wg-best-practices-os-developers VS QuestDB

You will learn about the different checks provided by OpenSSF Scorecard, how to configure the checks for your environment, and how to automate their implementation.

In April 2014, the Linux Foundation Executive Director Jim Zemlin seized the opportunity to get visibility and managed to get Amazon Web Services, Cisco, Dell, Facebook, Fujitsu, Google, IBM, Intel, Microsoft, NetApp, Qualcomm, Rackspace, and VMware to all pledge to commit at least $100,000 a year for at least three years to the Core Infrastructure Initiative. The initiative continued for many years and eventually transformed into the Open Source Security Foundation. Also due to Heartbleed, the European Commission launched the EU-Free and Open Source Software Auditing project and spent at least a million euros on auditing OpenSSL, the Apache Server, KeePass, and other security-critical open source software.

https://github.com/ossf/wg-best-practices-os-developers/issu...

The idea of using `-fsanitize-minimal-runtime` is interesting. I don't have any direct experience with that option. I've created an issue to investigate maybe adding that to the guide. Thanks for the tip!

These are technical details that are out of the scope of this article, but we think that it is important to mention them because the security strategy of a company should be based on a solid foundation, and these frameworks show that there are already some good starting points, companies don't have to start from scratch. If you want to know more about them or other ways to improve the security of your software supply chain, visit the OpenSSF website.

Participating in the cybersecurity community can be a useful way to gain information about security trends and possible risks. Organizations such as the OWASP, OpenSSF, SANS Institute, and ISC2 promote the exchange of information between organizations and can raise the alarm about emerging issues or hacking strategies.

You might find Awesome Security or Other Security Awesome Lists and the Open Source Security Foundation helpful

Today corporations, open source projects, nonprofit foundations, and even governments are all trying to figure out how to improve the global software supply chain security. While these efforts are more than welcome, for the moment, there is hardly any straightforward way for organizations to improve on that front.

https://github.com/ossf/wg-best-practices-os-developers/blob...

Cross industry best practices - openssf.org

If your data lacks uniform time intervals between consecutive entries, QuestDB offers a solution by allowing you to sample your data. After that, MindsDB facilitates creating, training, and deploying your time-series models.

If you're interested in that functionality or have any other feedback, please drop by our open source repository or community Slack and let us know.

QuestDB is a high-performance time series database with SQL analytics that can power through market data ingestion and analysis. It's open source and integrates well with the tools and languages you use. Check us out!

Looks like full keys are always compared if hash codes test equal, which is what I'd expect. For example: https://github.com/questdb/questdb/blob/master/core/src/main...

But of course, I want to run a QuestDB instance on my node, which uses two additional TCP ports for Influx Line Protocol (ILP) and Pgwire communication with the database. So how can I expose these extra ports on my node and route traffic to the QuestDB container running inside of k3s?

In this post, I will detail a way in which I recently used annotations while writing an operator for my company's product, QuestDB. Hopefully this will give you an idea of how you can incorporate annotations into your own operators to harness their full potential.

QuestDB is an open source, high performance time series database. With its massive ingestion throughput speeds and cost effective operation, QuestDB reduces infrastructure costs and helps you overcome tricky ingestion bottlenecks. Thanks for reading!