mihaigalos / aim Goto Github PK

aim doesn't currently show the reply when an upload happens, this makes services like transfer.sh or 0x0.st unusable

usage
aim file.txt http://0x0.st
aim file.txt http://transfer.sh/file.txt

example curl

curl -F [email protected] http://0x0.st
link to file here

curl --upload-file file.txt https://transfer.sh/file.txt
link to file here 

Crate twoway deprecated by the author

The commit e99b3c7 releasing version 0.2.2 explicitely deprecates twoway in favour of memchr crate.

See advisory page for additional details.

See also:

• https://github.com/genonullfree/teleport
• https://gitlab.com/skubalj/serve-directory/-/tree/main
• https://github.com/kettle11/devserver

This currently fails, especially in the case of a Man-in-the-Middle corporate certificates.

webpki: CPU denial of service in certificate path building

When this crate is given a pathological certificate chain to validate, it will
spend CPU time exponential with the number of candidate certificates at each
step of path building.

Both TLS clients and TLS servers that accept client certificate are affected.

This was previously reported in
<briansmith/webpki#69> and re-reported recently
by Luke Malinowski.

rustls-webpki is a fork of this crate which contains a fix for this issue
and is actively maintained.

See advisory page for additional details.

buf_redux is Unmaintained

Last release was over three years ago.

The maintainer(s) have been unreachable to respond to any issues that may or may not include security issues.

The repository is now archived and there is no security policy in place to contact the maintainer(s) otherwise.

The safety-undocumented unsafe in the crate may or may not be safe to use.

The crate also has a current future incompatibility warning buf_redux/23.

Possible Alternatives

The below may or may not provide alternative(s)

• Rust alloc / std vec::Vec, collections::VecDeque
• buffer-redux - fork
• bytes
• crates.io search for 'buffer'

See advisory page for additional details.

This enables hashing the file without copying it into memory.
From here:

use sha2::{Sha256, Digest};
use std::{io, fs};

let mut hasher = Sha256::new();
let mut file = fs::File::open("file.tar.gz")?;

let bytes_written = io::copy(&mut file, &mut hasher)?;
let hash_bytes = hasher.finalize();

Use / for diving into folders, Enter to download file or whole folder.
Possible solutions via fzf/skim augmented navigation.

This issue lists Renovate updates and detected dependencies. Read the Dependency Dashboard docs to learn more.

Open

These updates have all been created already. Click a checkbox below to force a retry/rebase of any.

• Update Rust crate clap to 4.1.8
• Update Rust crate crossbeam-utils to 0.8.15
• Update Rust crate warpy to 0.3.7
• Update Rust crate tokio to 1.26.0
• Click on this checkbox to rebase all open PRs at once

Ignored or Blocked

These are blocked by an existing closed PR and will not be recreated unless you click a checkbox below.

• Update Rust crate ssh2 to 0.9.4
• Update Rust crate rust-s3 to 0.32.3

Detected dependencies

• Check this box to trigger a request for Renovate to run again on this repository

Currently, transferred bytes is hard-coded to zero.
A restart from a specific byte is necessary. The already transferred number of bytes should be fetched from the remote here.

Description: Syntax highlighter for git.
Delta provides language syntax-highlighting, within-line insertion/deletion
detection, and restructured diff output for git on the command line.

See this.

extern crate ssh2;

use std::net::TcpStream;
use ssh2::Session;
use std::path::Path;
use std::fs::File;
use indicatif::ProgressBar;

fn main() -> Result<(), Box<std::error::Error>> {
    let ssh_host_port = "prokerala.com:22";
    let ssh_user = "prokeral";
    let remote_temp_file = "/tmp/dbimport_Rk6Iwwm5.sql.bz2";

    let tcp = TcpStream::connect(&ssh_host_port).unwrap();
    let mut sess = Session::new().unwrap();
    sess.handshake(&tcp).expect("SSH handshake failed");
    let _ = sess.userauth_agent(ssh_user);

    let path = Path::new(&remote_temp_file);
    let (mut remote_file, stat) = sess.scp_recv(path).unwrap();

    let stream:ssh2::Stream = remote_file.stream(1);

    // Update: solved by using io::copy as suggested by @apemanzilla below
    // let mut target = File::create("/tmp/done.txt").unwrap();
    // let pb = ProgressBar::new(stat.size());
    // std::io::copy(&mut pb.wrap_read(remote_file), &mut target)?;
    Ok(())
}

mosh.io
https://github.com/mobile-shell/mosh

This is ssh, just better.

Like aim for ssh.

I suggest supporting it 😇

Where does the name come from? Maybe not a big issue, but ABINIT package has aim executable, too. See the doc. (abinit package is available in the universe/science repository of Ubuntu.)

#52 will introduce async sftp support.
The complexity of offering async ssh support (including resumable streams) is then low.

See this.

---
name: 'build images'

on:
  push:
    branches:
      - master

jobs:
  docker:
    runs-on: ubuntu-latest
    steps:
      - name: Checkout
        uses: actions/checkout@v2

      - name: Prepare
        id: prep
        run: |
          DOCKER_IMAGE=${{ secrets.DOCKER_USERNAME }}/${GITHUB_REPOSITORY#*/}
          VERSION=latest
          SHORTREF=${GITHUB_SHA::8}

          # If this is git tag, use the tag name as a docker tag
          if [[ $GITHUB_REF == refs/tags/* ]]; then
            VERSION=${GITHUB_REF#refs/tags/v}
          fi
          TAGS="${DOCKER_IMAGE}:${VERSION},${DOCKER_IMAGE}:${SHORTREF}"

          # If the VERSION looks like a version number, assume that
          # this is the most recent version of the image and also
          # tag it 'latest'.
          if [[ $VERSION =~ ^[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}$ ]]; then
            TAGS="$TAGS,${DOCKER_IMAGE}:latest"
          fi

          # Set output parameters.
          echo ::set-output name=tags::${TAGS}
          echo ::set-output name=docker_image::${DOCKER_IMAGE}

      - name: Set up QEMU
        uses: docker/setup-qemu-action@master
        with:
          platforms: all

      - name: Set up Docker Buildx
        id: buildx
        uses: docker/setup-buildx-action@master

      - name: Login to DockerHub
        if: github.event_name != 'pull_request'
        uses: docker/login-action@v1
        with:
          username: ${{ secrets.DOCKER_USERNAME }}
          password: ${{ secrets.DOCKER_PASSWORD }}

      - name: Build
        uses: docker/build-push-action@v2
        with:
          builder: ${{ steps.buildx.outputs.name }}
          context: .
          file: ./Dockerfile
          platforms: linux/amd64,linux/arm64,linux/ppc64le
          push: true
          tags: ${{ steps.prep.outputs.tags }}

Seems there's a pipe problem with i.e. large html files.

cargo run https://nixos.org/nixos/about.html | htmlq  --text .main

• Use i.e.: *.mp3, *.* for file matching.
• Use i.e.: **/*.mp3 for recursive file matching.

ansi_term is Unmaintained

The maintainer has adviced this crate is deprecated and will not
receive any maintenance.

The crate does not seem to have much dependencies and may or may not be ok to use as-is.

Last release seems to have been three years ago.

Possible Alternative(s)

The below list has not been vetted in any way and may or may not contain alternatives;

• anstyle
• nu-ansi-term
• yansi

See advisory page for additional details.

dotenv is Unmaintained

dotenv by description is meant to be used in development or testing only.

Using this in production may or may not be advisable.

Alternatives

The below may or may not be feasible alternative(s):

• dotenvy

See advisory page for additional details.

Currently not possible to perform PUT operations when self-hosting the http server (i.e. via aim .).

stdweb is unmaintained

The author of the stdweb crate is unresponsive.

Maintained alternatives:

• wasm-bindgen
• js-sys
• web-sys

See advisory page for additional details.

Because of a missing schema definition (sftp), aim is currently using a hard fork of rust-url.
This means cargo publish will fail in the CD pipeline, because we cannot publish a crate that relies on git deps.

This PR tried to contribute changes upstream but got closed.

url-parse, once reaching maturity, will be able to unblock the blocked pipeline.

In order to ease the evaluation process, is it suggested to compare aim with other products, such as aria2 and wget.

Particularly, I am interested if aim handles multi source downloads, metalinks and torrents.

Also, I like to congratulate you to what looks like an awesome piece of software ☺️

xml-rs is Unmaintained

xml-rs is a XML parser has open issues around parsing including integer
overflows / panics that may or may not be an issue with untrusted data.

Together with these open issues with Unmaintained status xml-rs
may or may not be suited to parse untrusted data.

Alternatives

• quick-xml

See advisory page for additional details.