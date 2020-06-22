Existing versions of Git are capable of working with any branch name; there's nothing special about ‘master’ except that it has historically been the name used for the first branch when creating a new repository from scratch (with the git init command). Thus many projects use it to represent the primary line of development. We support and encourage projects to switch to branch names that are meaningful and inclusive, and we'll be adding features to Git to make it even easier to use a different default for new projects.

In part 1 of this 2-part series I showed how to use POSIX equivalence classes in searching and replacing. But what does "equivalence" actually mean? It's complicated, but equivalence classes based on Unicode are derived mainly from the script in which the characters appear, not by the appearance of the characters.

Strapi is a cross between a content management system (CMS) and a Node.js framework. With this headless tool running in your data center, you'll save weeks of API development time. Strapi offers only the basic functionalities for managing content and users, while allowing you to manage and share that content via REST or GraphQL.

JavaScript (also known as JS) is the lingua franca of the web, as it is supported by all the major web browsers—the other languages that run in browsers are transpiled (or translated) to JavaScript. Sometimes JS can be confusing, but I find it pleasant to use because I try to stick to the good parts. JavaScript was created to run in a browser, but it can also be used in other contexts, such as an embedded language or for server-side applications. In this tutorial, I will explain how to write a program that will run in Node.js, which is a runtime environment that can execute JavaScript applications. What I like the most about Node.js is its event-driven architecture for asynchronous programming. With this approach, functions (aka callbacks) can be attached to certain events; when the attached event occurs, the callback executes. This way, the developer does not have to write a main loop because the runtime takes care of that.

In our previous post we discussed about how Rust can be a great language for embedded programming. In this article, we'll explain an easy way to setup to cross build Rust code depending on system libraries, a common requirement when working on embedded systems.

Macros in Rust tend to have a reputation for being complex and magical, the likes which only seasoned wizards like @dtolnay can hope to understand, let alone master. Rust’s declarative macros provide a mechanism for pattern matching on arbitrary syntax to generate valid Rust code at compile time. I use them all the time for simple search/replace style operations like generating tests that have a lot of boilerplate, or straightforward trait implementations for a large number of types.

A blog post titled, "Diving into Go by Building a CLI Application" has been making it's rounds of the internet. It uses a small XKCD downloader as the subject. I thought was small and self contained enough, that it'd be interesting to see the same example in Rust!

I have some thoughts on the use of Rust for data-intensive computations. Specifically, I’ve found several of Rust’s key idioms line up very well with the performance and correctness needs of data-intensive computing.

Hi every one, So after 3 weeks my PR finally got merged now tern have html feature up and running. I had some quizzes at the start of week so it was a very busy start of the week.

Application developers are always working with files. You create them whenever you write a new script or application. You write reports in Microsoft Word, you save emails or download books or music. Files are everywhere. Your web browser downloads lots of little files to make your browsing experience faster. When you write programs, you have to interact with pre-existing files or write out files yourself. Python provides a nice, built-in function called open() that can help you with these tasks.

We explain how these pillars were improved. Therefor we show the reasons for the chosen CRC concept of having both a header CRC and a frame CRC in a CAN XL frame. Further, we introduce the available format checks in CAN XL. Finally, we show systematically how the CAN XL error detection mechanisms master to detect the three error types. A deep dive into the properties and strengths of the used CRC polynomials is given in [9].

CAN XL offers data-rates and payload sizes that are many times higher than in Classical CAN and CAN FD [1], [2]. Error detection is a crucial functionality provided by communication protocols. A receiving node has to be able to judge if a frame was received with or without errors. Autonomous driving and other safety relevant applications require that frame errors are detected with a very high probability. The acceptance of an erroneous frame should be practically impossible. This article first introduces the three CAN error types known in literature that might occur in a frame in harsh environments: (1) bit error, (2) bit drop and bit insertion, (3) burst errors. The two main pillars of the CAN error detection mechanism are: (A) the cyclic redundancy code (CRC) check and (B) the format checks. Both pillars are strengthened during the currently ongoing specification of CAN XL, to fit to tomorrow’s applications.

PeaZip is an open source file and archive manager. It's freeware and free of charge for any use. PeaZip can extract most of archive formats both from Windows and Unix worlds, ranging from mainstream 7Z, RAR, TAR and ZIP to experimental ones like PAQ/LPAQ family, currently the most powerful compressor available. Open and extract 180+ archive formats: 001, 7Z, ACE(*), ARC, ARJ, BZ2, CAB, DMG, GZ, ISO, LHA, PAQ, PEA, RAR, TAR, UDF, WIM, XZ, ZIP ZIPX - view full list of supported archive file formats for archiving and for extraction.

Like many, you might think of Redis as only a cache. That point of view is out of date. Essentially, Redis is a NoSQL in-memory data structure store that can persist on disk. It can function as a database, a cache, and a message broker. Redis has built-in replication, Lua scripting, LRU eviction, transactions, and different levels of on-disk persistence. It provides high availability via Redis Sentinel and automatic partitioning with Redis Cluster. The core Redis data model is key-value, but many different kinds of values are supported: Strings, Lists, Sets, Sorted Sets, Hashes, Streams, HyperLogLogs, and Bitmaps. Redis also supports geospatial indexes with radius queries and streams. [ ALSO ON INFOWORLD: HOW REDIS SCRATCHED AND ITCH — AND CHANGED DATABASES FOREVER ] To open source Redis, Redis Enterprise adds features for additional speed, reliability, and flexibility, as well as a cloud database as a service. Redis Enterprise scales linearly to hundreds of millions of operations per second, has active-active global distribution with local latency, offers Redis on Flash to support large datasets at the infrastructure cost of a disk-based database, and provides 99.999% uptime based on built-in durability and single-digit-seconds failover.

Firefox Relay is a smart, easy solution that can preserve the privacy of your email address, much like a post office box for your physical address. When a form requires your email address, but you’d rather not share it, Firefox Relay can help. Click the relay button to give an alias instead. Firefox Relay will forward emails from the alias to your real inbox, keeping your actual email address hidden. Firefox Relay is currently in the experimental, closed beta phase, and it’s free for now. If you’re an early adopter who likes to test new products, sign up for an invitation to give it a try. Why bother? Email addresses are a hot commodity, and with good reason. Most people have only one or two email addresses, yet they have dozens, if not hundreds, of online accounts connected to them. Your email address is a unique identifier — after all, you’re the only one with it. And that means a good deal of data is associated with it, making your email address a desirable target.

It's no secret that I want a Python implementation for WebAssembly. It would not only get Python into the browser, but with the fact that both iOS and Android support running JavaScript as part of an app it would also get Python on to mobile. That all excites me. But when thinking about the daunting task of creating a new implementation of Python, my brain also began asking the question of what exactly is Python? We have lived with CPython for so long that I suspect most of us simply think that "Python == CPython". PyPy tries to be so compatible that they will implement implementation details of CPython. Basically most implementations of Python that I know of strive to pass CPython's test suite and to be as compatible with CPython as possible. That's daunting. Python as implemented by CPython is very dynamic and exposes many things that only make sense if you implement Python using an interpreter somehow. For instance, PyPy has a baseline interpreter that they JIT from, but there are many things you can use in Python which force PyPy to turn off the JIT and stick with bytecode. The REPL alone makes things very dynamic as everything you enter into the REPL is dynamically parsed, compiled, and executed by the interpreter right then and there. That has led me to contemplate the question of what exactly is Python? What is the core of the language that makes it what it is? What baseline would all Python implementations need to cover in order to truly be able to call themselves an implementation of Python that people would still recognize? Or from my perspective, how much would one have to implement to compile Python directly to WebAssembly and still be considered a Python implementation?

Everyone loves to meet in person, share ideas, work on the software and have a good time. Of course, “real life” meetings have been difficult in the last few months, so many communities in the LibreOffice project have chosen to go online.

The LibreOffice Documentation Team announces the release of the LibreOffice Calc Guide 6.4, the complete handbook for the spreadsheet tool of LibreOffice. The guide was updated from the existing release 6.2 and include all the improvements developed since then.

FUD and Security Leftovers APT groups’ mobile momentum finally faces resistance The cyber defence industry is finally turning its attentions toward mobile devices as Covid-19 shines a light on remote working trends and strains. Unfortunately, they’re already 10 years behind the world’s most elite Advanced Persistent Threat (APT) contingent. While this period of lockdown, working from home, and siloed digital infrastructures have undoubtedly caught the eye of the most sophisticated – often state-run – hacking operations, it would be a mistake to think that such a focus is only just taking off.

Open Source Success: Let’s Encrypt Let’s Encrypt is a project that, although you might not think about it often, plays a huge role in securing the websites that you use every day – including our own FOSSlife. In this article, as part of our open source success series, we’ll look at the history and impressive achievements of the Let’s Encrypt project. Briefly, Let’s Encrypt is a free, automated, global certificate authority (CA) providing TLS certificates to 200 million websites. This service allows organizations to obtain, renew, and manage SSL/TLS certificates and thus enable secure HTTPS connections. According to the project website, their mission is “to create a more secure and privacy-respecting Web by promoting the widespread adoption of HTTPS.” That rate of adoption has been nothing short of phenomenal. In February of 2020, the organization marked a major milestone, issuing one billion total certificates. Additionally, back in June of 2017, approximately 58 percent of page loads used HTTPS globally (with 64 percent in the United States). In 2020, according to the announcement, 81 percent of page loads used HTTPS globally (with 91 percent in the US). “This is an incredible achievement. That’s a lot more privacy and security for everybody,” the announcement state

Hijacking DLLs in Windows First of all, let’s get the definition out of the way. DLL hijacking is, in the broadest sense, tricking a legitimate/trusted application into loading an arbitrary DLL. Terms such as DLL Search Order Hijacking, DLL Load Order Hijacking, DLL Spoofing, DLL Injection and DLL Side-Loading are often -mistakenly- used to say the same. At best such terms describe specific cases of DLL hijacking, but are often used interchangeably and therefore incorrectly. As an umbrella term, DLL hijacking is more accurate, as DLL hijacking always involves a DLL taking over from a legitimate DLL. Attackers have been seen to use DLL hijacking in different ways and for different reasons. Motives include execution (executing malicious code through a trusted executable may be less likely to set off alarm bells, and in some cases even bypasses application whitelist features such as AppLocker [1]), obtaining persistence (if the target application is pre-installed and runs regularly, so will the malicious code) and privilege escalation (if the target application runs under elevated permissions, so will the malicious code). There is a variety of approaches to choose from, with success depending on how the application is configured to load its required DLLs. Possible approaches include: [...]

Top European official warns China against targeting hospitals with cyberattacks [iophk: Windows kills] While China has not been implicated in many of these attacks, it is regarded by experts as one of the most dangerous nation-states in cyberspace, alongside Russia, North Korea and Iran.

Matthew Garrett: Making my doorbell work [Ed: "The future is wonderful," says Google's Matthew Garrett about installing listening devices connected to Google even outside his own home] So. Someone pushes the doorbell. That sends a signal to a machine that's bridged onto that network via an access point. That machine then sends a protobuf command to speakers on a separate network, asking them to stream a sample it's providing. Those speakers call back to that machine, grab the sample and play it. At this point, multiple speakers in the house say "Someone is at the door". I then say "Hey Google, activate the front gate" - the device I'm closest to picks this up and sends it to Google, where something turns my speech back into text. It then looks at my home structure data and realises that the "Front Gate" device is associated with my Home Assistant integration. It then calls out to the home automation machine that received the notification in the first place, asking it to trigger the front gate relay. That device calls out to the Doorbird and asks it to open the gate. And now I have functionality equivalent to a doorbell that completes a circuit and rings a bell inside my home, and a button inside my home that completes a circuit and opens the gate, except it involves two networks inside my building, callouts to the cloud, at least 7 devices inside my home that are running Linux and I really don't want to know how many computational cycles.

Feds aim to bolster data encryption practices for .gov websites GSA officials want that HTTP Strict Transport Security functionality enabled automatically for federal websites.

U.S. Pushes for HTTPS on .gov Domains One of the additional features adopted to further enhance the security of users was HTTP Strict Transport Security (HSTS), which ensures that browsers always enforce an HTTPS connection to a website. The issue with HSTS is that it does not offer protection on the first connection to a website, unless the domain has been included in the HSTS preload list, which tells the browser to get HSTS enabled automatically. On Monday, the U.S. government's DotGov Program, which operates the .gov TLD, announced intent to preload the .gov TLD to ensure the security of users.