aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorPaul Duncan <pabs@pablotron.org>2022-07-14 12:34:53 -0400
committerPaul Duncan <pabs@pablotron.org>2022-07-14 12:34:53 -0400
commitdecd2d71faca15ed5790cd8050ce889ec2ea795f (patch)
treeed867c6595ab791f284ba61aa45b126b252bcf44
parent6383bdad881378f086fcd20914d7426717464ee9 (diff)
downloadpablotron.org-decd2d71faca15ed5790cd8050ce889ec2ea795f.tar.bz2
pablotron.org-decd2d71faca15ed5790cd8050ce889ec2ea795f.zip
TODO.md: refine several ideas
-rw-r--r--TODO.md12
1 files changed, 10 insertions, 2 deletions
diff --git a/TODO.md b/TODO.md
index 3cb11f7..3d0275a 100644
--- a/TODO.md
+++ b/TODO.md
@@ -64,6 +64,7 @@ this stuff may not make any sense.
* detailed results are interesting
* my tools 2021 (vim, irssi, screen, mutt/offlineimap/notmuch, irb, git, bash)
* buttcoin:
+ * https://www.theonion.com/man-who-lost-everything-in-crypto-just-wishes-several-t-1848764551
* tulip mania
* nerd sniping
https://www.jwz.org/blog/2022/01/mozilla-blinked/
@@ -148,12 +149,14 @@ this stuff may not make any sense.
* needed in a package manager
- organizational namespacing
- signing and/or global subdb
+ <https://blog.tidelift.com/the-state-of-package-signing-across-package-managers>
- declarative install
- typosquatting (see sqo vulns from may email)
- starsquatting (requests, phpass): https://medium.com/checkmarx-security/typosquatting-attack-on-requests-one-of-the-most-popular-python-packages-3b0a329a892d
- ref: https://kerkour.com/rust-crate-backdoor
- (related, semver is garbage)
<https://www.linode.com/blog/security/linode-security-digest-rubygems-and-rsyslogs-vulnerabilities/>
+ <https://earthly.dev/blog/programming-language-improvements/>
- (problems w/ go modules)
* radare2, ghidra
* what would git look like with modern hash (sha-512/256/blake3), data
@@ -178,8 +181,12 @@ this stuff may not make any sense.
* markovian (golang markov chain generator)
* secure C wiki is confluence!?!?
<https://wiki.sei.cmu.edu/confluence/display/c/SEI+CERT+C+Coding+Standard>
-* go-import support
- <https://go.dev/ref/mod#vcs-find>
+* write about go-import support <https://go.dev/ref/mod#vcs-find>
+* fuzzing (afl)
+ <https://www.fuzzingbook.org/>
+ <https://wfuzz.readthedocs.io/en/latest/>
+* update mathyd add link to texbox/texoid:
+ <https://pypi.org/project/texoid/>
## done
* add project folders
@@ -225,3 +232,4 @@ this stuff may not make any sense.
- https://blog.suborbital.dev/foundations-wasm-in-golang-is-fantastic
- see notes in ~/git/test/go/wasm/
* HTML escaping benchmarks (`git/fastest-js-html-escape`)
+* go-import support <https://go.dev/ref/mod#vcs-find>