Security News
PyPI Introduces Digital Attestations to Strengthen Python Package Security
PyPI now supports digital attestations, enhancing security and trust by allowing package maintainers to verify the authenticity of Python packages.
@fluidframework/protocol-base
Advanced tools
Shared protocol code for client and service to share. Manages the lifetime of Quorum and proposals that needs to be consistent across client and service. It also provides utilities for facilitating summary creation.
A quorum proposal transitions between four possible states: propose, accept, reject, and commit.
A proposal begins in the propose state. The proposal is sent to the server and receives a sequence number which is used to uniquely identify it. Clients within the collaboration window accept the proposal by allowing their reference sequence number to go above the sequence number for the proposal. They reject it by submitting a reject message prior to sending a reference sequence number above the proposal number. Once the minimum sequence number goes above the sequence number for the proposal without any rejections it is considered accepted.
The proposal enters the commit state when the minimum sequence number goes above the sequence number at which it became accepted. In the commit state all subsequent messages are guaranteed to have been sent with knowledge of the proposal. Between the accept and commit state there may be messages with reference sequence numbers prior to the proposal being accepted.
FAQs
Fluid protocol base
We found that @fluidframework/protocol-base demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 2 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
PyPI now supports digital attestations, enhancing security and trust by allowing package maintainers to verify the authenticity of Python packages.
Security News
GitHub removed 27 malicious pull requests attempting to inject harmful code across multiple open source repositories, in another round of low-effort attacks.
Security News
RubyGems.org has added a new "maintainer" role that allows for publishing new versions of gems. This new permission type is aimed at improving security for gem owners and the service overall.