Open Source

28755 readers
39 users here now

All about open source! Feel free to ask questions, and share news, and interesting stuff!

Useful Links

Rules

Related Communities

Community icon from opensource.org, but we are not affiliated with them.

founded 4 years ago
MODERATORS
1
 
 

Meet the new projects

Trustworthy hardware and manufacturing

Collection of Verified multi-platform Gatewares — Comprehensive repository of open source gateware designs
Flashkeeper — Write Protection on SOIC-8 flash chips without soldering
foaHandler — Reverse engineer the OpenAccess file format
FPGA-ISP-UVM-USB2 — Open hardware FPGA-based USB webcam
MEGA65 Phone Modular MVP — OSHW mobile device with form-factor of hand-held game consoles
nextpnr for GW-5 — Add support to nextpnr for Gowin GW-5 FPGA family
VexiiRiscv — Next generation of the VexRiscv in-order FPGA softcore

Network infrastructure incl. routing, P2P and VPN

Movedata — Privacy-preserving, energy efficient data replication and verification
NixBox — Nix integration with netbox
OpenHarbors — Dynamic Tunneling of WPA over IP/L2TP
Toward a Fully-Verified SCION Router — Formal verification of the reference open source SCION Router

Software engineering, protocols, interoperability, cryptography, algorithms, proofs

Diesel — Safe and performant query builder and ORM written in Rust
lib1305 — Microlibrary for Poly1305 hashing
libvips — Add animated PNG and enhanced JPEG XL support to libvips
MailBox renewal — Performance upgrade of MailBox mail modules
PTT — Unikernel Mailing list server in OCAML
Support for OpenPGP v6 in rPGP — Implement draft-ietf-openpgp-crypto-refresh in rPGP
Tracing and rebuilding packages — Improved metadata/provenance for build artifacts
UnifiedPush — Decentralized and open-source push notification protocol

Operating Systems, firmware and virtualisation

Arcan-A12 Directory — Server side scripting API for Arcan's directory server
Arcan-A12 Tools — A12 clients for different platforms and devices such as drawing tablets
postmarketOS daemons — Add modern service daemons to postmarketOS
Redox OS Unix-style Signals — Add Unix-style signal handling to Redox Operating System
TrenchBoot as Anti Evil Maid - UEFI boot mode support — Add UEFI to the Qubes integration of Trenchboot with AEM
tslib — Better configuration and callibration of touchscreen devices
Wayland input method support — Better specification for Wayland input methods

Measurement, monitoring, analysis and abuse handling

Back2Source next — Better matching of binaries with source code
Enhance the vulnerability database — Enhance the VulnerableCode vulnerability database
LANShield — Constrain local network access for mobile devices
OWASP dep-scan — Security and risk audit tool

Middleware and identity

Client Proof-of-Work in TLS — Mitigation against DoS amplification on the TLS handshake

Data and AI

LabPlot — Scientific and engineering data analysis and visualisation

Services + Applications (e.g. email, instant messaging, video chat, collaboration)

bluetuith — Bluetooth connection/device manager for the terminal
Draupnir — Moderation bot for Matrix servers
Gancio — Shared agenda for local communities that supports Activity Pub
Miru — Multi-track video editing and real-time AR effects
Openfire IPv6 support — Add IPv6 support to the Openfire XMPP server

Vertical use cases, Search, Community

COCOLIGHT — Lightweight version of Communecter
OpenCarLink — Security tooling for vehicle ODB2 ports

Still hungry for more projects? Check out the overview of all our current and recent projects...

2
3
4
21
Drones (lemmy.world)
submitted 4 weeks ago by [email protected] to c/[email protected]
 
 

Can y'all help get me started with open source drone stuff? Ideally sub 250g. I'm looking to get into the hobby, and don't have anything. Recommendations for controllers, SIMs etc would also be nice.

5
 
 

cross-posted from: https://infosec.pub/post/13676291

I've been building MinimalChat for a while now, and based on the feedback I've received, it's in a pretty decent place for general use. I figured I'd share it here for anyone who might be interested!

Quick Features Overview:

  • Mobile PWA Support: Install the site like a normal app on any device.
  • Any OpenAI formatted API support: Works with LM Studio, OpenRouter, etc.
  • Local Storage: All data is stored locally in the browser with minimal setup. Just enter a port and go in Docker.
  • Experimental Conversational Mode (GPT Models for now)
  • Basic File Upload and Storage Support: Files are stored locally in the browser.
  • Vision Support with Maintained Context
  • Regen/Edit Previous User Messages
  • Swap Models Anytime: Maintain conversational context while switching models.
  • Set/Save System Prompts: Set the system prompt. Prompts will also be saved to a list so they can be switched between easily.

The idea is to make it essentially foolproof to deploy or set up while being generally full-featured and aesthetically pleasing. No additional databases or servers are needed, everything is contained and managed inside the web app itself locally.

It's another chat client in a sea of clients but it is unique in its own ways in my opinion. Enjoy! Feedback is always appreciated!

Self Hosting Wiki Section https://github.com/fingerthief/minimal-chat/wiki/Self-Hosting-With-Docker

I thought sharing here might be a good idea as well, some might find it useful!

I've added some updates since even the initial post which gave a huge improvement to message rendering speed as well as added a plethora of new models to choose from and load/run fully locally in your browser (Edge and Chrome) with WebGPU and WebLLM

6
7
 
 

Situation: You run a website and want users to have to do some amount of work in order to activate a function in your code. The "function" can be anything: creating an account, receiving some kind of in-game token/reward, dispensing coins from a faucet, whatever. Captchas are becoming increasingly both increasingly complex and increasingly useless against spam attacks. Various "proof of personhood" options are available (SMS verification etc) but come with downsides as well.

An obvious alternative to captchas is some kind of "proof work" scheme where the user has to run a certain number of hash calculations. This is cheap for individual users but expensive for spammers to spam, and could even net you a little crypto if you wanted it to. This, for example, is the approach used by Tor's anonymity network help prevent DDoS attacks. This is fine, but it serves no other purpose and uses lots of of energy. Though in Tor's implementation, it is only occasionally used as opposed to being used for every request.

My script is a "proof of useful work" captcha alternative. The user must download and process a chosen amount of workunits from a chosen BOINC project(s). This work is "useful" because it contributes to scientific research. BOINC is a software for distributed/volunteer computing and its used by scientists all over the world including the Large Hadron Collider (CERN) to offload expensive computation to the machines of volunteers. My script downloads stats from the BOINC projects and verifies the user has completed the work. If the user is a pre-existing BOINC user, they will already have sufficient credit to instantly activate the function on the site.

The default setup for this software is as a "crypto faucet", but you can plug-in any function you want: anti-spam, user registration, whatever. It calculates a cost for the "work" and makes sure it dispenses less than the cost, making sure no user has incentive to use the faucet more than a few times since it would cheaper for the user to just do the work on their own without the faucet acting as a middleman.

Downside of this tool is that the user may take some time to accumulate the credit (unless they are an existing BOINC user with credit) and the BOINC projects only report updated credit once every 24 hours (though if you ran your own BOINC project for this purpose, you could get this time down much lower). So while this can be good for longer-term tasks (such as giving an in-game reward to users who contribute to science), it is not quick. They also have to download and run BOINC (and change their username at a BOINC project), which is a big step compared to a captcha. In an ideal world, the BOINC work could be completed in the browser instead of by downloading BOINC, I believe folding at home had a client that could do this at one point.

Anyways, I think it's an interesting idea. Maybe you do too and can use it to your advantage somehow.

8
 
 

Noticed this on Fdroid recently, it has a really nice UI and auto generates real barcodes from images. Their document scanner app is pretty nice too. It seems like early development so I'm excited to see it improve from here!

9
 
 

So this utility given a directory or path, will move randomly files in subdirectories and will move subdirectories randomly too. CAREFUL, if given system directory it will probably trash the system, equivalent of doing rm -rf /, except all the files are still there! :)

I don't know why I came up with this idea nor if its original but its mine.

You might ask, whats the use case, well that's an interesting question, you know why? Because... 🏃

(Of course, I'm open to feedback.)

10
48
Decentralized Encrypted P2P Chat (chat.positive-intentions.com)
submitted 1 month ago* (last edited 1 month ago) by [email protected] to c/[email protected]
 
 

chat.positive-intentions.com

https://github.com/positive-intentions/chat

I'm excited to share with you an instant messaging application I've been working on that might interest you. This is a chat app designed to work within your browser, with a focus on browser-based security and decentralization.

What makes this app unique is that it doesn't rely on messaging servers to function. Instead, it works based on your browser's javascript capabilities, so even low-end devices should work.

Here are some features of the app:

  • Encrypted messaging: Your messages are encrypted, making them more secure.
  • File sharing: Easily share files using WebRTC technology and QR codes.
  • Voice and video calls: Connect with others through voice and video calls.
  • Shared virtual space: Explore a shared mixed-reality space.
  • Image board: Browse and share images in a scrollable format.

Your security is a top priority. Here's how the app keeps you safe:

  • Decentralized authentication: No central server is required for login, making it harder for anyone to gain unauthorized access.
  • Unique IDs: Your ID is cryptographically random, adding an extra layer of security.
  • End-to-end encryption: Your messages are encrypted from your device to the recipient's device, ensuring only you and the recipient can read them.
  • Local data storage: Your data is stored only on your device, not on any external servers.
  • Self-hostable: You have the option to host the app on your own server if you prefer.

The app is still in the early stages and I'm exploring what's possible with this technology. I'd love to hear your feedback on the idea and the current state of the app. If you have any feature requests or ideas, I'm all ears in the comments below!

Looking forward to hearing your thoughts!

The live app

About the app

Docs

11
12
 
 

Find your Device with an SMS or online with the help of FMDServer. This applications goal is to track your device when it's lost and should be a...

13
14
15
 
 

Flameshot is a free and open-source, cross-platform tool to take screenshots with many built-in features to save you time.

16
17
18
 
 

So this very large company who shall remain nameless distributes a proprietary software development environment that includes a patched version of a certain, well-known open-source debugging tool.

The patch is to make said open-source tool support their products. It's not even hidden or anything: the binary is sitting right there in the installation directory, it's called the exact same thing the vanilla debugger is called and when I run it on the command line, it clearly says "patched for xyz".

The tool in question is distributed under the GPLv2 and I need to modify it for my own project. So I sent an email to the company to request the source code for their modification, but they refuse by playing dumb and pretending they don't understand the question. They keep telling me the source code to their IDE is not public. I keep telling them I don't want their IDE but the source for the modified GPL backend tool they bundle with it. But no: they claim it's part of their product and they won't release it.

Anybody knows the best course of action to deal with this? It's the first company I've dealt with that explicitly refuses to honor the GPL. I don't even think it's malice: I'm fairly sure the L2 support guy handling my ticket was told to deny my request by his clueless supervisor who didn't bother escalating it. But it's also a huge company that's known to be aggressive and litigious, whereas I'm just one guy and I'm not lawyering up over this. I have other hills to die on.

Who should I pass the potato to? The FSF?

19
 
 

As Original forget we not is archived now Without giving sync functionality. So, Do anyone know of similar addon.

Must Available for android and active development

Plus Sync functionality already implemented.

20
 
 

Like Localshare but works over the internet?

Any recommendations appreciated

Thanks in advance

21
 
 

cross-posted from: https://lemmy.world/post/1051933

Magic-tape is an image supporting fuzzy finder command line interface YouTube client.

https://gitlab.com/christosangel/magic-tape

https://gitlab.com/christosangel/magic-tape/-/raw/main/screenshots/1.png

Image rendering can be done with the use of ueberzugpp, ueberzug, kitty terminal or chafa.

https://gitlab.com/christosangel/magic-tape/-/raw/main/screenshots/fzf2.png

With magic-tape, through the main menu, the user can:

  • Browse videos from subscriptions.

  • Browse through trending video feed.

  • make a video search, using keywords or phrases.

  • Watch a previously watched video (watch history).

  • Browse videos from a subcsribed channel.

  • Watch a liked video.

  • Repeat the previous selection.

  • Repeat a previous search (search history).

  • Watch/download video/audio content, in various formats.

Through the miscellaneous menu the user can

  • Set up Preferences (configuration).

  • Like / Unlike a video.

  • Synchronize the above actions with their YouTube account.

  • Import subscriptions from YouTube.

  • Subscribe to/ Unsubscribe from a channel.

  • Clear their watch/search history, liked videos, thumbnail cache.

22
27
Strava alternative? (sh.itjust.works)
submitted 1 month ago* (last edited 1 month ago) by [email protected] to c/[email protected]
 
 

I need to track cardio with terrain data, but I'd rather not trust Strava with my privacy. I know there are some alternatives, but which one is the most reliable and feature-rich? I don't have smart accessories, just and android phone. Preferably, I'd like an app that let's me track added weights for calorie purposes (like rucking).

23
 
 

Been trying it for a little while. It's exactly what I have been looking for.

  • Works great
  • is encrypted
  • can be self hosted
  • edge ML for photo search (not perfect yet)
  • S3 backend #ente @[email protected]
24
25
 
 

Hi everyone,

as I don't need to do extensive video manipulation but simple cutting/compression of videos as well as extraction from every "nth" video frame to save as picture. I've been using avidemux and VirtualDub in the past for this purpose. However, both avidemux and VirtualDub are last updated in 2012/2023 and thus not up-to-date anymore. Thus, I am now looking for a linux-ready, FOSS, and up-to-date solution to do the same. Shotcut, Kdenlive and OpenShot are much too extensive in features for the simple things that I am looking for it to do. Does anyone here have good recommenations?

Thanks for your help! Temperche

view more: next ›