HackerTrans
TopNewTrendsCommentsPastAskShowJobs

conslit

no profile record

Submissions

Patch the Planet: a Daybreak initiative to support open source maintainers

openai.com
14 points·by conslit·19 วันที่ผ่านมา·0 comments

The S in Interoperability

frederikbraun.de
16 points·by conslit·เดือนที่แล้ว·3 comments

A Grand Challenge for Reliable Coding in the Age of AI Agents

arxiv.org
2 points·by conslit·2 เดือนที่ผ่านมา·0 comments

A security-oriented Go compiler

github.com
4 points·by conslit·6 เดือนที่ผ่านมา·4 comments

Detect Go's silent arithmetic bugs with go-panikint

blog.trailofbits.com
4 points·by conslit·6 เดือนที่ผ่านมา·1 comments

ShadeMap – Simulate sun shadows for any time and place on heart

shademap.app
4 points·by conslit·9 เดือนที่ผ่านมา·2 comments

comments

conslit
·6 เดือนที่ผ่านมา·discuss
1. "Is the plan to contribute them back to Go?" - No. They won't accept the up-streams. See https://github.com/golang/go/issues/30613

2. "How is a one person fork of Go in any way going to ever be more secure than the original which is developed by many people? " - Read the README.

3. "Why should I trust your changes?" - You don't have to. The same reasons you don't have to trust the Github project you're cloning.

4. "Is this actually an adversarial project that will hide and rug pull down the road?" - Read the code.

Sarcasm aside, the objective is "helping to find bugs in Go codebases via built-in security implementations". That's mainly used for fuzzing and testing. Don't deploy you compiled binary on production with that compiler.
conslit
·6 เดือนที่ผ่านมา·discuss
cybergo is a security-focused fork of the Go toolchain. In a very simple phrasing, cybergo is a copy of the Go compiler that finds bugs.
conslit
·6 เดือนที่ผ่านมา·discuss
Finding integer overflows with the Go compiler at fuzz time is now possible.
conslit
·9 เดือนที่ผ่านมา·discuss
Every mountain, building and tree shadow in the world simulated for any date and time.