ProHoster > Π‘Π»ΠΎΠ³ > xov xwm hauv internet > Hloov kho qhov ntsuas ntawm cov tsev qiv ntawv yuav tsum tau kuaj xyuas kev ruaj ntseg tshwj xeeb

Hloov kho qhov ntsuas ntawm cov tsev qiv ntawv yuav tsum tau kuaj xyuas kev ruaj ntseg tshwj xeeb

OpenSSF (Open Source Security Foundation), tsim los ntawm Linux Foundation thiab tsom rau kev txhim kho kev ruaj ntseg ntawm cov software qhib, tau luam tawm ib tsab tshiab ntawm Kev Tshawb Fawb Kev Suav II, tsom rau kev txheeb xyuas cov haujlwm qhib uas xav tau kev tshawb xyuas kev nyab xeeb tseem ceeb. Txoj kev tshawb no tsom mus rau kev tsom xam ntawm kev sib koom qhib qhov chaws uas yog siv rau hauv ntau yam kev lag luam ua haujlwm nyob rau hauv daim ntawv ntawm dependencies rub tawm los ntawm cov chaw khaws khoom sab nraud.

Raws li qhov tshwm sim, cov npe ntawm 500 feem ntau siv pob khoom tau raug npaj, kev ruaj ntseg thiab kev saib xyuas zoo uas yuav tsum tau saib xyuas tshwj xeeb, txij li qhov tsis zoo thiab kev cuam tshuam ntawm cov neeg tsim khoom ntawm cov khoom thib peb koom nrog hauv kev ua haujlwm ntawm cov ntawv thov (chaw muab khoom) tuaj yeem negate tag nrho cov kev siv zog los txhim kho kev tiv thaiv ntawm cov khoom tseem ceeb. Muaj 8 daim ntawv teev cov kev xaiv nyob rau hauv tag nrho, cov ntsiab lus ntawm uas yog nyob ntawm ntau yam, xws li kev xa hauv NPM repository thiab muaj cov ntaub ntawv version thaum txiav txim siab.

10 feem ntau siv JavaScript pob khoom los ntawm NPM repository, rub tawm los ntawm cov ntawv thov yam tsis tau khi rau version:

  • lodash
  • hnov mob
  • axios
  • debug
  • @babel/cov
  • qhia
  • kev
  • UUID
  • react-dom
  • jquery

10 feem ntau siv Python pob khoom faib los ntawm pypi repository yog:

  • rau
  • pyyaml
  • thov
  • urllib 3
  • jinj 2
  • python-dateutil
  • nias
  • idna ua
  • chardet
  • markupsafe

10 feem ntau siv Ruby cov pob khoom siv tau muab faib los ntawm RubyGems repository yog:

  • bouncy-castle-java
  • aws dk
  • rally-jasmine-core
  • aws sdk
  • nuj
  • cscsl ua
  • highcharts-js-rails
  • antlr 3
  • rspec ua
  • asmine

Lub 10 feem ntau siv Java pob dependencies faib los ntawm Maven repository yog:

  • org.slf4j:slf4j-api
  • com.fasterxml.jackson.core:jackson-databind
  • com.google.guava: ua
  • com.fasterxml.jackson.core:jackson-core
  • org.springframework:spring-framework-bom
  • com.fasterxml.jackson.core:jackson-annotations
  • commons-io: commons-io
  • juit: ua
  • org.apache.commons: commons-lang3
  • commons-codec: commons-codec

Cov 10 feem ntau siv .NET dependency pob khoom faib los ntawm nuget repository yog:

  • json.net ua
  • facebook
  • modernizr
  • newtonsoft.json
  • castle.core-log4net
  • newtonsoft.json
  • castle.core-log4net
  • freqsystemdependencies
  • microsoft.extensions.caching.memory
  • microsoft.extensions.dependencyinjection.abstractions

Cov 10 feem ntau siv cov pob khoom siv tau faib rau Go lus yog:

  • grpc/grpc-mus
  • kubernetes/client-go
  • kubernetes/apimachinery
  • kubernetes/api
  • stretchr/ua tim khawv
  • kubernetes/klog
  • pkg/ yuam kev
  • spf13/cobra
  • x/net
  • prometheus/client_golang

Tau qhov twg los: opennet.ru

Ntxiv ib saib