
Research
/Security News
Critical Vulnerability in NestJS Devtools: Localhost RCE via Sandbox Escape
A flawed sandbox in @nestjs/devtools-integration lets attackers run code on your machine via CSRF, leading to full Remote Code Execution (RCE).
eflips-schedule-rust
Advanced tools
Part of the eFLIPS/simBA list of projects.
eflips-schedule-rust provides speedups (100x-1000x) to solving the vehicle scheduling problem for electric buses. It is a Rust library that can be used as a Python extension.
pip install eflips-schedule-rust
The vehicle scheduling problem needs to be formulated as a Directed Acyclic Graph (DAG) with the following properties:
The function call is as follows:
import eflips_schedule_rust
edgelist = eflips_schedule_rust.solve(data)
The data
parameter is a JSON string that contains the graph. It has the following structure:
Here is an example of a JSON string that represents a graph with two nodes and one edge:
[
{
"nodes": [
{
"id": 0,
"weights": [0.5, 0.5]
},
{
"id": 1,
"weights": [0.5, 0.5]
}
],
"edges": [
{
"source": 0,
"target": 1,
"weight": 1
}
]
}
]
Unit tests use rust's cargo test
and can be run using cargo test
. The tests are located in the src/lib.rs
file.
Integration tests use Python's unittest
and can be run using python -m unittest
. The tests are located in the tests/test.py
file.
Documentation is inline accordint to Python (Docstring) and Rust (//!) conventions.
We utilize the GitHub Flow branching structure. This means
that the main
branch is always deployable and that all development happens in feature branches. The feature branches
are merged into main
via pull requests.
We use black for python code formatting and rustfmt
for rust. ng.
This project is licensed under the AGPLv3 license - see the LICENSE file for details.
This code was developed as part of the project eBus2030+ funded by the Federal German Ministry for Digital and Transport (BMDV) under grant number 03EMF0402.
FAQs
Vehicle Scheduling in Rust for eFLIPS.
We found that eflips-schedule-rust demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 0 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
/Security News
A flawed sandbox in @nestjs/devtools-integration lets attackers run code on your machine via CSRF, leading to full Remote Code Execution (RCE).
Product
Customize license detection with Socket’s new license overlays: gain control, reduce noise, and handle edge cases with precision.
Product
Socket now supports Rust and Cargo, offering package search for all users and experimental SBOM generation for enterprise projects.