Reading is big in Québec, and [pepelepoisson]’s young children have access to a free mini library nook that had seen better days and was in dire need of maintenance and refurbishing. In the process of repairing and repainting the little outdoor book nook, he took the opportunity to install a …read more
I “minimally trust” the PHP and PostgreSQL projects to provide non-compromised binaries of their respective programs, which I both depend on. This means that I trust them in the sense that I have no real choice but to trust them.
Software libraries targetting resource constrained environments like embedded systems use conditional compilation to allow consumers to shave space and thus increase performance by removing unused features from the final binaries distribut… Continue reading Does removing features from a library increase or reduce security risks?
Driving more than a handful of LEDs from a microcontroller is often a feat that takes tedious wiring, tricking the processor, or a lot of extra external hardware. Charlieplexing is perhaps the most notorious of these methods, and checks two of those three boxes. This library for the Teensy 4.0 …read more
Frequently, I’d say in virtually every case, there is only one PHP library for any particular problem. (I don’t count obsolete, abandoned, trash ones.)
Therefore, it’s never a “choice” by me to use it. I have to either use i… Continue reading How to deal with this fundamental problem with the advice: "Don’t trust obscure PHP libraries that nobody uses!"?
Python is a versatile, powerful language but sometimes it’s not the best choice, especially if you’re doing work in embedded systems with limited memory. Sometimes you can get away with MicroPython for these cases, but the best language is likely C or assembly. If you’re really stubborn, like [amirgon], and …read more
being new on ubuntu, I accidentally deleted my lib folder contained in var (var / lib *). Now, impossible to install a packages, I tried to do a “sudo apt-get reinstall kubuntu-desktop” and “sudo apt-get build-dep kubuntu-des… Continue reading Restore lib folder conten in var
A few years ago I moved my private library to the cloud. It uses Calibre to catalog my books, and the Open Publication Distribution System (OPDS) to provide an Internet-capable catalog. OPDS is built in to a lot of publisher-independent e-reader softwa… Continue reading The practical digital library updated
I am working on an environment where there is the strong believe that open source libraries are unquestionably safe to use because of the public scrutiny and intensive code review (even if not formal).
So beyond looking at the source code for particular software library, is there a way to vet that it does not contain malicious code? As far as I know from my own research, services like pip, npm, and composer do not provide a… Continue reading How can the validity and safety of a software library be checked?