Usually you see it on your profile or comment when the day comes in 3 months.
Sunshine
joined 9 months ago
MODERATOR OF
We need to ask our developers to switch to Codeberg!
Chad Linux strikes again 💪
cross-posted from: https://rss.ponder.cat/post/211904
Accidentally exposing secrets like API keys, tokens, or credentials in your code opens the door for threat actors to exploit your systems. Such attackers don't stop at one breach; they automate their attacks, move fast, and can potentially compromise entire infrastructure within minutes.
To tackle such scenarios, MongoDB has come up with an open source solution called "Kingfisher".
What's Happening: Launched as an open source tool for detecting secrets in code, file systems, and Git history, Kingfisher was born out of MongoDB's need for a fast, reliable way to identify exposed credentials and prevent security risks before they spiral out of control.
The tool doesn’t just stop there; it can also validate any secrets it finds, as long as they are from supported services, so developers know which keys are still active and risky.
MongoDB has been using Kingfisher internally throughout its development and deployment processes, helping them detect and fix exposed secrets early.
What to Expect: As for how it works, Kingfisher scans code, files, and Git history using various techniques like entropy analysis, real-time validation, pattern matching, and source code parsing for or accurate detection of exposed secrets.
It’s written in Rust and has many handy features like multi-language source parsing with Tree-sitter, high-speed regex matching with Hyperscan, extensible rulesets, cross-platform support, and over 700 built-in detection rules that cover a wide range of cloud services and secret types.
All of this runs on the user’s own systems or infrastructure, ensuring no sensitive data is sent to third-party servers, and there's cross-platform support for Linux, Windows, and macOS. Using Kingfisher also helps security teams stay aligned with SLSA compliance standards.
If you are up for a longer read, then MongoDB has published a detailed blog post explaining how they built Kingfisher.
From It's FOSS News via this RSS feed
4
B.C. Public Safety Minister says program funding targets repeat violent offenders
(energeticcity.ca)
The welfare of all animals concerns vegans. It is very much relevant for this comm.
There are still places in the world that need to be pressured to stop eating dogs.
I’m not so sure as I haven’t used it much.
Magic Earth uses osm data and has traffic info.
All MLAs in British Columbia have a base salary of $119,532. As leader, Brodie will receive an additional $29,883 a year as party leader and Armstrong an additional $11,953.
However, there's already been a split among the three MLAs who left the B.C. Conservative fold; MLA Jordan Kealy, also a former Conservative, did not join One B.C., citing a "disagreement" over party values and leadership.
The emergence of One B.C. means Rustad will be facing challenges to his big tent party on two fronts, said Andrew Reeve, former communications director for the B.C. Liberals-turned-B.C. United.
Former B.C United MLA Karin Kirkpatrick has also launched a new political party called Centre B.C., courting former B.C. Liberals who feel Rustad has taken the Official Opposition too far to the right.
"On certain issues, One B.C. will try to pull [the B.C. Conservatives] apart, probably on the cultural issues," Reeve said. "I don't know if that's a winning strategy in the province. I don't think there's enough voters in the ridings to win, and it's certainly not enough to form government. But it could be enough to split the vote and cause a lot of damage for Rustad."
Aww, thank you Match. I always love seeing you chime in <3
The others are feddit.ch 🇨🇭 & Feddit.de 🇩🇪 respectively
Disappointing as this was one of promises I was most excited for.
Thank you for your contributions 🍻
view more: next ›
The North Atlantic Treaty Organization can apply to Canada, Greenland and Europe.