mastodon.design is one of the many independent Mastodon servers you can use to participate in the fediverse.
A small instance for and by people who make things! We stand for an open, independent, sustainable, inclusive, and accessible web.

Administered by:

Server stats:

338
active users

#developers

13 posts10 participants0 posts today

Run pipelines in the terminal.

#pipelight is a cli/engine that runs pipelines in the terminal.(pssst: it's #foss 😏 and #rust 😏)

It has json AND pretty tree outputs so you can inspect every process outputs fairly quickly.🕵

Supports #yaml, #toml, #hcl, #javascript and some other languages.

#sysadmin #devops #cicd #developers
Every buzz word are there👌so you don't miss it, thk me later 😜

github.com/pipelight/pipelight

Tiny automation pipelines. Bring CI/CD to the smallest projects. Self-hosted, Lightweight, CLI only. - pipelight/pipelight
GitHubGitHub - pipelight/pipelight: Tiny automation pipelines. Bring CI/CD to the smallest projects. Self-hosted, Lightweight, CLI only.Tiny automation pipelines. Bring CI/CD to the smallest projects. Self-hosted, Lightweight, CLI only. - pipelight/pipelight

[Security at W3C]

Last video from the @w3c SWAG #CommunityGroup meeting where Aaron Sim lists 3 meta questions:
- What’s the best UI to nudge #developers toward adopting security mitigations?
- How can we improve ecosystem-wide security for external code (e.g., node modules)?
- And how can we better promote #security practices among web developers?

🎬 youtu.be/CHsS48IcZ20

The full playlist: youtube.com/playlist?list=PLNh

Plotting browser support data in a catalog shows the evolution of the web platform in terms of number and availability of features.

The @w3c WebDX #CommunityGroup has completed a first nearly complete catalog of web features targeted at web #developers, along with support data across main #browsers. The catalog already powers @mdn, Can I use, and is now being integrated in tools and libraries.

▶️ w3.org/blog/2025/first-catalog

Feedback welcome! github.com/web-platform-dx/web

@tidoust @patrickbrosset

[Security at W3C]

Guillaume Weghsteen presents Safevalues, a #JavaScript / #TypeScript library that simplifies secure coding by handling user inputs safely. It provides tools for sanitization, escaping, and safe-by-design practices, covering 99.3% of use cases.

🎬 youtu.be/Y3mfRXQwLiE

Compatible with frameworks like #Angular and effective even without Trusted Types support, it ensures secure interactions with DOM APIs while reducing manual #security reviews.
#developers

[Security at W3C]

In this talk, Kian Jamali introduces the Trusted Types (TT) Helper, a #Chrome extension designed to simplify adopting Trusted Types in #webapps Trusted Types is a #security feature that prevents unsafe DOM manipulations by enforcing policies.

🎬 youtu.be/EJ_axf3JAbk

The tool aims to streamline adoption, improve debugging efficiency, and help #developers implement secure, functional default policies, although a final review by a security engineer is recommended.

Llamamiento a gente que sabe programar y desarrollar aplicaciones libres para f-droid.

Esta aplicación es muy muy útil , con la camara del móvil saca fotos de documentos que parecen fotocopias. pero la persona que lo ha desarrollado, ha anunciado que lo archiva definitivamente y no va a actualizar más. Por favor un fork.

This is a call for people who can program and develop free applications for f-droid. This application is very useful. You can scan documents with the camera and it looks like a photocopy. But the person developed it announced back in February that they are giving it up definitely. That they accepted some pull requests on the project but would archive it without a new release because they really do not have time to put on it.

The way now is to step forward and make a fork

github.com/allgood/OpenNoteSca

#llamamiento #programar #desarrollar #programadoras #desarrolladoras #aplicaciones #libres #aplicacioneslibres #apps #appsLibres #f-droid #fdroid #developers #freeSoftware #FreeApps

#fotosdocumentosfotocopias #GitHub #scanner #OpenNoteScanner #fork #softwareLibre

github.com/allgood/OpenNoteSca

Malicious Packages Identified in the Wild: Insights and Trends from November 2024 Onward

FortiGuard Labs has analyzed malicious software packages detected from November 2024 to March 2025, revealing various attack techniques used to exploit system vulnerabilities. Key findings include 1,082 packages with low file counts, 1,052 packages with suspicious install scripts, and 1,043 packages lacking repository URLs. Attackers employ methods such as obfuscation, command overwrite, and typosquatting to bypass security measures. The analysis highlights the use of suspicious APIs, URLs, and installation scripts to exfiltrate data, establish backdoors, and perform remote control activities. Specific cases involve malicious Python and Node.js packages targeting developers and harvesting sensitive information. The report emphasizes the importance of robust detection strategies and proactive defense measures to mitigate these evolving cybersecurity threats.

Pulse ID: 67cf4b932b27ceeadb710aab
Pulse Link: otx.alienvault.com/pulse/67cf4
Pulse Author: AlienVault
Created: 2025-03-10 20:29:07

Be advised, this data is unverified and should be considered preliminary. Always do further verification.

LevelBlue Open Threat ExchangeLevelBlue - Open Threat ExchangeLearn about the latest cyber threats. Research, collaborate, and share threat intelligence in real time. Protect yourself and the community against today's emerging threats.