Open Source

31737 readers
126 users here now

All about open source! Feel free to ask questions, and share news, and interesting stuff!

Useful Links

Rules

Related Communities

Community icon from opensource.org, but we are not affiliated with them.

founded 5 years ago
MODERATORS
451
452
 
 

"Create P2P tunnels instantly that bypass any network, firewall, NAT restrictions and expose your local network to the internet securely, no Dynamic DNS required."

453
454
 
 

I want to showcase the project I have been working on for the last weeks. GitHub and Gitea/Forgejo allow you to upload files and directories created during a continuous integration run (Artifacts). These can be downloaded as zip files. However there is no simple way to view individual files of an artifact.

That's why I developed a small web application that allows you to view the artifacts of any CI run in your web browser. This allows you to quickly look at test reports or preview your web projects.

I am hosting a public instance with support for GitHub and Codeberg under https://av.thetadev.de/.

Features

  • πŸ“¦ Quickly view CI artifacts in your browser without messing with zip files
  • πŸ“‚ File listing for directories without index page
  • 🏠 Every artifact has a unique subdomain to support pages with absolute paths
  • 🌎 Full SPA support with 200.html and 404.html fallback pages
  • πŸ‘οΈ Viewer for Markdown, syntax-highlighted code and JUnit test reports
  • 🐡 Greasemonkey userscript to automatically add a "View artifact" button to GitHub/Gitea/Forgejo
  • πŸ¦€ Fast and efficient, only extracts files from zip archive if the client does not support gzip
  • πŸ”— Automatically creates pull request comments with links to all build artifacts

Examples

Here are some artifacts to try:

SveltePress documentation site: https://cb--thetadev--artifactview--28-2.av.thetadev.de/

A bunch of test files: https://cb--thetadev--artifactview--28-1.av.thetadev.de/

Artifactview's own test report: https://cb--thetadev--artifactview--65-1.av.thetadev.de/junit.xml?viewer=1

Automatically created pull request comment: https://codeberg.org/ThetaDev/artifactview/pulls/2

455
456
457
 
 

Does anyone know the status of #funkwhale? The website (funkwhale.audio) has been down for a couple days now. #fediverse @opensource

458
 
 

A lot of old games have become unplayable on modern hardware and operating systems. I wrote an article about how making games open source will keep them playable far into the future.

I also discuss how making games open source could be beneficial to developers and companies.

Feedback and constructive criticism are most welcome, and in keeping with the open source spirit, I will give you credit if I make any edits based on your feedback.

459
460
 
 

Cross-posting to the OpenSource community as I think this topic will also be of interest here.

This is an analysis of how "open" different open source AI systems are. I am also posting the two figures from the paper that summarize this information below.

ABSTRACT

The past year has seen a steep rise in generative AI systems that claim to be open. But how open are they really? The question of what counts as open source in generative AI is poised to take on particular importance in light of the upcoming EU AI Act that regulates open source systems differently, creating an urgent need for practical openness assessment. Here we use an evidence-based framework that distinguishes 14 dimensions of openness, from training datasets to scientific and technical documentation and from licensing to access methods. Surveying over 45 generative AI systems (both text and text-to-image), we find that while the term open source is widely used, many models are β€˜open weight’ at best and many providers seek to evade scientific, legal and regulatory scrutiny by withholding information on training and fine-tuning data. We argue that openness in generative AI is necessarily composite (consisting of multiple elements) and gradient (coming in degrees), and point out the risk of relying on single features like access or licensing to declare models open or not. Evidence-based openness assessment can help foster a generative AI landscape in which models can be effectively regulated, model providers can be held accountable, scientists can scrutinise generative AI, and end users can make informed decisions.

Figure 2 (click to enlarge): Openness of 40 text generators described as open, with OpenAI’s ChatGPT (bottom) as closed reference point. Every cell records a three-level openness judgement (βœ“ open, ∼ partial or βœ— closed). The table is sorted by cumulative openness, where βœ“ is 1, ∼ is 0.5 and βœ— is 0 points. RL may refer to RLHF or other forms of fine-tuning aimed at fostering instruction-following behaviour. For the latest updates see: https://opening-up-chatgpt.github.io

Figure 3 (click to enlarge): Overview of 6 text-to-image systems described as open, with OpenAI's DALL-E as a reference point. Every cell records a three-level openness judgement (βœ“ open, ∼ partial or βœ— closed). The table is sorted by cumulative openness, where βœ“ is 1, ∼ is 0.5 and βœ— is 0 points.

There is also a related Nature news article: Not all β€˜open source’ AI models are actually open: here’s a ranking

PDF Link: https://dl.acm.org/doi/pdf/10.1145/3630106.3659005

461
462
463
 
 

p2p.positive-intentions.com

github.com/positive-intentions/p2p

a thin wrapper around peerjs with some functionalities for "intuitive" p2p communication.

this is a lighweight version of what is being used in our chat app. it will be developed with the aim to replace what is being used.

this is early development on this and it's missing all the bells-and-whistles seen in the chat app. It's an unstable experimental work-in-progress. it may contain bugs and/or incomplete features. provided for demo and educational purposes only.

464
465
466
 
 

Meet the new projects

Trustworthy hardware and manufacturing

Collection of Verified multi-platform Gatewares β€” Comprehensive repository of open source gateware designs
Flashkeeper β€” Write Protection on SOIC-8 flash chips without soldering
foaHandler β€” Reverse engineer the OpenAccess file format
FPGA-ISP-UVM-USB2 β€” Open hardware FPGA-based USB webcam
MEGA65 Phone Modular MVP β€” OSHW mobile device with form-factor of hand-held game consoles
nextpnr for GW-5 β€” Add support to nextpnr for Gowin GW-5 FPGA family
VexiiRiscv β€” Next generation of the VexRiscv in-order FPGA softcore

Network infrastructure incl. routing, P2P and VPN

Movedata β€” Privacy-preserving, energy efficient data replication and verification
NixBox β€” Nix integration with netbox
OpenHarbors β€” Dynamic Tunneling of WPA over IP/L2TP
Toward a Fully-Verified SCION Router β€” Formal verification of the reference open source SCION Router

Software engineering, protocols, interoperability, cryptography, algorithms, proofs

Diesel β€” Safe and performant query builder and ORM written in Rust
lib1305 β€” Microlibrary for Poly1305 hashing
libvips β€” Add animated PNG and enhanced JPEG XL support to libvips
MailBox renewal β€” Performance upgrade of MailBox mail modules
PTT β€” Unikernel Mailing list server in OCAML
Support for OpenPGP v6 in rPGP β€” Implement draft-ietf-openpgp-crypto-refresh in rPGP
Tracing and rebuilding packages β€” Improved metadata/provenance for build artifacts
UnifiedPush β€” Decentralized and open-source push notification protocol

Operating Systems, firmware and virtualisation

Arcan-A12 Directory β€” Server side scripting API for Arcan's directory server
Arcan-A12 Tools β€” A12 clients for different platforms and devices such as drawing tablets
postmarketOS daemons β€” Add modern service daemons to postmarketOS
Redox OS Unix-style Signals β€” Add Unix-style signal handling to Redox Operating System
TrenchBoot as Anti Evil Maid - UEFI boot mode support β€” Add UEFI to the Qubes integration of Trenchboot with AEM
tslib β€” Better configuration and callibration of touchscreen devices
Wayland input method support β€” Better specification for Wayland input methods

Measurement, monitoring, analysis and abuse handling

Back2Source next β€” Better matching of binaries with source code
Enhance the vulnerability database β€” Enhance the VulnerableCode vulnerability database
LANShield β€” Constrain local network access for mobile devices
OWASP dep-scan β€” Security and risk audit tool

Middleware and identity

Client Proof-of-Work in TLS β€” Mitigation against DoS amplification on the TLS handshake

Data and AI

LabPlot β€” Scientific and engineering data analysis and visualisation

Services + Applications (e.g. email, instant messaging, video chat, collaboration)

bluetuith β€” Bluetooth connection/device manager for the terminal
Draupnir β€” Moderation bot for Matrix servers
Gancio β€” Shared agenda for local communities that supports Activity Pub
Miru β€” Multi-track video editing and real-time AR effects
Openfire IPv6 support β€” Add IPv6 support to the Openfire XMPP server

Vertical use cases, Search, Community

COCOLIGHT β€” Lightweight version of Communecter
OpenCarLink β€” Security tooling for vehicle ODB2 ports

Still hungry for more projects? Check out the overview of all our current and recent projects...

467
468
469
54
Drones (lemmy.world)
submitted 6 months ago by Dust0741@lemmy.world to c/opensource@lemmy.ml
 
 

Can y'all help get me started with open source drone stuff? Ideally sub 250g. I'm looking to get into the hobby, and don't have anything. Recommendations for controllers, SIMs etc would also be nice.

470
 
 

cross-posted from: https://infosec.pub/post/13676291

I've been building MinimalChat for a while now, and based on the feedback I've received, it's in a pretty decent place for general use. I figured I'd share it here for anyone who might be interested!

Quick Features Overview:

  • Mobile PWA Support: Install the site like a normal app on any device.
  • Any OpenAI formatted API support: Works with LM Studio, OpenRouter, etc.
  • Local Storage: All data is stored locally in the browser with minimal setup. Just enter a port and go in Docker.
  • Experimental Conversational Mode (GPT Models for now)
  • Basic File Upload and Storage Support: Files are stored locally in the browser.
  • Vision Support with Maintained Context
  • Regen/Edit Previous User Messages
  • Swap Models Anytime: Maintain conversational context while switching models.
  • Set/Save System Prompts: Set the system prompt. Prompts will also be saved to a list so they can be switched between easily.

The idea is to make it essentially foolproof to deploy or set up while being generally full-featured and aesthetically pleasing. No additional databases or servers are needed, everything is contained and managed inside the web app itself locally.

It's another chat client in a sea of clients but it is unique in its own ways in my opinion. Enjoy! Feedback is always appreciated!

Self Hosting Wiki Section https://github.com/fingerthief/minimal-chat/wiki/Self-Hosting-With-Docker

I thought sharing here might be a good idea as well, some might find it useful!

I've added some updates since even the initial post which gave a huge improvement to message rendering speed as well as added a plethora of new models to choose from and load/run fully locally in your browser (Edge and Chrome) with WebGPU and WebLLM

471
472
 
 

Situation: You run a website and want users to have to do some amount of work in order to activate a function in your code. The "function" can be anything: creating an account, receiving some kind of in-game token/reward, dispensing coins from a faucet, whatever. Captchas are becoming increasingly both increasingly complex and increasingly useless against spam attacks. Various "proof of personhood" options are available (SMS verification etc) but come with downsides as well.

An obvious alternative to captchas is some kind of "proof work" scheme where the user has to run a certain number of hash calculations. This is cheap for individual users but expensive for spammers to spam, and could even net you a little crypto if you wanted it to. This, for example, is the approach used by Tor's anonymity network help prevent DDoS attacks. This is fine, but it serves no other purpose and uses lots of of energy. Though in Tor's implementation, it is only occasionally used as opposed to being used for every request.

My script is a "proof of useful work" captcha alternative. The user must download and process a chosen amount of workunits from a chosen BOINC project(s). This work is "useful" because it contributes to scientific research. BOINC is a software for distributed/volunteer computing and its used by scientists all over the world including the Large Hadron Collider (CERN) to offload expensive computation to the machines of volunteers. My script downloads stats from the BOINC projects and verifies the user has completed the work. If the user is a pre-existing BOINC user, they will already have sufficient credit to instantly activate the function on the site.

The default setup for this software is as a "crypto faucet", but you can plug-in any function you want: anti-spam, user registration, whatever. It calculates a cost for the "work" and makes sure it dispenses less than the cost, making sure no user has incentive to use the faucet more than a few times since it would cheaper for the user to just do the work on their own without the faucet acting as a middleman.

Downside of this tool is that the user may take some time to accumulate the credit (unless they are an existing BOINC user with credit) and the BOINC projects only report updated credit once every 24 hours (though if you ran your own BOINC project for this purpose, you could get this time down much lower). So while this can be good for longer-term tasks (such as giving an in-game reward to users who contribute to science), it is not quick. They also have to download and run BOINC (and change their username at a BOINC project), which is a big step compared to a captcha. In an ideal world, the BOINC work could be completed in the browser instead of by downloading BOINC, I believe folding at home had a client that could do this at one point.

Anyways, I think it's an interesting idea. Maybe you do too and can use it to your advantage somehow.

473
 
 

Noticed this on Fdroid recently, it has a really nice UI and auto generates real barcodes from images. Their document scanner app is pretty nice too. It seems like early development so I'm excited to see it improve from here!

474
 
 

So this utility given a directory or path, will move randomly files in subdirectories and will move subdirectories randomly too. CAREFUL, if given system directory it will probably trash the system, equivalent of doing rm -rf /, except all the files are still there! :)

I don't know why I came up with this idea nor if its original but its mine.

You might ask, whats the use case, well that's an interesting question, you know why? Because... πŸƒ

(Of course, I'm open to feedback.)

475
51
Decentralized Encrypted P2P Chat (chat.positive-intentions.com)
submitted 6 months ago* (last edited 6 months ago) by positive_intentions@lemmy.ml to c/opensource@lemmy.ml
 
 

chat.positive-intentions.com

https://github.com/positive-intentions/chat

I'm excited to share with you an instant messaging application I've been working on that might interest you. This is a chat app designed to work within your browser, with a focus on browser-based security and decentralization.

What makes this app unique is that it doesn't rely on messaging servers to function. Instead, it works based on your browser's javascript capabilities, so even low-end devices should work.

Here are some features of the app:

  • Encrypted messaging: Your messages are encrypted, making them more secure.
  • File sharing: Easily share files using WebRTC technology and QR codes.
  • Voice and video calls: Connect with others through voice and video calls.
  • Shared virtual space: Explore a shared mixed-reality space.
  • Image board: Browse and share images in a scrollable format.

Your security is a top priority. Here's how the app keeps you safe:

  • Decentralized authentication: No central server is required for login, making it harder for anyone to gain unauthorized access.
  • Unique IDs: Your ID is cryptographically random, adding an extra layer of security.
  • End-to-end encryption: Your messages are encrypted from your device to the recipient's device, ensuring only you and the recipient can read them.
  • Local data storage: Your data is stored only on your device, not on any external servers.
  • Self-hostable: You have the option to host the app on your own server if you prefer.

The app is still in the early stages and I'm exploring what's possible with this technology. I'd love to hear your feedback on the idea and the current state of the app. If you have any feature requests or ideas, I'm all ears in the comments below!

Looking forward to hearing your thoughts!

The live app

About the app

Docs

view more: β€Ή prev next β€Ί