript runtime in a Rust application with Deno:
- Deno, the next-generation JavaScript runtime
- Oxlint – written in Rust – 50-100 Times Faster than ESLint
What are some alternatives?
firecracker - Stop half-done APIs! Cherrybomb is a CLI tool that helps you avoid undefined user behaviour by auditing your API specifications, validating them and running API security tests. [Moved to: https://github.com/blst-security/cherrybomb]
ASP.NET Core - ASP.NET Core is a cross-platform .NET framework for building modern cloud-based web applications on Windows, Mac, or Linux.
kibana - Your window into the Elastic Stack
typescript-language-server - TypeScript & JavaScript Language Server
secutils-webui - The web user interface for Secutils.dev
pnpm - Fast, disk space efficient package manager
secutils-web-scraper - The web scrapper component of Secutils.dev
esbuild - An extremely fast bundler for the web
tokio-cron-scheduler - Schedule tasks on Tokio using cron-like annotation
bun - Incredibly fast JavaScript runtime, bundler, test runner, and package manager – all in one
lettre - a mailer library for Rust
Koa - Expressive middleware for node.js using ES2017 async functions