![Maven Central Adds Sigstore Signature Validation](https://cdn.sanity.io/images/cgdhsj6q/production/7da3bc8a946cfb5df15d7fcf49767faedc72b483-1024x1024.webp?w=400&fit=max&auto=format)
Security News
Maven Central Adds Sigstore Signature Validation
Maven Central now validates Sigstore signatures, making it easier for developers to verify the provenance of Java packages.
github.com/frrad/ski-graphs
First install the binary with
cd /tmp && GO111MODULE=on go get github.com/frrad/ski-graphs
Then install InfluxDB 2.0+
Setup some crons to fetch from APIs.
To get data from the ikon API do like
curl --silent 'https://mtnpowder.com/feed?resortId=61' > "/path/to/data/ikon/resort-61.$(date --rfc-3339=second).json"
curl --silent 'https://mtnpowder.com/feed?resortId=62' > "/path/to/data/ikon/resort-62.$(date --rfc-3339=second).json"
Vail resorts are like
curl --silent "https://cms.mountain.live/lumiplan/api/moduleplr/2542/detail?lang=en&platform=ANDROID" > "/path/to/data/vail/resort-2542.$(date --rfc-3339=second).json"
Also run the binary on a cron to process the results. Make sure to run ski-graphs -help
to see what all flags must be set.
If you need to re-process things you should be able to clear influx with something like
influx delete --bucket skiing --start 2009-01-02T23:00:00Z --stop 2099-01-02T23:00:00Z --org org
then just remove your seen-file and re-run things.
Test examples are formatted and have keys sorted like this:
jq --sort-keys . < resort-61.2021-01-01\ 18:32:01-08:00.json > testinput/test_one.json
FAQs
Unknown package
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Maven Central now validates Sigstore signatures, making it easier for developers to verify the provenance of Java packages.
Security News
CISOs are racing to adopt AI for cybersecurity, but hurdles in budgets and governance may leave some falling behind in the fight against cyber threats.
Research
Security News
Socket researchers uncovered a backdoored typosquat of BoltDB in the Go ecosystem, exploiting Go Module Proxy caching to persist undetected for years.