Coder Social home page Coder Social logo

armor's People

Contributors

arobinson-r7 avatar bogawa-r7 avatar camci-r7 avatar jinq102030 avatar jyeung-r7 avatar ovega-r7 avatar simonirwin-r7 avatar vjiandani-r7 avatar

Stargazers

 avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar

Watchers

 avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar

Forkers

vikpj isabella232

armor's Issues

Redo armor-tools in golang

The armor tools package should probably just be built using golang. Using binaries to read the armor data would be a much easier way to build ways to look at the armor files as well as to build/package and deploy.

Potential security vulnerability in the zstd C library.Can you help upgrade to patch versions?

Hi, @alappin-r7, @camci-r7 , I'd like to report a vulnerability issue in com.rapid7:armor-read:0.0.52.

Issue Description

I noticed that com.rapid7:armor-read:0.0.52 directly depends on com.github.luben:zstd-jni:v1.3.5-4 in the pom. However, as shown in the following dependency graph, com.github.luben:zstd-jni:v1.3.5-4 sufferes from the vulnerabilites which the C library zstd(version:1.3.5) exposed: CVE-2021-24031, CVE-2019-11922.

Dependency Graph between Java and Shared Libraries

image (12)

Suggested Vulnerability Patch Versions

com.github.luben:zstd-jni:v1.4.9-1 (>=v1.4.9-1) has upgraded this vulnerable C library zstd to the patch version 1.4.9.

Java build tools cannot report vulnerable C libraries, which may induce potential security issues to many downstream Java projects. Could you please upgrade this vulnerable dependency?
By the way, same issue seems also occurs in the com.rapid7:armor-write:0.0.52.

Thanks for your help~
Best regards,
Helen Parr

Automate and test out transactions at the shard and not table level.

Currently the library supports supports transactions at the table level. Reducing it down to the shard level will allow it to divide the work up faster and ingestion deployments to deploy at a much faster rate than before. This will also give users the ability to lock at the shard and not table level which is more useful.

Implement a strong transaction model.

The current transaction model puts a lot of trust in the user establish isolation. To enforce better isolation if the user has a bug, we should generation a transaction value that contains the previous transaction value it is based on. Thus when the user commits, we know their transaction and the previous transaction it was based on.

Current validation maintains the submitted transaction doesn't match current or previous..but that isn't strong enough.

Redo capture writes to have a limit and a ordering. Also write captures seems to only capture 1 column.

Capture writes was built to capture all write requests for a given org. It has proven valuable for debugging and replaying data though we need to redo a little of it to make it easier to work with.

  1. Cap the number of captures. Reason being this could be easily abused and explode if users aren't properly managing their capture.
  2. Currently the first thing it captures in the list is by transaction id which doesn't have much value for replaying. You'd want to list by date first. Doing this you'd know the order of operations which is important.

Design system to add different indexes to file format.

Besides the entity index that is present in the file format, there is potential to add other types of indexes to the format to boost performance such as reverse index, bitmap indexes, sorted indexes, etc. It is quite possible to add more indexes to the file format for readers to leverage to filter, reduce, sort at much earlier stages of the query workflow pipeline.

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    ๐Ÿ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. ๐Ÿ“Š๐Ÿ“ˆ๐ŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google โค๏ธ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.