From e66b62dc079c50865f9a6962bbb0ff1d62ae865d Mon Sep 17 00:00:00 2001 From: chenjiajia Date: Fri, 27 Oct 2023 21:07:55 +0000 Subject: [PATCH] Robot Updated at:27 Oct 2023 21:07:55 GMT --- docs/awesome/awesome-angular.md | 1 + docs/awesome/awesome-board-games.md | 41 ++++ .../awesome-browser-extensions-for-github.md | 98 ++++---- docs/awesome/awesome-datascience.md | 4 +- docs/awesome/awesome-gnome.md | 7 +- docs/awesome/awesome-iam.md | 212 ++++++++++-------- docs/awesome/awesome-selfhosted.md | 9 - docs/awesome/awesome-swift.md | 3 +- docs/awesome/static-analysis.md | 8 +- 9 files changed, 220 insertions(+), 163 deletions(-) diff --git a/docs/awesome/awesome-angular.md b/docs/awesome/awesome-angular.md index 2d802cb611..e18894bc30 100644 --- a/docs/awesome/awesome-angular.md +++ b/docs/awesome/awesome-angular.md @@ -504,6 +504,7 @@ The HttpClient offers a simplified client HTTP API for Angular applications that * [ng2-ace](https://github.com/seiyria/ng2-ace) Ace editor directive made for Angular 2 * [ng2-quill-editor](https://github.com/surmon-china/ngx-quill-editor) - Quill editor component for Angular2 * [ckeditor](https://ckeditor.com/docs/ckeditor5/latest/installation/getting-started/frameworks/angular.html) - Ckeditor plugin for Angular2+ +* [ngx-simple-text-editor](https://github.com/Raiper34/ngx-simple-text-editor) - Ngx Simple Text editor or ST editor is a simple native text editor component for Angular 9+. #### File Upload diff --git a/docs/awesome/awesome-board-games.md b/docs/awesome/awesome-board-games.md index 4b34f6009f..b16d61cf51 100644 --- a/docs/awesome/awesome-board-games.md +++ b/docs/awesome/awesome-board-games.md @@ -12,6 +12,21 @@ ## Family +### [Shadows of Brimstone: Swamps of Death](https://boardgamegeek.com/boardgame/150997/shadows-brimstone-swamps-death) + +> Shadows of Brimstone: Swamps of Death is a fast-paced, fully cooperative, dungeon-crawl board game set in the Old West, with a heavy dose of unspeakable horror! Players create characters, taking on the role of a classic Western Hero Archetype, such as the Law Man, Gunslinger, or Saloon Girl. Forming an adventuring posse, the Heroes venture down into the dark mines, overrun with all manner of ancient demons and foul creatures from another world. With tactical gameplay, lots of dice, and a robust card-driven exploration system, no two games are ever the same as the heroes explore the mines finding new enemies to fight, new loot to collect, and new dangers to overcome. +> +> Players can even find portals to other worlds, stepping through to continue their adventures on the other side! +> +> In Swamps of Death, players will encounter portals to the otherworld Jargono, a humid swampland inhabited by sentient reptiles, vicious dinosaurs and a tribe of humanoids, cut off from return to their homeworld untold years after their own portal closed. + +![Shadows of Brimstone: Swamps of Death game image](https://cf.geekdo-images.com/qRyYKK4IxR9QBwyr7OMvzw__itemrep/img/inbrCrbkzm-36PykegNeHmOD7yc=/fit-in/246x300/filters:strip_icc()/pic2037826.jpg) + +| Players | Min. Age | Time | +| ------: | -------: | -----: | +| 1 - 4 | 12 | 90 - 180m | + + ### [The Crew: Mission Deep Sea](https://boardgamegeek.com/boardgame/324856/crew-mission-deep-sea) > In the trick-taking card game The Crew: Mission Deep Sea, you and the other players work together to search for the lost continent of Mu. This new adventure takes your crew deep down into the abyss on a search for the fabled sunken land. How far you get depends entirely on how well you work together as a team. Card by card, trick by trick, your search party will discover the challenges that lie ahead and forge a path to Mu. @@ -1514,6 +1529,22 @@ | ------: | -------: | -----: | | 2 - 4 | 12 | 80m | +### [The Old King's Crown](https://boardgamegeek.com/boardgame/357873/old-kings-crown) + +> The Old King’s Crown is a game of card-driven conquest, where you play as heirs to a vacant throne, vying for control of an ancient, overgrown kingdom. Wield unique abilities and leverage your followers’ traits to best outwit your opponents across a map that stretches from the teetering heights of the castle to the dappled light of the necropolis. +> +> As leader of your faction you will be staking claims with Heralds openly as well as positioning your forces in secret, hoping to claim the locations that fit your designs. However, keep an eye on your rivals, as they too have agents and agendas, poised to undo your best laid plans. +> +> Royalty, rebels or ruses. What crown will you wear? +> +> In The Old King's Crown, players move their Herald to locations, hoping to claim them. Then simultaneously players play cards from their hand, facedown to regions of the board. These are then revealed and resolved. Winning these clashes will result in different rewards that further their position and grant them the game's primary goal, influence. When a player is able to reach a set number of influence, dependent on player count, and is able to retain it until the end of a round, they win the game. + +![The Old King's Crown game image](https://cf.geekdo-images.com/hQG2-XQoEhXCITIORvx24A__itemrep/img/nxjDR_nK5kmSdApd5YJDeoPoQnc=/fit-in/246x300/filters:strip_icc()/pic7508098.jpg) + +| Players | Min. Age | Time | +| ------: | -------: | -----: | +| 1 - 4 | 12 | 60-90m | + ## Party ### [Jungle Speed](https://boardgamegeek.com/boardgame/8098/jungle-speed) @@ -2720,6 +2751,16 @@ Superfight is a game where you argue with your friends over ridiculous fights. T | ------: | -------: | -----: | | 1 - 4 | 10 | 30-45m | +### [Star Wars: The Deckbuilding Game](https://en.wikipedia.org/wiki/Star_Wars:_The_Deckbuilding_Game) + +> Star Wars is a deckbuilding game released by Fantasy Flight Games and Asmodee.Each player controls a base that represent that player's life pool, and is able to obtain another base if theirs is destroyed. The object is to destroy three bases to win the game, which is achieved by attacking the opposing player.On their turn, a player uses the resources from the five cards in their hand to obtain new cards from a central "galaxy row", which contains cards of the Empire and Rebel factions. The player may only select from cards of their faction, and the galaxy row is reconstituted with cards from the "galaxy deck".One innovate game mechanic is the ability of a player to attack cards still in the galaxy row before they have been obtained by other players, known as sabotage for the Rebel faction and bounty hunting for the Empire faction. These provide a reward to the player taking that action, and also deny other players from obtaining targeted cards.Throughout the game, a Force meter records the balance in The Force, which may alter the effect of cards in favour of a particular faction. + +![Star Wars](https://upload.wikimedia.org/wikipedia/en/thumb/e/e2/Star_Wars_The_Deckbuilding_Game.webp/229px-Star_Wars_The_Deckbuilding_Game.webp.png) + +| Players | Min. Age | Time | +| ------: | -------: | -----: | +| 2 | 12 | 30-45m | + ### [Kill Doctor Lucky](https://boardgamegeek.com/boardgame/257/kill-doctor-lucky) > "Kill Doctor Lucky" is a unique board game where players compete to murder Doctor Lucky, the mansion's owner. Players move through rooms, collect weapon cards, and attempt to eliminate Doctor Lucky while bluffing opponents. The game combines strategy, humor, and a reversed murder-mystery theme for a fun experience. "Kill Doctor Lucky" stands out as a lighthearted and entertaining board game that offers a unique twist on the traditional murder-mystery theme. Players enter a world of colorful rooms, dangerous weapons, and humorous strategies as they vie to commit the murder of Doctor Lucky. This game encourages creative thinking, clever moves, and comical bluffing, making it a delightful choice for board game enthusiasts seeking a humorous and engaging gaming experience. diff --git a/docs/awesome/awesome-browser-extensions-for-github.md b/docs/awesome/awesome-browser-extensions-for-github.md index c8b4909610..91c35767f8 100644 --- a/docs/awesome/awesome-browser-extensions-for-github.md +++ b/docs/awesome/awesome-browser-extensions-for-github.md @@ -25,42 +25,42 @@ Want to know more about this process? Check out the [Codeless Contributions with Shows notifications when you get a new notification on GitHub and provides quick access to all notifications in a popup. -Installs: 133 | Stars: 78 | Last update: 2 Jun 2023 +Installs: 141 | Stars: 78 | Last update: 2 Jun 2023 Removes clutter from your pull request by automatically marking as viewed files that aren't worth reviewing. -Installs: 30 | Stars: 7 | Last update: 14 Feb 2022 +Installs: 32 | Stars: 7 | Last update: 14 Feb 2022 Next level code navigation for GitHub. -Installs: 596 | Stars: 58 | Last update: 20 Jul 2022 +Installs: 600 | Stars: 58 | Last update: 20 Jul 2022 Visualize GitHub repos as d3 force-directed graphs. The extension gives you a quick overview of the size and composition of any repo. -Installs: 223 | Stars: 12 | Last update: 26 Apr 2022 +Installs: 219 | Stars: 12 | Last update: 26 Apr 2022 The CoderStats link for GitHub Chrome extension displays a link to the CoderStats page for the currently displayed user or organization profile page on GitHub. -Installs: 798 | Stars: 19 | Last update: 2 May 2023 +Installs: 803 | Stars: 19 | Last update: 2 May 2023 Show the # of PRs and other contributors stats in the Issues/PRs tab. Can be helpful for maintainers that want to know if it's a contributor's first PR. -Installs: 346 | Stars: 457 | Last update: 1 Mar 2021 +Installs: 348 | Stars: 457 | Last update: 1 Mar 2021 Displays size of each file, download link and an option of copying file contents directly to clipboard -Installs: 40727 | Stars: 1903 | Last update: 25 Dec 2021 +Installs: 40744 | Stars: 1904 | Last update: 25 Dec 2021 Easily search GIPHY to add a GIF into any GitHub comment box. -Installs: 10474 | Stars: 157 | Last update: 27 Jul 2023 +Installs: 10503 | Stars: 157 | Last update: 27 Jul 2023 Find the best GIFs for your awesome pull requests. @@ -70,7 +70,7 @@ Installs: 136 | Stars: 22 | Last update: n/a Quickly browse the history of a file from any git repository. -Installs: 7219 | Stars: 13404 | Last update: 14 Oct 2023 +Installs: 7230 | Stars: 13407 | Last update: 14 Oct 2023 GitHub provides a page that only shows diffs with a .diff at the end of the URL of the pull request. This browser extension makes it easier to view csv diffs by using daff on that page. @@ -80,22 +80,22 @@ Installs: 27 | Stars: 4 | Last update: 18 Apr 2021 Code folding - the ability to selectively hide and display sections of a code - is an invaluable feature in many text editors and IDEs. Now, developers can utilize that same style code-folding while poring over source code on the web in GitHub. Works for any type of indentation- spaces or tabs. -Installs: 3117 | Stars: 286 | Last update: 14 Jul 2022 +Installs: 3120 | Stars: 286 | Last update: 14 Jul 2022 Set custom tab size for code view on GitHub.com -Installs: 575 | Stars: 67 | Last update: 6 May 2019 +Installs: 574 | Stars: 67 | Last update: 6 May 2019 Easily navigate through the changes in a file that has been edited on GitHub. -Installs: 211 | Stars: 19 | Last update: 28 Apr 2023 +Installs: 214 | Stars: 19 | Last update: 28 Apr 2023 A browser extension which gives different filetypes different icons on GitHub. -Installs: 10000 | Stars: 1316 | Last update: 22 Aug 2023 +Installs: 10000 | Stars: 1317 | Last update: 22 Aug 2023 Highlight selected word in GitHub source view like Sublime Text. @@ -105,27 +105,27 @@ Installs: 1000 | Stars: 142 | Last update: 8 Oct 2019 Neat hovercards for GitHub. -Installs: 27000 | Stars: 1785 | Last update: 12 May 2021 +Installs: 27005 | Stars: 1785 | Last update: 12 May 2021 Colorize issue and PR links to see their status (open, closed, merged). -Installs: 959 | Stars: 293 | Last update: 4 Nov 2021 +Installs: 961 | Stars: 293 | Last update: 4 Nov 2021 Displays npm package stats on GitHub -Installs: 657 | Stars: 56 | Last update: 31 May 2020 +Installs: 656 | Stars: 56 | Last update: 31 May 2020 Lists repositories that are similar to the one being viewed -Installs: 390 | Stars: 41 | Last update: 10 Aug 2022 +Installs: 395 | Stars: 41 | Last update: 10 Aug 2022 Revert closed GitHub issues from purple back to red -Installs: 23 | Stars: 39 | Last update: 11 Aug 2023 +Installs: 22 | Stars: 39 | Last update: 11 Aug 2023 Automatically adds repository size to GitHub's repository summary. @@ -135,22 +135,22 @@ Installs: 20000 | Stars: 1172 | Last update: 26 Jun 2020 Chrome extension to see story points in GitHub projects. -Installs: 606 | Stars: 60 | Last update: 17 Aug 2020 +Installs: 612 | Stars: 60 | Last update: 17 Aug 2020 Generates a pie chart on user profile pages displaying a breakdown of what languages they have used in their repositories. -Installs: 962 | Stars: 48 | Last update: 25 Sep 2023 +Installs: 965 | Stars: 48 | Last update: 25 Sep 2023 This extension adds the simplicity of WYSIWYG editing to issues, comments, pull requests, wikis and discussions in GitHub. It accepts Markdown input and offers productive writing, starting with tables. -Installs: 2127 | Stars: 346 | Last update: 14 Jun 2023 +Installs: 2133 | Stars: 346 | Last update: 14 Jun 2023 View and create Linear tickets from any GitHub PR or issue. -Installs: 50 | Stars: 20 | Last update: 12 Apr 2023 +Installs: 52 | Stars: 20 | Last update: 12 Apr 2023 Show [vscode-icons](https://github.com/vscode-icons/vscode-icons) in the repository browser. @@ -160,17 +160,17 @@ Installs: 2000 | Stars: 281 | Last update: 30 Sep 2021 It can make the sub-directories and files of github repository as zip and download it -Installs: 103300 | Stars: 34 | Last update: 21 Aug 2023 +Installs: 103399 | Stars: 34 | Last update: 21 Aug 2023 Create, save, edit, pin, search and delete filters that you commonly use on the Github Issues and Pull Requests pages. You are able to scope filters to be shown globally (on each repo) or only have them show up on the repo you create them on. Pinning filters is also a feature that this extension allows you to do. So if you have several filters you use daily - you have a way to quickly access them, at the top of your list. -Installs: 548 | Stars: n/a | Last update: 22 Aug 2022 +Installs: 555 | Stars: n/a | Last update: 22 Aug 2022 Extension to get back current and longest streak. -Installs: 688 | Stars: 225 | Last update: 10 Jan 2023 +Installs: 684 | Stars: 225 | Last update: 10 Jan 2023 Replace browser new tab screen with GitHub trending projects. @@ -180,7 +180,7 @@ Installs: 2000 | Stars: 342 | Last update: n/a Hide dotfiles from the GitHub file browser. -Installs: 699 | Stars: 314 | Last update: 17 Sep 2021 +Installs: 707 | Stars: 314 | Last update: 17 Sep 2021 Allows you to toggle between the normal GitHub contribution chart and an isometric pixel art version. @@ -190,7 +190,7 @@ Installs: 10000 | Stars: 3398 | Last update: 17 Apr 2023 Browser extension to add git graph to GitHub website. -Installs: 5302 | Stars: 1876 | Last update: 29 Sep 2023 +Installs: 5318 | Stars: 1880 | Last update: 29 Sep 2023 Chrome extension that adds a button in browser and links this button to a GitHub repository that you will configure, then on any webpage just click this extension button and it will add the given link with the title of the page in that repository. @@ -200,32 +200,32 @@ Installs: 67 | Stars: 233 | Last update: 26 May 2018 See forks with the most stars under the names of repositories. -Installs: 1315 | Stars: 558 | Last update: 1 Sep 2021 +Installs: 1327 | Stars: 558 | Last update: 1 Sep 2021 Show Material icons for files/folders in repository file viewer. Display the same icons from vscode-material-icon-theme VSCode extension. -Installs: 10632 | Stars: 381 | Last update: 7 Oct 2023 +Installs: 10650 | Stars: 381 | Last update: 7 Oct 2023 An extension that creates direct links to imported modules, external or internal, on source code on GitHub. Supports multiple languages, including common ones like Rust, Go, Python and Ruby, but also odd ones like Nim, Haskell, Julia and Elm. -Installs: 45 | Stars: 246 | Last update: 27 Nov 2019 +Installs: 46 | Stars: 246 | Last update: 27 Nov 2019 Chrome extension which helps you not to miss important changes in your news thread related to your repo -Installs: 20 | Stars: 14 | Last update: 1 Oct 2018 +Installs: 19 | Stars: 14 | Last update: 1 Oct 2018 A Chrome and Firefox extension to quickly see your notifications in a popup without leaving the current page. -Installs: 438 | Stars: 141 | Last update: 6 Apr 2023 +Installs: 444 | Stars: 141 | Last update: 6 Apr 2023 Displays your GitHub notifications unread count. Supports GitHub Enterprise and an option to only show unread count for issues you're participating in. You can click the icon to quickly see your unread notifications. -Installs: 10545 | Stars: 1748 | Last update: 12 Jul 2023 +Installs: 10575 | Stars: 1749 | Last update: 12 Jul 2023 Filter your pull requests/issues in different categories giving you a big boost in productivity. Also suggests new trending repositories. @@ -235,14 +235,14 @@ Installs: 2 | Stars: 134 | Last update: 16 Jan 2020 OctoLinker is the easiest and best way to navigate between files and projects on GitHub. It supports languages such as JavaScript, Ruby, Go, PHP, JAVA and more. It works with package.json as well as with Gemfiles. -Installs: 32614 | Stars: 5190 | Last update: 13 Nov 2022 +Installs: 32641 | Stars: 5189 | Last update: 13 Nov 2022 OctoPermalinker is a browser extension that searches GitHub comments/files for links to files on branches, and adds a link to where the branch pointed when the comment/file was made/updated. This helps you avoid following a link that was broken after being posted. For context, here's some discussion about broken GitHub links: [Don't link to line numbers in GitHub](https://news.ycombinator.com/item?id=8046710). For example, suppose you're looking at a gist that links to a file on the master branch of a repo. At the time the gist was made, the link worked, but if the file gets removed, the link is broken. OctoPermalinker uses the gist creation date to add a permalink that still works. -Installs: 237 | Stars: 21 | Last update: 20 May 2017 +Installs: 234 | Stars: 21 | Last update: 20 May 2017 The missing IntelliSense hint for GitHub and GitLab @@ -252,12 +252,12 @@ Installs: 5000 | Stars: 961 | Last update: 4 Feb 2022 Useful for developers who frequently read source in GitHub and do not want to download or checkout too many repositories. -Installs: 337183 | Stars: 22546 | Last update: 23 Oct 2023 +Installs: 337479 | Stars: 22549 | Last update: 23 Oct 2023 Revert GitHub's UI back to its classic look (before the June 23, 2020 update that has a flat, rounded and more whitespaced design). -Installs: 364 | Stars: 224 | Last update: 30 Apr 2023 +Installs: 362 | Stars: 224 | Last update: 30 Apr 2023 This browser extension allows you to open files in your IDE directly from GitHub, assuming the repository you are working on is cloned on your computer. When a fragment of a file is displayed, your IDE opens the file and puts the cursor at the desired line. @@ -267,27 +267,27 @@ Installs: 1044 | Stars: 62 | Last update: 23 Sep 2023 Helps you keep track of incoming and outgoing PRs, and notifies you when you receive a pull request on GitHub. -Installs: 746 | Stars: 111 | Last update: 21 Jun 2023 +Installs: 752 | Stars: 111 | Last update: 21 Jun 2023 Browser extension that shows which pull requests contain changes related to a file. -Installs: 42 | Stars: 96 | Last update: 15 Oct 2020 +Installs: 44 | Stars: 96 | Last update: 15 Oct 2020 Extension that simplifies the GitHub interface and adds useful features. -Installs: 78177 | Stars: 22002 | Last update: 5 Oct 2023 +Installs: 78520 | Stars: 22010 | Last update: 5 Oct 2023 Are they tabs? Are they spaces? How many? Never wonder again! Renders spaces as `·` and tabs as `→` in all the code on GitHub. -Installs: 622 | Stars: 75 | Last update: 25 Aug 2018 +Installs: 630 | Stars: 75 | Last update: 25 Aug 2018 Introduces the Explore tab in the pull request interface where you can review changes ordered by importance and see the semantic context surrounding each change. -Installs: 35 | Stars: n/a | Last update: 10 Aug 2020 +Installs: 33 | Stars: n/a | Last update: 10 Aug 2020 The Sourcegraph browser extension gives GitHub IDE-like powers when you're viewing code, pull requests, and diffs: @@ -298,7 +298,7 @@ The Sourcegraph browser extension gives GitHub IDE-like powers when you're viewi 4. Hover tooltips 5. File tree navigation -Installs: 101028 | Stars: 9069 | Last update: 25 Oct 2023 +Installs: 101069 | Stars: 9072 | Last update: 25 Oct 2023 Make tab indented code more readable by forcing the tab size to 4 instead of 8. @@ -308,7 +308,7 @@ Installs: 2000 | Stars: 280 | Last update: 25 Sep 2021 Helps you see easily which activities happened since you last visited GitHub. -Installs: 201 | Stars: 31 | Last update: n/a +Installs: 203 | Stars: 31 | Last update: n/a Generate a magic link for your PR and post it on shared Slack channel, to entice reviewers to pick up your PR faster! @@ -323,12 +323,12 @@ Installs: 70000 | Stars: n/a | Last update: 24 Oct 2023 All your issues, PRs, repos and other work documents right in your new tab -Installs: 20174 | Stars: n/a | Last update: 17 Oct 2023 +Installs: 20182 | Stars: n/a | Last update: 17 Oct 2023 file tree for github, and more than that. -Installs: 10405 | Stars: n/a | Last update: 12 Aug 2023 +Installs: 10423 | Stars: n/a | Last update: 12 Aug 2023 Add breakpoints at 1400px, 1600px and 1800px for full GitHub experience on large screens. Also removes the truncating of file and directory names in the repository browser. @@ -338,14 +338,14 @@ Installs: 2000 | Stars: 130 | Last update: 24 Jul 2020 gitpod streamlines developer workflows by providing ready-to-code development environments in your browser - powered by vs code. -Installs: 52387 | Stars: 125 | Last update: 18 Oct 2023 +Installs: 52481 | Stars: 125 | Last update: 18 Oct 2023 When viewing a repository on github.com that has a package.json file, this extension will introspect the dependencies in package.json and display links and description for each dependency, just below the repo's README. -Installs: 2083 | Stars: 725 | Last update: 29 May 2023 +Installs: 2085 | Stars: 725 | Last update: 29 May 2023 Extends GitHub pages with math, diagrams, embedded YouTube videos etc. -Installs: 468 | Stars: 86 | Last update: 22 Aug 2023 +Installs: 471 | Stars: 86 | Last update: 22 Aug 2023 diff --git a/docs/awesome/awesome-datascience.md b/docs/awesome/awesome-datascience.md index c041496c7a..8ad02b0f80 100644 --- a/docs/awesome/awesome-datascience.md +++ b/docs/awesome/awesome-datascience.md @@ -204,8 +204,8 @@ These are some Machine Learning and Data Mining algorithms and models help you t - [k-nearest neighbor](https://en.wikipedia.org/wiki/K-nearest_neighbors_algorithm) - [Support Vector Machines](https://en.wikipedia.org/wiki/Support_vector_machine) - [Decision Trees](https://en.wikipedia.org/wiki/Decision_tree) - - ID3 algorithm - - C4.5 algorithm + - [ID3 algorithm](https://en.wikipedia.org/wiki/ID3_algorithm) + - [C4.5 algorithm](https://en.wikipedia.org/wiki/C4.5_algorithm) - [Ensemble Learning](https://scikit-learn.org/stable/modules/ensemble.html) - [Boosting](https://en.wikipedia.org/wiki/Boosting_(machine_learning)) - Stacking diff --git a/docs/awesome/awesome-gnome.md b/docs/awesome/awesome-gnome.md index eecae5d56b..48996afe6a 100644 --- a/docs/awesome/awesome-gnome.md +++ b/docs/awesome/awesome-gnome.md @@ -53,6 +53,7 @@ - [Gnome Pomodoro](http://gnomepomodoro.org/) - Simple pomodoro timer. - [Timetrack](https://gitlab.gnome.org/danigm/timetrack) - Time tracker. - [Teleprompter](https://github.com/Nokse22/teleprompter) - Simple application to read scrolling text from your screen. +- [Errands](https://github.com/mrvladus/Errands) - Todo application for those who prefer simplicity. ![GNOME Circle][GNOME Circle] ### Well Being @@ -84,8 +85,9 @@ - [Drawing](https://apps.gnome.org/app/com.github.maoschanz.drawing/) - Responsive drawing application. ![GNOME Circle][GNOME Circle] - [Identity](https://apps.gnome.org/app/org.gnome.gitlab.YaLTeR.Identity/) - Compare image and video. ![GNOME Circle][GNOME Circle] - [Coulr](https://github.com/Huluti/Coulr) - Convert between RGB and hexadecimal codes for colours. -- [Color Picker](https://gitlab.gnome.org/World/gcolor3/) - Color pickle, working on both X11 and Wayland. +- [Color Picker](https://gitlab.gnome.org/World/gcolor3/) - Color picker, working on both X11 and Wayland. - [GThumb](https://wiki.gnome.org/Apps/Gthumb) - Powerful and advanced application to manage your photos and images. +- [ASCII Draw](https://github.com/Nokse22/ascii-draw) - Draw graphs and more using only characters. ### Scientific Tooling @@ -127,6 +129,7 @@ - [Detwinner](https://neatdecisions.com/products/detwinner-linux/) - Simple and fast tool for removing duplicate files. - [Recipes](https://gitlab.gnome.org/GNOME/recipes/) - Cooking application. - [Sunflower](http://sunflower-fm.org) - Small and highly customizable twin-panel file manager. +- [Impression](https://gitlab.com/adhami3310/Impression) - Bootable driver flasher application ![GNOME Circle][GNOME Circle] ### Security and Privacy @@ -151,6 +154,8 @@ - [Sysprof](https://apps.gnome.org/app/org.gnome.Sysprof/) - Profile an application or entire system. - [DevHelp](https://apps.gnome.org/app/org.gnome.Devhelp/) - Developer tool for browsing and searching API documentation. - [Escambo](https://github.com/CleoMenezesJr/escambo) - HTTP-based APIs test application. +- [Forge Sparks](https://github.com/rafaelmardojai/forge-sparks) - Git forge (GitHub, Gitea, Forgejo) desktop notification application. ![GNOME Circle][GNOME Circle] +- [Turtle](https://gitlab.gnome.org/philippun1/turtle) - Tool to manage Git repositories within Nautilus by providing emblems and context menus. #### Design Tooling diff --git a/docs/awesome/awesome-iam.md b/docs/awesome/awesome-iam.md index 9b88cee1c3..3b13567e75 100644 --- a/docs/awesome/awesome-iam.md +++ b/docs/awesome/awesome-iam.md @@ -154,7 +154,9 @@ Protocols and technologies to verify that you are who you pretend to be. - [Scaling backend authentication at Facebook](https://www.youtube.com/watch?v=kY-Bkv3qxMc) - How-to in a nutshell: 1. Small root of trust; 2. TLS isn't enough; 3. Certificate-based tokens; 4. Crypto Auth Tokens (CATs). See the [slides](https://rwc.iacr.org/2018/Slides/Lewi.pdf) for more details. -### Password-based +## Password-based auth + +The oldest scheme for auth. - [The new NIST password guidance](https://pciguru.wordpress.com/2019/03/11/the-new-nist-password-guidance/) - A summary of [NIST Special Publication 800-63B](https://pages.nist.gov/800-63-3/sp800-63b.html) covering new password complexity guidelines. @@ -176,29 +178,9 @@ Protocols and technologies to verify that you are who you pretend to be. - [How to change the hashing scheme of already hashed user's passwords](https://news.ycombinator.com/item?id=20109360) - Good news: you're not stuck with a legacy password saving scheme. Here is a trick to transparently upgrade to stronger hashing algorithm. -### Password-less - -- [An argument for passwordless](https://web.archive.org/web/20190515230752/https://biarity.gitlab.io/2018/02/23/passwordless/) - Passwords are not the be-all and end-all of user authentication. This article tries to tell you why. - -- [Magic Links – Are they Actually Outdated?](https://zitadel.com/blog/magic-links) - What are magic links, their origin, pros and cons. - -- [WebAuthn guide](https://webauthn.guide) - A very accessible guide to WebAuthn, a standard allowing “servers to register and authenticate users using public key cryptography instead of a password”, supported by all major browsers. +## Multi-factor auth -### Security Key - -- [Webauthn and security keys](https://www.imperialviolet.org/2018/03/27/webauthn.html) - Describe how authentication works with security keys, details the protocols, and how they articulates with WebAuthn. Key takeaway: “There is no way to create a U2F key with webauthn however. (…) So complete the transition to webauthn of your login process first, then transition registration.” - -- [Getting started with security keys](https://paulstamatiou.com/getting-started-with-security-keys/) - A practical guide to stay safe online and prevent phishing with FIDO2, WebAuthn and security keys. - -- [Solo](https://github.com/solokeys/solo) - Open security key supporting FIDO2 & U2F over USB + NFC. - -- [OpenSK](https://github.com/google/OpenSK) - Open-source implementation for security keys written in Rust that supports both FIDO U2F and FIDO2 standards. - -- [YubiKey Guide](https://github.com/drduh/YubiKey-Guide) - Guide to using YubiKey as a SmartCard for storing GPG encryption, signing and authentication keys, which can also be used for SSH. Many of the principles in this document are applicable to other smart card devices. - -- [YubiKey at Datadog](https://github.com/DataDog/yubikey) - Guide to setup Yubikey, U2F, GPG, git, SSH, Keybase, VMware Fusion and Docker Content Trust. - -### Multi-Factor +Building upon password-only auth, users are requested in these schemes to present two or more pieces of evidence (or factors). - [Breaking Password Dependencies: Challenges in the Final Mile at Microsoft](https://www.youtube.com/watch?v=B_mhJO2qHlQ) - The primary source of account hacks is password spraying (on legacy auth like SMTP, IMAP, POP, etc.), second is replay attack. Takeaway: password are insecure, use and enforce MFA. @@ -220,7 +202,7 @@ Protocols and technologies to verify that you are who you pretend to be. - [2FA is missing a key feature](https://syslog.ravelin.com/2fa-is-missing-a-key-feature-c781c3861db) - “When my 2FA code is entered incorrectly I'd like to know about it”. -- [SMS Multifactor Authentication in Antarctica](https://brr.fyi/posts/sms-mfa) - Doesn't work because there are no cell phone towers at stations in Antarctica. +- [SMS Multifactor Authentication in Antarctica](https://brr.fyi/posts/sms-mfa) - Doesn't work because there are no cellphone towers at stations in Antarctica. - [Authelia](https://github.com/authelia/authelia) - Open-source authentication and authorization server providing two-factor authentication and single sign-on (SSO) for your applications via a web portal. @@ -246,6 +228,34 @@ TL;DR: don't. For details, see articles below. - [AWS is on its way to deprecate SMS-based 2FA](https://aws.amazon.com/iam/details/mfa/) - “We encourage you to use MFA through a U2F security key, hardware device, or virtual (software-based) MFA device. You can continue using this feature until January 31, 2019.” +## Password-less auth + +- [An argument for passwordless](https://web.archive.org/web/20190515230752/https://biarity.gitlab.io/2018/02/23/passwordless/) - Passwords are not the be-all and end-all of user authentication. This article tries to tell you why. + +- [Magic Links – Are they Actually Outdated?](https://zitadel.com/blog/magic-links) - What are magic links, their origin, pros and cons. + +### WebAuthn + +Part of the [FIDO2 project](https://en.wikipedia.org/wiki/FIDO_Alliance#FIDO2), and also known under the user-friendly name of *passkeys*. + +- [WebAuthn guide](https://webauthn.guide) - Introduce WebAuthn as a standard supported by all major browsers, and allowing “servers to register and authenticate users using public key cryptography instead of a password”. + +- [Clearing up some misconceptions about Passkeys](https://www.stavros.io/posts/clearing-up-some-passkeys-misconceptions/) - Or why passkeys are not worse than passwords. + +### Security key + +- [Webauthn and security keys](https://www.imperialviolet.org/2018/03/27/webauthn.html) - Describe how authentication works with security keys, details the protocols, and how they articulates with WebAuthn. Key takeaway: “There is no way to create a U2F key with webauthn however. (…) So complete the transition to webauthn of your login process first, then transition registration.” + +- [Getting started with security keys](https://paulstamatiou.com/getting-started-with-security-keys/) - A practical guide to stay safe online and prevent phishing with FIDO2, WebAuthn and security keys. + +- [Solo](https://github.com/solokeys/solo) - Open security key supporting FIDO2 & U2F over USB + NFC. + +- [OpenSK](https://github.com/google/OpenSK) - Open-source implementation for security keys written in Rust that supports both FIDO U2F and FIDO2 standards. + +- [YubiKey Guide](https://github.com/drduh/YubiKey-Guide) - Guide to using YubiKey as a SmartCard for storing GPG encryption, signing and authentication keys, which can also be used for SSH. Many of the principles in this document are applicable to other smart card devices. + +- [YubiKey at Datadog](https://github.com/DataDog/yubikey) - Guide to setup Yubikey, U2F, GPG, git, SSH, Keybase, VMware Fusion and Docker Content Trust. + ### Public-Key Infrastructure (PKI) Certificate-based authentication. @@ -284,82 +294,10 @@ Certificate-based authentication. - [JWT.io](https://jwt.io) - Allows you to decode, verify and generate JWT. -- [`loginsrv`](https://github.com/tarent/loginsrv) - Standalone minimalistic login server providing a JWT login for multiple login backends (htpasswd, OSIAM, user/password, HTTP basic authentication, OAuth2: GitHub, Google, Bitbucket, Facebook, Gitlab). +- [`loginsrv`](https://github.com/tarent/loginsrv) - Standalone minimalistic login server providing a JWT login for multiple login backends (htpasswd, OSIAM, user/password, HTTP basic authentication, OAuth2: GitHub, Google, Bitbucket, Facebook, GitLab). - [jwtXploiter](https://github.com/DontPanicO/jwtXploiter) - A tool to test security of json web token. -### OAuth2 & OpenID - -[OAuth 2.0](https://en.wikipedia.org/wiki/OAuth#OAuth_2.0) is a *delegated authorization* framework. [OpenID Connect (OIDC)](https://en.wikipedia.org/wiki/OpenID_Connect) is an *authentication* layer on top of it. - -The old *OpenID* is dead; the new *OpenID Connect* is very much not-dead. - -- [The problem with OAuth for Authentication](http://www.thread-safe.com/2012/01/problem-with-oauth-for-authentication.html) - “The problem is that OAuth 2.0 is a Delegated Authorization protocol, and not a Authentication protocol.” 10 years after, this article is still the best explanation on [why use OpenID Connect instead of plain OAuth2](https://security.stackexchange.com/a/260519)? - -- [An Illustrated Guide to OAuth and OpenID Connect](https://developer.okta.com/blog/2019/10/21/illustrated-guide-to-oauth-and-oidc) - Explain how these standards work using simplified illustrations. - -- [OAuth 2 Simplified](https://aaronparecki.com/oauth-2-simplified/) - A reference article describing the protocol in simplified format to help developers and service providers implement it. - -- [OAuth 2.0 and OpenID Connect (in plain English)](https://www.youtube.com/watch?v=996OiexHze0) - Starts with an historical context on how these standards came to be, clears up the innacuracies in the vocabulary, then details the protocols and its pitfalls to make it less intimidating. - -- [Everything You Need to Know About OAuth (2.0)](https://gravitational.com/blog/everything-you-need-to-know-about-oauth/) - A good overview with a practical case study on how Teleport, an open-source remote access tool, allows users to log in through GitHub SSO. - -- [OAuth in one picture](https://mobile.twitter.com/kamranahmedse/status/1276994010423361540) - A nice summary card. - -- [How to Implement a Secure Central Authentication Service in Six Steps](https://engineering.shopify.com/blogs/engineering/implement-secure-central-authentication-service-six-steps) - Got multiple legacy systems to merge with their own login methods and accounts? Here is how to merge all that mess by the way of OIDC. - -- [Open-Sourcing BuzzFeed's SSO Experience](https://increment.com/security/open-sourcing-buzzfeeds-single-sign-on-process/) - OAuth2-friendly adaptation of the Central Authentication Service (CAS) protocol. You'll find there good OAuth user flow diagrams. - -- [OAuth 2.0 Security Best Current Practice](https://tools.ietf.org/html/draft-ietf-oauth-security-topics-16) - “Updates and extends the OAuth 2.0 Security Threat Model to incorporate practical experiences gathered since OAuth 2.0 was published and covers new threats relevant due to the broader application”. - -- [Hidden OAuth attack vectors](https://portswigger.net/web-security/oauth) - How to identify and exploit some of the key vulnerabilities found in OAuth 2.0 authentication mechanisms. - -- [PKCE Explained](https://www.loginradius.com/blog/engineering/pkce/) - “PKCE is used to provide one more security layer to the authorization code flow in OAuth and OpenID Connect.” - -- [Hydra](https://gethydra.sh) - Open-source OIDC & OAuth2 Server. - -- [Keycloak](https://www.keycloak.org) - Open-source Identity and Access Management. Supports OIDC, OAuth 2 and SAML 2, LDAP and AD directories, password policies. - -- [Casdoor](https://github.com/casbin/casdoor) - A UI-first centralized authentication / Single-Sign-On (SSO) platform based. Supports OIDC and OAuth 2, social logins, user management, 2FA based on Email and SMS. - -- [authentik](https://goauthentik.io/?#correctness) - Open-source Identity Provider similar to Keycloak. - -- [ZITADEL](https://github.com/zitadel/zitadel) - An Open-Source solution built with Go and Angular to manage all your systems, users and service accounts together with their roles and external identities. ZITADEL provides you with OIDC, OAuth 2.0, login & register flows, passwordless and MFA authentication. All this is built on top of eventsourcing in combination with CQRS to provide a great audit trail. - -- [a12n-server](https://github.com/curveball/a12n-server) - A simple authentication system which only implements the relevant parts of the OAuth2 standards. - -- [Logto](https://github.com/logto-io/logto) - Build the sign-in, auth, and user identity with this OIDC-based identity service. - -- [The Decline of OpenID](https://penguindreams.org/blog/the-decline-of-openid/) - OpenID is being replaced in the public web to a mix of OAuth 1, OAuth 2 or other proprietary SSO protocols. - -- [Why Mastercard Doesn't Use OAuth 2.0](https://developer.mastercard.com/blog/why-mastercard-doesnt-use-oauth-20) - “They did this to provide message-level integrity. OAuth 2 switched to transport-level confidentiality/integrity.” (which TLS provides) ([source](https://news.ycombinator.com/item?id=17486165)). - -- [OAuth 2.0 and the Road to Hell](https://gist.github.com/nckroy/dd2d4dfc86f7d13045ad715377b6a48f) - The resignation letter from the lead author and editor of the Oauth 2.0 specification. - -### SAML - -Security Assertion Markup Language (SAML) 2.0 is a means to exchange authorization and authentication between services, like OAuth/OpenID protocols above. - -Typical SAML identity provider is an institution or a big corporation's internal SSO, while the typical OIDC/OAuth provider is a tech company that runs a data silo. - -- [SAML vs. OAuth](https://web.archive.org/web/20230327071347/https://www.cloudflare.com/learning/access-management/what-is-oauth/) - “OAuth is a protocol for authorization: it ensures Bob goes to the right parking lot. In contrast, SAML is a protocol for authentication, or allowing Bob to get past the guardhouse.” - -- [The Difference Between SAML 2.0 and OAuth 2.0](https://www.ubisecure.com/uncategorized/difference-between-saml-and-oauth/) - “Even though SAML was actually designed to be widely applicable, its contemporary usage is typically shifted towards enterprise SSO scenarios. On the other hand, OAuth was designed for use with applications on the Internet, especially for delegated authorisation.” - -- [What's the Difference Between OAuth, OpenID Connect, and SAML?](https://www.okta.com/identity-101/whats-the-difference-between-oauth-openid-connect-and-saml/) - Identity is hard. Another take on the different protocol is always welcome to help makes sense of it all. - -- [How SAML 2.0 Authentication Works](https://gravitational.com/blog/how-saml-authentication-works/) - Overview of the how and why of SSO and SAML. - -- [Web Single Sign-On, the SAML 2.0 perspective](https://blog.theodo.com/2019/06/web-single-sign-on-the-saml-2-0-perspective/) - Another naive explanation of SAML workflow in the context of corporate SSO implementation. - -- [The Beer Drinker's Guide to SAML](https://duo.com/blog/the-beer-drinkers-guide-to-saml) - SAML is arcane at times. A another analogy might helps get more sense out of it. - -- [SAML is insecure by design](https://joonas.fi/2021/08/saml-is-insecure-by-design/) - Not only weird, SAML is also insecure by design, as it relies on signatures based on XML canonicalization, not XML byte stream. Which means you can exploit XML parser/encoder differences. - -- [The Difficulties of SAML Single Logout](https://wiki.shibboleth.net/confluence/display/CONCEPT/SLOIssues) - On the technical and UX issues of single logout implementations. - -- [The SSO Wall of Shame](https://sso.tax) - A documented rant on the exessive pricing practiced by SaaS providers to activate SSO on their product. The author's point is, as a core security feature, SSO should be reasonnably priced and not part of an exclusive tier. - ## Authorization Now we know you are you. But are you allowed to do what you want to do? @@ -382,6 +320,8 @@ As a concept, access control policies can be designed to follow very different a - [AWS IAM Roles, a tale of unnecessary complexity](https://infosec.rodeo/posts/thoughts-on-aws-iam/) - The history of fast-growing AWS explains how the current sheme came to be, and how it compares to GCP's resource hierarchy. +- [GCP's IAM syntax is better than AWS's](https://ucarion.com/iam-operation-syntax) - The minutiae of permission design in GCP improves the developper's experience. + - [Semantic-based Automated Reasoning for AWS Access Policies using SMT](https://d1.awsstatic.com/Security/pdfs/Semantic_Based_Automated_Reasoning_for_AWS_Access_Policies_Using_SMT.pdf) - Zelkova is how AWS does it. This system perform symbolic analysis of IAM policies, and solve the reachability of resources according user's rights and access constraints. Also see the higher-level [introduction given at re:inforce 2019](https://youtu.be/x6wsTFnU3eY?t=2111). - [Zanzibar: Google's Consistent, Global Authorization System](https://ai.google/research/pubs/pub48190) - Scales to trillions of access control lists and millions of authorization requests per second to support services used by billions of people. It has maintained 95th-percentile latency of less than 10 milliseconds and availability of greater than 99.999% over 3 years of production use. [Other bits not in the paper](https://twitter.com/LeaKissner/status/1136626971566149633). [Zanzibar Academy](https://zanzibar.academy/) is a site dedicated to explaining how Zanzibar works. @@ -416,6 +356,8 @@ Collection of open-source projects if you're looking to roll your own policy imp - [Cerbos](https://github.com/cerbos/cerbos) - An authorization endpoint to write context-aware access control policies. +- [Warrant](https://github.com/warrant-dev/warrant) - A relationship based access control (ReBAC) engine (inspired by Google Zanzibar) also capable of enforcing any authorization paradigm, including RBAC and ABAC. + ### AWS policy tools Tools and resources exclusively targetting the [AWS IAM policies](http://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies.html) ecosystem. @@ -450,6 +392,78 @@ A clever curiosity to distribute and delegate authorization. - [Google paper's author compares Macaroons and JWTs](https://news.ycombinator.com/item?id=14294463) - As a consumer/verifier of macaroons, they allow you (through third-party caveats) to defer some authorization decisions to someone else. JWTs don't. +## OAuth2 & OpenID + +[OAuth 2.0](https://en.wikipedia.org/wiki/OAuth#OAuth_2.0) is a *delegated authorization* framework. [OpenID Connect (OIDC)](https://en.wikipedia.org/wiki/OpenID_Connect) is an *authentication* layer on top of it. + +The old *OpenID* is dead; the new *OpenID Connect* is very much not-dead. + +- [The problem with OAuth for Authentication](http://www.thread-safe.com/2012/01/problem-with-oauth-for-authentication.html) - “The problem is that OAuth 2.0 is a Delegated Authorization protocol, and not a Authentication protocol.” 10 years after, this article is still the best explanation on [why use OpenID Connect instead of plain OAuth2](https://security.stackexchange.com/a/260519)? + +- [An Illustrated Guide to OAuth and OpenID Connect](https://developer.okta.com/blog/2019/10/21/illustrated-guide-to-oauth-and-oidc) - Explain how these standards work using simplified illustrations. + +- [OAuth 2 Simplified](https://aaronparecki.com/oauth-2-simplified/) - A reference article describing the protocol in simplified format to help developers and service providers implement it. + +- [OAuth 2.0 and OpenID Connect (in plain English)](https://www.youtube.com/watch?v=996OiexHze0) - Starts with an historical context on how these standards came to be, clears up the innacuracies in the vocabulary, then details the protocols and its pitfalls to make it less intimidating. + +- [Everything You Need to Know About OAuth (2.0)](https://gravitational.com/blog/everything-you-need-to-know-about-oauth/) - A good overview with a practical case study on how Teleport, an open-source remote access tool, allows users to log in through GitHub SSO. + +- [OAuth in one picture](https://mobile.twitter.com/kamranahmedse/status/1276994010423361540) - A nice summary card. + +- [How to Implement a Secure Central Authentication Service in Six Steps](https://engineering.shopify.com/blogs/engineering/implement-secure-central-authentication-service-six-steps) - Got multiple legacy systems to merge with their own login methods and accounts? Here is how to merge all that mess by the way of OIDC. + +- [Open-Sourcing BuzzFeed's SSO Experience](https://increment.com/security/open-sourcing-buzzfeeds-single-sign-on-process/) - OAuth2-friendly adaptation of the Central Authentication Service (CAS) protocol. You'll find there good OAuth user flow diagrams. + +- [OAuth 2.0 Security Best Current Practice](https://tools.ietf.org/html/draft-ietf-oauth-security-topics-16) - “Updates and extends the OAuth 2.0 Security Threat Model to incorporate practical experiences gathered since OAuth 2.0 was published and covers new threats relevant due to the broader application”. + +- [Hidden OAuth attack vectors](https://portswigger.net/web-security/oauth) - How to identify and exploit some of the key vulnerabilities found in OAuth 2.0 authentication mechanisms. + +- [PKCE Explained](https://www.loginradius.com/blog/engineering/pkce/) - “PKCE is used to provide one more security layer to the authorization code flow in OAuth and OpenID Connect.” + +- [Hydra](https://gethydra.sh) - Open-source OIDC & OAuth2 Server. + +- [Keycloak](https://www.keycloak.org) - Open-source Identity and Access Management. Supports OIDC, OAuth 2 and SAML 2, LDAP and AD directories, password policies. + +- [Casdoor](https://github.com/casbin/casdoor) - A UI-first centralized authentication / Single-Sign-On (SSO) platform based. Supports OIDC and OAuth 2, social logins, user management, 2FA based on Email and SMS. + +- [authentik](https://goauthentik.io/?#correctness) - Open-source Identity Provider similar to Keycloak. + +- [ZITADEL](https://github.com/zitadel/zitadel) - An Open-Source solution built with Go and Angular to manage all your systems, users and service accounts together with their roles and external identities. ZITADEL provides you with OIDC, OAuth 2.0, login & register flows, passwordless and MFA authentication. All this is built on top of eventsourcing in combination with CQRS to provide a great audit trail. + +- [a12n-server](https://github.com/curveball/a12n-server) - A simple authentication system which only implements the relevant parts of the OAuth2 standards. + +- [Logto](https://github.com/logto-io/logto) - Build the sign-in, auth, and user identity with this OIDC-based identity service. + +- [The Decline of OpenID](https://penguindreams.org/blog/the-decline-of-openid/) - OpenID is being replaced in the public web to a mix of OAuth 1, OAuth 2 or other proprietary SSO protocols. + +- [Why Mastercard Doesn't Use OAuth 2.0](https://developer.mastercard.com/blog/why-mastercard-doesnt-use-oauth-20) - “They did this to provide message-level integrity. OAuth 2 switched to transport-level confidentiality/integrity.” (which TLS provides) ([source](https://news.ycombinator.com/item?id=17486165)). + +- [OAuth 2.0 and the Road to Hell](https://gist.github.com/nckroy/dd2d4dfc86f7d13045ad715377b6a48f) - The resignation letter from the lead author and editor of the Oauth 2.0 specification. + +## SAML + +Security Assertion Markup Language (SAML) 2.0 is a means to exchange authorization and authentication between services, like OAuth/OpenID protocols above. + +Typical SAML identity provider is an institution or a big corporation's internal SSO, while the typical OIDC/OAuth provider is a tech company that runs a data silo. + +- [SAML vs. OAuth](https://web.archive.org/web/20230327071347/https://www.cloudflare.com/learning/access-management/what-is-oauth/) - “OAuth is a protocol for authorization: it ensures Bob goes to the right parking lot. In contrast, SAML is a protocol for authentication, or allowing Bob to get past the guardhouse.” + +- [The Difference Between SAML 2.0 and OAuth 2.0](https://www.ubisecure.com/uncategorized/difference-between-saml-and-oauth/) - “Even though SAML was actually designed to be widely applicable, its contemporary usage is typically shifted towards enterprise SSO scenarios. On the other hand, OAuth was designed for use with applications on the Internet, especially for delegated authorisation.” + +- [What's the Difference Between OAuth, OpenID Connect, and SAML?](https://www.okta.com/identity-101/whats-the-difference-between-oauth-openid-connect-and-saml/) - Identity is hard. Another take on the different protocol is always welcome to help makes sense of it all. + +- [How SAML 2.0 Authentication Works](https://gravitational.com/blog/how-saml-authentication-works/) - Overview of the how and why of SSO and SAML. + +- [Web Single Sign-On, the SAML 2.0 perspective](https://blog.theodo.com/2019/06/web-single-sign-on-the-saml-2-0-perspective/) - Another naive explanation of SAML workflow in the context of corporate SSO implementation. + +- [The Beer Drinker's Guide to SAML](https://duo.com/blog/the-beer-drinkers-guide-to-saml) - SAML is arcane at times. A another analogy might helps get more sense out of it. + +- [SAML is insecure by design](https://joonas.fi/2021/08/saml-is-insecure-by-design/) - Not only weird, SAML is also insecure by design, as it relies on signatures based on XML canonicalization, not XML byte stream. Which means you can exploit XML parser/encoder differences. + +- [The Difficulties of SAML Single Logout](https://wiki.shibboleth.net/confluence/display/CONCEPT/SLOIssues) - On the technical and UX issues of single logout implementations. + +- [The SSO Wall of Shame](https://sso.tax) - A documented rant on the exessive pricing practiced by SaaS providers to activate SSO on their product. The author's point is, as a core security feature, SSO should be reasonnably priced and not part of an exclusive tier. + ## Secret Management Architectures, software and hardware allowing the storage and usage of secrets to allow for authentication and authorization, while maintaining the chain of trust. @@ -458,7 +472,9 @@ Architectures, software and hardware allowing the storage and usage of secrets t - [High Availability in Google's Internal KMS](https://www.youtube.com/watch?v=5T_c-lqgjso) - Not GCP's KMS, but the one at the core of their infrastructure. See the [slides](https://rwc.iacr.org/2018/Slides/Kanagala.pdf). -- [`vault`](https://www.vaultproject.io) - Secure, store and tightly control access to tokens, passwords, certificates, encryption keys. +- [HashiCorp Vault](https://www.vaultproject.io) - Secure, store and tightly control access to tokens, passwords, certificates, encryption keys. + +- [Infisical](https://github.com/Infisical/infisical) - An alternative to HashiCorp Vault. - [`sops`](https://github.com/mozilla/sops) - Encrypts the values of YAML and JSON files, not the keys. diff --git a/docs/awesome/awesome-selfhosted.md b/docs/awesome/awesome-selfhosted.md index e0b3b525bc..d5df450e14 100644 --- a/docs/awesome/awesome-selfhosted.md +++ b/docs/awesome/awesome-selfhosted.md @@ -462,7 +462,6 @@ Simple deployment of [E-mail](https://en.wikipedia.org/wiki/Email) servers, e.g. - [Takahē](https://jointakahe.org/) - Federated microblogging server. Mastodon, & ActivityPub compatible. ([Source Code](https://github.com/jointakahe/takahe)) `BSD-3-Clause` `Docker` - [Talkyard](https://www.talkyard.io/) - Create a community, where your users can suggest ideas and get questions answered. And have friendly open-ended discussions and chat (Slack/StackOverflow/Discourse/Reddit/Disqus hybrid). ([Demo](https://www.talkyard.io/forum/latest), [Source Code](https://github.com/debiki/talkyard)) `AGPL-3.0` `Docker/Scala` - [Teddit](https://teddit.net) `⚠` - Alternative Reddit front-end focused on privacy. ([Source Code](https://codeberg.org/teddit/teddit)) `AGPL-3.0` `Nodejs/Docker` -- [Thredded](https://github.com/thredded/thredded) - Forums, feature-rich and simple. `MIT` `Ruby` - [yarn.social](https://yarn.social) - Self-Hosted, Twitter™-like Decentralised micro-logging platform. No ads, no tracking, your content, your data. ([Source Code](https://git.mills.io/yarnsocial/yarn)) `MIT` `Go` - [Zusam](https://github.com/zusam/zusam) - Free and open-source way to self-host private forums for groups of friends or family. ([Demo](https://demo.zusam.org)) `AGPL-3.0` `PHP` @@ -843,7 +842,6 @@ Simplified file servers for sharing of one-time/short-lived/temporary files, pro - [Gokapi](https://github.com/Forceu/gokapi) - Lightweight server to share files, which expire after a set amount of downloads or days. Similar to the discontinued Firefox Send, with the difference that only the admin is allowed to upload files. `GPL-3.0` `Go/Docker` - [goploader](https://github.com/Depado/goploader) - Easy file sharing with server-side encryption, curl/httpie/wget compliant. `MIT` `Go` - [GoSƐ](https://github.com/stv0g/gose) - GoSƐ is a modern file-uploader focusing on scalability and simplicity. It only depends on a S3 storage backend and hence scales horizontally without the need for additional databases or caches. ([Demo](https://gose.0l.de)) `Apache-2.0` `Go/Docker` -- [Jirafeau](https://gitlab.com/mojo42/Jirafeau) - Jirafeau is a web site permitting to upload a file in a simple way and give an unique link to it. ([Demo](https://jirafeau.net/)) `AGPL-3.0` `PHP` - [lufi](https://framagit.org/fiat-tux/hat-softwares/lufi) - Let's Upload that FIle, client-side encrypted. ([Demo](https://demo.lufi.io), [Source Code](https://framagit.org/fiat-tux/hat-softwares/lufi/tree/master)) `AGPL-3.0` `Perl` - [OnionShare](https://github.com/onionshare/onionshare) - Securely and anonymously share a file of any size. `GPL-2.0` `Python` - [Pairdrop](https://github.com/schlagmichdoch/pairdrop) - Local file sharing in your browser, inspired by Apple's AirDrop (fork of Snapdrop). `GPL-3.0` `Docker` @@ -1113,7 +1111,6 @@ _See also: [List of streaming media systems - Wikipedia](https://en.wikipedia.or - [Beets](https://beets.io/) - Music library manager and MusicBrainz tagger (command-line and Web interface). ([Source Code](https://github.com/beetbox/beets)) `MIT` `Python/deb` - [Black Candy](https://github.com/blackcandy-org/black_candy) - Music streaming server built with Rails and Stimulus. `MIT` `Docker/Ruby` - [Bsimp](https://github.com/akrylysov/bsimp) - Minimalistic S3-backed audio library. `Apache-2.0` `Go` -- [euterpe](https://listen-to-euterpe.eu) - Self-hosted music streaming server with RESTful API and Web interface. ([Demo](https://listen-to-euterpe.eu/demo), [Source Code](https://github.com/ironsmile/euterpe)) `GPL-3.0` `Go/Docker` - [Funkwhale](https://dev.funkwhale.audio/funkwhale) - Modern, web-based, convivial, multi-user and free music server. `BSD-3-Clause` `Python/Django` - [gonic](https://github.com/sentriz/gonic) - Lightweight music streaming server. Subsonic compatible. `GPL-3.0` `Go/Docker` - [koel](https://koel.dev/) - Personal music streaming server that works. ([Demo](https://demo.koel.dev/), [Source Code](https://github.com/koel/koel)) `MIT` `PHP` @@ -1127,7 +1124,6 @@ _See also: [List of streaming media systems - Wikipedia](https://en.wikipedia.or - [musikcube](https://musikcube.com/) - Streaming audio server with Linux/macOS/Windows/Android clients. ([Source Code](https://github.com/clangen/musikcube)) `BSD-3-Clause` `C++/deb` - [Navidrome Music Server](https://www.navidrome.org) - Modern Music Server and Streamer, compatible with Subsonic/Airsonic. ([Demo](https://www.navidrome.org/demo), [Source Code](https://github.com/navidrome/navidrome), [Clients](https://www.navidrome.org/docs/overview/#apps)) `GPL-3.0` `Docker/Go` - [Polaris](https://github.com/agersant/polaris) - Music browsing and streaming application optimized for large music collections, ease of use and high performance. `MIT` `Rust/Docker` -- [Raveberry](https://github.com/raveberry/raveberry) - A multi-user music server with a focus on participation. ([Demo](https://demo.raveberry.party/)) `LGPL-3.0` `Python/Docker` - [Snapcast](https://github.com/badaix/snapcast) - Synchronous multiroom audio server. `GPL-3.0` `C++/deb` - [Stretto](https://github.com/benkaiser/stretto) - Music player with Youtube/Soundcloud import and iTunes/Spotify discovery. ([Demo](https://next.kaiserapps.com), [Clients](https://github.com/benkaiser/stretto-mobile-next)) `MIT` `Nodejs` - [Supysonic](https://github.com/spl0k/supysonic) - Python implementation of the Subsonic server API. `AGPL-3.0` `Python` @@ -1295,7 +1291,6 @@ _Related: [Inventory Management](#inventory-management), [Resource Planning](#re - [OnTrack](https://github.com/inoda/ontrack) - A simple app to track spend and set goals. `MIT` `Ruby/Nodejs` - [OpenBudgeteer](https://github.com/TheAxelander/OpenBudgeteer) - A budgeting app based on the Bucket Budgeting Principle. `MIT` `Docker/C#` - [REI3](https://rei3.de/home_en/) - Open source, expandable Business Management Software. Manage tasks, time, assets and much more. ([Demo](https://rei3.de/demo_en/), [Source Code](https://github.com/r3-team/r3)) `MIT` `Go` -- [SilverStrike](https://silverstrike.org/) - Personal finance management made easy. ([Demo](https://demo.silverstrike.org/), [Source Code](https://github.com/agstrike/silverstrike)) `MIT` `Python/Django` - [SolidInvoice](https://solidinvoice.co) - Open source invoicing and quote application. ([Source Code](https://github.com/SolidInvoice/SolidInvoice)) `MIT` `PHP` @@ -1751,7 +1746,6 @@ _Related: [Ticketing](#ticketing), [Task Management & To-do Lists](#task-managem - [Gogs](https://gogs.io/) - Painless self-hosted Git Service written in Go. ([Demo](https://try.gogs.io/), [Source Code](https://github.com/gogs/gogs)) `MIT` `Go` - [Kallithea](https://kallithea-scm.org/) - Source code management system that supports two leading version control systems, Mercurial and Git, with a web interface. ([Source Code](https://kallithea-scm.org/repos/kallithea)) `GPL-3.0` `Python` - [Klaus](https://github.com/jonashaag/klaus) - Simple, easy-to-set-up Git web viewer that Just Works. `ISC` `Python/Docker` -- [Lavagna](https://lavagna.io) - Lavagna is an open-source issue/project management tool designed for small teams. Lightweight, pure Java, easy to install, easy to use. ([Source Code](https://github.com/digitalfondue/lavagna)) `GPL-3.0` `Java` - [Lazylead](https://lazylead.org) `⚠` - Eliminate the annoying work within ticketing systems (Jira, GitHub, Trello). Allows to automate daily actions like tickets fields verification, email notifications by JQL/GQL, meeting requests to your (or teammates) calendar. ([Source Code](https://github.com/dgroup/lazylead)) `MIT` `Ruby/Docker` - [Leantime](https://leantime.io) - Leantime is a lean project management system for small teams and startups helping to manage projects from ideation through delivery. ([Source Code](https://github.com/leantime/leantime)) `GPL-2.0` `PHP/Docker` - [Mindwendel](https://www.mindwendel.com/) - Brainstorm and upvote ideas and thoughts within your team. ([Demo](https://www.mindwendel.com), [Source Code](https://github.com/b310-digital/mindwendel)) `AGPL-3.0` `Docker/Elixir` @@ -1861,7 +1855,6 @@ _Related: [Task Management & To-do Lists](#task-management--to-do-lists), [Softw - [MantisBT](https://www.mantisbt.org/) - Self hosted bug tracker, fits best for software development. ([Demo](https://www.mantisbt.org/bugs/my_view_page.php), [Source Code](https://github.com/mantisbt/mantisbt)) `GPL-2.0` `PHP` - [osTicket](https://osticket.com/) - Manage, organize and archive all your support requests and responses in one place. ([Source Code](https://github.com/osTicket/osTicket)) `GPL-2.0` `PHP` - [OTOBO](https://otobo.de/en/) - Flexible web-based ticketing system used for Customer Service, Help Desk, IT Service Management. ([Demo](https://otobo.de/en/open-source-ticketing-system/#demos), [Source Code](https://github.com/RotherOSS/otobo)) `GPL-3.0` `Perl/Docker` -- [Pachno](https://pach.no/) - Bring your team together to design, build and deliver your project with a tool that works with you and your team, and adapts when you need to. ([Source Code](https://github.com/pachno/pachno)) `MPL-2.0` `PHP` - [Request Tracker](https://www.bestpractical.com/rt/) - An enterprise-grade issue tracking system. ([Source Code](https://github.com/bestpractical/rt)) `GPL-2.0` `Perl` - [Roundup Issue Tracker](https://www.roundup-tracker.org/) - A simple-to-use and -install issue-tracking system with command-line, web, REST, XML-RPC, and e-mail interfaces. Designed with flexibility in mind - not just another bug tracker. ([Source Code](https://www.roundup-tracker.org/code.html)) `MIT/ZPL-2.0` `Python/Docker` - [Trudesk](https://trudesk.io/) - Trudesk is an open-source help desk/ticketing solution. ([Source Code](https://github.com/polonel/trudesk)) `Apache-2.0` `Nodejs/Docker` @@ -1953,7 +1946,6 @@ _See also: [Wikimatrix](https://www.wikimatrix.org/), [List of wiki software - W - [Dokuwiki](https://www.dokuwiki.org/DokuWiki) - Easy to use, lightweight, standards-compliant wiki engine with a simple syntax allowing reading the data outside the wiki. All data is stored in plain text files, therefore no database is required. ([Source Code](https://github.com/dokuwiki/dokuwiki)) `GPL-2.0` `PHP` - [Gitit](https://github.com/jgm/gitit) - Wiki program that stores pages and uploaded files in a git repository, which can then be modified using the VCS command line tools or the wiki's web interface. `GPL-2.0` `Haskell` - [Gollum](https://github.com/gollum/gollum) - Simple, Git-powered wiki with a sweet API and local frontend. `MIT` `Ruby` -- [Instiki](https://golem.ph.utexas.edu/wiki/instiki/show/HomePage) - Instiki is a wiki clone so pretty and easy to set up, you'll wonder if it’s really a wiki. Runs on Rails and focuses on portability and stability. ([Source Code](https://github.com/parasew/instiki)) `Ruby` `Ruby` - [Mediawiki](https://www.mediawiki.org/wiki/MediaWiki) - MediaWiki is a free and open-source wiki software package written in PHP. It serves as the platform for Wikipedia and the other Wikimedia projects, used by hundreds of millions of people each month. ([Demo](https://en.wikipedia.org/wiki/Main_Page), [Source Code](https://phabricator.wikimedia.org/diffusion/MW/)) `GPL-2.0` `PHP` - [Mycorrhiza Wiki](https://mycorrhiza.wiki/) - Filesystem and git-based wiki engine written in Go using Mycomarkup as its primary markup language. ([Source Code](https://github.com/bouncepaw/mycorrhiza/)) `AGPL-3.0` `Go` - [Outline](https://www.getoutline.com/) `⚠` - An open, extensible, wiki for your team. ([Source Code](https://github.com/outline/outline)) `BSD-3-Clause` `Nodejs/Docker` @@ -1963,7 +1955,6 @@ _See also: [Wikimatrix](https://www.wikimatrix.org/), [List of wiki software - W - [Raneto](https://raneto.com/) - Raneto is an open source Knowledgebase platform that uses static Markdown files to power your Knowledgebase. ([Source Code](https://github.com/ryanlelek/Raneto)) `MIT` `Nodejs` - [TiddlyWiki](https://tiddlywiki.com/) - Reusable non-linear personal web notebook. ([Source Code](https://github.com/Jermolene/TiddlyWiki5)) `BSD-3-Clause` `Nodejs` - [Tiki](https://tiki.org/HomePage) - Wiki CMS Groupware with the most built-in features. ([Demo](https://tiki.org/Try-Tiki), [Source Code](https://gitlab.com/tikiwiki/tiki)) `LGPL-2.1` `PHP` -- [TWiki](https://twiki.org/) - TWiki is a Perl-based structured wiki application, typically used to run a collaboration platform, knowledge or document management system, a knowledge base, or team portal. ([Demo](https://twiki.org/cgi-bin/view/Sandbox/WebHome), [Source Code](http://svn.twiki.org/svn/twiki/)) `GPL-2.0` `Perl` - [WackoWiki](https://wackowiki.org/) - WackoWiki is a light and easy to install multilingual Wiki-engine. ([Source Code](https://github.com/WackoWiki/wackowiki)) `BSD-3-Clause` `PHP` - [Wiki.js](https://js.wiki/) - Modern, lightweight and powerful wiki app using Git and Markdown. ([Demo](https://docs.requarks.io), [Source Code](https://github.com/Requarks/wiki)) `AGPL-3.0` `Nodejs/Docker/K8S` - [WiKiss](https://wikiss.tuxfamily.org/) - Wiki, simple to use and install. ([Source Code](https://svnweb.tuxfamily.org/listing.php?repname=wikiss/svn&path=%2F&sc=0)) `GPL-2.0` `PHP` diff --git a/docs/awesome/awesome-swift.md b/docs/awesome/awesome-swift.md index 50eb119f25..20cd9ebcea 100644 --- a/docs/awesome/awesome-swift.md +++ b/docs/awesome/awesome-swift.md @@ -11,7 +11,7 @@ PLEASE DO NOT UPDATE THIS FILE, UPDATE CONTENTS.JSON INSTEAD. THANK YOU :-) | Awesome | Linux | Projects | Updated | |:-------:|:-----:|:--------:|:-------:| -| [![Awesome](https://cdn.rawgit.com/sindresorhus/awesome/d7305f38d29fed78fa85652e3a63e154dd8e8829/media/badge.svg)](https://github.com/sindresorhus/awesome) | :penguin: | 1048 | October 26, 2023 | +| [![Awesome](https://cdn.rawgit.com/sindresorhus/awesome/d7305f38d29fed78fa85652e3a63e154dd8e8829/media/badge.svg)](https://github.com/sindresorhus/awesome) | :penguin: | 1049 | October 27, 2023 | @@ -1417,6 +1417,7 @@ PLEASE DO NOT UPDATE THIS FILE, UPDATE CONTENTS.JSON INSTEAD. THANK YOU :-) * [ImageTransition](https://github.com/shtnkgm/ImageTransition) - ImageTransition is a library for smooth animation of images during transitions. * [Jelly](https://github.com/SebastianBoldt/Jelly) - Jelly provides custom view controller transitions with just a few lines of code. * [LiquidSwipe](https://github.com/exyte/LiquidSwipe) - Liquid navigation animation +* [MijickNavigattie](https://github.com/Mijick/Navigattie) - Easy navigation with SwiftUI. * [MusicPlayerTransition](https://github.com/xxxAIRINxxx/MusicPlayerTransition) - Custom interactive transition like Apple Music iOS App. * [NavigationTransitions](https://github.com/davdroman/swiftui-navigation-transitions) - Pure SwiftUI Navigation transitions. * [PanSlip](https://github.com/k-lpmg/PanSlip) - Use PanGesture to dismiss view on UIViewController and UIView. diff --git a/docs/awesome/static-analysis.md b/docs/awesome/static-analysis.md index 26629cc358..92e57ab4fd 100644 --- a/docs/awesome/static-analysis.md +++ b/docs/awesome/static-analysis.md @@ -133,7 +133,7 @@ Also check out the sister project, [awesome-dynamic-analysis](https://github.com - [LDRA](https://ldra.com) :copyright: — A tool suite including static analysis (TBVISION) to various standards including MISRA C & C++, JSF++ AV, CWE, CERT C, CERT C++ & Custom Rules. -- [MATE](https://galoisinc.github.io/MATE/) — A suite of tools for interactive program analysis with a focus on hunting for bugs in C and C++ code. MATE unifies application-specific and low-level vulnerability analysis using code property graphs (CPGs), enabling the discovery of highly application-specific vulnerabilities that depend on both implementation details and the high-level semantics of target C/C++ programs. +- [MATE](https://galoisinc.github.io/MATE/) :warning: — A suite of tools for interactive program analysis with a focus on hunting for bugs in C and C++ code. MATE unifies application-specific and low-level vulnerability analysis using code property graphs (CPGs), enabling the discovery of highly application-specific vulnerabilities that depend on both implementation details and the high-level semantics of target C/C++ programs. - [PC-lint](https://pclintplus.com/) :copyright: — Static analysis for C/C++. Runs natively under Windows/Linux/MacOS. Analyzes code for virtually any platform, supporting C11/C18 and C++17. @@ -227,7 +227,7 @@ Also check out the sister project, [awesome-dynamic-analysis](https://github.com - [LDRA](https://ldra.com) :copyright: — A tool suite including static analysis (TBVISION) to various standards including MISRA C & C++, JSF++ AV, CWE, CERT C, CERT C++ & Custom Rules. -- [MATE](https://galoisinc.github.io/MATE/) — A suite of tools for interactive program analysis with a focus on hunting for bugs in C and C++ code. MATE unifies application-specific and low-level vulnerability analysis using code property graphs (CPGs), enabling the discovery of highly application-specific vulnerabilities that depend on both implementation details and the high-level semantics of target C/C++ programs. +- [MATE](https://galoisinc.github.io/MATE/) :warning: — A suite of tools for interactive program analysis with a focus on hunting for bugs in C and C++ code. MATE unifies application-specific and low-level vulnerability analysis using code property graphs (CPGs), enabling the discovery of highly application-specific vulnerabilities that depend on both implementation details and the high-level semantics of target C/C++ programs. - [PC-lint](https://pclintplus.com/) :copyright: — Static analysis for C/C++. Runs natively under Windows/Linux/MacOS. Analyzes code for virtually any platform, supporting C11/C18 and C++17. @@ -610,7 +610,7 @@ A ktfmt IntelliJ plugin is available from the plugin repository. To install it,

Lua

-- [luacheck](https://github.com/mpeterv/luacheck) :warning: — A tool for linting and static analysis of Lua code. +- [luacheck](https://github.com/lunarmodules/luacheck) — A tool for linting and static analysis of Lua code. - [lualint](https://github.com/philips/lualint) — lualint performs luac-based static analysis of global variable usage in Lua source code. @@ -1238,6 +1238,8 @@ TSLint is an extensible static analysis tool that checks TypeScript code for rea - [Fortify](https://software.microfocus.com/en-us/products/static-code-analysis-sast/overview) :copyright: — A commercial static analysis platform that supports the scanning of C/C++, C#, VB.NET, VB6, ABAP/BSP, ActionScript, Apex, ASP.NET, Classic ASP, VB Script, Cobol, ColdFusion, HTML, Java, JS, JSP, MXML/Flex, Objective-C, PHP, PL/SQL, T-SQL, Python (2.6, 2.7), Ruby (1.9.3), Swift, Scala, VB, and XML. +- [fta](https://ftaproject.dev/) — Rust-based static analysis for TypeScript projects + - [Goodcheck](https://sider.github.io/goodcheck) — Regexp based customizable linter. - [goone](https://github.com/masibw/goone) :warning: — Finds N+1 queries (SQL calls in a for loop) in go code