Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
Modularized wxPython AGW-AUI demo module
2 projects | reddit.com/r/learnpython | 26 Sep 2022
My project attempts to freshen and modularize an advanced wxPython demo module AGW-AUI as a learning exercise. My other goal is the preparation of a structured wxPython GUI app skeleton. While the project reproduces most demo features, the original monolithic code is split into multiple loosely coupled components. A recent Python version (3.10) is required, and I use the latest wxPython release (4.2). This early attempt lacks documentation, but I hope to fix this problem later.
8 projects | reddit.com/r/programming | 2 Nov 2021
Effects, Capabilities, and Log4Shell
2 projects | reddit.com/r/ProgrammingLanguages | 7 Dec 2022
I wouldn't say they assume the whole program is equally trustworthy, but they do require that the privileges of a program monotonically decrease over the program's lifetime. For example, the doas program starts with pledge("stdio rpath getpw exec id") then checks your password and sets the program's userid, then pledge("stdio rpath exec"), then gets the working directory, then pledge("stdio exec"), and finally executes the program.2 projects | reddit.com/r/ProgrammingLanguages | 7 Dec 2022
The OP talks a lot about solving this problem through either capabilities or effect type systems, but the approach to this problem that I think is most interesting is OpenBSD's pledge() and unveil(). The way those functions work is that, when they're called at runtime, they pre-commit the program to only thereafter have access to certain system calls or filesystem locations. Any system calls that violate pledges or attempt to access veiled filesystem paths will result in system call failures (e.g. in C, syscalls would return -1 or whatever the failure result is for each function's API). This is enforced at the operating system level on a per-process basis. Effectively, it's like each process defines its own sandboxing boundaries and the OS enforces them. As an example, OpenBSD's sleep implementation first pledges it won't use anything besides I/O syscalls, then does its business. If there were some bug in the code that allowed an attacker to execute arbitrary instructions (e.g. a buffer overflow), it still couldn't do anything dangerous like modifying the filesystem or setting the process's userid to root.
Ask HN: Why the Linux Kernel doesn't have unit tests?
8 projects | news.ycombinator.com | 25 Nov 2022
PostgreSQL 14.5 On OpenBSD 7.2: Install
2 projects | dev.to | 13 Nov 2022
In OpenBSD 7.2 release, PostgreSQL was upgraded to 14.5. This post shows how to install it on the latest OpenBSD.
Looking for a simpler version of BusyBox for educational purposes
4 projects | reddit.com/r/linux_programming | 3 Nov 2022
Testing Microsoft's Windows Dev Kit 2023
3 projects | news.ycombinator.com | 3 Nov 2022
I believe the Samsung Galaxy Book Go was tested with OpenBSD during the initial developer for the ThinkPad x13s, keyboard support was added in this commit.
Many of these older generation Windows/Snapdragon laptops unfortunately did not use fast NVMe storage however, only slow eMMC and Samsung's UFS (Universal Flash Storage).
9front “The Golden Age of Ballooning” Released
3 projects | news.ycombinator.com | 1 Nov 2022
WireGuard has finally landed in FreeBSD
3 projects | news.ycombinator.com | 29 Oct 2022
I think the claim might be related to openbsd's claim on their website:
> Only two remote holes in the default install, in a heck of a long time!
I remember a time when it was zero, not two.
What’s a good book on hacking/web for recreational reading?
5 projects | reddit.com/r/hacking | 5 Oct 2022
x86 based binary exploitation: Intel Software Development Manual https://www.intel.com/content/www/us/en/developer/articles/technical/intel-sdm.html Skim through K&R C, then pick up and read Effective C by Robert Seacord, then pick up any of the books or online resources listed here: https://github.com/jwasham/coding-interview-university. Read OpenBSD's code https://github.com/openbsd/src Python: https://www.python.org/doc/ Pwntools: https://docs.pwntools.com/en/stable/ Aleph One on stack buffer overflows: https://packetstormsecurity.com/files/13875/Smashing-The-Stack-For-Fun-And-Profit.html w00w00 on heap overflows: https://packetstormsecurity.com/files/13877/w00w00-on-Heap-Overflows.html Pick up Hacking: The Art of Exploitation by Jon Erickson and give it a good read More heap fun: https://github.com/shellphish/how2heap Return Oriented Programming: https://github.com/spartansecurity/Hack-Nights/blob/master/ROP/Return_Oriented_Exploitation.pdf ret2csu: https://i.blackhat.com/briefings/asia/2018/asia-18-Marco-return-to-csu-a-new-method-to-bypass-the-64-bit-Linux-ASLR-wp.pdf Printf format string vulnerability: https://www.exploit-db.com/docs/english/28476-linux-format-string-exploitation.pdf Binwalk for extracting files, file systems, executable code from images: https://github.com/ReFirmLabs/binwalk
Outdated vs. Complete: In defense of apps that don’t need updates
6 projects | news.ycombinator.com | 26 Sep 2022
What are some alternatives?
cosmopolitan - build-once run-anywhere c library
buttersink - Buttersink is like rsync for btrfs snapshots
Joomla! - Home of the Joomla! Content Management System
bastille - Bastille is an open-source system for automating deployment and management of containerized applications on FreeBSD.
PHPT - The PHP Interpreter
frr - The FRRouting Protocol Suite
ctl - The C Template Library
coreutils - upstream mirror
PostgreSQL - Mirror of the official PostgreSQL GIT repository. Note that this is just a *mirror* - we don't work with pull requests on github. To contribute, please see https://wiki.postgresql.org/wiki/Submitting_a_Patch
Videomass - Videomass is a free, open source and cross-platform GUI for FFmpeg and youtube-dl / yt-dlp
freebsd-src - FreeBSD src tree (read-only mirror)
gentoo-overlay - Gentoo overlay