sget is a keyless safe script retrieval and execution tool

Related tags

DevOps Tools sget
Overview

sget

⚠️ Not ready for use yet!

sget is a keyless safe script retrieval and execution tool

Security

Should you discover any security issues, please refer to sigstores security process

Comments
  • Security Policy violation Branch Protection

    Security Policy violation Branch Protection

    This issue was automatically created by Allstar.

    Security Policy Violation No protection found for branch main


    This issue will auto resolve when the policy is in compliance.

    Issue created by Allstar. See https://github.com/ossf/allstar/ for more information. For questions specific to the repository, please contact the owner or maintainer.

    allstar 
    opened by allstar-app[bot] 12
  • Add release automation

    Add release automation

    Summary

    Builds apk, deb and rpm packages along with binaries for many architectures. All artifacts are signed and sboms are included.

    Release Note

    * Added release automation using goreleaser
    
    opened by nsmith5 5
  • Support fetching from URLs

    Support fetching from URLs

    This adds:

    • sget <URL> to fetch URLs iff a configured trusted identity has signed off on the URL's digest in Rekor
    • sget sign <URL> to keylessly sign the URL+digest using a Fulcio OIDC flow, with the signature appended to Rekor
    • sget trust to configure trusted identities
    • sget <OCI> to fetch blobs in OCI registries (currently without checking signatures)

    This also adds documentation to the README.

    Signed-off-by: Jason Hall [email protected]

    opened by imjasonh 5
  • Bump github/codeql-action from 300c8b6dcbaf905eb250b06113e2e62c340a2d20 to 2.1.11

    Bump github/codeql-action from 300c8b6dcbaf905eb250b06113e2e62c340a2d20 to 2.1.11

    Bumps github/codeql-action from 300c8b6dcbaf905eb250b06113e2e62c340a2d20 to 2.1.11. This release includes the previously tagged commit.

    Changelog

    Sourced from github/codeql-action's changelog.

    CodeQL Action Changelog

    [UNRELEASED]

    No user facing changes.

    2.1.11 - 17 May 2022

    • Update default CodeQL bundle version to 2.9.2. #1074

    2.1.10 - 10 May 2022

    • Update default CodeQL bundle version to 2.9.1. #1056
    • When wait-for-processing is enabled, the workflow will now fail if there were any errors that occurred during processing of the analysis results.

    2.1.9 - 27 Apr 2022

    • Add working-directory input to the autobuild action. #1024
    • The analyze and upload-sarif actions will now wait up to 2 minutes for processing to complete after they have uploaded the results so they can report any processing errors that occurred. This behavior can be disabled by setting the wait-for-processing action input to "false". #1007
    • Update default CodeQL bundle version to 2.9.0.
    • Fix a bug where status reporting fails on Windows. #1042

    2.1.8 - 08 Apr 2022

    • Update default CodeQL bundle version to 2.8.5. #1014
    • Fix error where the init action would fail due to a GitHub API request that was taking too long to complete #1025

    2.1.7 - 05 Apr 2022

    • A bug where additional queries specified in the workflow file would sometimes not be respected has been fixed. #1018

    2.1.6 - 30 Mar 2022

    • [v2+ only] The CodeQL Action now runs on Node.js v16. #1000
    • Update default CodeQL bundle version to 2.8.4. #990
    • Fix a bug where an invalid commit_oid was being sent to code scanning when a custom checkout path was being used. #956

    1.1.5 - 15 Mar 2022

    • Update default CodeQL bundle version to 2.8.3.
    • The CodeQL runner is now deprecated and no longer being released. For more information, see CodeQL runner deprecation.
    • Fix two bugs that cause action failures with GHES 3.3 or earlier. #978
      • Fix not a permitted key invalid requests with GHES 3.1 or earlier
      • Fix RUNNER_ARCH environment variable must be set errors with GHES 3.3 or earlier

    1.1.4 - 07 Mar 2022

    • Update default CodeQL bundle version to 2.8.2. #950
    • Fix a bug where old results can be uploaded if the languages in a repository change when using a non-ephemeral self-hosted runner. #955

    ... (truncated)

    Commits
    • a3a6c12 Merge pull request #1078 from github/update-v2.1.11-657c2f3f
    • 657581e Update changelog for v2.1.11
    • 657c2f3 Merge pull request #1074 from github/edoardo/2.9.2-update
    • 1725087 Update default CodeQL to 2.9.2
    • e655565 Merge pull request #1076 from github/henrymercer/fix-changelog-typo
    • c38e41c Fix a typo in the CHANGELOG
    • 0658e4b Merge pull request #1075 from github/henrymercer/update-actions-tool-cache
    • 54b4854 Bump @​actions/tool-cache to 2.0.0
    • 1fae5bf Merge pull request #1051 from github/henrymercer/run-atm-on-windows
    • 533ce91 Merge remote-tracking branch 'origin/main' into henrymercer/run-atm-on-windows
    • Additional commits viewable in compare view

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    dependencies github_actions 
    opened by dependabot[bot] 3
  • Download from arbitrary HTTP URLs with digest verification

    Download from arbitrary HTTP URLs with digest verification

    Context

    Today sget can fetch content from OCI registries, but not from arbitrary HTTP URLs.

    Importantly, sget's OCI fetching never allows content to be downloaded without content verification. The OCI resource must either be signed and verified, or its digest must be specified by the user.

    Proposal

    As a first step, let's ensure that HTTP downloads are supported only if the user provides an expected digest for the retrieved content. Until sget supports signature verification for HTTP retrievals, providing a digest should be required. Furthermore, sget should verify that the retrieved content's digest matches the user-provided digest before sharing the content with the user.

    (This is Phase 0 from the project Roadmap.)

    Proposed syntax:

    $ sget https://sh.rustup.rs --digest 'sha256:a3cb081f88a6789d104518b30d4aa410009cd08c3822a1226991d6cf0442a0f8'
    

    Open questions

    1. Should sget allow HTTP downloads without TLS? And what about with invalid TLS? With a MITM attack, the content provided to the user would need to match the provided digest, even if the content was intercepted by a malicious actor, or else sget would prevent the user from receiving the content. However, there are other concerns left unaddressed.
    enhancement 
    opened by luhring 3
  • Bump golang.org/x/term from 0.1.0 to 0.2.0

    Bump golang.org/x/term from 0.1.0 to 0.2.0

    Bumps golang.org/x/term from 0.1.0 to 0.2.0.

    Commits
    • f72a2d8 go.mod: update golang.org/x dependencies
    • f6f2839 term: remove unused variable
    • 8365914 go.mod: update golang.org/x dependencies
    • See full diff in compare view

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    dependencies go 
    opened by dependabot[bot] 2
  • Bump github.com/spf13/cobra from 1.5.0 to 1.6.0

    Bump github.com/spf13/cobra from 1.5.0 to 1.6.0

    Bumps github.com/spf13/cobra from 1.5.0 to 1.6.0.

    Release notes

    Sourced from github.com/spf13/cobra's releases.

    v1.6.0

    Summer 2022 Release

    Some exciting changes make their way to Cobra! Command completions continue to get better and better (including adding --help and --version automatic flags to the completions list). Grouping is now possible in your help output as well! And you can now use the OnFinalize method to cleanup things when all "work" is done. Checkout the full changelog below:


    Features 🌠

    Deprecation 👎🏼

    • ExactValidArgs is deprecated (but not being removed entirely). This is abit nuanced, so checkout #1643 for further information and the updated user_guide.md on how this may affect you (and how you can take advantage of the correct behavior in the validators): @​umarcor #1643

    Bug fixes 🐛

    Dependencies 🗳️

    Testing 🤔

    Docs ✏️

    Misc 💭

    Note: Per #1804, we will be moving away from "seasonal" releases and doing more generic point release targets. Continue to track the milestones and issues in the spf13/cobra GitHub repository for more information!

    Great work everyone! Cobra would never be possible without your contributions! 🐍

    ... (truncated)

    Commits

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    dependencies go 
    opened by dependabot[bot] 2
  • Bump github.com/sigstore/rekor from 0.11.0 to 0.12.0

    Bump github.com/sigstore/rekor from 0.11.0 to 0.12.0

    Bumps github.com/sigstore/rekor from 0.11.0 to 0.12.0.

    Commits

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    dependencies go 
    opened by dependabot[bot] 2
  • Bump github.com/go-openapi/swag from 0.22.0 to 0.22.3

    Bump github.com/go-openapi/swag from 0.22.0 to 0.22.3

    Bumps github.com/go-openapi/swag from 0.22.0 to 0.22.3.

    Commits

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    dependencies go 
    opened by dependabot[bot] 2
  • Remove cosign dependency

    Remove cosign dependency

    This temporarily removes OCI signature discovery and verification and replaces it with a TODO.

    The goal is to remove the current bulky cosign dependency and over time replace it with sigstore/sigstore deps which are (hopefully) smaller and a better fit for sget.

    Before: 70 MB executable, 209 deps After: 10 MB executable, 16 deps

    Release Note

    Support for signature verification is temporarily removed, to be re-added before an official release.
    
    opened by imjasonh 2
  • Bump github.com/google/go-containerregistry from 0.11.0 to 0.12.0

    Bump github.com/google/go-containerregistry from 0.11.0 to 0.12.0

    Bumps github.com/google/go-containerregistry from 0.11.0 to 0.12.0.

    Release notes

    Sourced from github.com/google/go-containerregistry's releases.

    v0.12.0

    Changelog

    • 9b4fdd50 Bump actions/setup-go from 2 to 3 (#1463)
    • 7268da01 Bump actions/stale from 5 to 6 (#1452)
    • 7196cf3d Bump aws-actions/configure-aws-credentials from 1.6.1 to 1.7.0 (#1424)
    • 8eae069f Bump codecov/codecov-action from 3.1.0 to 3.1.1 (#1453)
    • 969699e7 Bump deps using ./hack/bump-deps.sh (#1467)
    • c1f9836a Bump opencontainers/image-spec (#1423)
    • 49cdb8b4 Correct usage of authn.NewKeychainFromHelper in docs (#1419)
    • 3ba4c511 Fix tar PAX format handling (#1414)
    • 24a1c335 Ignore docker config if it's a directory (#1420)
    • a0f66878 Make ErrBadName checkable via errors.Is() (#1462)
    • 19e3eff7 Retry ECONNRESET errors (#1415)
    • 5749ee68 Support the platform specific authentication of krane in "auth get" command (#1413)
    • e3b94c7e allow remote.DefaultTransport to be overridden by an http.RoundTripper (#1449)
    • f981b4c0 deps: update goreleaser-action for bug (#1444)
    • 771a9b44 e2e: pull and export stdin and stdout (#1436)
    • 87b3a796 feat: Add krane to release archive (#1443)
    • 2859a0d0 feat: generate slsa provenance on github release artifacts (#1438)
    • 9a5c14ad fix crane's root.go after DefaultTransport change (#1450)
    • 2b54510b fix: consider base image media type when appending layers (#1437)
    • d3ed4089 registry: implement blob deletion (#1432)
    • 3413eb6c registry: implement pagination (#1430)
    • e2d575cf update crane installation instructions and release verification (#1440)

    Container Images

    https://gcr.io/go-containerregistry/crane:v0.12.0 https://gcr.io/go-containerregistry/gcrane:v0.12.0

    For example:

    docker pull gcr.io/go-containerregistry/crane:v0.12.0
    docker pull gcr.io/go-containerregistry/gcrane:v0.12.0
    
    Commits

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    dependencies go 
    opened by dependabot[bot] 1
  • Support ambient OIDC credentials

    Support ambient OIDC credentials

    Description

    sget should be able to detect whether it's running in, for example, GitHub Actions with OIDC enabled, and automagically pick up those creds to sign a URL.

    This would let a release workflow publish some artifact to a URL, then immediately sign it as having come from that GitHub workflow. Users could then sget trust --host=website.com <github repo identity> and automagically trust only things published via GitHub Actions.

    Blocked on https://github.com/sigstore/cosign/issues/1867 unless we want to take a dep on cosign 🚫

    enhancement 
    opened by imjasonh 1
  • Maintainer policy

    Maintainer policy

    In this phase we'll describe how maintainers can set policies for signature requirements on released artifacts, so that consumers of the artifacts can have maximum assurance that the artifact is safe to consume according to maintainers.

    This phase will also include release tooling to make new releases of artifacts/policies/signatures as smooth as possible for maintainers and end users, without sacrificing availability or safety assurances.

    The goal of this phase is to gain adoption among maintainers wishing to make consuming their content even safer for interested users.

    (This is Phase 2 from the project Roadmap.)

    enhancement 
    opened by luhring 0
  • Local policy for trusting artifacts

    Local policy for trusting artifacts

    Building on locally configured trusted identities, sget should further support configuring a local policy for trusted artifacts.

    For example: "I trust identities A, B and C, but need to have sign-off from 2+ of those before trusting an artifact"

    As with Phase 1 (#7), this phase doesn't require any buy-in from maintainers.

    (This is Phase 1.5 from the project Roadmap.)

    enhancement 
    opened by luhring 0
  • Artifact verification via

    Artifact verification via "social proof"

    In the absence of a maintainer-provided policy, sget users can gain assurance about the safety of an artifact by relying on crowd-sourced verification and signatures.

    Signatures will be stored in Rekor, using certificates created by Fulcio's "keyless" OIDC capabilities.

    Before trusting an artifact, users should be able to:

    • see the total number of unique identities that have signed indicating that the artifact is safe to fetch.
    • see a random small subset of those identities.
    • see any identities with email addresses that match the URL's domain.
    • locally configure trusted identities, and trust those identities more than arbitrary public identities.

    The goal of this phase is to encourage adoption of sget by end users wishing to consume content more safely, without requiring any action by maintainers.

    Our options in this phase are necessarily limited and incomplete without some help from maintainers.

    (This is Phase 1 from the project Roadmap.)

    enhancement 
    opened by luhring 0
  • How to figure out the

    How to figure out the "right" policy for each URL?

    The idea is to eventually be able to figure out the "secure way" to fetch every URL. So this would probably involve things like:

    • an ACME-style challenge to prove URL ownership
    • domain-scoping: default sget policies per domain (GitHub could have a default like "a GitHub workload identity corresponding to the repo")
    • tamper-resistance via TUF+transparency logs

    We should start smaller but I like keeping the long-run in mind

    enhancement 
    opened by znewman01 0
Owner
sigstore
software supply chain security
sigstore
Keyless Git signing with cosign!

THIS PROJECT HAS MOVED! See https://github.com/sigstore/gitsign ?? smimecosign Keyless Git signing with cosign! This is heavily inspired by https://gi

Billy Lynch 11 May 12, 2022
Parallel S3 and local filesystem execution tool.

s5cmd Overview s5cmd is a very fast S3 and local filesystem execution tool. It comes with support for a multitude of operations including tab completi

Peak 1.4k Nov 24, 2022
Open Source runtime tool which help to detect malware code execution and run time mis-configuration change on a kubernetes cluster

Kube-Knark Project Trace your kubernetes runtime !! Kube-Knark is an open source tracer uses pcap & ebpf technology to perform runtime tracing on a de

Chen Keinan 32 Sep 19, 2022
DepCharge is a tool designed to help orchestrate the execution of commands across many directories at once.

DepCharge DepCharge is a tool that helps orchestrate the execution of commands across the many dependencies and directories in larger projects. It als

Andrew LeTourneau 23 Sep 27, 2022
Kubernetes-native framework for test definition and execution

████████ ███████ ███████ ████████ ██ ██ ██ ██ ██████ ███████ ██ ██ ██ ██ ██ ██ ██ ██ ██ ██ ██ ██ █████

kubeshop 540 Nov 15, 2022
Go Trusted Execution Environment (TEE)

Introduction The GoTEE framework implements concurrent instantiation of TamaGo based unikernels in privileged and unprivileged modes, interacting with

F-Secure Foundry 65 Nov 9, 2022
KNoC is a Kubernetes Virtual Kubelet that uses an HPC cluster as the container execution environment

Kubernetes Node on Cluster KNoC is a Virtual Kubelet Provider implementation that manages real pods and containers in a remote container runtime by su

Computer Architecture and VLSI Systems (CARV) Laboratory 7 Oct 26, 2022
Test-at-scale - TAS - An intelligent test execution platform for engineering teams to achieve high development velocity

Test At Scale Test Smarter, Release Faster with test-at-scale. Status Table of c

LambdaTest 200 Nov 14, 2022
Shell script to download and set GO environmental paths to allow multiple versions.

gobrew gobrew lets you easily switch between multiple versions of go. It is based on rbenv and pyenv. Installation The automatic installer You can ins

Nick Robinson 193 Nov 3, 2022
🗑️ Cleanup script for macOS

MacCleanup A cleanup script for macOS that cleans up your system. Features By default it performs the following tasks: Empty the Trash on All Mounted

MacCleanup 42 Mar 29, 2022
Simple golang script for getting VK message statistics

vk-message-counter Simple golang script for getting VK message statistics Example package main import ( "fmt" "github.com/joho/godotenv" counter "

Pavel Torbeev 6 Apr 6, 2022
A very simple utility that allows you to run the desired command or script as soon as a certain process with a known PID completes correctly or with an error.

go-monkill A very simple utility that allows you to run the desired command or script as soon as a certain process with a known PID completes correctl

Michael Savin 6 Mar 31, 2022
This script search print debug from PHP code.

go-php-print-debug This script search print debug from PHP code. Checking "print", "print_r", "var_dump", "var_export", "echo" as print debug. Exclude

kota oue 0 Jan 15, 2022
A Go script that makes your GitHub contribution activity panel look awesome! Display a message !

GitHub contributions generator A script written in Go, which goal is to make your GitHub contributions graph the way you want it to be. The goal of th

Aliash 17 Nov 21, 2022
Image clone controller is a kubernetes controller to safe guard against the risk of container images disappearing

Image clone controller image clone controller is a kubernetes controller to safe guard against the risk of container images disappearing from public r

Jayadeep KM 0 Oct 10, 2021
Chai - type safe http handlers with automatic swagger generation

chai Description chai is an extension for a few popular http routers that adds s

null 22 Feb 25, 2022
Generic sharded thread safe LRU cache in Go.

cache Cache is a thread safe, generic, and sharded in memory LRU cache object. This is achieved by partitioning values across many smaller LRU (least

Christopher Cooper 11 Sep 12, 2022
Nycmesh-tool - nycmesh-tool CLI

nycmesh-tool nycmesh-tool CLI Features At the moment, the tool is pretty sparse. It provides the top level nycmesh-tool command, with subcommands for:

Gabe Conradi 1 Jun 17, 2022
Terraform-equinix-migration-tool - Tool to migrate code from Equinix Metal terraform provider to Equinix terraform provider

Equinix Terraform Provider Migration Tool This tool targets a terraform working

Equinix 1 Feb 15, 2022