Our great sponsors
-
> when was the last commit to some of the GNU utils we use every day?
17 hours ago: https://github.com/coreutils/coreutils/commits/master
-
freebsd-src
The FreeBSD src tree publish-only repository. Experimenting with 'simple' pull requests....
-
InfluxDB
Power Real-Time Data Analytics at Scale. Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality.
-
src
Read-only git conversion of OpenBSD's official CVS src repository. Pull requests not accepted - send diffs to the tech@ mailing list.
-
Earlier this year I set out to completely rewrite an old project[1] using minimal, battle-tested dependencies to avoid having to constantly patch code rot associated with more modern languages and toolchains. The rewrite[2] is now complete, more performant and lightweight than the old one, and I'm confident I won't have to touch it much, if at all, and it will compile and work in 20 years.
-
Earlier this year I set out to completely rewrite an old project[1] using minimal, battle-tested dependencies to avoid having to constantly patch code rot associated with more modern languages and toolchains. The rewrite[2] is now complete, more performant and lightweight than the old one, and I'm confident I won't have to touch it much, if at all, and it will compile and work in 20 years.
-
android-oss-cves-research
An analysis on open-source Android apps intended to learn if they are harmed by vulnerable dependencies 🔒
Well, there is also the security aspect in mind. Most software relies on libraries that repeatedly get CVEs over months (not years).
You might not care too much, and it clearly depends on the application, but for me updating a software that doesn't use anymore a library for getting user input that leads to a buffer overflow if you insert a certain character, or similar things, can be quite important.
After searching "android software libraries CVEs" I found this: https://github.com/dotanuki-labs/android-oss-cves-research
It might be outdated, but the principle still applies.