
Security News
GitHub Actions Supply Chain Attack Puts Thousands of Projects at Risk
A compromised GitHub Action exposed secrets in CI/CD logs, putting thousands of projects at risk and forcing developers to urgently secure their workflows.
github.com/DeedleFake/wdte
WDTE is a simple, functional-ish, embedded scripting language.
Good question. In fact, I found myself asking the same thing, hence the name.
I had a number of design goals in mind when I started working on this project:
If you want to try the language yourself, feel free to take a look at the playground. It shows not only some of the features of the language in terms of actually writing code in it, but also how embeddable it is. The playground runs entirely in the browser on the client's end thanks to WebAssembly.
package main
import (
"fmt"
"os"
"strings"
"github.com/DeedleFake/wdte"
)
const src = `
let i => import 'some/import/path/or/another';
i.print 3;
+ 5 2 -> i.print;
`
func im(from string) (*wdte.Scope, error) {
var print wdte.GoFunc
print = wdte.GoFunc(func(frame wdte.Frame, args ...wdte.Func) wdte.Func {
if len(args) < 1 {
return print
}
a := args[0].Call(frame)
fmt.Println(a)
return a
})
return wdte.S().Map(map[wdte.ID]wdte.Func{
"print": print,
}), nil
}
func main() {
m, err := wdte.Parse(strings.NewReader(src), wdte.ImportFunc(im))
if err != nil {
fmt.Fprintf(os.Stderr, "Error parsing module: %v\n", err)
os.Exit(1)
}
scope := wdte.S().Sub("+", wdte.GoFunc(func(frame wdte.Frame, args ...wdte.Func) wdte.Func {
var sum wdte.Number
for _, arg := range args {
sum += arg.Call(frame).(wdte.Number)
}
return sum
}))
m.Call(wdte.F().WithScope(scope))
}
3
7
For an overview of the language's design and features, see the GitHub wiki.
WDTE is in a pre-alpha state. It is filled with bugs and large amounts of stuff are subject to change without warning. That being said, if you're interested in anything, feel free to submit a pull request and get things fixed and/or implemented faster.
FAQs
Unknown package
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
A compromised GitHub Action exposed secrets in CI/CD logs, putting thousands of projects at risk and forcing developers to urgently secure their workflows.
Research
Security News
A malicious Maven package typosquatting a popular library is secretly stealing OAuth credentials on the 15th of each month, putting Java developers at risk.
Security News
Socket and Seal Security collaborate to fix a critical npm overrides bug, resolving a three-year security issue in the JavaScript ecosystem's most popular package manager.