ProHoster > Блог > labaran intanet > Ana sabunta ƙima na ɗakunan karatu waɗanda ke buƙatar binciken tsaro na musamman

Ana sabunta ƙima na ɗakunan karatu waɗanda ke buƙatar binciken tsaro na musamman

OpenSSF (Open Source Security Foundation), wanda Gidauniyar Linux ta kafa kuma da nufin inganta tsaro na buɗaɗɗen software, ta buga sabon bugu na nazarin ƙidayar jama'a na II, da nufin gano ayyukan buɗaɗɗen tushe waɗanda ke buƙatar tantance tsaro na fifiko. Binciken ya mayar da hankali kan nazarin lambar tushe da aka raba wanda aka yi amfani da shi kai tsaye a cikin ayyukan kasuwanci daban-daban ta hanyar dogaro da aka zazzage daga ma'ajiyar waje.

A sakamakon haka, an shirya jerin jerin fakitin 500 da aka fi amfani da su akai-akai, tsaro da ingancin kulawa wanda ke buƙatar kulawa ta musamman, tunda rauni da daidaitawa na masu haɓaka kayan aikin ɓangare na uku waɗanda ke da hannu cikin aikace-aikacen aikace-aikacen (sarkar samarwa) na iya. ƙin duk ƙoƙarin inganta kariyar babban samfurin. Akwai zaɓuɓɓukan jeri guda 8 gabaɗaya, abubuwan da ke cikin su an jera su dangane da sharuɗɗa daban-daban, kamar isarwa a ma'ajiyar NPM da kasancewar bayanan sigar yayin tantance abubuwan dogaro.

Fakitin JavaScript guda 10 da aka fi amfani da su daga wurin ajiyar NPM, waɗanda aikace-aikace suka zazzage su ba tare da an ɗaure su da sigar ba:

  • lodash
  • amsa
  • axios
  • debug
  • @babel/core
  • bayyana
  • semver
  • ayyu
  • amsa-dom
  • jquery

Fakitin Python guda 10 da aka fi amfani da su da aka rarraba ta wurin ajiyar pypi sune:

  • shida
  • pyaml
  • buƙatun
  • urllib3
  • jinji 2
  • Python-dateutil
  • click
  • idna
  • chardet
  • markupsafe

Fakitin dogaro da Ruby guda 10 da aka fi amfani da su da aka rarraba ta wurin ajiyar RubyGems sune:

  • bouncy-castle-java
  • awssdk
  • rally-jasmine-core
  • uwa-sdk
  • nuni
  • cscsl
  • highcharts-js-rails
  • antlr3
  • rspec
  • asmina

Abubuwan dogaron kunshin Java guda 10 da aka fi amfani da su da aka rarraba ta wurin ajiyar Maven sune:

  • org.slf4j:slf4j-api
  • com.fasterxml.jackson.core: jackson-databind
  • com.google.guava:guwa
  • com.fasterxml.jackson.core: jackson-core
  • org.springframework: spring-framework-bom
  • com.fasterxml.jackson.core: jackson-annotations
  • gama-io: gama-io
  • juni: juni
  • org.apache.commons:commons-lang3
  • Commons-codec: na kowa-codec

Fakitin dogaro na NET guda 10 da aka fi amfani da su da aka rarraba ta wurin ajiyar nuget sune:

  • json.net
  • facebook
  • na zamani
  • newtonsoft.json
  • castle.core-log4net
  • newtonsoft.json
  • castle.core-log4net
  • freq tsarin dogara
  • microsoft.extensions.caching.memory
  • microsoft.extensions.dependencyinjection.abstractions

Fakitin abin dogaro guda 10 da aka fi amfani da su don yaren Go sune:

  • grpc/grpc-go
  • kubernetes/abokin ciniki-tafi
  • kubernetes/apimachinery
  • kubernetes/api
  • mikewa/shaida
  • kubernetes/klog
  • pkg/ kurakurai
  • spf13/kobra
  • x/net
  • prometheus/abokin ciniki_golang

source: budenet.ru

Add a comment