Comments (3)
mrinalwadhwa
commented on June 7, 2024
1
@younes-io #7353 and #7354 are great additions so I merged them and then deleted the wrapper in #7360. This way we'll have your improvements if we ever decide to revive the wrapper.
Thank you for all the contributions and the feedback!
from ockam.
mrinalwadhwa
commented on June 7, 2024
@younes-io love that type of review and feedback! Thank you for that.
I'm not certain that we want to maintain the Typescript wrapper around Ockam Command. Are you thinking of using it for something?
The wrapper is a prototype we played around with several months ago for a specific scenario from someone in our community. In that scenario the to argument from TCPInlet.create(...) was coming from a trusted source. In the threat model of that case - someone who could provide a malicious input to TCPInlet.create(...) could also simply run rm -rf .. on the command line.
If we do decide to maintain the wrapper then I agree we should add more sanitization of inputs so someone doesn't accidentally use it for a scenario where the threat model is different.
I'm leaning towards deleting the wrapper prototype instead. Let me know if you have a use case for it in mind. If so, I'd happily reconsider.
from ockam.
younes-io
commented on June 7, 2024
Thanks for considering my feedback =)
My primary concern is ensuring secure code. If the wrapper isn't essential and poses potential security risks, removing it seems reasonable. Oh, and I don't have any use case for the TS impl
from ockam.
Related Issues (20)
- Calling `make nix_elixir_build_ockly` on macos fails to build ockly crate on develop HOT 1
- Add a bats test checking that the user creating a project, has the ability to enroll new enrollers into it
- Easy workflow to reliably measure latency within ockam
- Improve ockam routing performance
- Better error reporting for secure channel API client
- Creating an identity on a aws kms vault fails
- Flow to benchmark the project performance on EC2
- Diagnose why this Elixir test sometimes fails in CI
- Replace unmaintained transitive dependency `yaml-rust`
- Report unused dependencies in CI HOT 1
- Improve type-safety for Identity arguments in `ockam_command`
- Ockam example runs automated tests to ensure examples don't break
- Redpanda serverless are working and supported
- Kafka inlet and outlet supports ABAC policies
- Single command stress test project environments
- Allow to use `self` route to specify the same node
- Kafka consumer/producer/direct are replaced by Kafka inlet/outlet
- Kafka examples are using the new `kafka-inlet create`
- Portals excert backpressure
- Rust relays behaves like project relays
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from ockam.