Deterministic security checks for Next.js projects. No AI required.
Report formatting for next-secure-check
Security rules for next-secure-check
Core scanning engine for next-secure-check
Provides functions for detecting if the host environment supports the WebCrypto API
Sets secure response headers for Next.js.
[](https://github.com/paralleldrive/aidd)[](https://paralleldrive.com)
A unified JavaScript build system
Large collection of predicates.
JSON parse with prototype poisoning protection
Next-generation ZeroMQ bindings for Node.js
A tiny (130B to 205B) and fast utility to randomize unique IDs of fixed length
An abstraction for themes in your React app.
A tiny (230B) and fast UUID (v4) generator for Node and the browser
Storybook Docs: Document UI components automatically with stories and MDX
simple persistent cookiejar system
Storybook Themes addon: Switch between themes from the toolbar
hint for best practices related to the usage of the Set-Cookie response header.
Next.js Firebase Authentication for Edge and server runtimes. Compatible with latest Next.js features.
Authentication for the Web.
Secure XSS Filters - Just sufficient output filtering to prevent XSS!
Secure, zero-dependency utilities for generating passwords, passphrases, pins, and more
Type safe and validated Server Actions in your Next.js project.
Passport authentication strategy using JSON Web Tokens
Drop Zone is a solution to the problem of restricted sales in censored markets. The proposal is for the design of a protocol and reference client that encodes the location and a brief description of a good onto The Blockchain. Those wishing to purchase the good can search for items within a user-requested radius. Sellers list a good as available within a geographic region, subject to some degree of precision, for the purpose of obfuscating their precise location. Goods are announced next to an expiration, a hashtag, and if space permits, a description. Once a buyer finds a good in a defined relative proximity, a secure communication channel is opened between the parties on the Bitcoin test network ("testnet"). Once negotiations are complete, the buyer sends payment to the seller via the address listed on the Bitcoin mainnet. This spend action establishes reputation for the buyer, and potentially for the seller. Once paid, the seller is to furnish the exact GPS coordinates of the good to the buyer (alongside a small note such as "Check in the crevice of the tree"). When the buyer successfully picks up the item at the specified location, the buyer then issues a receipt with a note by spending flake to the address of the original post. In this way, sellers receive a reputation score. The solution is akin to that of Craigslist.org or Uber, but is distributed and as such provides nearly risk-free terms to contraband sellers, and drastically reduced risk to contraband buyers.
== ICU4R - ICU Unicode bindings for Ruby ICU4R is an attempt to provide better Unicode support for Ruby, where it lacks for a long time. Current code is mostly rewritten string.c from Ruby 1.8.3. ICU4R is Ruby C-extension binding for ICU library[1] and provides following classes and functionality: * UString: - String-like class with internal UTF16 storage; - UCA rules for UString comparisons (<=>, casecmp); - encoding(codepage) conversion; \ - Unicode normalization; - transliteration, also rule-based; Bunch of locale-sensitive functions: - upcase/downcase; - string collation; \ - string search; - iterators over text line/word/char/sentence breaks; \ - message formatting (number/currency/string/time); - date and number parsing. * URegexp - unicode regular expressions. * UResourceBundle - access to resource bundles, including ICU locale data. * UCalendar - date manipulation and timezone info. * UConverter - codepage conversions API * UCollator - locale-sensitive string comparison == Install and usage > ruby extconf.rb > make && make check > make install Now, in your scripts just require 'icu4r'. To create RDoc, run > sh tools/doc.sh == Requirements To build and use ICU4R you will need GCC and ICU v3.4 libraries[2]. == Differences from Ruby String and Regexp classes === UString vs String 1. UString substring/index methods use UTF16 codeunit indexes, not code points. 2. UString supports most methods from String class. Missing methods are: capitalize, capitalize!, swapcase, swapcase! %, center, ljust, rjust chomp, chomp!, chop, chop! \ count, delete, delete!, squeeze, squeeze!, tr, tr!, tr_s, tr_s! crypt, intern, sum, unpack dump, each_byte, each_line hex, oct, to_i, to_sym reverse, reverse! succ, succ!, next, next!, upto 3. Instead of String#% method, UString#format is provided. See FORMATTING for short reference. 4. UStrings can be created via String.to_u(encoding='utf8') or global u(str,[encoding='utf8']) calls. Note that +encoding+ parameter must be value of String class. 5. There's difference between character grapheme, codepoint and codeunit. See UNICODE reports for gory details, but in short: locale dependent notion of character can be presented using more than one codepoint - base letter and combining (accents) (also possible more than one!), and each codepoint can require more than one codeunit to store (for UTF8 codeunit size is 8bit, though \ some codepoints require up to 4bytes). So, UString has normalization and locale dependent break iterators. 6. Currently UString doesn't include Enumerable module. 7. UString index/[] methods which accept URegexp, throw exception if Regexp passed. 8. UString#<=>, UString#casecmp use UCA rules. === URegexp UString uses ICU regexp library. Pattern syntax is described in [./docs/UNICODE_REGEXPS] and ICU docs. There are some differences between processing in Ruby Regexp and URegexp: 1. When UString#sub, UString#gsub are called with block, special vars ($~, $&, $1, ...) aren't set, as their values are processed through deep ruby core code. Instead, block receives UMatch object, which is essentially immutable array of matching groups: "test".u.gsub(ure("(e)(.)")) do |match| \ puts match[0] # => 'es' <--> $& puts match[1] # => 'e' \ <--> $1 puts match[2] # => 's' <--> $2 end 2. In URegexp search pattern backreferences are in form \n (\1, \2, ...), in replacement string - in form $1, $2, ... NOTE: URegexp considers char to be a digit NOT ONLY ASCII (0x0030-0x0039), but any Unicode char, which has property Decimal digit number (Nd), e.g.: a = [?$, 0x1D7D9].pack("U*").u * 2 puts a.inspect_names <U000024>DOLLAR SIGN <U01D7D9>MATHEMATICAL DOUBLE-STRUCK DIGIT ONE <U000024>DOLLAR SIGN <U01D7D9>MATHEMATICAL DOUBLE-STRUCK DIGIT ONE puts "abracadabra".u.gsub(/(b)/.U, a) abbracadabbra \ 3. One can create URegexp using global Kernel#ure function, Regexp#U, Regexp#to_u, or from UString using URegexp.new, e.g: /pattern/.U =~ "string".u 4. There are differences about Regexp and URegexp multiline matching options: t = "text\ntest" # ^,$ handling : URegexp multiline <-> Ruby default t.u =~ ure('^\w+$', URegexp::MULTILINE) => #<UMatch:0xf6f7de04 @ranges=[0..3], @cg=[\u0074\u0065\u0078\u0074]> t =~ /^\w+$/ => 0 # . matches \n : URegexp DOTALL <-> /m t.u =~ ure('.+test', URegexp::DOTALL) \ => #<UMatch:0xf6fa4d88 ... t.u =~ /.+test/m 5. UMatch.range(idx) returns range for capturing group idx. This range is in codeunits. === References 1. ICU Official Homepage http://ibm.com/software/globalization/icu/ 2. ICU downloads \ http://ibm.com/software/globalization/icu/downloads.jsp 3. ICU Home Page http://icu.sf.net 4. Unicode Home Page http://www.unicode.org ==== BUGS, DOCS, TO DO The code is slow and inefficient yet, is still highly experimental, so can have many security and memory leaks, bugs, inconsistent documentation, incomplete test suite. Use it at your own risk. Bug reports and feature requests are welcome :) === Copying This extension module is copyrighted free software by Nikolai Lugovoi. You can redistribute it and/or modify it under the terms of MIT License. Nikolai Lugovoi <meadow.nnick@gmail.com>