Search
157 results for “aegilops”
-
Xie et al. use genotyping by target sequencing (GBTS) to generate an exome capture panel of the Triticeae D #genome and facilitate definition of the introgression landscape of Aegilops tauschii-#wheat derivatives.
https://doi.org/10.1111/jipb.70106
@WileyLifeSci
#PlantSci #JIPB #CropScience #botany #FreeAccess -
Xie et al. use genotyping by target sequencing (GBTS) to generate an exome capture panel of the Triticeae D #genome and facilitate definition of the introgression landscape of Aegilops tauschii-#wheat derivatives.
https://doi.org/10.1111/jipb.70106
@WileyLifeSci
#PlantSci #JIPB #CropScience #botany #FreeAccess -
Aqua Security’s Trivy GitHub Action was compromised, and Checkmarx’s KICS too: a reminder that I wrote an Actions audit script that can search for particular Actions and versions run in workflows (or just list all Actions with exact commit versions run in all workflows).
Auditing script:
https://github.com/github/audit-actions-workflow-runsStepSecurity blogs in the thread 🧵
-
There’s some really top notch secure coding advice on this site 🤣
https://raisistance.com/implementing-gets-in-a-safe-manner/
(via LiveOverflow)
#gets #SecureCoding #AdversarialAI #AdversarialAttack #Luddites
-
GitHub :github: is laying off 10% of staff - reported in Fortune today:
I'm at :github: so please be thoughtful with your responses 🙏
-
I added Pyre 🔥 to my :python: linter Action , adding a 4th type checker to choose from.
-
@joxean tilck, seL4 or the Firefly Kernel might fit the bill?
https://github.com/vvaltchev/tilck
-
I've made a Python :python: code linting Action ▶️ for GitHub :github: Code Scanning.
It wraps up #Ruff, #Flake8, #Pylint, #Fixit2, #Mypy, #Pyright and #Pytype into an Action that uploads to Code Scanning, part of Advanced Security, the GitHub appsec platform.
ℹ️ that’s free for open source repos hosted on GitHub!
Read 📖 about it👇 on my blog:
https://lnkd.in/es_pd2W6Try ⚙️ it👇 on the Actions ▶️ marketplace:
https://lnkd.in/ei7-H2V9#Python #Linting #CodeQuality #Linters #SARIF #GitHubActions
-
@hywan gcc is not wrong though. You need to check upfront with a decent bounds check that what you will do is OK in C, rather than do it, then see if something undefined happened.
Unfortunately there weren't good tools in the C or C++ stdlib to do checking for a long time.
For C++: https://learn.microsoft.com/en-us/cpp/safeint/safeint-library
C from c23 has builtins to do this, and each common compiler does too:
https://stackoverflow.com/questions/199333/how-do-i-detect-unsigned-integer-overflow -
@einonm vim is software that is quite complex and not written in a memory safe language, and not formally proven to be correct.
It has a history of vulnerabilities, like any similar software.
https://www.cvedetails.com/vulnerability-list/vendor_id-8218/opec-1/VIM.html
-
@superbart the server rules ask for you to post in English only.
Sorry / 对不起.
The server rules have other restrictions on content: https://fosstodon.org/about
I'm not a mod or a server owner - you can find who they are on the website.
-
@hpux735 a cloud editor can break the constraints of being on an iPad, e.g. Codespaces:
https://dev.to/cubikca/using-github-codespaces-on-ipad-5412
https://github.com/features/codespaces
There’s a technical preview of CoPilot Voice that might help, since that works with VSCode, and that’s the IDE in Codespaces:
https://githubnext.com/projects/copilot-voice/
#CoPilotVoice #Accessibility #VisuallyImpaired #BlindCoding #SpeechToText #TextToSpeech
-
CW: Insects
TIL that earwigs can fly. Though they mostly don't bother flying, it's a little embarrassing as someone with two biology degrees not to have known this 😳
(HT @aegilops)
They have shimmering, foldable wings that they hide away under their stiff forewings, like beetles do. Their wing deployment reminds me of an unfurling solar sail.
https://www.nationalgeographic.com/animals/article/earwig-origami-wings-how-they-work-insect-flight (includes video)
#Earwigs #FlyingInsects #InsectFlight #AnimalFacts #NationalGeographic #TodayILearned #Biology
-
@joxean I usually think of "sound" in SAST as "no false negatives" (for what you are modelling, of course).
Now wrap your head around what a "soundy" analysis is...
-
I've wrapped up SpotBugs/FindSecBugs in a bow 🎁 in a GitHub Action, so you can use it in GitHub Code Scanning - free for open source projects, and also available for paid users of GitHub Advanced Security.
SpotBugs and FindSecBugs work with JVM languages - Scala, Java, and Clojure, mainly.
https://github.com/marketplace/actions/spotbugs-with-findsecbugs
Point it at the results of the build, and go.
#GitHub #SAST #Scala #JVM #Clojure #Java #CodeSecurity #SpotBugs #FindSecBugs #DevSecOps #SDLC
-
@vordenken as a happy owner of the MX Keys Mini for Mac I’m curious what the result will be!
-
I’ve released 🤲 a GitHub Action to convert Dart/Flutter analyzer output to SARIF.
That lets you upload ⬆️ the results to GitHub Advanced Security, as I show in a sample workflow.
-
I have a plan around #Scala :scala:
I want to statically analyse it using tools that understand #Java :java: , by decompiling the .class files that the Scala source compiles to, then analysing the decompiled Java source.
That works 💪 (on trivial stuff!) but I need to match up line numbers. Scala‘s debug output in .tasty files and some decompiler info should do, but I haven’t done it yet.
Thoughts?
Know a good static analyser for Scala that outputs SARIF?
-
I've made a Python :python: code linting Action ▶️ for GitHub :github: Code Scanning.
It wraps up #Ruff, #Flake8, #Pylint, #Fixit2, #Mypy, #Pyright and #Pytype into an Action that uploads to Code Scanning, part of Advanced Security, the GitHub appsec platform.
ℹ️ that’s free for open source repos hosted on GitHub!
Read 📖 about it👇 on my blog:
https://lnkd.in/es_pd2W6Try ⚙️ it👇 on the Actions ▶️ marketplace:
https://lnkd.in/ei7-H2V9#Python #Linting #CodeQuality #Linters #SARIF #GitHubActions
-
I've made a Python :python: code linting Action ▶️ for GitHub :github: Code Scanning.
It wraps up #Ruff, #Flake8, #Pylint, #Fixit2, #Mypy, #Pyright and #Pytype into an Action that uploads to Code Scanning, part of Advanced Security, the GitHub appsec platform.
ℹ️ that’s free for open source repos hosted on GitHub!
Read 📖 about it👇 on my blog:
https://lnkd.in/es_pd2W6Try ⚙️ it👇 on the Actions ▶️ marketplace:
https://lnkd.in/ei7-H2V9#Python #Linting #CodeQuality #Linters #SARIF #GitHubActions
-
I've made a Python :python: code linting Action ▶️ for GitHub :github: Code Scanning.
It wraps up #Ruff, #Flake8, #Pylint, #Fixit2, #Mypy, #Pyright and #Pytype into an Action that uploads to Code Scanning, part of Advanced Security, the GitHub appsec platform.
ℹ️ that’s free for open source repos hosted on GitHub!
Read 📖 about it👇 on my blog:
https://lnkd.in/es_pd2W6Try ⚙️ it👇 on the Actions ▶️ marketplace:
https://lnkd.in/ei7-H2V9#Python #Linting #CodeQuality #Linters #SARIF #GitHubActions
-
I've made a Python :python: code linting Action ▶️ for GitHub :github: Code Scanning.
It wraps up #Ruff, #Flake8, #Pylint, #Fixit2, #Mypy, #Pyright and #Pytype into an Action that uploads to Code Scanning, part of Advanced Security, the GitHub appsec platform.
ℹ️ that’s free for open source repos hosted on GitHub!
Read 📖 about it👇 on my blog:
https://lnkd.in/es_pd2W6Try ⚙️ it👇 on the Actions ▶️ marketplace:
https://lnkd.in/ei7-H2V9#Python #Linting #CodeQuality #Linters #SARIF #GitHubActions
-
Do you want Infrastructure as Code security? :kubernetes: :github: :microsoft:
Do you use CodeQL to scan your code (which is, btw, free for open source code)?
From today you can use #CodeQL to scan it, using a new open source package written by my team mate @geekmasher
Scan #Terraform, #GitHubActions, #HelmChart, and #AzureBicep, with more in progress.
#IAC #InfrastructureAsCode #SAST #CodeSecurity #CodeSmells #StaticAnalysis #GitHub #AdvancedSecurity
-
A caveat to what I said - there *are* rogue Certificate Authorities out there:
That's not to say rogue CAs are a threat to every system or user equally. As the article points out, they will probably be used sparingly to get at high value targets.
Anyway, take care to audit which CAs you trust in your browsers and other applications.
If you have a very specialised server application it doesn't need to trust 100-odd CAs!
-
:github: is looking for #Swift #opensource projects to try out the upcoming Swift support in #GitHub code scanning.
Sign up here:
https://github.com/github/codeql/discussions/12522
You’ll be able to get access to the new CodeQL-powered static source code analysis before it ships to everyone else.
#SwiftLang #IOSdev #SAST #SecureCoding #DevSecOps #CodeQL #BetaTesting #PrivateBeta #MobileDev
-
@thecesrom Jythooooooooon! In my best Kirk voice.
:java: and :python: together is a great idea, but not having the Python 3 `main` branch working, and having no clear progress makes it feel like Perl 6 all over again.
They should rename their moribund Jython3 repo, that's just confusing!
It's such a shame, useful Java scripting interfaces languishing in a dying ecosystem.
There was a similar lag with things that embed CPython, but they have an escape route.
-
@Edent We are talking about tech people rely on for their safety, so that wasn't just for your benefit.
I use a "secure" walkie talkie on some days out - useful in a maze! - and have no illusions that it's actually secure (nor does it need to be).
-
@Edent why did you choose Berty? Their own blog cautions against using it; albeit saying isn't "war ready".
Their security claims haven't been externally verified, so I think it's premature to use it for anything other than experimentation or messages you don't mind being read.
-
@Logical_Error I’ve not done it myself, but they have detailed docs on contributing patches: https://docs.kernel.org/process/submitting-patches.html
