selling-partner-api
log4j_POC
selling-partner-api | log4j_POC | |
---|---|---|
5 | 4 | |
367 | 242 | |
- | - | |
9.2 | 0.0 | |
16 days ago | about 3 years ago | |
PHP | ||
BSD 3-clause "New" or "Revised" License | - |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
selling-partner-api
-
Ask HN: Freelancer? Seeking freelancer? (May 2024)
SEEKING WORK | Remote
I'm a full-stack developer and OSS maintainer, primarily focused on generating SDKs from OpenAPI specifications, building custom e-commerce integrations (Amazon, eBay, Shopify, etc), and modern PHP/Laravel development.
I've built dozens of one-off e-commerce integrations – everything from multi-platform inventory management systems to analytics dashboards to cross-border e-commerce tax compliance software.
I built and maintain the largest Selling Partner API SDK [0], which has 3.8M downloads and counting, alongside a number of other OSS e-commerce API tools [1], and custom tooling for generating SDKs from OpenAPI specifications.
I also have experience with several major web stacks (PHP/Laravel, Python/Django, JavaScript/Next, etc).
My email is jesse [at] jesseevers [dot] com.
[0] https://github.com/jlevers/selling-partner-api
- BEST SP API SDK in PHP
- Why America has so few carpenters
-
Professional maintainers: a wake-up call
I maintain a much, much smaller PHP library[0] (~1-2k downloads/month), and I've made a few thousand dollars in sponsorships, donations, and paid improvements to the library over the past year. I don't try all that hard to solicit donations, but I do have a donate button and a request for people to sponsor the library right near the top of the README. I noticed you don't have any visible donate button -- I'm guessing if you added one, and a little blurb about why people might want to donate, you'd up your donations quite a bit.
(Usual disclaimer, n=1, etc)
[0] https://github.com/jlevers/selling-partner-api
- Confused by this PHP code. Is it just comparing string literals, or am I missing something?
log4j_POC
- The Log4Shell vulnerability may have been exploited since August 2021
-
Professional maintainers: a wake-up call
> library had a bug
That was exploited since April
https://github.com/nice0e3/log4j_POC
... this 'bug' is RCE on the logging infrastructure.
> Can you explain why you think the majority of authors/maintainers burn out?
Please try maintaining a popular FOSS project for a few years and explaining to your wife why you neither have any money nor have any time.
-
Widespread Exploitation of Critical Remote Code Execution in Apache Log4j
You are talking about this? https://github.com/nice0e3/log4j_POC
No. That was another vulnerability which was for an older version of log4j, end of life 2015. https://www.cvedetails.com/cve/CVE-2019-17571/
-
Apache Releases Log4j Version 2.15.0 to Address Critical RCE Vulnerability Under Exploitation
Someone had a POC 9 months ago https://github.com/nice0e3/log4j_POC
What are some alternatives?
sp-api-sdk - Amazon Selling Partner SPI - PHP SDKs
CVE-2021-44228-Apache-Log4j-Rce - Apache Log4j 远程代码执行
sh - Python process launching
CVE-2021-44228-Apache-Log4j
sucks - Simple command-line script for the Ecovacs series of robot vacuums
ohmyzsh - 🙃 A delightful community-driven (with 2,300+ contributors) framework for managing your zsh configuration. Includes 300+ optional plugins (rails, git, macOS, hub, docker, homebrew, node, php, python, etc), 140+ themes to spice up your morning, and an auto-update tool so that makes it easy to keep up with the latest updates from the community.
openapi-generator - OpenAPI Generator allows generation of API client libraries (SDK generation), server stubs, documentation and configuration automatically given an OpenAPI Spec (v2, v3)