wg-best-practices-os-developers
zotero
Our great sponsors
wg-best-practices-os-developers | zotero | |
---|---|---|
16 | 254 | |
626 | 9,176 | |
6.5% | 3.7% | |
9.7 | 9.9 | |
4 days ago | 6 days ago | |
JavaScript | JavaScript | |
Apache License 2.0 | GNU General Public License v3.0 or later |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
wg-best-practices-os-developers
-
12 Free Courses To Help You Develop More Secure Software - Shift Security Left
You will learn about the different checks provided by OpenSSF Scorecard, how to configure the checks for your environment, and how to automate their implementation.
-
Heartbleed and XZ Backdoor Learnings: Open Source Infrastructure Can Be Improved Efficiently With Moderate Funding
In April 2014, the Linux Foundation Executive Director Jim Zemlin seized the opportunity to get visibility and managed to get Amazon Web Services, Cisco, Dell, Facebook, Fujitsu, Google, IBM, Intel, Microsoft, NetApp, Qualcomm, Rackspace, and VMware to all pledge to commit at least $100,000 a year for at least three years to the Core Infrastructure Initiative. The initiative continued for many years and eventually transformed into the Open Source Security Foundation. Also due to Heartbleed, the European Commission launched the EU-Free and Open Source Software Auditing project and spent at least a million euros on auditing OpenSSL, the Apache Server, KeePass, and other security-critical open source software.
-
Compiler Options Hardening Guide for C and C++
https://github.com/ossf/wg-best-practices-os-developers/issu...
The idea of using `-fsanitize-minimal-runtime` is interesting. I don't have any direct experience with that option. I've created an issue to investigate maybe adding that to the guide. Thanks for the tip!
-
OSCM: The Open Source Consumption Manifesto
These are technical details that are out of the scope of this article, but we think that it is important to mention them because the security strategy of a company should be based on a solid foundation, and these frameworks show that there are already some good starting points, companies don't have to start from scratch. If you want to know more about them or other ways to improve the security of your software supply chain, visit the OpenSSF website.
-
Best practices for effective attack surface analysis
Participating in the cybersecurity community can be a useful way to gain information about security trends and possible risks. Organizations such as the OWASP, OpenSSF, SANS Institute, and ISC2 promote the exchange of information between organizations and can raise the alarm about emerging issues or hacking strategies.
-
Need help with use cases for my new open-source project that deals with open-source security
You might find Awesome Security or Other Security Awesome Lists and the Open Source Security Foundation helpful
-
Wake-up call: why it's urgent to deal with your hardcoded credentials
Today corporations, open source projects, nonprofit foundations, and even governments are all trying to figure out how to improve the global software supply chain security. While these efforts are more than welcome, for the moment, there is hardly any straightforward way for organizations to improve on that front.
-
'Securing Open Source Software Act' Introduced to US Senate
https://github.com/ossf/wg-best-practices-os-developers/blob...
-
Great Time at JavaZone 2022
Cross industry best practices - openssf.org
- Ask HN: Who is hiring? (June 2022)
zotero
-
Google Scholar PDF Reader
Maybe try Zotero[1]. There are many addons which can do what you need.
[1]https://www.zotero.org/
-
I wrote my bibliography manually (Dont ask why). How do I sort it by the first letter of each entry?
And next time, you use a real literature management program like zotero (some university libraries offer classes, there is a r/zotero, etc) or jabref to create a proper bibtex file with the references. It is not that difficult, and keeps you sane (esp. if a paper has to be formatted for a different publisher). See e.g. learnlatex.
-
Ask HN: Who is hiring? (December 2023)
Zotero | Remote | Full-Time or Part-Time | https://www.zotero.org
Zotero is an open-source project that develops software to help people collect, organize, annotate, cite, and share their research. Our software is recommended by most universities and used by millions of students, scholars, scientists, and researchers worldwide.
We're looking for a JavaScript developer to work on Zotero "translators" — the pieces of code that let people click a button in their browser toolbar on any webpage and save high-quality metadata and files to their Zotero libraries. If you like web scraping, APIs, data formats, and exploring sites in the browser devtools, this would be up your alley. As a core Zotero developer, you'll also have the ability to work across Zotero's vast ecosystem and help shape the future of the project.
This is an open-ended contract role that can scale up and down in hours based on availability and workload.
https://www.zotero.org/jobs
-
Show HN: Odin – the integration of LLMs with Obsidian note taking
Zotero is your answer, it even auto generates your citations.
https://www.zotero.org/
Apparently there are plugins for Logseq and Obsidian as well.
- Ask HN: How do you use your iPad?
-
A collection of useful Mac Apps
Zotero - Price: Free Free and open-source reference manager that helps you collect, organize, and cite your research sources.
-
Is there an equivalent of calibredb for research papers?
I use the free and open source Zotero which I think you'd find very calibre-like and manage notes and concept linking with org-roam in emacs.
-
Will I lose everything on Zotero?
If you can't hold the urge to know, you can check on the Zotero web library if all of your things are still there
-
Advice for Thesis students
Resources: ZOTERO. Zotero is a free (you can pay to get more storage), open-source citation manager with optional browser plugins. IT WILL FORMAT CITATIONS FOR YOU. (sometimes you have to edit them, but most of the time it can pull metadata and format things correctly on its own). You can sort your references into folders or with tags, read and annotate PDF copies on your computer or in a mobile app, and make notes - which I used to keep track of specific quotations I wanted to use.
-
Extra Reading for Archaeology / Ancient History
You can also use online resources like The Encyclopedia of Archaeological Sciences, that I think is mostly free or the Handbook of Archaeological Sciences which I think is also mostly free. If you can't get a hold of those things you can also email the authors/editors and they might send you a free copy or look them up on Academia.edu and see if they have a free version. Also, if you don't already, use Google Scholar, it's the best resource for finding free articles and topics to read. It's also never too early to start using something like Zotaro, Mendeley, or Endnote to keep track of your readings and help you with citations/references in papers. You can literally download the citation, import it into one of those systems and it automatically formats your referencing.
What are some alternatives?
tpm2-tss - OSS implementation of the TCG TPM2 Software Stack (TSS2)
calibre - The official source code repository for the calibre ebook manager
tz - Time zone database and code
jabref - Graphical Java application for managing BibTeX and biblatex (.bib) databases
aper - A Rust data structure library built on state machines.
obsidian-citation-plugin - Obsidian plugin which integrates your academic reference manager with the Obsidian editor. Search your references from within Obsidian and automatically create and reference literature notes for papers and books.
Plausible Analytics - Simple, open source, lightweight (< 1 KB) and privacy-friendly web analytics alternative to Google Analytics.
Zettlr - Your One-Stop Publication Workbench
bicep - Bicep is a declarative language for describing and deploying Azure resources
notion-auto-pull - Bash script to automatically download a notion workspace
Zulip - Zulip server and web application. Open-source team chat that helps teams stay productive and focused.
zotero-mdnotes - A Zotero plugin to export item metadata and notes as markdown files