Themis
snyk
Themis | snyk | |
---|---|---|
2 | 64 | |
1,878 | 4,065 | |
0.6% | - | |
4.8 | 9.9 | |
3 months ago | over 2 years ago | |
C | TypeScript | |
Apache License 2.0 | GNU General Public License v3.0 or later |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
Themis
- Themis: Strong, usable cryptography for busy people
-
Backstage: cryptographic R&D internship at Cossack Labs
Now, the real world work starts. We introduce interns to the world of popular cryptographic libraries, help them to make their first OSS contributions, and let them practice with our cryptographic library Themis which provides a high-level crypto API on 14 languages.
snyk
-
Security Best Practices for Your Node.js Application
You could use npm audit or snyk to analyze your project’s dependencies tree and provide insights into any known vulnerabilities.
-
Snyk CLI: Introducing Semantic Versioning and release channels
Snyk CLI was introduced to the World Wide Web and security enthusiasts on October 2, 2015, as v0.0.0-pre-alpha release. In the past eight years, we released Snyk CLI nearly two thousand times — and more than eleven hundred of those releases happened in the last three years. That’s one release every thirty-two hours, signifying our customers’ growing needs as well as the pace at which we operate to meet those needs at an enterprise scale. With increasing demand, the complexity, reach, and impact of our fast-paced code changes increased, too.
-
How to secure JavaScript applications right from the CLI
There are a number of ways that you can install the Snyk CLI on your machine, ranging from using the available stand-alone executables to using package managers such as Homebrew for macOS and Scoop for Windows.
-
Axios shipped a buggy version and it broke many productions apps. Let this be a lesson to pin your dependencies!
There's tons of tools to solve each of these problems Snyk for vulnerability scanning, tons of license checker plugins (like we use license-webpack-plugin which generates the license text for everything we distribute and fails a build if a license doesn't have one of our allowlisted licenses.
-
The US military wants to understand the most important software on Earth - Open-source code runs on every computer on the planet—and keeps America’s critical infrastructure going. DARPA is worried about how well it can be trusted
oh, such companies already exist: For example Snyk
-
Badges - TL;DR for your repository's README
Snyk provides security score and vulnerability count badges, which you can link to the relevant pages, as in these examples:
-
If you had a few days to improve an existing Rails project before going live - what would you focus on?
If you app is dockerized I would recommend adding something like Snyk to make sure your image is safe.
-
NodeSecure CLI v2.0.0
Note: I remind you that we support multiple strategy for vulnerabilities like Sonatype or Snyk.
-
Free project-leading mentorship for senior engineers
My name is Adam, and I am a software engineer working at Snyk for the past 2.5 years. Over the past year, I have been leading a few projects that spanned multiple teams. My colleague is a tech lead at Snyk, and he’s been coaching people on how to lead projects effectively for a few years now.
-
What should I expect from a MacOS development environment in enterprise?
So I'm curious, how are businesses building iOS apps securely? Could a tool like Snyk replace a manual audit, or is it a good idea to have an initial manual audit of our desired environment?
What are some alternatives?
DOMPurify - DOMPurify - a DOM-only, super-fast, uber-tolerant XSS sanitizer for HTML, MathML and SVG. DOMPurify works with a secure default, but offers a lot of configurability and hooks. Demo:
trivy - Find vulnerabilities, misconfigurations, secrets, SBOM in containers, Kubernetes, code repositories, clouds and more
cryptography - cryptography is a package designed to expose cryptographic primitives and recipes to Python developers.
semgrep - Lightweight static analysis for many languages. Find bug variants with patterns that look like source code.
tweetnacl-java - TweetNaCl in Java - a port of TweetNaCl-js
SonarQube - Continuous Inspection
NeDB - The JavaScript Database, for Node.js, nw.js, electron and the browser
renovate
Crypto++ - free C++ class library of cryptographic schemes
nsp
Paramiko - The leading native Python SSHv2 protocol library.
Auto SNI - 🔐 Free, automated HTTPS for NodeJS made easy.