1657095915
An open-source screen recorder built with web technology
Download the latest release:
Or install with Homebrew-Cask:
brew install --cask kap
Read the contribution guide.
For more info on how to create plugins, read the plugins docs.
Download main
or builds for any other branch using: https://kap-artifacts.now.sh/<branch>
. Note that these builds are unsupported and may have issues.
Author: Wulkano
Source Code: https://github.com/wulkano/kap
License: MIT license
1656986353
open source, restful, distributed crawler engine
ants
I wrote a crawler engine named ants in python base on scrapy. But sometimes, dynamic language is chaos. So I start to write it in a compile language.
scrapy
I design the crawler framework by imitating scrapy. such as downloader,scraper,and the way user write customize spider, but in a compile way
elasticsearch
I design my distributed architecture by imitating elasticsearch. it spire me to do a engine for distributed crawler
go get github.com/PuerkitoBio/goquery
go get github.com/go-sql-driver/mysql
go get github.com/wcong/ants-go
go install github.com/wcong/ants-go
cd bin
./ants-go
curl 'http://localhost:8200/cluster'
curl 'http://localhost:8200/spiders'
curl 'http://localhost:8200/crawl?spider=spiderName'
to test cluster in one computer,you can run it from different port in different terminal
one node,use the default port tcp 8300 http 8200
cd bin
./ants-go
the other node set tcp port and http port
cd bin
./ants-go -tcp 9300 -http 9200
there are some flags you can set,check out the help message
./ants-go -h
./ants-go -help
Author: Wcong
Source Code: https://github.com/wcong/ants-go
License: MIT license
1654809060
Scaleway CLI is a tool to help you pilot your Scaleway infrastructure directly from your terminal.
A package manager installs and upgrades the Scaleway CLI with a single command. We recommend this installation mode for more simplicity and reliability:
Install the latest stable release on macOS using Homebrew:
brew install scw
Install the latest stable release on Arch Linux from offcial repositories. For instance with pacman
:
pacman -S scaleway-cli
Install the latest stable release on Windows using Chocolatey (Package):
choco install scaleway-cli
We provide static-compiled binaries for darwin (macOS), GNU/Linux, and Windows platforms. You just have to download the binary compatible with your platform to a directory available in your PATH
:
# Check out the latest release available on github <https://github.com/scaleway/scaleway-cli/releases/latest>
VERSION="2.5.1"
# Download the release from github
sudo curl -o /usr/local/bin/scw -L "https://github.com/scaleway/scaleway-cli/releases/download/v${VERSION}/scaleway-cli_${VERSION}_linux_amd64"
# Naming changed lately, the url prior to 2.5.1 was https://github.com/scaleway/scaleway-cli/releases/download/v${VERSION}/scw-${VERSION}-linux-x86_64
# Allow executing file as program
sudo chmod +x /usr/local/bin/scw
# Init the CLI
scw init
You can download the last release here: https://github.com/scaleway/scaleway-cli/releases
This official guide explains how to add tools to your PATH
.
You can use the CLI as you would run any Docker image:
docker run -i --rm scaleway/cli:latest
See more in-depth information about running the CLI in Docker here
Getting Started
After you installed the latest release just run the initialization command and let yourself be guided! :dancer:
scw init
It will set up your profile, the authentication, and the auto-completion.
# Create an instance server
scw instance server create type=DEV1-S image=ubuntu_focal zone=fr-par-1 tags.0="scw-cli"
# List your servers
scw instance server list
# Create a Kubernetes cluster named foo with cilium as CNI, in version 1.17.4 and with a pool named default composed of 3 DEV1-M and with 2 tags
scw k8s cluster create name=foo version=1.17.4 pools.0.size=3 pools.0.node-type=DEV1-M pools.0.name=default tags.0=tag1 tags.1=tag2
Reference documentation
Namespace | Description | Documentation |
---|---|---|
account | Account API | CLI |
autocomplete | Autocomplete related commands | CLI |
config | Config file management | CLI |
feedback | Send feedback to the Scaleway CLI Team! | CLI |
info | Get info about current settings | CLI |
init | Initialize the config | CLI |
baremetal | Baremetal API | CLI / API |
dns | DNS API | CLI / API |
instance | Instance API | CLI / API |
k8s | Kapsule API | CLI / API |
lb | Load Balancer API | CLI / API |
marketplace | Marketplace API | CLI |
object | Object-storage utils | CLI / API |
rdb | Database RDB API | CLI / API |
registry | Container registry API | CLI / API |
vpc | VPC API | CLI / API |
If you have a >= Go 1.13 environment, you can install the HEAD
version to test the latest features or to contribute. Note that this development version could include bugs, use tagged releases if you need stability.
go get github.com/scaleway/scaleway-cli/cmd/scw
Dependencies: We only use go Go Modules with vendoring.
You can build the scw
CLI with Docker. If you have Docker installed, you can run:
docker build -t scaleway/cli .
Once build, you can then use the CLI as you would run any image:
docker run -i --rm scaleway/cli
See more in-depth information about running the CLI in Docker here
Development
This repository is at its early stage and is still in active development. If you are looking for a way to contribute please read CONTRIBUTING.md.
Legacy version
If you are looking for the legacy CLIv1 you can take a look at the v1 branch. We also wrote a migration guide to help transition to the CLIv2.
Reach Us
We love feedback. Don't hesitate to open a Github issue or feel free to reach us on Scaleway Slack community, we are waiting for you on #opensource.
Author: Scaleway
Source Code: https://github.com/scaleway/scaleway-cli
License: Apache-2.0 license
1654653660
Give thanks (in the form of a GitHub ★) to your fellow Go modules maintainers.
About
GoThanks performs the following operations
This is a simple way to say thanks to the maintainers of the modules you use and the contributors of Go itself.
Credits
GoThanks is a Go port of symfony/thanks implemented by Nicolas Grekas (nicolas-grekas) for PHP.
Original idea by Doug Tangren (softprops) for Rust.
Installation
$ go get -u github.com/psampaz/gothanks
Usage
In order to run GoThanks you need to have a valid Github Access Token with public_repo
scope.
You can pass the token as an argument to GoThanks or store it in an environmental variable named GITHUB_TOKEN.
Inside the folder where your go.mod lives run:
$ ./gothanks -github-token=xxxxxx
or
$ export GITHUB_TOKEN=xxxxx
$ ./gothanks
Run
docker run -it --rm -v $(pwd):/home psampaz/gothanks:latest -github-token=xxxxxx
or
docker run -it --rm -v $(pwd):/home --env GITHUB_TOKEN=xxxxxx psampaz/gothanks:latest
Example
$ ./gothanks
Welcome to GoThanks :)
You are about to star you beloved dependencies.
Press y to continue or n to abort
y
Sending your love..
Repository github.com/golang/go is already starred!
Repository github.com/golang/net is already starred!
Sending a star to github.com/google/go-github
Sending a star to github.com/stretchr/testify
Sending a star to github.com/sirupsen/logrus
Thank you!
You can also run it on non-interactive environments using -y
flag.
$ ./gothanks -y
Welcome to GoThanks :)
Sending your love..
Repository github.com/golang/go is already starred!
Repository github.com/google/go-github is already starred!
Repository github.com/sirkon/goproxy is already starred!
Repository github.com/golang/crypto is already starred!
Repository github.com/golang/net is already starred!
Repository github.com/golang/oauth2 is already starred!
Thank you!
Author: Psampaz
Source Code: https://github.com/psampaz/gothanks
License: MIT license
1654588030
TypeScript Deep Dive
I've been looking at the issues that turn up commonly when people start using TypeScript. This is based on the lessons from Stack Overflow / DefinitelyTyped and general engagement with the TypeScript community. You can follow for updates and don't forget to ★ on GitHub 🌹
If you are here to read the book online get started.
Book is completely free so you can copy paste whatever you want without requiring permission. If you have a translation you want me to link here. Send a PR.
You can also download one of the Epub, Mobi, or PDF formats from the actions tab by clicking on the latest build run. You will find the files in the artifacts section.
All the amazing contributors 🌹
Share URL: https://basarat.gitbook.io/typescript/
Author: Basarat
Source Code: https://github.com/basarat/typescript-book/
License: View license
1654049820
Charts painter
Idea behind this lib is to allow highly customizable charts. By having decorations as Widgets (foreground and background) and item renderers that can be updated with how and where they draw items.
Customizing and adding new decorations and items will require some RenderObject knowledge.
Example charts that can easily be built.
Add it to your package's pubspec.yaml file
dependencies:
charts_painter: ^2.0.0+2
Install packages from the command line
flutter packages get
Chart data has some options that will change how the data will be processed. By changing axisMin
or axisMax
scale of the chart will change in order to show that value, in case data has higher/lower data than axisMax/axisMin, then this option is ignored.
Adding valueAxisMaxOver
will add that value to currently the highest value.
Data strategy can manipulate data before being drawn, in case you want to stack data you can pass StackDataStrategy
. Strategy only affects how multiple lists are being processed, to change how multi list items can be drawn see ChartBehaviour.multiItemStack
Sets chart behaviour and interaction like onClick and isScrollable can be set here
Options that set how it draws each item and how it looks. When using BarItemOptions
or BubbleItemOptions
geometry painters have been preset, and they include some extra options for their painters.
What are geometry items?
Geometry items are RenderObjects that are responsible for drawing each item on the canvas. Included in the lib are 2 GeometryPainters
's.
Bar painter (default) | Bubble painter |
---|---|
![bar_painter] | ![bubble_painter] |
![candle_painter] |
We use Decorations to enhance our charts. Chart decorations can be painted in the background or in a foreground of the items. Everything that is not chart item is a decoration. See all decorations
Here are decorations we have included, bar items with opacity have been added for better visibility.
Now you are ready to use charts lib. If chart needs to animate the state changes then use AnimatedChart<T>
widget instead of Chart<T>
widget. AnimatedChart<T>
needs to specify Duration
and it can accept Curve
for animation.
By passing ChartState.line
or ChartState.bar
to Chart widget we will add appropriate decorations for the selected chart.
@override
Widget build(BuildContext context) {
return Chart(
state: ChartState.line(
ChartData.fromList(
<double>[1, 3, 4, 2, 7, 6, 2, 5, 4].map((e) => BubbleValue<void>(e)).toList(),
),
),
);
}
By charging ChartState.line
to ChartState.bar
we can change look of the chart.
@override
Widget build(BuildContext context) {
return Chart(
state: ChartState.bar(
ChartData.fromList(
<double>[1, 3, 4, 2, 7, 6, 2, 5, 4].map((e) => BarValue<void>(e)).toList(),
),
),
);
}
This is how you can start, this is simple bar chart with grid decoration:
@override
Widget build(BuildContext context) {
return Padding(
padding: const EdgeInsets.all(8.0),
child: Chart<void>(
height: 600.0,
state: ChartState(
ChartData.fromList(
[1, 3, 4, 2, 7, 6, 2, 5, 4].map((e) => BarValue<void>(e.toDouble())).toList(),
axisMax: 8.0,
),
itemOptions: BarItemOptions(
padding: const EdgeInsets.symmetric(horizontal: 8.0),
radius: BorderRadius.vertical(top: Radius.circular(42.0)),
),
backgroundDecorations: [
GridDecoration(
verticalAxisStep: 1,
horizontalAxisStep: 1,
),
],
foregroundDecorations: [
BorderDecoration(borderWidth: 5.0),
],
),
),
);
}
Code above will draw this:
To turn any chart to line chart we just need to add SparklineDecoration
to foregroundDecorations
or backgroundDecorations
. This will add decoration line on top/bottom of the chart.
By replacing the BarValue
to BubbleValue
and changing geometryPainter
to bubblePainter
we can show nicer line chart with small bubbles on data points:
@override
Widget build(BuildContext context) {
return Padding(
padding: const EdgeInsets.all(8.0),
child: Chart<void>(
height: 600.0,
state: ChartState(
ChartData.fromList(
/// CHANGE: Change [BarValue<void>] to [BubbleValue<void>]
[1, 3, 4, 2, 7, 6, 2, 5, 4].map((e) => BubbleValue<void>(e.toDouble())).toList(),
axisMax: 8.0,
),
/// CHANGE: From [BarItemOptions] to [BubbleItemOptions]
itemOptions: BubbleItemOptions(
padding: const EdgeInsets.symmetric(horizontal: 8.0),
/// REMOVED: Radius doesn't exist in [BubbleItemOptions]
// radius: BorderRadius.vertical(top: Radius.circular(12.0)),
/// ADDED: Make [BubbleValue] items smaller
maxBarWidth: 4.0,
),
backgroundDecorations: [
GridDecoration(
verticalAxisStep: 1,
horizontalAxisStep: 1,
),
],
foregroundDecorations: [
BorderDecoration(borderWidth: 5.0),
/// ADDED: Add spark line decoration ([SparkLineDecoration]) on foreground
SparkLineDecoration(),
],
),
),
);
}
Code above will make our nicer line graph:
Charts can have multiple values that are grouped. To turn any chart to multi value we need to use ChartState
instead of ChartState.fromList
constructor. Default constructor will accept List<List<ChartItem<T>>
allowing us to pass multiple lists to same chart.
@override
Widget build(BuildContext context) {
return Padding(
padding: const EdgeInsets.all(8.0),
child: Chart<void>(
height: 600.0,
state: ChartState(
/// CHANGE: From [ChartData.fromList] to [ChartData]
ChartData(
/// CHANGE: Add list we had into bigger List
[
[1, 3, 4, 2, 7, 6, 2, 5, 4].map((e) => BubbleValue<void>(e.toDouble())).toList(),
/// ADD: Another list
[4, 6, 3, 3, 2, 1, 4, 7, 5].map((e) => BubbleValue<void>(e.toDouble())).toList(),
],
axisMax: 8.0,
),
itemOptions: BubbleItemOptions(
padding: const EdgeInsets.symmetric(horizontal: 8.0),
maxBarWidth: 4.0,
/// ADDED: Color bubbles differently depending on List they came from. [ColorForIndex]
colorForKey: (item, index) {
return [Colors.red, Colors.blue][index];
},
),
backgroundDecorations: [
GridDecoration(
verticalAxisStep: 1,
horizontalAxisStep: 1,
),
],
foregroundDecorations: [
BorderDecoration(borderWidth: 5.0),
/// ADDED: Add another [SparkLineDecoration] for the second list
SparkLineDecoration(
// Specify key that this [SparkLineDecoration] will follow
// Throws if `lineKey` does not exist in chart data
lineArrayIndex: 1,
lineColor: Colors.blue,
),
SparkLineDecoration(),
],
),
),
);
}
Code above will make this multi line graph:
Charts can also be scrollable, to use scroll first you have to wrap chart your chart in SingleChildScrollView
widget. Then in ChartBehaviuor
make sure you set isScrollable
to true.
To make sure you can make any chart you want, we have included DecorationsRenderer
as widget that you can use outside of the chart bounds. That is useful for fixed legends:
To make fixed decorations you will have to make these changes to your chart:
final _chartState = ChartState(
ChartData.fromList([1, 2, 3, 4, 5, 3, 2, 2].map((e) => BarValue<void>(e.toDouble())).toList()),
behaviour: ChartBehaviour(
// 1) Make sure the chart can scroll
isScrollable: true,
),
backgroundDecorations: [
HorizontalAxisDecoration(
endWithChart: false,
lineWidth: 1.0,
axisStep: 1,
lineColor: Theme.of(context).colorScheme.primaryVariant.withOpacity(0.2),
),
],
);
/// .....Somewhere in build method.....
// 2) Wrap Chart in Row widget
Row(
children: [
Expanded(
// 3) Wrap chart in `SingleChildScrollView`
child: SingleChildScrollView(
scrollDirection: Axis.horizontal,
child: Chart(
width: MediaQuery.of(context).size.width,
// Make sure height for the chart and fixed decoration are the same
height: MediaQuery.of(context).size.height * 0.4,
state: _chartState,
),
),
),
// 4) Add fixed decoration at the end of scroll view
Container(
color: Colors.white,
width: 14.0,
// Make sure height for the fixed decoration and chart are the same
height: MediaQuery.of(context).size.height * 0.4,
// 5) Use `DecorationsRenderer` to render fixed decoration
child: DecorationsRenderer(
[
HorizontalAxisDecoration(
lineWidth: 1.0,
axisStep: 1,
showValues: true,
legendFontStyle: Theme.of(context).textTheme.caption,
valuesAlign: TextAlign.center,
lineColor: Theme.of(context).colorScheme.primaryVariant.withOpacity(0.2),
)
],
// Must pass same state, this is used to calculate spacings and padding of decoration, to make sure it matches the chart.
_chartState,
),
)
],
);
Line chart with multiple values example code
Bar chart with area example code
Scrollable bar chart example code
Run this command:
With Flutter:
$ flutter pub add charts_painter
This will add a line like this to your package's pubspec.yaml (and run an implicit flutter pub get
):
dependencies:
charts_painter: ^2.0.0+2
Alternatively, your editor might support flutter pub get
. Check the docs for your editor to learn more.
Now in your Dart code, you can use:
import 'package:charts_painter/chart.dart';
import 'package:charts_painter/chart/model/chart_state.dart';
import 'package:charts_painter/chart/model/data/chart_data.dart';
import 'package:charts_painter/chart/model/data_strategy/data_strategy.dart';
import 'package:charts_painter/chart/model/data_strategy/default_data_strategy.dart';
import 'package:charts_painter/chart/model/data_strategy/stack_data_strategy.dart';
import 'package:charts_painter/chart/model/geometry/bar_value_item.dart';
import 'package:charts_painter/chart/model/geometry/bubble_value_item.dart';
import 'package:charts_painter/chart/model/geometry/candle_value_item.dart';
import 'package:charts_painter/chart/model/geometry/chart_item.dart';
import 'package:charts_painter/chart/model/theme/chart_behaviour.dart';
import 'package:charts_painter/chart/model/theme/item_theme/bar_item_options.dart';
import 'package:charts_painter/chart/model/theme/item_theme/item_options.dart';
import 'package:charts_painter/chart/model/theme/item_theme/line_item_options.dart';
import 'package:charts_painter/chart/render/chart_renderer.dart';
import 'package:charts_painter/chart/render/data_renderer/chart_data_renderer.dart';
import 'package:charts_painter/chart/render/data_renderer/chart_linear_data_renderer.dart';
import 'package:charts_painter/chart/render/decorations/border_decoration.dart';
import 'package:charts_painter/chart/render/decorations/decoration_painter.dart';
import 'package:charts_painter/chart/render/decorations/grid_decoration.dart';
import 'package:charts_painter/chart/render/decorations/horizontal_axis_decoration.dart';
import 'package:charts_painter/chart/render/decorations/renderer/chart_decoration_child_renderer.dart';
import 'package:charts_painter/chart/render/decorations/renderer/chart_decoration_renderer.dart';
import 'package:charts_painter/chart/render/decorations/selected_item_decoration.dart';
import 'package:charts_painter/chart/render/decorations/spark_line_decoration.dart';
import 'package:charts_painter/chart/render/decorations/target_decoration.dart';
import 'package:charts_painter/chart/render/decorations/target_legends_decoration.dart';
import 'package:charts_painter/chart/render/decorations/value_decoration.dart';
import 'package:charts_painter/chart/render/decorations/vertical_axis_decoration.dart';
import 'package:charts_painter/chart/render/decorations_renderer.dart';
import 'package:charts_painter/chart/render/geometry/leaf_item_renderer.dart';
import 'package:charts_painter/chart/render/geometry/painters/bar_geometry_painter.dart';
import 'package:charts_painter/chart/render/geometry/painters/bubble_geometry_painter.dart';
import 'package:charts_painter/chart/render/geometry/painters/geometry_painter.dart';
import 'package:charts_painter/chart/render/util/dashed_path_util.dart';
import 'package:charts_painter/chart/widgets/animated_chart.dart';
import 'package:charts_painter/chart/widgets/chart.dart';
import 'package:charts_painter/chart/widgets/chart_widget.dart';
example/lib/main.dart
import 'package:charts_painter/chart.dart';
import 'package:example/chart_types.dart';
import 'package:example/charts/bar_target_chart_screen.dart';
import 'package:example/complex/complex_charts.dart';
import 'package:example/showcase/showcase_charts.dart';
import 'package:flutter/cupertino.dart';
import 'package:flutter/material.dart';
import 'charts/line_chart_screen.dart';
import 'charts/scrollable_chart_screen.dart';
void main() {
runApp(ChartDemo());
}
class ChartDemo extends StatefulWidget {
ChartDemo({Key key}) : super(key: key);
@override
_ChartDemoState createState() => _ChartDemoState();
}
class _ChartDemoState extends State<ChartDemo> {
@override
Widget build(BuildContext context) {
return MaterialApp(
theme: ThemeData.light().copyWith(
accentColor: Color(0xFFd8262C),
colorScheme: ThemeData.light().colorScheme.copyWith(
primary: Color(0xFFd8262C),
secondary: Color(0xFF353535),
error: Colors.lightBlue,
),
primaryColor: Colors.red,
),
home: Scaffold(
appBar: AppBar(
title: Text('Charts showcase'),
),
body: ShowList(),
),
);
}
}
class ShowList extends StatelessWidget {
ShowList({Key key}) : super(key: key);
@override
Widget build(BuildContext context) {
return ListView(
children: [
SizedBox(
height: 8.0,
),
Padding(
padding: const EdgeInsets.symmetric(horizontal: 16.0, vertical: 8.0),
child: Text(
'Chart types',
style: Theme.of(context).textTheme.bodyText2.copyWith(
fontWeight: FontWeight.w800,
fontSize: 14.0,
),
),
),
Divider(),
ChartTypes(),
Padding(
padding: const EdgeInsets.symmetric(horizontal: 16.0, vertical: 8.0),
child: Text(
'Chart Decorations',
style: Theme.of(context).textTheme.bodyText2.copyWith(
fontWeight: FontWeight.w800,
fontSize: 14.0,
),
),
),
Divider(),
ListTile(
title: Text('Sparkline decoration'),
trailing: Padding(
padding: const EdgeInsets.symmetric(vertical: 8.0),
child: Container(
width: 100.0,
child: Chart(
state: ChartState<void>(
ChartData.fromList(
[2, 7, 2, 4, 7, 6, 2, 5, 4]
.map((e) => BubbleValue<void>(e.toDouble()))
.toList(),
axisMax: 9,
),
itemOptions: BubbleItemOptions(
padding: const EdgeInsets.symmetric(horizontal: 2.0),
color: Theme.of(context).accentColor,
maxBarWidth: 1.0,
),
backgroundDecorations: [
GridDecoration(
showVerticalGrid: false,
horizontalAxisStep: 3,
gridColor: Theme.of(context).dividerColor,
),
SparkLineDecoration(
lineWidth: 2.0,
lineColor: Theme.of(context).colorScheme.primary,
),
],
),
),
),
),
onTap: () {
Navigator.of(context).push<void>(
MaterialPageRoute(builder: (_) => LineChartScreen()));
},
),
Divider(),
ListTile(
title: Text('Target line decoration'),
trailing: Padding(
padding: const EdgeInsets.symmetric(vertical: 8.0),
child: Container(
width: 100.0,
child: Chart(
state: ChartState<void>(
ChartData.fromList(
[1, 3, 4, 2, 7, 6, 2, 5, 4]
.map((e) => BarValue<void>(e.toDouble()))
.toList(),
axisMax: 8,
),
itemOptions: BarItemOptions(
padding: const EdgeInsets.symmetric(horizontal: 2.0),
color: Theme.of(context).accentColor,
maxBarWidth: 4.0,
),
backgroundDecorations: [
GridDecoration(
verticalAxisStep: 1,
horizontalAxisStep: 2,
gridColor: Theme.of(context).dividerColor,
),
],
foregroundDecorations: [
TargetLineDecoration(
target: 6,
colorOverTarget: Theme.of(context).colorScheme.error,
targetLineColor:
Theme.of(context).colorScheme.secondary,
),
BorderDecoration(
borderWidth: 1.5,
color: Theme.of(context).primaryColorDark,
),
]),
),
),
),
onTap: () {
Navigator.of(context).push<void>(
MaterialPageRoute(builder: (_) => BarTargetChartScreen()));
},
),
Divider(),
Padding(
padding: const EdgeInsets.symmetric(horizontal: 16.0, vertical: 8.0),
child: Text(
'Chart Interactions',
style: Theme.of(context).textTheme.bodyText2.copyWith(
fontWeight: FontWeight.w800,
fontSize: 14.0,
),
),
),
Divider(),
ListTile(
title: Text('Scrollable chart'),
trailing: Padding(
padding: const EdgeInsets.symmetric(vertical: 8.0),
child: Container(
width: 100.0,
child: Chart(
state: ChartState<void>(
ChartData.fromList(
[1, 3, 4, 2, 7, 6, 2, 5, 4]
.map((e) => BarValue<void>(e.toDouble()))
.toList(),
axisMax: 8,
),
itemOptions: BarItemOptions(
padding: const EdgeInsets.symmetric(horizontal: 2.0),
radius: BorderRadius.vertical(top: Radius.circular(12.0)),
color: Theme.of(context).accentColor,
),
backgroundDecorations: [
GridDecoration(
verticalAxisStep: 1,
horizontalAxisStep: 4,
gridColor: Theme.of(context).dividerColor,
),
SparkLineDecoration(
lineColor: Theme.of(context).accentColor,
),
],
),
),
),
),
onTap: () {
Navigator.of(context).push<void>(
MaterialPageRoute(builder: (_) => ScrollableChartScreen()));
},
),
Divider(),
Padding(
padding: const EdgeInsets.symmetric(horizontal: 16.0, vertical: 8.0),
child: Text(
'Complex charts',
style: Theme.of(context).textTheme.bodyText2.copyWith(
fontWeight: FontWeight.w800,
fontSize: 14.0,
),
),
),
Divider(),
ComplexCharts(),
ShowcaseCharts(),
SizedBox(
height: 24.0,
),
],
);
}
}
Author: infinum
Source Code: https://github.com/infinum/flutter-charts
License: MIT license
1653778680
Beego
Beego is used for rapid development of enterprise application in Go, including RESTful APIs, web apps and backend services.
It is inspired by Tornado, Sinatra and Flask. beego has some Go-specific features such as interfaces and struct embedding.
Beego is composed of four parts:
Please use RELEASE version, or master branch which contains the latest bug fix
hello
directory, cd hello
directorymkdir hello
cd hello
go mod init
go get github.com/beego/beego/v2@latest
hello.go
package main
import "github.com/beego/beego/v2/server/web"
func main() {
web.Run()
}
go build hello.go
./hello
Congratulations! You've just built your first beego app.
If you could not open official website, go to beedoc
Author: Beego
Source Code: https://github.com/beego/beego
License: View license
1653384000
完璧なスタートアップチームを想像してみてください。小さなグループが互いに効果的にコミュニケーションを取り、物事を成し遂げます。彼らはお互いと彼らの仕事を気にかけ、それは彼らの結果に表れています。
オープンソースプロジェクトはそのようなものでなければなりません。オープンソースプロジェクトで他の人と協力しているときは、同じスタートアップエネルギーを模倣してみてください。
思いやりを持って
オープンソースコミュニティは、プロジェクト、他の人々、そして特に自分自身を気にする人々によって構築されています。
プロジェクトを気にしないのであれば、改善のためにプロジェクトに貢献することのポイントは何ですか?
選択できるプロジェクトは非常に多いので、楽しんでいないプロジェクトに時間を無駄にするのではなく、楽しんでいるプロジェクトに貢献してください。
他の画面には常に人がいることを忘れないでください。彼らを敬意を持って扱い、彼らがあなたのために同じことをする可能性が高いことを知ってください。
とりわけ、あなたは自分自身を気にかけるべきです。自分の時間とメンタルヘルスを尊重してください。
オープンソースプロジェクトに取り組んでいるとき、実際に続行する義務はほとんどありません。それはボランティアの努力であり、それがあなたの精神状態に悪影響を及ぼしている場合は、それをやめてください。あなたはもっと重要です。
明確に通信する
明確なコミュニケーションにより、プロジェクトはスムーズに実行されます。これは、他の人と対話するための最初のステップは、コミュニケーションを公開し続けることであることを意味します。
オープンソースでのコミュニケーションの悪さをよく目にする主な場所は2つあります。
まず第一に、あなたが取り組んでいることを常に他の人に伝えてください。多くの場合、誰かが問題の解決に取り組み始めますが、他の人には言わないでください。すぐに、他の誰かがまったく同じことをし、手遅れになるまで他の誰かが仕事をしていることをどちらも知らず、彼らの両方の努力が無駄になります。
第二に、あなたがするすべてのことで文脈を共有します。バグについて説明するときは、「機能しない」以上のことを言ってください。問題の原因と、それを修正するためにこれまでに何を試みたかを説明してください。ただし、あまり共有しないでください。見つけたタイプミスを修正する前に、誰もあなたのライフストーリーを聞く必要はありません。
私たちは、他の人からの建設的なフィードバックを一生受け入れるべきだと聞いています。しかし、アドバイスを聞くことと実際にそれを心に留めることには違いがあります。
すべてのオープンソースプロジェクトの大部分はコードレビューです。誰かがいくつかの変更を加えたいときは、最初にそれらを調べる必要があります。お互いに明確にコミュニケーションをとることは、寄稿者と査読者の両方の仕事です。
わからないことや、どうやってやるのかわからないときはどうしますか?あなたは完全に諦めてあなたの努力を放棄しますか、それとも解決策を見つけようとしますか?
あなたが何かで助けを必要とするとき、あなたが見るべき3つの場所があります。まず、自分で問題を解決することから始めます。多くの場合、これは一歩下がって全体像を見るのと同じくらい簡単です。
それでも問題が解決しない場合は、オンラインで検索してみてください。オープンソースで支援するときにあなたが持っているほとんどすべての質問は、おそらく以前に誰かによって尋ねられたので、それをグーグルで検索してください!Stack Overflow、Quora、さらにはRedditなどのサイトで役立つ回答が見つかる可能性があります。
最後に、他のすべてが失敗し、まだ苦労している場合は、作業中のプロジェクトのコミュニティに連絡してください。プルリクエストのコードレビューの最中の場合は、コメントを残して質問してください。
何よりも、質問を避けて際限なく苦労するよりも、どんなに小さな質問でも質問するほうがよいでしょう。
あなたが望む方法で貢献する
オープンソースはコードだけではありません。あなたのスキルセットが何であれ、あなたは間違いなくそれをオープンソースの世界で助けるために使うことができます。
人気のあるGitHubリポジトリを見ると、コードだけではないことがわかります。少なくとも、プロジェクトの詳細が書かれたREADMEファイルがあります。
コードの記述、テスト、レビューの他に、イベントの整理、メディアの設計、プロジェクトについての記述などに取り組むことができます。
オープンソースプロジェクトは成長し変動しているコミュニティ全体であるため、実行できるタスクは無限にあります。
何か新しいことに挑戦します
オープンソースソフトウェアを手伝っているときは、単一のコミュニティに限定されないので、少し調べてみてください。
周りを見て、好きなコミュニティを見つけて、すぐに参加してください。アイデアはあるが、そのプロジェクトが存在しない場合は、自分でプロジェクトを開始してください。
どこで支援したいかがわかったら、支援が必要な問題(特に、GitHubで「良い最初の問題」のラベルが付けられた問題)を開いて、それに到達します。
急がないでください
一般的に、オープンソースの作業には実際の期限はありません。オンラインでボランティア活動をしているだけの場合は、他の誰かがあなたが取り組んでいたタスクを引き受けることを除けば、もう少し時間がかかることによる影響はありません。
「後方につまずくためだけに大きな飛躍をするよりも、正しい方向に多くの小さな一歩を踏み出す方が良いです。」(中国のことわざ)
急ぐ必要がないという事実は別として、急いでいる仕事は決してそれほど良くないことも注目に値します。時間をかけて問題を考え、最善の解決策を考えてください。
結論
オープンソースプロジェクトは複雑ですが、複雑である必要はありません。あなたが良いコミュニケーションと社会的スキルを練習し、あなたが助けている理由を知っている限り、あなたは素晴らしいことをするでしょう。
読んでいただきありがとうございます。素敵な一日を!
1653369720
Imagine el equipo de inicio perfecto: un pequeño grupo que se comunica de manera efectiva entre sí para hacer las cosas. Se preocupan el uno por el otro y por su trabajo, y eso se nota en los resultados.
Los proyectos de código abierto deberían ser así. Cuando esté trabajando con otros en un proyecto de código abierto, intente imitar esa misma energía de inicio.
Se compasivo
Las comunidades de código abierto están construidas por personas que se preocupan: por el proyecto, por otras personas y especialmente por ellos mismos.
Si no te importa un proyecto, entonces ¿de qué sirve contribuir a él para lograr una mejora?
Hay tantos proyectos diferentes para elegir, así que contribuya a los que disfruta en lugar de perder el tiempo en los que no.
Nunca olvides que siempre hay una persona en la otra pantalla. Trátelos con respeto y sepa que probablemente harán lo mismo por usted.
Sobre todo, debes cuidarte a ti mismo. Respeta tu propio tiempo y tu salud mental.
Cuando trabaja en un proyecto de código abierto, casi nunca está obligado a continuar. Es un esfuerzo voluntario, y si tiene un impacto negativo en su estado mental, déjelo. Tú eres más importante.
Comuníquese claramente
Una comunicación clara mantiene los proyectos funcionando sin problemas. Esto significa que el primer paso para interactuar con otros es mantener la comunicación pública.
Hay dos lugares principales donde a menudo veo mala comunicación en código abierto:
En primer lugar, siempre cuéntale a los demás en qué estás trabajando. Con frecuencia, alguien comenzará a trabajar para resolver un problema, pero sin decírselo a nadie más. Pronto, alguien más hace exactamente lo mismo, y ninguno sabe que el otro está haciendo el trabajo hasta que es demasiado tarde, y ambos esfuerzos se desperdician.
En segundo lugar, comparte el contexto en todo lo que haces. Cuando describa un error, diga algo más que "no funciona". Explique qué condujo al problema y qué ha intentado hasta ahora para solucionarlo. Sin embargo, no comparta demasiado. Nadie necesita escuchar la historia de su vida antes de corregir un error tipográfico que encontró.
Hemos escuchado que debemos aceptar comentarios constructivos de los demás durante toda nuestra vida. Sin embargo, hay una diferencia entre escuchar un consejo y realmente tomarlo en serio.
Una gran parte de cada proyecto de código abierto es la revisión del código. Cuando alguien quiere hacer algunos cambios, primero debe revisarlos. Es trabajo tanto del colaborador como del revisor comunicarse claramente entre sí.
Cuando te encuentras con algo que no entiendes o no sabes cómo realizar una tarea, ¿qué haces? ¿Te rindes por completo y abandonas tu arduo trabajo, o tratas de encontrar una solución?
Cuando necesite ayuda con algo, hay tres lugares donde debe buscar. Primero, comience tratando de resolver el problema usted mismo. A menudo, esto es tan simple como dar un paso atrás y mirar el panorama general.
Si eso no funciona, puede intentar buscar en línea. Casi todas las preguntas que tienes cuando ayudas en el código abierto probablemente te las hayan hecho alguien antes, ¡así que solo búscalas en Google! Es probable que encuentre una respuesta útil en sitios como Stack Overflow, Quora o incluso Reddit.
Finalmente, si todo lo demás falla y aún tiene problemas, comuníquese con la comunidad del proyecto en el que está trabajando. Si está en medio de una revisión de código en una solicitud de extracción, simplemente deje un comentario y pregunte.
Sobre todo, es mejor hacer su pregunta, por pequeña que sea, que evitar preguntar y luchar sin cesar.
Contribuye como quieras
El código abierto no se trata solo de código. Cualquiera que sea su conjunto de habilidades, definitivamente puede usarlo para ayudar en el mundo del código abierto.
Si echa un vistazo a cualquier repositorio popular de GitHub, notará que no es solo código. Como mínimo, hay un archivo README escrito con detalles sobre el proyecto.
Además de escribir, probar y revisar el código, puede trabajar en la organización de eventos, el diseño de medios, la redacción de proyectos y más.
Hay un sinfín de tareas que puede realizar porque los proyectos de código abierto son comunidades enteras que crecen y fluctúan.
Intenta algo nuevo
No estás confinado a una sola comunidad cuando ayudas con el software de código abierto, ¡así que explora un poco!
Echa un vistazo, trata de encontrar una comunidad que te guste y lánzate de inmediato. Si tienes una idea, pero no existe un proyecto para ella, ¡comienza uno tú mismo!
Cómo iniciar un nuevo proyecto de código abierto
Una vez que sepa dónde quiere ayudar, abra los problemas que necesitan ayuda (especialmente aquellos etiquetados con una etiqueta de "buen primer problema" en GitHub), ¡y hágalo!
no te apresures
Generalmente, el trabajo de código abierto no tiene una fecha límite real. Si solo está ofreciendo su tiempo como voluntario en línea, no hay consecuencias por tomarse un poco más de tiempo, además de que otra persona asuma la tarea en la que estaba trabajando.
“Es mejor dar muchos pequeños pasos en la dirección correcta que dar un gran salto hacia adelante y tropezar hacia atrás”. (Proverbio chino)
Aparte del hecho de que no necesitas apresurarte, también vale la pena señalar que el trabajo apresurado nunca es tan bueno. Tómese su tiempo, piense en el problema y encuentre la mejor solución.
Conclusión
Los proyectos de código abierto son complejos, pero no tienen por qué ser complicados. Te irá muy bien siempre y cuando practiques una buena comunicación y habilidades sociales y sepas por qué estás ayudando.
Muchas Gracias Por Leer. ¡Ten un día maravilloso!
Fuente: https://betterprogramming.pub/5-bonus-tips-to-help-out-effectly-on-open-source-projects-d5f64e8c04b8
1653019800
Security Scorecards
We created Scorecards to give consumers of open-source projects an easy way to judge whether their dependencies are safe.
Scorecards is an automated tool that assesses a number of important heuristics ("checks") associated with software security and assigns each check a score of 0-10. You can use these scores to understand specific areas to improve in order to strengthen the security posture of your project. You can also assess the risks that dependencies introduce, and make informed decisions about accepting these risks, evaluating alternative solutions, or working with the maintainers to make improvements.
The inspiration for Scorecards’ logo: "You passed! All D's ... and an A!"
Automate analysis and trust decisions on the security posture of open source projects.
Use this data to proactively improve the security posture of the critical projects the world depends on.
Scorecards has been run on thousands of projects to monitor and track security metrics. Prominent projects that use Scorecards include:
We run a weekly Scorecards scan of the 1 million most critical open source projects judged by their direct dependencies and publish the results in a BigQuery public dataset.
This data is available in the public BigQuery dataset openssf:scorecardcron.scorecard-v2
. The latest results are available in the BigQuery view openssf:scorecardcron.scorecard-v2_latest
.
You can query the data using BigQuery Explorer by navigating to Add Data > Pin a Project > Enter Project Name > 'openssf'
You can extract the latest results to Google Cloud storage in JSON format using the bq
tool:
# Get the latest PARTITION_ID
bq query --nouse_legacy_sql 'SELECT partition_id FROM
openssf.scorecardcron.INFORMATION_SCHEMA.PARTITIONS WHERE table_name="scorecard-v2"
AND partition_id!="__NULL__" ORDER BY partition_id DESC
LIMIT 1'
# Extract to GCS
bq extract --destination_format=NEWLINE_DELIMITED_JSON
'openssf:scorecardcron.scorecard-v2$<partition_id>' gs://bucket-name/filename-*.json
The list of projects that are checked is available in the cron/data/projects.csv
file in this repository. If you would like us to track more, please feel free to send a Pull Request with others. Currently, this list is derived from projects hosted on GitHub ONLY. We do plan to expand them in near future to account for projects hosted on other source control systems.
The easiest way to use Scorecards on GitHub projects you own is with the Scorecards GitHub Action. The Action runs on any repository change and issues alerts that maintainers can view in the repository’s Security tab. For more information, see the Scorecards GitHub Action installation instructions.
To run a Scorecards scan on projects you do not own, use the command line interface installation option.
Platforms: Currently, Scorecards supports OSX and Linux platforms. If you are using a Windows OS you may experience issues. Contributions towards supporting Windows are welcome.
Language: You must have GoLang installed to run Scorecards (https://golang.org/doc/install)
Standalone
To install Scorecards as a standalone:
GOPATH/bin
directory (use go env GOPATH
to identify your directory if necessary)Using Homebrew
You can use Homebrew (on macOS or Linux) to install Scorecards.
brew install scorecard
Package Manager | Linux Distribution | Command |
---|---|---|
Nix | NixOS | nix-shell -p nixpkgs.scorecard |
AUR helper | Arch Linux | Use your AUR helper to install scorecard |
GitHub imposes api rate limits on unauthenticated requests. To avoid these limits, you must authenticate your requests before running Scorecard. There are two ways to authenticate your requests: either create a GitHub personal access token, or create a GitHub App Installation.
public_repo
scope. Set the token in an environment variable called GITHUB_AUTH_TOKEN
, GITHUB_TOKEN
, GH_AUTH_TOKEN
or GH_TOKEN
using the commands below according to your platform.# For posix platforms, e.g. linux, mac:
export GITHUB_AUTH_TOKEN=<your access token>
# Multiple tokens can be provided separated by comma to be utilized
# in a round robin fashion.
export GITHUB_AUTH_TOKEN=<your access token1>,<your access token2>
# For windows:
set GITHUB_AUTH_TOKEN=<your access token>
set GITHUB_AUTH_TOKEN=<your access token1>,<your access token2>
OR
set
or export
) shown above for your platform.GITHUB_APP_KEY_PATH=<path to the key file on disk>
GITHUB_APP_INSTALLATION_ID=<installation id>
GITHUB_APP_ID=<app id>
These variables can be obtained from the GitHub developer settings page.
Docker
scorecard
is available as a Docker container:
The GITHUB_AUTH_TOKEN
has to be set to a valid token
docker run -e GITHUB_AUTH_TOKEN=token gcr.io/openssf/scorecard:stable --show-details --repo=https://github.com/ossf/scorecard
To use a specific scorecards version (e.g., v3.2.1), run:
docker run -e GITHUB_AUTH_TOKEN=token gcr.io/openssf/scorecard:v3.2.1 --show-details --repo=https://github.com/ossf/scorecard
Using repository URL
Scorecards can run using just one argument, the URL of the target repo:
$ scorecard --repo=github.com/ossf-tests/scorecard-check-branch-protection-e2e
Starting [CII-Best-Practices]
Starting [Fuzzing]
Starting [Pinned-Dependencies]
Starting [CI-Tests]
Starting [Maintained]
Starting [Packaging]
Starting [SAST]
Starting [Dependency-Update-Tool]
Starting [Token-Permissions]
Starting [Security-Policy]
Starting [Signed-Releases]
Starting [Binary-Artifacts]
Starting [Branch-Protection]
Starting [Code-Review]
Starting [Contributors]
Starting [Vulnerabilities]
Finished [CI-Tests]
Finished [Maintained]
Finished [Packaging]
Finished [SAST]
Finished [Signed-Releases]
Finished [Binary-Artifacts]
Finished [Branch-Protection]
Finished [Code-Review]
Finished [Contributors]
Finished [Dependency-Update-Tool]
Finished [Token-Permissions]
Finished [Security-Policy]
Finished [Vulnerabilities]
Finished [CII-Best-Practices]
Finished [Fuzzing]
Finished [Pinned-Dependencies]
RESULTS
-------
Aggregate score: 7.9 / 10
Check scores:
|---------|------------------------|--------------------------------|---------------------------------------------------------------------------|
| SCORE | NAME | REASON | DOCUMENTATION/REMEDIATION |
|---------|------------------------|--------------------------------|---------------------------------------------------------------------------|
| 10 / 10 | Binary-Artifacts | no binaries found in the repo | github.com/ossf/scorecard/blob/main/docs/checks.md#binary-artifacts |
|---------|------------------------|--------------------------------|---------------------------------------------------------------------------|
| 9 / 10 | Branch-Protection | branch protection is not | github.com/ossf/scorecard/blob/main/docs/checks.md#branch-protection |
| | | maximal on development and all | |
| | | release branches | |
|---------|------------------------|--------------------------------|---------------------------------------------------------------------------|
| ? | CI-Tests | no pull request found | github.com/ossf/scorecard/blob/main/docs/checks.md#ci-tests |
|---------|------------------------|--------------------------------|---------------------------------------------------------------------------|
| 0 / 10 | CII-Best-Practices | no badge found | github.com/ossf/scorecard/blob/main/docs/checks.md#cii-best-practices |
|---------|------------------------|--------------------------------|---------------------------------------------------------------------------|
| 10 / 10 | Code-Review | branch protection for default | github.com/ossf/scorecard/blob/main/docs/checks.md#code-review |
| | | branch is enabled | |
|---------|------------------------|--------------------------------|---------------------------------------------------------------------------|
| 0 / 10 | Contributors | 0 different companies found -- | github.com/ossf/scorecard/blob/main/docs/checks.md#contributors |
| | | score normalized to 0 | |
|---------|------------------------|--------------------------------|---------------------------------------------------------------------------|
| 0 / 10 | Dependency-Update-Tool | no update tool detected | github.com/ossf/scorecard/blob/main/docs/checks.md#dependency-update-tool |
|---------|------------------------|--------------------------------|---------------------------------------------------------------------------|
| 0 / 10 | Fuzzing | project is not fuzzed in | github.com/ossf/scorecard/blob/main/docs/checks.md#fuzzing |
| | | OSS-Fuzz | |
|---------|------------------------|--------------------------------|---------------------------------------------------------------------------|
| 1 / 10 | Maintained | 2 commit(s) found in the last | github.com/ossf/scorecard/blob/main/docs/checks.md#maintained |
| | | 90 days -- score normalized to | |
| | | 1 | |
|---------|------------------------|--------------------------------|---------------------------------------------------------------------------|
| ? | Packaging | no published package detected | github.com/ossf/scorecard/blob/main/docs/checks.md#packaging |
|---------|------------------------|--------------------------------|---------------------------------------------------------------------------|
| 8 / 10 | Pinned-Dependencies | unpinned dependencies detected | github.com/ossf/scorecard/blob/main/docs/checks.md#pinned-dependencies |
| | | -- score normalized to 8 | |
|---------|------------------------|--------------------------------|---------------------------------------------------------------------------|
| 0 / 10 | SAST | no SAST tool detected | github.com/ossf/scorecard/blob/main/docs/checks.md#sast |
|---------|------------------------|--------------------------------|---------------------------------------------------------------------------|
| 0 / 10 | Security-Policy | security policy file not | github.com/ossf/scorecard/blob/main/docs/checks.md#security-policy |
| | | detected | |
|---------|------------------------|--------------------------------|---------------------------------------------------------------------------|
| ? | Signed-Releases | no releases found | github.com/ossf/scorecard/blob/main/docs/checks.md#signed-releases |
|---------|------------------------|--------------------------------|---------------------------------------------------------------------------|
| 10 / 10 | Token-Permissions | tokens are read-only in GitHub | github.com/ossf/scorecard/blob/main/docs/checks.md#token-permissions |
| | | workflows | |
|---------|------------------------|--------------------------------|---------------------------------------------------------------------------|
| 10 / 10 | Vulnerabilities | no vulnerabilities detected | github.com/ossf/scorecard/blob/main/docs/checks.md#vulnerabilities |
|---------|------------------------|--------------------------------|---------------------------------------------------------------------------|
Scoring
Each individual check returns a score of 0 to 10, with 10 representing the best possible score. Scorecards also produces an aggregate score, which is a weight-based average of the individual checks weighted by risk.
See the list of current Scorecards checks for each check's risk level.
Showing Detailed Results
For more details about why a check fails, use the --show-details
option:
./scorecard --repo=github.com/ossf-tests/scorecard-check-branch-protection-e2e --checks Branch-Protection --show-details
Starting [Pinned-Dependencies]
Finished [Pinned-Dependencies]
RESULTS
-------
|---------|------------------------|--------------------------------|--------------------------------|---------------------------------------------------------------------------|
| SCORE | NAME | REASON | DETAILS | DOCUMENTATION/REMEDIATION |
|---------|------------------------|--------------------------------|--------------------------------|---------------------------------------------------------------------------|
| 9 / 10 | Branch-Protection | branch protection is not | Info: 'force pushes' disabled | github.com/ossf/scorecard/blob/main/docs/checks.md#branch-protection |
| | | maximal on development and all | on branch 'main' Info: 'allow | |
| | | release branches | deletion' disabled on branch | |
| | | | 'main' Info: linear history | |
| | | | enabled on branch 'main' Info: | |
| | | | strict status check enabled | |
| | | | on branch 'main' Warn: status | |
| | | | checks for merging have no | |
| | | | specific status to check on | |
| | | | branch 'main' Info: number | |
| | | | of required reviewers is 2 | |
| | | | on branch 'main' Info: Stale | |
| | | | review dismissal enabled on | |
| | | | branch 'main' Info: Owner | |
| | | | review required on branch | |
| | | | 'main' Info: 'admininistrator' | |
| | | | PRs need reviews before being | |
| | | | merged on branch 'main' | |
|---------|------------------------|--------------------------------|--------------------------------|---------------------------------------------------------------------------|
Using a Package manager
For projects in the --npm
, --pypi
, or --rubygems
ecosystems, you have the option to run Scorecards using a package manager. Provide the package name to run the checks on the corresponding GitHub source code.
For example, --npm=angular
.
Running specific checks
To run only specific check(s), add the --checks
argument with a list of check names.
For example, --checks=CI-Tests,Code-Review
.
Formatting Results
There are three formats currently: default
, json
, and csv
. Others may be added in the future.
These may be specified with the --format
flag. For example, --format=json
.
If you have what looks like a bug, please use the Github issue tracking system. Before you file an issue, please search existing issues to see if your issue is already covered.
The following checks are all run against the target project by default:
Name | Description | Risk Level | Token Required | Note |
---|---|---|---|---|
Binary-Artifacts | Is the project free of checked-in binaries? | High | PAT, GITHUB_TOKEN | |
Branch-Protection | Does the project use Branch Protection ? | High | PAT (repo or repo> public_repo ), GITHUB_TOKEN | certain settings are only supported with a maintainer PAT |
CI-Tests | Does the project run tests in CI, e.g. GitHub Actions, Prow? | Low | PAT, GITHUB_TOKEN | |
CII-Best-Practices | Does the project have a CII Best Practices Badge? | Low | PAT, GITHUB_TOKEN | |
Code-Review | Does the project require code review before code is merged? | High | PAT, GITHUB_TOKEN | |
Contributors | Does the project have contributors from at least two different organizations? | Low | PAT, GITHUB_TOKEN | |
Dangerous-Workflow | Does the project avoid dangerous coding patterns in GitHub Action workflows? | Critical | PAT, GITHUB_TOKEN | |
Dependency-Update-Tool | Does the project use tools to help update its dependencies? | High | PAT, GITHUB_TOKEN | |
Fuzzing | Does the project use fuzzing tools, e.g. OSS-Fuzz? | Medium | PAT, GITHUB_TOKEN | |
License | Does the project declare a license? | Low | PAT, GITHUB_TOKEN | |
Maintained | Is the project maintained? | High | PAT, GITHUB_TOKEN | |
Pinned-Dependencies | Does the project declare and pin dependencies? | Medium | PAT, GITHUB_TOKEN | |
Packaging | Does the project build and publish official packages from CI/CD, e.g. GitHub Publishing ? | Medium | PAT, GITHUB_TOKEN | |
SAST | Does the project use static code analysis tools, e.g. CodeQL, LGTM, SonarCloud? | Medium | PAT, GITHUB_TOKEN | |
Security-Policy | Does the project contain a security policy? | Medium | PAT, GITHUB_TOKEN | |
Signed-Releases | Does the project cryptographically sign releases? | High | PAT, GITHUB_TOKEN | |
Token-Permissions | Does the project declare GitHub workflow tokens as read only? | High | PAT, GITHUB_TOKEN | |
Vulnerabilities | Does the project have unfixed vulnerabilities? Uses the OSV service. | High | PAT, GITHUB_TOKEN | |
Webhooks | Does the project have unfixed vulnerabilities? Uses the OSV service. | High | maintainer PAT (admin: repo_hook or admin> read:repo_hook doc | EXPERIMENTAL |
To see detailed information about each check, its scoring criteria, and remediation steps, check out the checks documentation page.
Before contributing, please follow our Code of Conduct.
See the Contributing documentation for guidance on how to contribute to the project.
If you'd like to add a check, please see guidance here.
If you want to get involved in the Scorecards community or have ideas you'd like to chat about, we discuss this project in the OSSF Best Practices Working Group meetings.
Artifact | Link |
---|---|
Scorecard Dev Forum | ossf-scorecard-dev@ |
Scorecard Announcements Forum | ossf-scorecard-announce@ |
Community Meeting VC | Link to z o o m meeting |
Community Meeting Calendar | Biweekly Thursdays, 1:00pm-2:00pm PST Calendar |
Meeting Notes | Notes |
Slack Channel | #security_scorecards |
Author: ossf
Source Code: https://github.com/ossf/scorecard
License: Apache-2.0 license
1652904000
Fontsource for Flutter
Easily add Fontsource fonts to your flutter app. Also includes a dart interface for the Fontsource API.
To start, create a config in either your pubspec.yaml
file under the fontsource
key or in the fontsource.yaml
file.
include: [my-package] # Defaults to all
fonts:
alex-brush: # This can be any font id
version: 4.5.3 # Defaults to latest
subsets: [latin, latin-ext] # Defaults to all
weights: [400] # Defaults to all
styles: [normal] # Defaults to all
The config will tell fontsource
what to download and bundle into your flutter app. To ensure everything is downloaded, execute dart run fontsource
after your config is modified. Also make sure to run it whenever your repository is cloned. This will generate a local package in the .fontsource
directory.
You can then import the fontsource
package:
import 'package:fontsource/fontsource.dart';
Use the FontsourceTextStyle
class to use a Fontsource font:
const Text(
'Hello world!',
style: FontsourceTextStyle(fontFamily: 'Alex Brush', fontSize: 30),
),
FontsourceTextStyle
extends the TextStyle
class, so any styling properties can be used to change the way the text looks.
To use this in a package, add a configuration like normal, but don't run the fontsource cli.
Packages with a fontsource configuration will automatically be included. To manually specify what packages should be scanned, provide an include
key with a list of package names to scan.
The Fontsource API also has a dart interface that can be accessed through fontsource/api.dart
.
You can install the package from the command line:
dart pub global activate fontsource
The package has the following executables:
$ fontsource
Run this command:
With Flutter:
$ flutter pub add fontsource
This will add a line like this to your package's pubspec.yaml (and run an implicit flutter pub get
):
dependencies:
fontsource: ^0.3.0
Alternatively, your editor might support flutter pub get
. Check the docs for your editor to learn more.
Now in your Dart code, you can use:
import 'package:fontsource/fontsource.dart';
example/lib/main.dart
import 'package:flutter/material.dart';
import 'package:fontsource/fontsource.dart';
void main() {
runApp(const MyApp());
}
class MyApp extends StatelessWidget {
const MyApp({Key? key}) : super(key: key);
@override
Widget build(BuildContext context) {
return MaterialApp(
home: Scaffold(
body: Center(
child: Column(
mainAxisAlignment: MainAxisAlignment.center,
children: const <Widget>[
Text(
'Sphinx of black quartz, judge my vow.',
style:
FontsourceTextStyle(fontFamily: 'Alex Brush', fontSize: 40),
),
],
),
),
),
);
}
}
Author: Fontsource
Source Code: https://github.com/fontsource/fontsource-flutter
License: MIT license
1652721060
Uppy is a sleek, modular JavaScript file uploader that integrates seamlessly with any application. It’s fast, has a comprehensible API and lets you worry about more important problems than building a file uploader.
Uppy is being developed by the folks at Transloadit, a versatile file encoding service.
Code used in the above example:
import Uppy from '@uppy/core'
import Dashboard from '@uppy/dashboard'
import GoogleDrive from '@uppy/google-drive'
import Instagram from '@uppy/instagram'
import Webcam from '@uppy/webcam'
import Tus from '@uppy/tus'
const uppy = new Uppy({ autoProceed: false })
.use(Dashboard, { trigger: '#select-files' })
.use(GoogleDrive, { target: Dashboard, companionUrl: 'https://companion.uppy.io' })
.use(Instagram, { target: Dashboard, companionUrl: 'https://companion.uppy.io' })
.use(Webcam, { target: Dashboard })
.use(Tus, { endpoint: 'https://tusd.tusdemo.net/files/' })
.on('complete', (result) => {
console.log('Upload result:', result)
})
Try it online or read the docs for more details on how to use Uppy and its plugins.
$ npm install @uppy/core @uppy/dashboard @uppy/tus
We recommend installing from npm and then using a module bundler such as Webpack, Browserify or Rollup.js.
Add CSS uppy.min.css, either to your HTML page’s <head>
or include in JS, if your bundler of choice supports it — transforms and plugins are available for Browserify and Webpack.
Alternatively, you can also use a pre-built bundle from Transloadit’s CDN: Edgly. In that case Uppy
will attach itself to the global window.Uppy
object.
⚠️ The bundle consists of most Uppy plugins, so this method is not recommended for production, as your users will have to download all plugins when you are likely using only a few.
<!-- 1. Add CSS to `<head>` -->
<link href="https://releases.transloadit.com/uppy/v2.10.0/uppy.min.css" rel="stylesheet">
<!-- 2. Add JS before the closing `</body>` -->
<script src="https://releases.transloadit.com/uppy/v2.10.0/uppy.min.js"></script>
<!-- 3. Initialize -->
<div class="UppyDragDrop"></div>
<script>
var uppy = new Uppy.Core()
uppy.use(Uppy.DragDrop, { target: '.UppyDragDrop' })
uppy.use(Uppy.Tus, { endpoint: '//tusd.tusdemo.net/files/' })
</script>
List of plugins and their common options
Dashboard
— universal UI with previews, progress bars, metadata editor and all the cool stuff. Required for most UI plugins like Webcam and InstagramProgress Bar
— minimal progress bar that fills itself when upload progressesStatus Bar
— more detailed progress, pause/resume/cancel buttons, percentage, speed, uploaded/total sizes (included by default with Dashboard
)Informer
— send notifications like “smile” before taking a selfie or “upload failed” when all is lost (also included by default with Dashboard
)Drag & Drop
— plain drag and drop areaFile Input
— even plainer “select files” buttonWebcam
— snap and record those selfies 📷Google Drive
— import files from Google DriveDropbox
— import files from DropboxBox
— import files from BoxInstagram
— import images and videos from InstagramFacebook
— import images and videos from FacebookOneDrive
— import files from Microsoft OneDriveImport From URL
— import direct URLs from anywhere on the webThe ⓒ mark means that @uppy/companion
, a server-side component, is needed for a plugin to work.
Tus
— resumable uploads via the open tus standardXHR Upload
— regular uploads for any backend out there (like Apache, Nginx)AWS S3
— plain upload to AWS S3 or compatible servicesAWS S3 Multipart
— S3-style “Multipart” upload to AWS or compatible servicesRobodog
— user friendly abstraction to do file processing with TransloaditTransloadit
— support for Transloadit’s robust file uploading and encoding backendGolden Retriever
— restores files after a browser crash, like it’s nothingThumbnail Generator
— generates image previews (included by default with Dashboard
)Form
— collects metadata from <form>
right before an Uppy upload, then optionally appends results back to the formRedux
— for your emerging time traveling needsWe aim to support recent versions of Chrome, Firefox, Safari and Edge.
We still provide a bundle which should work on IE11, but we are not running tests on it.
Here’s a list of polyfills you’ll need to include to make Uppy work in older browsers, such as IE11:
If you’re using a bundler, you need import them before Uppy:
import 'core-js'
import 'whatwg-fetch'
import 'abortcontroller-polyfill/dist/polyfill-patch-fetch'
// Order matters: AbortController needs fetch which needs Promise (provided by core-js).
import 'md-gum-polyfill'
import ResizeObserver from 'resize-observer-polyfill'
window.ResizeObserver ??= ResizeObserver
export { default } from '@uppy/core'
export * from '@uppy/core'
If you’re using Uppy from CDN, those polyfills are already included in the legacy bundle, so no need to include anything additionally:
<script src="https://releases.transloadit.com/uppy/v2.10.0/uppy.legacy.min.js"></script>
<input type="file">
?Having no JavaScript beats having a lot of it, so that’s a fair question! Running an uploading & encoding business for ten years though we found that in cases, the file input leaves some to be desired:
Not all apps need all these features. An <input type="file">
is fine in many situations. But these were a few things that our customers hit / asked about enough to spark us to develop Uppy.
Transloadit’s team is small and we have a shared ambition to make a living from open source. By giving away projects like tus.io and Uppy, we’re hoping to advance the state of the art, make life a tiny little bit better for everyone and in doing so have rewarding jobs and get some eyes on our commercial service: a content ingestion & processing platform.
Our thinking is that if only a fraction of our open source userbase can see the appeal of hosted versions straight from the source, that could already be enough to sustain our work. So far this is working out! We’re able to dedicate 80% of our time to open source and haven’t gone bankrupt yet. :D
Yep, we have Uppy React components, please see Uppy React docs.
Yes, please check out the docs for more information.
Yes, whatever you want on the backend will work with @uppy/xhr-upload
plugin, since it only does a POST
or PUT
request. Here’s a PHP backend example.
If you want resumability with the Tus plugin, use one of the tus server implementations 👌🏼
And you’ll need @uppy/companion
if you’d like your users to be able to pick files from Instagram, Google Drive, Dropbox or via direct URLs (with more services coming).
.github/CONTRIBUTING.md
CHANGELOG.md
Uppy is used by: Photobox, Issuu, Law Insider, Cool Tabs, Soundoff, Scrumi, Crive and others.
Use Uppy in your project? Let us know!
Tests | |||
Deploys |
Author: Transloadit
Source Code: https://github.com/transloadit/uppy
License: MIT license
1652475060
A dart package for stream duration, support countdown, countup, and countup infinity.
import 'package:stream_duration/stream_duration.dart';
void main() {
/// Countdown
var streamDuration = StreamDuration(Duration(seconds: 10), onDone: () {
print('Stream Done 👍');
});
streamDuration.durationLeft.listen((event) {
print(event.inSeconds);
});
}
import 'package:stream_duration/stream_duration.dart';
void main() {
/// Countup
var streamDurationUp = StreamDuration(Duration(seconds: 10), onDone: () {
print('Stream Done 👍');
}, countUp: true);
streamDurationUp.durationLeft.listen((event) {
print(event.inSeconds);
});
}
import 'package:stream_duration/stream_duration.dart';
void main() {
/// Countup Infinity
var streamDurationUpInfinity =
StreamDuration(Duration(seconds: 10), countUp: true, infinity: true);
streamDurationUpInfinity.durationLeft.listen((event) {
print(event.inSeconds);
});
}
Run this command:
With Dart:
$ dart pub add stream_duration
With Flutter:
$ flutter pub add stream_duration
This will add a line like this to your package's pubspec.yaml (and run an implicit dart pub get
):
dependencies:
stream_duration: ^2.0.3
Alternatively, your editor might support dart pub get
or flutter pub get
. Check the docs for your editor to learn more.
Now in your Dart code, you can use:
import 'package:stream_duration/stream_duration.dart';
example/example.dart
import 'package:stream_duration/stream_duration.dart';
void main() {
/// Countdown
var streamDuration = StreamDuration(
const Duration(seconds: 5),
onDone: () {
print('Stream Done 👍');
},
);
streamDuration.changeDuration(const Duration(seconds: 10));
streamDuration.durationLeft.listen((duration) {
print('Duration $duration');
});
// /// Countup
// var streamDurationUp = StreamDuration(Duration(seconds: 10), onDone: () {
// print('Stream Done 👍');
// }, countUp: true);
// streamDurationUp.durationLeft.listen((event) {
// print(event.inSeconds);
// });
// /// Countup Infinity
// var streamDurationUpInfinity =
// StreamDuration(Duration(seconds: 10), countUp: true, infinity: true);
// streamDurationUpInfinity.durationLeft.listen((event) {
// print(event.inSeconds);
// });
}
Author: Farhanfadila1717
Source Code: https://github.com/farhanfadila1717/stream_duration
License: MIT license
1652360844
Are you looking for some of the best free VueJS admin dashboard templates? Look! In this blog, we give you a list of the best of them from 2022.
Admin dashboards are advantageous to any company. A Vue dashboard allows you to easily see how your company is performing. You may, for example, easily monitor and measure performance and metrics in real-time. Furthermore, it will help you build your business without spending time.
These new free templates include the ability to configure your dashboard. With all of the necessities. So, instead of wasting time creating your own, check out these free ones and get started on your next out-of-the-box admin dashboard.
Read more… 👇😊
#vue #vuejs #admin #templates #dashboard #opensource #GitHub
1652292900
ThreatMapper 1.3.0 adds Secret Scanning, SBOM generation, updated Vulnerability Scanning and a more detailed Attack Path visualization.
ThreatMapper - Runtime Vulnerability Management and Attack Path Enumeration for Cloud Native
Deepfence ThreatMapper hunts for vulnerabilities in your production platforms, and ranks these vulnerabilities based on their risk-of-exploit. You can then prioritize the issues that present the greatest risk to the security of your applications - read more.
See ThreatMapper running with a live demo.
Getting Started with ThreatMapper
The ThreatMapper console can be deployed on a single docker host or in a Kubernetes cluster.
ThreatMapper then monitors your development or production workloads using Sensor Agents. The sensors can be deployed on a wide range of platforms - Kubernetes, Docker, Fargate, Bare-Metal and Virtual Machines. Check the prerequisites before you proceed.
Installing the management console on a Docker host (4 cores, 16Gb) is as straightforward as:
sudo sysctl -w vm.max_map_count=262144 # see https://www.elastic.co/guide/en/elasticsearch/reference/current/vm-max-map-count.html
wget https://github.com/deepfence/ThreatMapper/raw/master/deployment-scripts/docker-compose.yml
docker-compose -f docker-compose.yml up --detach
Once docker-compose
has detached, allow 30 seconds or so for the console to complete its startup. Note that the console uses an untrusted self-signed TLS key by default (how to fix).
Installation on Kubernetes is performed with a Helm Chart:
# Install OpenEBS, and wait for it to start up
kubectl create ns openebs
helm install openebs --namespace openebs --repo "https://openebs.github.io/charts" openebs --set analytics.enabled=false
kubectl get pods -o wide --namespace openebs -w
# Install the Kubernetes metrics service (if not already installed)
kubectl apply -f https://github.com/kubernetes-sigs/metrics-server/releases/download/v0.6.1/components.yaml
# Configure the Deepfence ThreatMapper Helm Chart
helm repo add deepfence https://deepfence-helm-charts.s3.amazonaws.com/threatmapper
# Install the ThreatMapper console and wait for the pods to start up
helm install deepfence-console deepfence/deepfence-console
kubectl get pods -o wide -w
# Optionally, install the Deepfence Router service and wait for the platform to deploy a load balancer
helm install deepfence-router deepfence/deepfence-router
kubectl get --namespace default svc -w deepfence-router
More details are in the ThreatMapper documentation.
Once the Management Console is up and running, you can register an admin account and obtain an API key.
When the console first starts up, it will begin to acquire the Threat Intel feed data; this usually takes a few minutes, but can take up to an hour. You can install sensors and browse the topology of your applications, but you will not be able to perform vulnerability scans until the threat feeds have been fully acquired.
Install the sensors on your production or development platforms. The sensors report to the Management Console; they tell it what services they discover, provide telemetry and generate manifests of software dependencies.
The following production platforms are supported by ThreatMapper sensors:
For example, run the following command to start the ThreatMapper sensor on the Docker host:
docker run -dit --cpus=".2" --name=deepfence-agent --restart on-failure --pid=host --net=host \
--privileged=true -v /sys/kernel/debug:/sys/kernel/debug:rw -v /var/log/fenced \
-v /var/run/docker.sock:/var/run/docker.sock -v /:/fenced/mnt/host/:ro \
-e USER_DEFINED_TAGS="" -e MGMT_CONSOLE_URL="---CONSOLE-IP---" -e MGMT_CONSOLE_PORT="443" \
-e DEEPFENCE_KEY="---DEEPFENCE-API-KEY---" \
deepfenceio/deepfence_agent_ce:latest
On a Kubernetes platform, the sensors are installed using a Helm chart:
helm repo add deepfence https://deepfence-helm-charts.s3.amazonaws.com/threatmapper
helm install deepfence-agent deepfence/deepfence-agent \
--set managementConsoleUrl=---CONSOLE-IP--- \
--set deepfenceKey=---DEEPFENCE-API-KEY---
Once the sensor agents have been installed, you can begin to explore the topology of your infrastructure and applications.
Subsequently, when the threat feeds have been acquired, you'll see a message on Admin User: Settings -> Diagnosis. You can begin with your first Production Vulnerability Scan.
Check out the Deepfence ThreatMapper wiki for how to get started with using Deepfence ThreatMapper.
Get in touch
Thank you for using ThreatMapper. Please feel welcome to participate in the ThreatMapper Community.
Security and Support
For any security-related issues in the ThreatMapper project, contact productsecurity at deepfence dot io.
Please file GitHub issues as needed, and join the Deepfence Community Slack channel.
License
The Deepfence ThreatMapper project (this repository) is offered under the Apache2 license.
Contributions to Deepfence ThreatMapper project are similarly accepted under the Apache2 license, as per GitHub's inbound=outbound policy.
Author: deepfence
Source Code: https://github.com/deepfence/ThreatMapper
License: Apache-2.0 License