wg-best-practices-os-developers
serverless-graphql
Our great sponsors
| wg-best-practices-os-developers | serverless-graphql | |
|---|---|---|
| 16 | 215 | |
| 626 | 2,708 | |
| 6.5% | 0.1% | |
| 9.7 | 0.0 | |
| 3 days ago | over 1 year ago | |
| JavaScript | JavaScript | |
| Apache License 2.0 | MIT License |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
wg-best-practices-os-developers
-
12 Free Courses To Help You Develop More Secure Software - Shift Security Left
You will learn about the different checks provided by OpenSSF Scorecard, how to configure the checks for your environment, and how to automate their implementation.
-
Heartbleed and XZ Backdoor Learnings: Open Source Infrastructure Can Be Improved Efficiently With Moderate Funding
In April 2014, the Linux Foundation Executive Director Jim Zemlin seized the opportunity to get visibility and managed to get Amazon Web Services, Cisco, Dell, Facebook, Fujitsu, Google, IBM, Intel, Microsoft, NetApp, Qualcomm, Rackspace, and VMware to all pledge to commit at least $100,000 a year for at least three years to the Core Infrastructure Initiative. The initiative continued for many years and eventually transformed into the Open Source Security Foundation. Also due to Heartbleed, the European Commission launched the EU-Free and Open Source Software Auditing project and spent at least a million euros on auditing OpenSSL, the Apache Server, KeePass, and other security-critical open source software.
-
Compiler Options Hardening Guide for C and C++
https://github.com/ossf/wg-best-practices-os-developers/issu...
The idea of using `-fsanitize-minimal-runtime` is interesting. I don't have any direct experience with that option. I've created an issue to investigate maybe adding that to the guide. Thanks for the tip!
-
OSCM: The Open Source Consumption Manifesto
These are technical details that are out of the scope of this article, but we think that it is important to mention them because the security strategy of a company should be based on a solid foundation, and these frameworks show that there are already some good starting points, companies don't have to start from scratch. If you want to know more about them or other ways to improve the security of your software supply chain, visit the OpenSSF website.
-
Best practices for effective attack surface analysis
Participating in the cybersecurity community can be a useful way to gain information about security trends and possible risks. Organizations such as the OWASP, OpenSSF, SANS Institute, and ISC2 promote the exchange of information between organizations and can raise the alarm about emerging issues or hacking strategies.
-
Need help with use cases for my new open-source project that deals with open-source security
You might find Awesome Security or Other Security Awesome Lists and the Open Source Security Foundation helpful
-
Wake-up call: why it's urgent to deal with your hardcoded credentials
Today corporations, open source projects, nonprofit foundations, and even governments are all trying to figure out how to improve the global software supply chain security. While these efforts are more than welcome, for the moment, there is hardly any straightforward way for organizations to improve on that front.
-
'Securing Open Source Software Act' Introduced to US Senate
https://github.com/ossf/wg-best-practices-os-developers/blob...
-
Great Time at JavaZone 2022
Cross industry best practices - openssf.org
- Ask HN: Who is hiring? (June 2022)
serverless-graphql
-
Testing AWS Lambda Functions (Serverless Framework) with OpenTelemetry and Tracetest
Since then, the ecosystem has changed. Using the Serverless Framework makes deployment simpler. We released the managed Tracetest App making any serverless-based systems simpler to instrument and test. You can now test public-facing apps with no infra overhead!
-
The 2024 Web Hosting Report
We see some great results from using these in conjunction with frameworks such as SST or Serverless, and also some real spaghetti from people who organically proliferate 100’s of functions over time and lose track of how they relate to each other or how to update them safely across time and service. Buyer beware!
-
Deploy app to AWS by using Serverless Framework
When we think about AWS serverless service, the first thing that comes to our mind is Lambda function. Yes, the quickest way to deploy this backend Express JS app to AWS is to deploy it as a Lambda function. The easiest way is using Serverless Framework.
-
Lambda Scheduling & Event Filtering with EventBridge using Serverless Framework
Serverless Framework: https://www.serverless.com/
-
The Top 10 GitHub Repositories Making Waves 🌊📊
Github | Website
-
Instrumenting AWS Lambda functions with OpenTelemetry SDKs
In this example, we're using the serverless framework to quickly set up the Lambda function along with an API gateway for the entry point. The lambda function is a simple Koa REST API with a few functional endpoints.
-
A Beginner's Guide to the Serverless Application Model (SAM)
Naturally, there are several options available to declare your cloud resources. The options with the most popularity are the CDK, AWS CloudFormation, SST, Serverless framework, Terraform, and AWS SAM. There are others, but when talking about Infrastructure as Code (IaC), these are the ones you hear about most often.
-
🥇 The Best Serverless Framework in 2023: A Data-Driven Showdown for AWS Projects
1 - Serverless + AWS CDK + Lift: An integration that amps up the traditional Serverless Framework with Lift's static frontend construct and CDK's robust infra definition.
-
Serverless Semantic Search, Free tier only
It's a bit easier in Python if you use tools like https://www.serverless.com/. I'm not sure if Rust has something similar yet.
-
Trace-based Testing AWS Lambda with Tracetest, ECS Fargate, and Terraform
Serverless
What are some alternatives?
tpm2-tss - OSS implementation of the TCG TPM2 Software Stack (TSS2)
LocalStack - 💻 A fully functional local AWS cloud stack. Develop and test your cloud & Serverless apps offline
tz - Time zone database and code
Serverless-Boilerplate-Express-TypeScript - 🚀🎉📚 Boilerplate and Starter for Serverless framework, ExpressJS, TypeScript, Prisma and MongoDB ⚡️ Made with developer experience first: Serverless framework + Live reload + Offline support + ExpressJS + TypeScript + ESLint + Prettier + Husky + Commitlint + Lint-Staged + Jest + Dotenv + esbuild + VSCode
aper - A Rust data structure library built on state machines.
copilot-cli - The AWS Copilot CLI is a tool for developers to build, release and operate production ready containerized applications on AWS App Runner or Amazon ECS on AWS Fargate.
Plausible Analytics - Simple, open source, lightweight (< 1 KB) and privacy-friendly web analytics alternative to Google Analytics.
terraform - Terraform enables you to safely and predictably create, change, and improve infrastructure. It is a source-available tool that codifies APIs into declarative configuration files that can be shared amongst team members, treated as code, edited, reviewed, and versioned.
bicep - Bicep is a declarative language for describing and deploying Azure resources
electrodb - A DynamoDB library to ease the use of modeling complex hierarchical relationships and implementing a Single Table Design while keeping your query code readable.
Zulip - Zulip server and web application. Open-source team chat that helps teams stay productive and focused.
chalice - Python Serverless Microframework for AWS