Security News
Research
Data Theft Repackaged: A Case Study in Malicious Wrapper Packages on npm
The Socket Research Team breaks down a malicious wrapper package that uses obfuscation to harvest credentials and exfiltrate sensitive data.
QFace is a generator framework based on a common modern IDL. It is not a generator as such but enforces a common IDL format and provides a library to write your own generator. It is actually very easy to create your own generator and generate your custom solution based on your needs from the same IDL.
The IDL is designed after the Qt/QML interface and as such is optimized to generate source code used with Qt C++ or Qt QML, but it is not limited to this use case.
QFace is already very fast by design and suitable for large IDL document sets. Additionally it can use a cache to avoid parsing unchanged IDL documents. It can automatically avoid writing new files if the target file has the same content.
QFace is written out of the learnings of using IDLs in other large projects. Often in the project you need to adjust the code generation but in many generators this is awfully complicated. Or you need to run a report on the documents or generate specific documentation. In QFace this is enabled by having a very flexible code generation framework which enforces the same IDL.
Please see the INSTALL and USAGE guides for more information.
Documentation is hosted at readthedocs.
To install the qface library you need to have python3 and pip installed.
pip3 install qface
To install the development version you need to clone the repository and ensure you have checkout the develop branch.
git clone git@github.com:Pelagicore/qface.git
cd qface
git checkout develop
The installation requires the python package manager called (pip) using the python 3 version. You can try:
python3 --version
pip3 --version
Use the editable option of pip to install an editable version.
cd qface
pip3 install --editable .
This reads the setup.py
document and installs the package as reference to this repository. So all changes will be immediatly reflected in the installation.
To update the installation just simple pull from the git repository.
If you are looking for the examples and the builtin generators you need to download the code.
git clone git@github.com:Pelagicore/qface.git
Copyright (C) 2016 Pelagicore AG
The source code in this repository is subject to the terms of the MIT license, please see included "LICENSE" file for details.
// echo.qface
module org.example 1.0;
/**!
The echo interface to call someone
on the other side
*/
interface Echo {
readonly Message lastMessage;
void echo(Message message);
signal callMe();
};
struct Message {
string text;
};
Now you write a small script using qface to generate your code
# mygenerator.py
from qface.generator import FileSystem, Generator
# load the interface files
system = FileSystem.parse('echo.qface')
# prepare the generator
generator = Generator(searchpath='.')
# iterate over the domain model
for module in system.modules:
for interface in module.interfaces:
# prepare a context object
ctx = { 'interface': interface }
# use header.h template with ctx to write to a file
generator.write('{{interface|lower}}.h', 'header.h', ctx)
Depending on the used generator it reads the input file and runs it through the generator. The output files are written relative to the given output directory. The input can be either a file or a folder.
FAQs
A generator framework based on a common modern IDL
We found that qface demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 2 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Research
The Socket Research Team breaks down a malicious wrapper package that uses obfuscation to harvest credentials and exfiltrate sensitive data.
Research
Security News
Attackers used a malicious npm package typosquatting a popular ESLint plugin to steal sensitive data, execute commands, and exploit developer systems.
Security News
The Ultralytics' PyPI Package was compromised four times in one weekend through GitHub Actions cache poisoning and failure to rotate previously compromised API tokens.