document/TranslateProject
2
0
Fork 0
mirror of https://github.com/LCTT/TranslateProject.git synced 2025-02-03 23:40:14 +08:00
Code Issues Packages Projects Releases Wiki Activity

Merge remote-tracking branch 'LCTT/master'

Browse Source
This commit is contained in:
Xingyu Wang 2020-09-26 10:48:01 +08:00
commit ce3ba430eb
10 changed files with 1202 additions and 84 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

77
published/20200625 Wi-Fi 6E- When it-s coming and what it-s good for.md Normal file
View File

@ -0,0 +1,77 @@
[#]: collector: (lujun9972)
[#]: translator: (chenmu-kk)
[#]: reviewer: (wxy)
[#]: publisher: (wxy)
[#]: url: (https://linux.cn/article-12650-1.html)
[#]: subject: (Wi-Fi 6E: When its coming and what its good for)
[#]: via: (https://www.networkworld.com/article/3563832/wi-fi-6e-when-its-coming-and-what-its-good-for.html)
[#]: author: (Zeus Kerravala https://www.networkworld.com/author/Zeus-Kerravala/)
Wi-Fi 6E它何时到来又有何作用
======
> Extreme Networks 的一位高管表示,近来专用于 Wi-Fi 的新无线频谱可以提供更多的信道和更高的密度部署,但是要支持它的设备要到 2020 年才能得到广泛部署。
![](https://images.idgesg.net/images/article/2019/09/cso_wireless_network_management_security_alert_iot_internet_of_things_thinkstock_685417850_1200x800-100810374-large.jpg)
今年开春 [FCC 在 6GHz 频段内开辟了一系列新的未授权的无线频谱][1],该频谱旨在用于 Wi-Fi以提供更低的延迟和更快的数据速率。新频谱的范围更短与已经专用于 Wi-Fi 的频段相比支持的信道也更多,因此适合在体育场馆等高密度区域部署。
为了进一步了解什么是 Wi-Fi 6E 以及它与 Wi-Fi 6 有何不同,我最近与网络解决方案提供商 Extreme Networks 的产品管理总监 Perry Correll 进行了交谈。
**了解更多关于 5G 和 WiFi 6 的信息**
* [什么是 5G相较于 4G 它更好吗?][2]
* [如何确定 WiFi 6 是否适合你?][3]
* [什么是 MU-MIMO为什么它在你的无线路由器中不可或缺][4]
* [何时使用 5G何时使用 WiFi 6][5]
* [企业如何为5G网络做准备呢][6]
**Kerravala Wi-Fi 6 似乎得到了许多热捧,而 Wi-Fi 6E 却没有。为什么?**
**Correll** 所有这些带 666 的数字会混乱得会吓死你。我们已经有了 Wi-Fi 6、Wi-Fi 6E之后Wi-Fi 6 还有其它的增强功能,比如多用户多入多出(多用户 MIMO功能。还有就是 6GHz 频谱,但这并不是 Wi-Fi 6 的名称的由来:它是第六代 Wi-Fi。最重要的是我们刚刚掌握了 5G并且已经在谈论 6G —— 认真的讲,这更容易搞混了。
**Kerravala 为什么我们需要 Wi-Fi 6E 和普通的 Wi-Fi 6**
**Correll** 上一次我们在 UNII-2 和 UNII-2 扩展中得到提升是在 15 年前,而在当时智能手机甚至还没有兴起。现在能够获得 1.2GHz 的频谱已经非常大了。使用 Wi-Fi 6E我们不是将 Wi-Fi 空间增加一倍,事实上,我们将可用空间增加了三倍。根据你所处的地点,频谱的数量要多三倍、四倍或五倍。此外,你不必担心 DFS<ruby>动态频率选择<rt>dynamic frequency selection</rt></ruby>),尤其是在室内。
Wi-Fi 6E 不会比 Wi-Fi 6 更快,也不会添加增强的技术功能。最妙的是运行 6GHz 需要 Wi-Fi 6 或以上的客户端。所以,我们不会有任何缓慢的客户端,也不会有很多噪声。我们将在更干净的环境中使用更快的设备来得到高性能。
**Kerravala 也能用更宽的信道吗**
**Correll** 没错那是一件很酷的事情。如果你处于一个典型的企业环境中20 和 40MHz 基本上就是你需要的。在体育馆这种高密度环境中,想要使用 80 或 160MHz 的带宽就会变得很困难了。更宽的信道将会真正有助于像虚拟现实这类应用,它可以利用这些信道占用频谱中剩余的部分。这可能是最大的用例了。
在未来的三四年里,如果你想在体育场做数字标识牌或者边缘屏幕处理,则可以使用 160MHz 的 80 带宽,而不会受到其他任何影响。已经有传言说 Wi-Fi 7 将会有 320MHz 宽的频道。
**Kerravala 这将主要是对大多数 Wi-Fi 策略的增强吗?**
**Correll** 短期内肯定会处于先锐领域。首批产品大概会在今年底发布,它们将是消费类产品。对于企业来说,支持 6GHz 的产品将会在明年亮相。在 2022 年之前你不会真正看到它密集出现——所以短期内不会。对于智能手机公司来说Wi-Fi 并不是什么大事,他们更愿意关注其他功能。
但它仍是一个巨大的机会。6GHz 与 CBRS公民宽带无线电服务或 5G 相比,最棒的一点是(许多人)宁愿坚持使用 Wi-Fi也不愿迁移到不同的架构。这些用户将推动驱动部件制造商转向物联网设备或机器人或任何需要 6GHz 的设备。这是一个干净的频谱,可能比普通的 Wi-Fi 6 还要便宜也更节能。
**Kerravala 有人说 5G 会替代 Wi-Fi 6。但这有什么实际意义呢**
**Correll** 现实中,你不可能在每个设备中插入 SIM 卡。但是其中一个大问题是数据所有权,因为运营商将拥有你的数据,而不是你。如果你想使用你的数据进行任何类型的业务分析,运营商是否会以一定价格将数据返还给你?这是一个可怕的想法。
Wi-Fi 不会消失有太多的理由。当具备 Wi-Fi 6 和 5G 功能的设备问世时,其他只有 Wi-Fi 功能的笔记本电脑、平板电脑和物联网设备将会发生什么呢?要么是只支持 Wi-Fi 的设备,要么是支持 Wi-Fi 和 5G 的设备,但 5G 不会完全取代 Wi-Fi。如果你看看 5G 无线网络的骨干网Wi-Fi 就是其中的一个组成部分。这是一个幸福的大家庭。这些技术是为了共存而设计的。
--------------------------------------------------------------------------------
via: https://www.networkworld.com/article/3563832/wi-fi-6e-when-its-coming-and-what-its-good-for.html
作者:[Zeus Kerravala][a]
选题:[lujun9972][b]
译者:[chenmu-kk](https://github.com/chenmu-kk)
校对:[wxy](https://github.com/wxy)
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出
[a]: https://www.networkworld.com/author/Zeus-Kerravala/
[b]: https://github.com/lujun9972
[1]: https://www.networkworld.com/article/3540288/how-wi-fi-6e-boosts-wireless-spectrum-five-fold.html
[2]: https://www.networkworld.com/article/3203489/what-is-5g-how-is-it-better-than-4g.html
[3]: https://www.networkworld.com/article/3356838/how-to-determine-if-wi-fi-6-is-right-for-you.html
[4]: https://www.networkworld.com/article/3250268/what-is-mu-mimo-and-why-you-need-it-in-your-wireless-routers.html
[5]: https://www.networkworld.com/article/3402316/when-to-use-5g-when-to-use-wi-fi-6.html
[6]: https://www.networkworld.com/article/3306720/mobile-wireless/how-enterprises-can-prep-for-5g.html
[7]: https://www.facebook.com/NetworkWorld/
[8]: https://www.linkedin.com/company/network-world

2
sources/talk/20200916 Huawei ban could complicate 5G deployment.md
View File

@ -1,5 +1,5 @@
[#]: collector: (lujun9972)
[#]: translator: ( )
[#]: translator: (geekpi)
[#]: reviewer: ( )
[#]: publisher: ( )
[#]: url: ( )

67
sources/talk/20200923 How my students taught me to code.md Normal file
View File

@ -0,0 +1,67 @@
[#]: collector: (lujun9972)
[#]: translator: ( )
[#]: reviewer: ( )
[#]: publisher: ( )
[#]: url: ( )
[#]: subject: (How my students taught me to code)
[#]: via: (https://opensource.com/article/20/9/my-students-taught-me-code)
[#]: author: (Jess Weichler https://opensource.com/users/cyanide-cupcake)
How my students taught me to code
======
Coding is for everyone—from preschoolers to adults. Here are some ways
to help you and your children learn to code.
![Student desk for open education][1]
"Hello, I'm Miss Jess, and my students taught me how to code."
When I say this to new students, they often think I misspoke. But it's true. Coding always interested me, but it seemed inaccessible. Then my students taught me to code a video game during a few lunch breaks.
Their encouraging advice and suggestions helped me create my first video game using [Scratch][2]. The game was simple. It was about a monkey catching bananas as they fell from the sky. If you caught a ripe banana, you earned points.
One of my students chimed in with an idea: "Why don't you have bad bananas that take away points?"
The answer was that I didn't know how to do that yet. But this simple idea was kind of like a puzzle to me. And there's nothing I love more than a good puzzle. So I spent a lunch break working at this new idea until I solved it.
An accidental side effect of this project was that I was strengthening my math skills. I'd made it through high school and university without ever really understanding what a variable was. But finally having a real-world application I cared about—needing a scoring system for my game—made it all make sense.
![Scratch game][3]
(Jess Weichler, [CC BY-SA 4.0][4])
### Connecting with kids through coding
Coding isn't just for kids who dream of becoming computer programmers. It's for everyone. Educators and parents can harness the power of code to engage learners and introduce subjects in a unique way.
Writing code and seeing it run is a process of discovery, and everyone loves feeling accomplishment. But once you know a little code, it doesn't take long for you to realize that programming can express ideas; foster creativity; teach mathematics, logic, and problem solving; and encourage collaboration. What's not to love?
Connecting with kids is always important in education, but with more kids learning from home this year, it's vitally important to engage with them. Coding is a great way to do that.
### Teaching kids to code
My youngest students are 4 to 7 years old, and I start them with paper "code" activities. These are simple physical games that help young children understand basic programming concepts and mindsets without a digital device. Once my students turn 8, I introduce Scratch, a visual programming language that uses block-based code. I continue this track until they're age 10 to 12. I also teach some paper "code" activities with older children to introduce and reinforce concepts.
Once students have a clear understanding of visual coding, I move into text-based coding with Python. It's important to help students make the connection between new Python keywords and the Scratch blocks they already know. (Check out my [introduction to Python series][5] for more information.)
### Just the beginning
Whether you're an educator, after-school provider, or parent, join me in a series of articles as I explore how you can use coding to supercharge learning opportunities for your child, your students, or even yourself.
--------------------------------------------------------------------------------
via: https://opensource.com/article/20/9/my-students-taught-me-code
作者:[Jess Weichler][a]
选题:[lujun9972][b]
译者:[译者ID](https://github.com/译者ID)
校对:[校对者ID](https://github.com/校对者ID)
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出
[a]: https://opensource.com/users/cyanide-cupcake
[b]: https://github.com/lujun9972
[1]: https://opensource.com/sites/default/files/styles/image-full-size/public/lead-images/rh_003588_01_rd3os.combacktoschoolseriesgen_rh_032x_0.png?itok=cApG9aB4 (Student desk for open education)
[2]: https://scratch.mit.edu/
[3]: https://opensource.com/sites/default/files/uploads/codekids1_myfirstgame.png (Scratch game)
[4]: https://creativecommons.org/licenses/by-sa/4.0/
[5]: https://opensource.com/article/17/10/python-101

140
sources/tech/20200921 Installing and running Vagrant using qemu-kvm.md Normal file
View File

@ -0,0 +1,140 @@
[#]: collector: (lujun9972)
[#]: translator: ( )
[#]: reviewer: ( )
[#]: publisher: ( )
[#]: url: ( )
[#]: subject: (Installing and running Vagrant using qemu-kvm)
[#]: via: (https://fedoramagazine.org/vagrant-qemukvm-fedora-devops-sysadmin/)
[#]: author: (Andy Mott https://fedoramagazine.org/author/amott/)
Installing and running Vagrant using qemu-kvm
======
![][1]
Vagrant is a brilliant tool, used by DevOps professionals, coders, sysadmins and regular geeks to stand up repeatable infrastructure for development and testing. From their website:
> Vagrant is a tool for building and managing virtual machine environments in a single workflow. With an easy-to-use workflow and focus on automation, Vagrant lowers development environment setup time, increases production parity, and makes the “works on my machine” excuse a relic of the past.
>
> If you are already familiar with the basics of Vagrant, the documentation provides a better reference build for all available features and internals.
>
> Vagrant provides easy to configure, reproducible, and portable work environments built on top of industry-standard technology and controlled by a single consistent workflow to help maximize the productivity and flexibility of you and your team.
>
> <https://www.vagrantup.com/intro>
This guide will walk through the steps necessary to get Vagrant working on a Fedora-based machine.
I started with a minimal install of Fedora Server as this reduces the memory footprint of the host OS, but if you already have a working Fedora machine, either Server or Workstation, then this should still work.
### Check the machine supports virtualisation:
```
$ sudo lscpu | grep Virtualization
Virtualization: VT-x
Virtualization type: full
```
### Install qemu-kvm:
```
sudo dnf install qemu-kvm libvirt libguestfs-tools virt-install rsync
```
### Enable and start the libvirt daemon:
```
sudo systemctl enable --now libvirtd
```
### Install Vagrant:
```
sudo dnf install vagrant
```
### Install the Vagrant libvirtd plugin:
```
sudo vagrant plugin install vagrant-libvirt
```
### Add a box
```
vagrant box add fedora/32-cloud-base --provider=libvirt
```
### Create a minimal Vagrantfile to test
```
$ mkdir vagrant-test
$ cd vagrant-test
$ vi VagrantfileVagrant.configure("2") do |config|
config.vm.box = "fedora/32-cloud-base"
end
```
**Note the capitalisation of the file name and in the file itself.**
### Check the file:
```
vagrant statusCurrent machine states:
default not created (libvirt)
The Libvirt domain is not created. Run 'vagrant up' to create it.
```
### Start the box:
```
vagrant up
```
### Connect to your new machine:
```
vagrant ssh
```
Thats it you now have Vagrant working on your Fedora machine.
To stop the machine, use _vagrant halt_. This simply halts the machine but leaves the VM and disk in place.
To shut it down and delete it use _vagrant destroy_. This will remove the whole machine and any changes youve made in it.
### Next steps
You dont need to download boxes before issuing the _vagrant up_ command you can specify the box and the provider in the Vagrantfile directly and Vagrant will download it if its not already there. Below is an example which also sets the amount memory and number of CPUs:
```
# -*- mode: ruby -*-
# vi: set ft=ruby :
Vagrant.configure("2") do |config|
config.vm.box = "fedora/32-cloud-base"
config.vm.provider :libvirt do |libvirt|
libvirt.cpus = 1
libvirt.memory = 1024
end
end
```
For more information on using Vagrant, creating your own machines and using different boxes, see the official documentation at <https://www.vagrantup.com/docs>
There is a huge repository of boxes ready to download and use, and the official location for these is Vagrant Cloud <https://app.vagrantup.com/boxes/search>. Some are basic operating systems and some offer complete functionality such as databases, web servers etc.
--------------------------------------------------------------------------------
via: https://fedoramagazine.org/vagrant-qemukvm-fedora-devops-sysadmin/
作者:[Andy Mott][a]
选题:[lujun9972][b]
译者:[译者ID](https://github.com/译者ID)
校对:[校对者ID](https://github.com/校对者ID)
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出
[a]: https://fedoramagazine.org/author/amott/
[b]: https://github.com/lujun9972
[1]: https://fedoramagazine.org/wp-content/uploads/2020/09/vagrant-beginner-howto-816x346.png

407
sources/tech/20200923 Find security issues in Go code using gosec.md Normal file
View File

@ -0,0 +1,407 @@
[#]: collector: (lujun9972)
[#]: translator: ( )
[#]: reviewer: ( )
[#]: publisher: ( )
[#]: url: ( )
[#]: subject: (Find security issues in Go code using gosec)
[#]: via: (https://opensource.com/article/20/9/gosec)
[#]: author: (Gaurav Kamathe https://opensource.com/users/gkamathe)
Find security issues in Go code using gosec
======
Get started with gosec, the Golang security checker.
![A lock on the side of a building][1]
It's extremely common now to encounter code written in the [Go programming language][2], especially if you are working with containers, Kubernetes, or a cloud ecosystem. Docker was one of the first projects to adopt Golang, Kubernetes followed, and many new projects select Go over other programming languages.
Like any other language, Go has its share of strengths and weaknesses, which include security flaws. These can arise due to issues in the programming language itself coupled with insecure coding practices, such as memory safety issues in C code, for example.
Regardless of why they occur, security issues need to be fixed early in development to prevent them from creeping into shipped software. Fortunately, static analysis tools are available to help you tackle these issues in a more repeatable manner. Static analysis tools work by parsing source code written in a programming language and looking for issues.
Many of these tools are called linters. Traditionally, linters are more focused on finding programming issues, bugs, code style issues, and the like, and they may not find security issues in code. For example, [Coverity][3] is a popular tool that helps find issues in C/C++ code. However, there are tools that specifically seek out security issues in source code. For example, [Bandit][4] looks for security flaws in Python code. And [gosec][5] searches for security flaws in Go source code. Gosec scans the Go abstract syntax tree (AST) to inspect source code for security problems.
### Get started with gosec
To play around with gosec and learn how it works, you need a project written in Go. With a wide variety of open source software available, this shouldn't be a problem. You can find one by looking at the [trending Golang repositorties][6] on GitHub.
For this tutorial, I randomly chose the [Docker CE][7] project, but you can choose any Go project you want.
#### Install Go and gosec
If you do not already have Go installed, you can fetch it from your repository. If you use Fedora or another RPM-based Linux distribution:
```
`$ dnf install golang.x86_64`
```
Or you can visit the [Golang install][8] page for other options for your operating system.
Verify that Go is installed on your system using the `version` argument:
```
$ go version
go version go1.14.6 linux/amd64
$
```
Installing gosec is simply a matter of running the `go get` command:
```
$ go get github.com/securego/gosec/cmd/gosec
$
```
This downloads gosec's source code from GitHub, compiles it, and installs it in a specific location. You can find [other ways of installing the tools][9] in the repo's README.
Gosec's source code should be downloaded to the location set by `$GOPATH`, and the compiled binary will be installed in the `bin` directory you set for your system. To find out what `$GOPATH` and `$GOBIN` point to, run:
```
$ go env | grep GOBIN
GOBIN="/root/go/gobin"
$
$ go env | grep GOPATH
GOPATH="/root/go"
$
```
If the `go get` command worked, then the gosec binary should be available:
```
$
$ ls -l ~/go/bin/
total 9260
-rwxr-xr-x. 1 root root 9482175 Aug 20 04:17 gosec
$
```
You can add the `bin` directory in `$GOPATH` to the `$PATH` variable in your shell. This makes the gosec command-line interface (CLI) available just like any other command line on your system:
```
$ which gosec
/root/go/bin/gosec
$
```
Try running the gosec CLI with the `-help` option to see if it is working as expected:
```
$ gosec -help
gosec - Golang security checker
gosec analyzes Go source code to look for common programming mistakes that
can lead to security problems.
VERSION: dev
GIT TAG:
BUILD DATE:
USAGE:
```
Next, create a directory and get the source code for the demo project (Docker CE, in this case) using:
```
$ mkdir gosec-demo
$
$ cd gosec-demo/
$
$ pwd
/root/gosec-demo
$
$ git clone <https://github.com/docker/docker-ce.git>
Cloning into 'docker-ce'...
remote: Enumerating objects: 1271, done.
remote: Counting objects: 100% (1271/1271), done.
remote: Compressing objects: 100% (722/722), done.
remote: Total 431003 (delta 384), reused 981 (delta 318), pack-reused 429732
Receiving objects: 100% (431003/431003), 166.84 MiB | 28.94 MiB/s, done.
Resolving deltas: 100% (221338/221338), done.
Updating files: 100% (10861/10861), done.
$
```
A quick look at the source code shows that most of the project is written in Go—just what you need to tinker with gosec's features:
```
$ ./cloc /root/gosec-demo/docker-ce/
   10771 text files.
    8724 unique files.                                          
    2560 files ignored.
\-----------------------------------------------------------------------------------
Language                         files          blank        comment           code
\-----------------------------------------------------------------------------------
Go                                7222         190785         230478        1574580
YAML                                37           4831            817         156762
Markdown                           529          21422              0          67893
Protocol Buffers                   149           5014          16562          10071
```
### Run gosec with the default options
Run gosec on the Docker CE project using the default options by running `gosec ./...` from within the Git repo you just cloned. A lot of output will be shown on the screen. Towards the end, you should see a short `Summary` showing the number of files scanned, the number of lines in those files, and the issues it found in the source code:
```
$ pwd
/root/gosec-demo/docker-ce
$
$ time gosec ./...
[gosec] 2020/08/20 04:44:15 Including rules: default
[gosec] 2020/08/20 04:44:15 Excluding rules: default
[gosec] 2020/08/20 04:44:15 Import directory: /root/gosec-demo/docker-ce/components/engine/opts
[gosec] 2020/08/20 04:44:17 Checking package: opts
[gosec] 2020/08/20 04:44:17 Checking file: /root/gosec-demo/docker-ce/components/engine/opts/address_pools.go
[gosec] 2020/08/20 04:44:17 Checking file: /root/gosec-demo/docker-ce/components/engine/opts/env.go
[gosec] 2020/08/20 04:44:17 Checking file: /root/gosec-demo/docker-ce/components/engine/opts/hosts.go
# End of gosec run
Summary:
   Files: 1278
   Lines: 173979
   Nosec: 4
  Issues: 644
real    0m52.019s
user    0m37.284s
sys     0m12.734s
$
```
If you scroll through the output on the screen, you should see some lines highlighted in various colors: red indicates high-priority issues that need to be looked into first, and yellow indicates medium-priority issues.
#### About false positives
Before getting into the findings, I want to share some ground rules. By default, static analysis tools report _everything_ that they find to be an issue based on a set of rules that the tool compares against the code being tested. Does this mean that everything reported by the tool is an issue that needs to be fixed? Well, it depends. The best authorities on this question are the developers who designed and developed the software. They understand the code much better than anybody else, and more importantly, they understand the environment where the software will be deployed and how it will be used.
This knowledge is critical when deciding whether a piece of code flagged by a tool is actually a security flaw. Over time and with more experience, you will learn to tweak static analysis tools to ignore issues that are not security flaws and make the reports more actionable. So, an experienced developer doing a manual audit of the source code would be in a better position to decide whether an issue reported by gosec warrants attention or not.
#### High-priority issues
According to the output, gosec found a high-priority issue that Docker CE is using an old Transport Layer Security (TLS) version. Whenever possible, it's best to use the latest version of a software or library to ensure it is up to date and has no security issues.
```
[/root/gosec-demo/docker-ce/components/engine/daemon/logger/splunk/splunk.go:173] - G402 (CWE-295): TLS MinVersion too low. (Confidence: HIGH, Severity: HIGH)
    172:
  &gt; 173:        tlsConfig := &amp;tls.Config{}
    174:
```
It also found a weak random number generator. Depending on how the generated random number is used, you can decide whether or not this is a security flaw.
```
[/root/gosec-demo/docker-ce/components/engine/pkg/namesgenerator/names-generator.go:843] - G404 (CWE-338): Use of weak random number generator (math/rand instead of crypto/rand) (Confidence: MEDIUM, Severity: HIGH)
    842: begin:
  &gt; 843:        name := fmt.Sprintf("%s_%s", left[rand.Intn(len(left))], right[rand.Intn(len(right))])
    844:        if name == "boring_wozniak" /* Steve Wozniak is not boring */ {
```
#### Medium-priority issues
The tool also found some medium-priority issues. It flagged a potential denial of service (DoS) vulnerability by way of a decompression bomb related to a tar that could possibly be exploited by a malicious actor.
```
[/root/gosec-demo/docker-ce/components/engine/pkg/archive/copy.go:357] - G110 (CWE-409): Potential DoS vulnerability via decompression bomb (Confidence: MEDIUM, Severity: MEDIUM)
    356:
  &gt; 357:                        if _, err = io.Copy(rebasedTar, srcTar); err != nil {
    358:                                w.CloseWithError(err)
```
It also found an issue related to a file that is included by way of a variable. If malicious users take control of this variable, they could change its contents to read a different file.
```
[/root/gosec-demo/docker-ce/components/cli/cli/context/tlsdata.go:80] - G304 (CWE-22): Potential file inclusion via variable (Confidence: HIGH, Severity: MEDIUM)
    79:         if caPath != "" {
  &gt; 80:                 if ca, err = ioutil.ReadFile(caPath); err != nil {
    81:                         return nil, err
```
File and directory permissions are often the basic building blocks of security on an operating system. Here, gosec identified an issue where you might need to check whether the permissions for a directory are secure or not.
```
[/root/gosec-demo/docker-ce/components/engine/contrib/apparmor/main.go:41] - G301 (CWE-276): Expect directory permissions to be 0750 or less (Confidence: HIGH, Severity: MEDIUM)
    40:         // make sure /etc/apparmor.d exists
  &gt; 41:         if err := os.MkdirAll(path.Dir(apparmorProfilePath), 0755); err != nil {
    42:                 log.Fatal(err)
```
Often, you need to launch command-line utilities from source code. Go uses the built-in exec library to do this task. Carefully analyzing the variable used to spawn such utilities can uncover security flaws.
```
[/root/gosec-demo/docker-ce/components/engine/testutil/fakestorage/fixtures.go:59] - G204 (CWE-78): Subprocess launched with variable (Confidence: HIGH, Severity: MEDIUM)
    58:
  &gt; 59:              cmd := exec.Command(goCmd, "build", "-o", filepath.Join(tmp, "httpserver"), "github.com/docker/docker/contrib/httpserver")
    60:                 cmd.Env = append(os.Environ(), []string{
```
#### Low-severity issues
In this output, gosec identified low-severity issues related to "unsafe" calls, which typically bypass all the memory protections that Go provides. Closely analyze your use of "unsafe" calls to see if they can be exploited in any way possible.
```
[/root/gosec-demo/docker-ce/components/engine/pkg/archive/changes_linux.go:264] - G103 (CWE-242): Use of unsafe calls should be audited (Confidence: HIGH, Severity: LOW)
    263:        for len(buf) &gt; 0 {
  &gt; 264:                dirent := (*unix.Dirent)(unsafe.Pointer(&amp;buf[0]))
    265:                buf = buf[dirent.Reclen:]
[/root/gosec-demo/docker-ce/components/engine/pkg/devicemapper/devmapper_wrapper.go:88] - G103 (CWE-242): Use of unsafe calls should be audited (Confidence: HIGH, Severity: LOW)
    87: func free(p *C.char) {
  &gt; 88:         C.free(unsafe.Pointer(p))
    89: }
```
It also flagged unhandled errors in the source codebase. You are expected to handle cases where errors could arise in the source code.
```
[/root/gosec-demo/docker-ce/components/cli/cli/command/image/build/context.go:172] - G104 (CWE-703): Errors unhandled. (Confidence: HIGH, Severity: LOW)
    171:                err := tar.Close()
  &gt; 172:                os.RemoveAll(dockerfileDir)
    173:                return err
```
### Customize gosec scans
Using gosec with its defaults brings up many kinds of issues. However, with manual auditing and over time, you learn which issues don't need to be flagged. You can customize gosec to exclude or include certain tests.
As I mentioned above, gosec uses a set of rules to find problems in Go source code. Here is a complete list of the [rules][10] it uses:
* G101: Look for hard coded credentials
* G102: Bind to all interfaces
* G103: Audit the use of unsafe block
* G104: Audit errors not checked
* G106: Audit the use of ssh.InsecureIgnoreHostKey
* G107: Url provided to HTTP request as taint input
* G108: Profiling endpoint automatically exposed on /debug/pprof
* G109: Potential Integer overflow made by strconv.Atoi result conversion to int16/32
* G110: Potential DoS vulnerability via decompression bomb
* G201: SQL query construction using format string
* G202: SQL query construction using string concatenation
* G203: Use of unescaped data in HTML templates
* G204: Audit use of command execution
* G301: Poor file permissions used when creating a directory
* G302: Poor file permissions used with chmod
* G303: Creating tempfile using a predictable path
* G304: File path provided as taint input
* G305: File traversal when extracting zip/tar archive
* G306: Poor file permissions used when writing to a new file
* G307: Deferring a method which returns an error
* G401: Detect the usage of DES, RC4, MD5 or SHA1
* G402: Look for bad TLS connection settings
* G403: Ensure minimum RSA key length of 2048 bits
* G404: Insecure random number source (rand)
* G501: Import blocklist: crypto/md5
* G502: Import blocklist: crypto/des
* G503: Import blocklist: crypto/rc4
* G504: Import blocklist: net/http/cgi
* G505: Import blocklist: crypto/sha1
* G601: Implicit memory aliasing of items from a range statement
#### Exclude specific tests
You can customize gosec to prevent it from looking for and reporting on issues that are safe. To ignore specific issues, you can use the `-exclude` flag with the rule codes above.
For example, if you don't want gosec to find unhandled errors related to hardcoding credentials in source code, you can ignore them by running:
```
$ gosec -exclude=G104 ./...
$ gosec -exclude=G104,G101 ./...
```
Sometimes, you know an area of source code is safe, but gosec keeps reporting it as an issue. However, you don't want to exclude that check completely because you want gosec to scan new code added to the codebase. To prevent gosec from scanning the area you know is safe, add a `#nosec` flag to that part of the source code. This ensures gosec continues to scan new code for an issue but ignores the area flagged with `#nosec`.
#### Run specific checks
On the other hand, if you need to focus on specific issues, you can use tell gosec to run those checks by using the `-include` option with the rule codes:
```
`$ gosec -include=G201,G202 ./...`
```
#### Scan test files
The Go language has built-in support for testing that uses unit tests to verify whether a component works as expected. In default mode, gosec ignores test files, but if you want them included in the scan, use the `-tests` flag:
```
`gosec -tests ./...`
```
#### Change the output format
Finding issues is only part of the picture; the other part is reporting what it finds in a way that is easy for humans and tools to consume. Fortunately, gosec can output results in a variety of ways. For example, if you want to get reports in JSON format, use the `-fmt` option to specify JSON and save the results in a `results.json` file:
```
$ gosec -fmt=json -out=results.json ./...
$ ls -l results.json
-rw-r--r--. 1 root root 748098 Aug 20 05:06 results.json
$
         {
             "severity": "LOW",
             "confidence": "HIGH",
             "cwe": {
                 "ID": "242",
                 "URL": "<https://cwe.mitre.org/data/definitions/242.html>"
             },
             "rule_id": "G103",
             "details": "Use of unsafe calls should be audited",
             "file": "/root/gosec-demo/docker-ce/components/engine/daemon/graphdriver/graphtest/graphtest_unix.go",
             "code": "304: \t// Cast to []byte\n305: \theader := *(*reflect.SliceHeader)(unsafe.Pointer(\u0026buf))\n306: \theader.      Len *= 8\n",
             "line": "305",
             "column": "36"
         },
```
### Find low-hanging fruit with gosec
A static analysis tool is not a replacement for manual code audits. However, when a codebase is large with many people contributing to it, such a tool often helps find low-hanging fruit in a repeatable way. It is also useful for helping new developers identify and avoid writing code that introduces these security flaws.
--------------------------------------------------------------------------------
via: https://opensource.com/article/20/9/gosec
作者:[Gaurav Kamathe][a]
选题:[lujun9972][b]
译者:[译者ID](https://github.com/译者ID)
校对:[校对者ID](https://github.com/校对者ID)
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出
[a]: https://opensource.com/users/gkamathe
[b]: https://github.com/lujun9972
[1]: https://opensource.com/sites/default/files/styles/image-full-size/public/lead-images/BUSINESS_3reasons.png?itok=k6F3-BqA (A lock on the side of a building)
[2]: https://golang.org/
[3]: https://www.synopsys.com/software-integrity/security-testing/static-analysis-sast.html
[4]: https://pypi.org/project/bandit/
[5]: https://github.com/securego/gosec
[6]: https://github.com/trending/go
[7]: https://github.com/docker/docker-ce
[8]: https://golang.org/doc/install
[9]: https://github.com/securego/gosec#install
[10]: https://github.com/securego/gosec#available-rules

77
sources/tech/20200925 5 questions to ask yourself when writing project documentation.md Normal file
View File

@ -0,0 +1,77 @@
[#]: collector: (lujun9972)
[#]: translator: ( )
[#]: reviewer: ( )
[#]: publisher: ( )
[#]: url: ( )
[#]: subject: (5 questions to ask yourself when writing project documentation)
[#]: via: (https://opensource.com/article/20/9/project-documentation)
[#]: author: (Alexei Leontief https://opensource.com/users/alexeileontief)
5 questions to ask yourself when writing project documentation
======
Using some of the basic principles of effective communication can help
you create well-written, informative project documents that align with
your brand.
![A person writing.][1]
Before getting down to the actual writing part of documenting another one of your open source projects, and even before interviewing the experts, it's a good idea to answer some high-level questions about your new document.
Renowned communication theorist Harold Lasswell wrote in his 1948 article, _The Structure and Function of Communication in Society_:
> [A] convenient way to describe an act of communication is to answer the following questions:
>
> * Who
> * Says what
> * In which channel
> * To whom
> * With what effect?
>
As a technical communicator, you can apply Lasswell's theory and answer similar questions about your document to communicate your message better and with the desired effect.
### Who—Who is the document owner?
Or, what company is behind the document? What brand identity does it want to convey to its audience? The answer to this question will significantly influence your writing style. The company may also have its own style guide or at least a formal mission statement, in which case, you should start there.
If the company is just starting out, you may ask the questions above to the document's owner. As the writer, it's important to integrate the voice and persona you create for the company with your own worldview and beliefs. This will make your writing sound more natural and less like company jargon.
### Says what—What is the document type?
What information do you need to communicate? What type of document is it: a user guide, API reference, release notes, etc.? Many document types will have templates or generally agreed-upon structures that will give you a place to start and help ensure you include all the necessary information.
### In which channel—What is the format of the document?
With technical documents, the channel of communication often informs the final format of your doc, i.e., whether it's going to be a PDF, HTML, a text file, etc. This will, most likely, also determine the tools you should use to write your document.
### To whom—Who is the target audience?
Who will read this document? What is their level of knowledge? What are their job responsibilities and their main challenges? These questions will help you determine what you should cover, whether or not you should go into details, whether you can use any specific terms, etc. In some cases, the answers to these questions can even influence the complexity of syntax that you should use.
### With what effect—What is the purpose of the document?
This is where you should define what problem(s) this document is expected to solve for its prospective readers, or what questions it should answer for them. For example, the purpose of your document can be to teach your customers to work with your product.
At this point, you may refer to the approach suggested by [Divio][2]. According to this approach, you can assign any document one of four types, depending on the document's general orientation: learning, solving a problem, understanding, or getting information.
Another good question to ask at this stage is what business problem this document is meant to solve (for example, how to cut down support costs.) With a business problem in mind, you may see an important angle for your writing.
### Conclusion
The questions above are designed to help you form the basis for effective communication and ensure your document covers everything it should. You can break them down into your own checklist of questions and keep them around for whenever you have a document to create. This checklist may also come in handy when you become stuck, confronted with a blank page. It will hopefully inspire you and help you generate ideas.
--------------------------------------------------------------------------------
via: https://opensource.com/article/20/9/project-documentation
作者:[Alexei Leontief][a]
选题:[lujun9972][b]
译者:[译者ID](https://github.com/译者ID)
校对:[校对者ID](https://github.com/校对者ID)
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出
[a]: https://opensource.com/users/alexeileontief
[b]: https://github.com/lujun9972
[1]: https://opensource.com/sites/default/files/styles/image-full-size/public/lead-images/rh_003784_02_os.comcareers_resume_rh1x.png?itok=S3HGxi6E (A person writing.)
[2]: https://documentation.divio.com/

151
sources/tech/20200925 Code your first algorithm in Scratch.md Normal file
View File

@ -0,0 +1,151 @@
[#]: collector: (lujun9972)
[#]: translator: ( )
[#]: reviewer: ( )
[#]: publisher: ( )
[#]: url: ( )
[#]: subject: (Code your first algorithm in Scratch)
[#]: via: (https://opensource.com/article/20/9/scratch)
[#]: author: (Jess Weichler https://opensource.com/users/cyanide-cupcake)
Code your first algorithm in Scratch
======
Learn how to get started with Scratch in this article in a series about
teaching kids to code.
![The back of a kid head][1]
With more kids learning from home this year, it's important to engage them with unique learning opportunities. The classroom looks very different than it did before, and it's going to continue to evolve. So should the lessons we teach.
In the [first article][2] in this series, I shared how my students taught me to code. Over the next few weeks, I will be exploring how educators and parents can harness the power of coding to teach kids a wide variety of skills.
"But I don't know anything about coding!" you may be shouting at your computer. That's one of the beauties of open source code: everyone is a learner, and everyone is a teacher. Whether you're new to coding or you've been doing it all your life, part of the process is making mistakes. It's all about problem-solving and learning how to find information. The greatest tool an educator has in a coding classroom is the phrase, "I don't know; let's find out together!"
So, let's begin!
### What is code?
Code is how you get a computer to do what you want it to do. Laptops, smartphones, video-game consoles, and even washing machines use code to work. And despite advancements in machine learning and AI, somebody has to write that code.
Coders (also known as programmers) are the people who write code. But what is code, really? What exactly are programmers writing when they create software or fine-tune hardware?
Code is made up of _algorithms_: highly structured and ordered lists of instructions, much like a recipe. Because computers aren't actually smart, these instructions are written in _code_ that must be parsed and compiled and transformed into _machine language_. Only then can computers perform the actions that programmers dictate. The key is to learn the syntax of the code so you can write words in the required order so that computers can decipher and process them.
### What is Scratch?
[Scratch][3] is a great platform for kids learning to code. It is a visual programming language designed for ages 8 and up. It uses drag-and-drop blocks that snap together to create animations, quizzes, and video games. Traditional coding requires a lot of typing without making any spelling errors, and the visual nature of Scratch makes it easy for young writers to learn to code without getting bogged down with spelling errors.
Scratch is not just about coding, though. It also encourages an open online community by empowering users to share and remix projects. There's also an offline version available for classrooms and households with limited internet connectivity.
### Learn the lingo
Even if a child has used Scratch before, this lesson is important for ensuring they understand coding terminology and logic.
![Scratch interface][4]
(Jess Weichler, [CC BY-SA 4.0][5])
Using Scratch, you can create video games using **code blocks** that snap together to form a script. A **script** is an ordered list of instructions, like a recipe. Another word for "script" is **algorithm**.
A **sprite** is a character or object in the game. The **stage** is the background of the game. Scripts can be used to control sprites and the stage.
Every script starts with a special code block called an **event hat**. These blocks have rounded tops. An event hat waits for something to happen before running all the code blocks underneath it.
Scratch follows scripts exactly, so you must be specific when telling it what to do.
### Get coding
Try the following challenges to get started on your coding journey.
#### Challenge #1: Create a simple algorithm to move a sprite right when you press the right arrow key.
Did your algorithm work as you expected? Does your sprite move right when the right arrow is pressed? How did you do it?
When coding, there are often multiple solutions to a problem. Here are two of the most common ways you may have coded the sprite to move when the right arrow is pressed:
![Possibility One: When right arrow pressed, move 10 steps . Possibility Two: When right arrow pressed, change x by 10.][6]
(Jess Weichler, [CC BY-SA 4.0][5])
Let's experiment.
* What happens if you change the number?
* What happens when your sprite reaches the edge of the screen?
* What motion code block could prevent the sprite from disappearing when it reaches the edge?
![Possibility One: When right arrow pressed, move 15 steps, if on edge, bounce. Possibility Two: When right arrow pressed, change x by 15, if on edge, bounce][7]
(Jess Weichler, [CC BY-SA 4.0][5])
Now what happens? How can you solve it?
To stop the sprite from flipping upside-down after hitting an edge: select the sprite and click **Direction**. Select the **Left/Right** icon or the **Do Not Rotate** icon.
![Scratch code][8]
(Jess Weichler, [CC BY-SA 4.0][5])
Errors in code, such as this, are called **bugs**. Bugs are a normal part of coding.
Fixing code is called **debugging**.
Test your game again. Do you notice any more bugs?
* If your sprite is bouncing off the right side of the screen, you are ready for the next challenge.
* If, when your sprite touches the right side of the screen, it starts moving left when you press the right arrow, add one more code block to the algorithm.
![Possibility One: When right arrow pressed, point in direction 90, move 15 steps, if on edge, bounce. Possibility Two: No change][9]
(Jess Weichler, [CC BY-SA 4.0][5])
#### Challenge #2: Make the sprite move left when you press the left arrow.
You have all the skills and knowledge you need to ace this challenge! How will you complete it?
[Click here for my solution][10].
If you're using a screen reader, or you prefer text, select this spoiler text to reveal the answer:
**Possibility One:** When right arrow pressed, point in direction 90, move 15 steps, if on edge, bounce
When left arrow pressed, point in direction -90, move 15 steps, if on edge, bounce
**Possibility Two:** When right arrow pressed, change x by 15, if on edge, bounce
When left arrow pressed, change x by -15, if on edge, bounce
When you're happy with what you've made, name and save your project. Do not select "save as" or "save a copy," as this will create a duplicate project. Just click **Save** or **Save Now**.
Congratulations, you've created your first two algorithms!
### Don't stop here
Coding is all about experimenting and iterating until you get the desired result. This is one of many reasons I love it as a teaching tool. And don't stop with just this introductory lesson.
Pose a problem and try to solve it with Scratch. For instance, can you make a game in which the Scratch cat finds an object and "eats" it? Look through the available blocks and formulate a plan, then construct a script.
Most importantly, don't give up, and remember, there's no wrong answer! It's all about creativity, being inventive, and having fun.
--------------------------------------------------------------------------------
via: https://opensource.com/article/20/9/scratch
作者:[Jess Weichler][a]
选题:[lujun9972][b]
译者:[译者ID](https://github.com/译者ID)
校对:[校对者ID](https://github.com/校对者ID)
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出
[a]: https://opensource.com/users/cyanide-cupcake
[b]: https://github.com/lujun9972
[1]: https://opensource.com/sites/default/files/styles/image-full-size/public/lead-images/idea_innovation_kid_education.png?itok=3lRp6gFa (The back of a kid head)
[2]: https://opensource.com/article/20/9/how-my-students-taught-me-code
[3]: https://scratch.mit.edu/
[4]: https://opensource.com/sites/default/files/uploads/codekids2_1_interface.png (Scratch interface)
[5]: https://creativecommons.org/licenses/by-sa/4.0/
[6]: https://opensource.com/sites/default/files/uploads/codekids2_2_code.png (Scratch code)
[7]: https://opensource.com/sites/default/files/uploads/codekids2_3_code.png (Scratch code)
[8]: https://opensource.com/sites/default/files/uploads/codekids2_4_code.png (Scratch code)
[9]: https://opensource.com/sites/default/files/uploads/codekids2_5_code.png (Scratch code)
[10]: https://opensource.com/sites/default/files/scratch3-left-right_answer.png

214
sources/tech/20200926 10 Open Source Static Site Generators to Create Fast and Resource-Friendly Websites.md Normal file
View File

@ -0,0 +1,214 @@
[#]: collector: (lujun9972)
[#]: translator: ( )
[#]: reviewer: ( )
[#]: publisher: ( )
[#]: url: ( )
[#]: subject: (10 Open Source Static Site Generators to Create Fast and Resource-Friendly Websites)
[#]: via: (https://itsfoss.com/open-source-static-site-generators/)
[#]: author: (Ankush Das https://itsfoss.com/author/ankush/)
10 Open Source Static Site Generators to Create Fast and Resource-Friendly Websites
======
_**Brief: Looking to deploy a static web-page? No need to fiddle with HTML and CSS. These open source static website generators will help you deploy beautiful, functional static websites in no time.**_
### What is a static website?
Technically, a static website means the webpages are not generated on the server dynamically. The HTML, CSS, JavaScript lie on the server in the version the end user receives it. The raw source code files are already prebuilt, the source code doesnt change with the next server request.
Its FOSS is a dynamic website which depends on several databases and the web pages are generated and served when theres a request from your browser. Majority of the web is powered by dynamic sites where you interact with the websites and there are plenty of content that often change.
Static websites give you a few benefits like faster loading times, less server resource requirements, and better security (debatable?).
Traditionally, static websites are more suitable for creating small websites with only a few pages and where the content doesnt change too often.
This, however, is changing thanks to static website generator tools and you can use them to create blogs as well.
I have compiled a list of open source static site generators that can help you build a beautiful website.
### Best Open Source Static Site Generators
Its worth noting that you will not get complex functionality on a static website. In that case, you might want to check out our list of [best open source CMS][1] for dynamic websites.
#### 1\. Jekyll
![][2]
Jekyll is one of the most popular open source static generator built using [Ruby][3]. In fact, Jekyll is the engine behind [GitHub pages][4] which lets you host websites using GitHub for free.
Setting up Jekyll is easy across multiple platforms which includes Ubuntu as well. It utilizes [Markdown][5], [Liquid][5] (for template), HTML, and CSS to generate the static site files. It is also a pretty good option if you want to build a blog without advertisements or a product page to promote your tool or service.
Also, it supports migrating your blog from popular CMSs like Ghost, WordPress, Drupal 7, and more. You get to manage permalinks, categories, pages, posts, and custom layouts, which is nice. So, even if you already have an existing website that you want to convert to a static site, Jekyll should be a perfect solution. You can learn more about it by exploring the [official documentation][6] or its [GitHub page][7].
[Jekyll][8]
#### 2\. Hugo
![][9]
Hugo is yet another popular open source framework for building static sites. Its built using the [Go programming language][10].
It is fast, simple, and reliable. You also get some advanced theming support if you need it. It also offers some useful shortcuts to help you get things done easily. No matter whether its a portfolio site or a blog, Hugo is capable enough to manage a variety of content types.
To get started, you can follow its [official documentation][11] or go through its [GitHub page][12] to install it and learn more about its usage. You can also deploy Hugo on GitHub pages or any CDN if required.
[Hugo][13]
#### 3\. Hexo
![][14]
Hexo is an interesting open-source framework powered by [Node.js][15]. Similar to others, you will end up creating blazing fast websites but you will also get a good collection of themes and plugins.
You do get a powerful API here to extend functionality as per your requirements as well. If you already have a website, you can simply use its [Migrator][16] extension as well.
To get started, you can go through the [official documentation][17] or just explore their [GitHub page][18].
[Hexo][19]
#### 4\. Gatsby
![][20]
Gatsby is an increasingly open-source popular site generator framework. It utilizes [React.js][21] for creating fast and beautiful websites.
I was quite interested to give this a try for some experimental projects a few years back and it is impressive to see the availability thousands of new plugins and themes. Unlike other static site generators, you can use Gatsby to generate a site and get the benefits of static sites without losing any features.
It offers a lot of useful integrations from popular services. Of course, you can keep it simple or use it coupled with a popular CMS of your choice, which should be interesting. You can take a look at their [official documentation][22] and its [GitHub page][23] to find out more on it.
[Gatsby][24]
#### 5\. VuePress
![][25]
VuePress is a static site generator powered by [Vue.js][26] which happens to be an open-source progressive JavaScript framework.
If you know HTML, CSS, and JavaScript, you can easily get started using VuePress. You should find several useful plugins and themes to get a head start on building your site. Also, it seems like Vue.js is being actively improved and has the attention of more developers, which is a good thing.
You can learn more about it through their [official guide][27] and the [GitHub page][28].
[VuePress][29]
#### 6\. Nuxt.js
![][30]
Nuxt.js utilizes Vue.js and Node.js but it focuses on providing modularity and has the ability to rely on the server-side instead of the client-side. Not just that, it aims to provide an intuitive experience to the developers with descriptive errors, and detailed documentations among other things.
As it claims, Nuxt.js should be the best of both world with all of its features and flexibility that you get to build a static website. They also offer a [Nuxt Online sandbox][31] to let you directly test it without a lot of effort.
You can explore its [GitHub page][32] or visit the [official][33] [][33][site][33] to get more details.
#### 7\. Docusaurus
![][34]
Docusaurus is an interesting open-source static site generator tailored for building documentation websites. It happens to be a part of [Facebooks open source initiative][35].
It is built using React. You get all the essential features like document versioning, document search, and translation mostly pre-configured. If youre planning to build a documentation website for any of your products/services, this should be a good start.
You can learn more about it on its [GitHub page][36] and its [official website][37].
[Docusaurus][37]
#### 8\. Eleventy
![][38]
Eleventy describes itself as an alternative to Jekyll and aims for a simpler approach to make faster static websites.
It seems easy to get started and it also offers proper documentation to help you out. If you want a simple static site generator that gets the job done, Eleventy seems to be an interesting choice.
You can explore more about it on its [GitHub page][39] and visit the [official website][40] for more details.
[Eleventy][40]
#### 9\. Publii
![][41]
Publii is an impressive open-source CMS that makes it easy to generate a static site. Its built using [Electron][42] and Vue.js. You can also migrate your posts from a WordPress site if needed. In addition to that, it offers several one-click synchronizations with GitHub Pages, Netlify, and similar services.
You also get a WYSIWYG editor if you utilize Publii to generate a static site. To get started, visit the [official website][43] to download it or explore its [GitHub page][44] for more information.
[Publii][43]
#### 10\. Primo
![][45]
An interesting open-source static site generator which is still in active development. Even though its not a full-fledged solution with all the features compared to other static generators, it is a unique project.
Primo aims to help you build and develop a site using a visual builder which can be easily edited and deployed to any host of your choice.
You can visit the [official website][46] or explore its [GitHub page][47] for more information.
[Primo][46]
### Wrapping Up
There are a lot of other site generators available out there. However, Ive tried to mention the best static generators that gives you the fastest loading times, the best security, and an impressive flexibility.
Did I miss any of your favorites? Let me know in the comments below.
--------------------------------------------------------------------------------
via: https://itsfoss.com/open-source-static-site-generators/
作者:[Ankush Das][a]
选题:[lujun9972][b]
译者:[译者ID](https://github.com/译者ID)
校对:[校对者ID](https://github.com/校对者ID)
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出
[a]: https://itsfoss.com/author/ankush/
[b]: https://github.com/lujun9972
[1]: https://itsfoss.com/open-source-cms/
[2]: https://i1.wp.com/itsfoss.com/wp-content/uploads/2018/01/jekyll-screenshot.jpg?resize=800%2C450&ssl=1
[3]: https://www.ruby-lang.org/en/
[4]: https://pages.github.com/
[5]: https://github.com/Shopify/liquid/wiki
[6]: https://jekyllrb.com/docs/
[7]: https://github.com/jekyll/jekyll
[8]: https://jekyllrb.com/
[9]: https://i2.wp.com/itsfoss.com/wp-content/uploads/2020/09/hugo.jpg?resize=800%2C414&ssl=1
[10]: https://golang.org/
[11]: https://gohugo.io/getting-started/
[12]: https://github.com/gohugoio/hugo
[13]: https://gohugo.io/
[14]: https://i2.wp.com/itsfoss.com/wp-content/uploads/2020/09/hexo.jpg?resize=800%2C213&ssl=1
[15]: https://nodejs.org/en/
[16]: https://hexo.io/api/migrator.html
[17]: https://hexo.io/docs/
[18]: https://github.com/hexojs/hexo
[19]: https://hexo.io/
[20]: https://i0.wp.com/itsfoss.com/wp-content/uploads/2020/09/gatsbyjs.png?resize=800%2C388&ssl=1
[21]: https://reactjs.org/
[22]: https://www.gatsbyjs.com/docs/
[23]: https://github.com/gatsbyjs/gatsby
[24]: https://www.gatsbyjs.com/
[25]: https://i0.wp.com/itsfoss.com/wp-content/uploads/2020/09/VuePress.jpg?resize=800%2C498&ssl=1
[26]: https://vuejs.org/
[27]: https://vuepress.vuejs.org/guide/
[28]: https://github.com/vuejs/vuepress
[29]: https://vuepress.vuejs.org/
[30]: https://i2.wp.com/itsfoss.com/wp-content/uploads/2020/09/nuxtjs.jpg?resize=800%2C415&ssl=1
[31]: https://template.nuxtjs.org/
[32]: https://github.com/nuxt/nuxt.js
[33]: https://nuxtjs.org/
[34]: https://i2.wp.com/itsfoss.com/wp-content/uploads/2020/09/docusaurus.jpg?resize=800%2C278&ssl=1
[35]: https://opensource.facebook.com/
[36]: https://github.com/facebook/docusaurus
[37]: https://docusaurus.io/
[38]: https://i1.wp.com/itsfoss.com/wp-content/uploads/2020/09/eleventy.png?resize=800%2C375&ssl=1
[39]: https://github.com/11ty/eleventy/
[40]: https://www.11ty.dev/
[41]: https://i0.wp.com/itsfoss.com/wp-content/uploads/2020/09/publii.jpg?resize=800%2C311&ssl=1
[42]: https://www.electronjs.org
[43]: https://getpublii.com/
[44]: https://github.com/GetPublii/Publii
[45]: https://i1.wp.com/itsfoss.com/wp-content/uploads/2020/09/primo-af.jpg?resize=800%2C394&ssl=1
[46]: https://primo.af/
[47]: https://github.com/primo-app/primo-desktop

68
sources/tech/20200926 Cisco turns out security patches 25 high-threat flaws for IOS, IOS XE.md Normal file
View File

@ -0,0 +1,68 @@
[#]: collector: (lujun9972)
[#]: translator: ( )
[#]: reviewer: ( )
[#]: publisher: ( )
[#]: url: ( )
[#]: subject: (Cisco turns out security patches 25 high-threat flaws for IOS, IOS XE)
[#]: via: (https://www.networkworld.com/article/3583654/cisco-turns-out-security-patches-25-high-threat-flaws-for-ios-ios-xe.html)
[#]: author: (Michael Cooney https://www.networkworld.com/author/Michael-Cooney/)
Cisco turns out security patches 25 high-threat flaws for IOS, IOS XE
======
Cisco this week posted 25 security advisories defining 34 vulnerabilities rated high that should be fixed right away
[Nathan Cowley / Ivanastar / Getty Images][1]
If you are a security admin with lots of systems running Cisco IOS and IOS XE software today is decidedly not your day.
Cisco this week posted 25 “High” rated security advisories that stem from 34 vulnerabilities the company suggests should be fixed as soon as possible. The vulnerabilities impact a wide-range of Cisco gear as IOS and IOS XE are the companys most widely used operating systems. The warnings affect firewalls, wireless access points and switches.
[Network pros react to new Cisco certification curriculum][2]
For example, one of the highest rated threats--with an 8.6 out of 10 threat level, are [multiple vulnerabilities][3] in the Zone-Based Firewall feature of Cisco IOS XE Software that could let an remote attacker to cause the device to reload or stop forwarding traffic through the [firewall][4],resulting in a denial of service (DoS).
Cisco stated that the vulnerabilities are due to incomplete handling of Layer 4 packets through the device. An attacker could exploit these vulnerabilities by sending a certain sequence of traffic patterns through the device. 
Another 8.6-rated vulnerability involves the [Split DNS feature][5] of Cisco IOS Software and Cisco IOS XE Software could let an unauthenticated, remote attacker cause an affected device to reload, resulting in a DoS condition.
“The vulnerability occurs because the regular expression (regex) engine that is used with the Split [DNS][6] feature of affected releases may time out when it processes the DNS name list configuration. An attacker could exploit this vulnerability by trying to resolve an address or hostname that the affected device handles,” Cisco stated.
Still another 8.6-rated security threat involves a vulnerability in the [DHCP][7] message handler of Cisco IOS XE Software for Cisco cBR-8 Converged Broadband Routers.  The vulnerability is due to insufficient error handling when DHCP version 4 (DHCPv4) messages are parsed. An attacker could exploit this vulnerability by sending a malicious DHCPv4 message to or through a WAN interface of an affected device. A successful exploit could allow the attacker to cause a reload of the affected device, Cisco stated.
Some of the other threat advisories include:
* A vulnerability in the [WPA2 and WPA3 security implementation][8] of Cisco IOS XE Wireless Controller Software for the Cisco Catalyst 9000 Family could let an unauthenticated, adjacent attacker send a crafted authentication packet to an affected device. A successful exploit could cause it to reload, resulting in a DoS condition. The vulnerability is due to incorrect packet processing during the WPA2 and WPA3 authentication handshake when configured for dot1x or pre-shared key (PSK) authentication key management (AKM) with 802.11r BSS Fast Transition (FT) enabled, Cisco stated.
* A vulnerability in the [Umbrella Connector][9] component of Cisco IOS XE Software for Cisco Catalyst 9200 Series Switches could allow an unauthenticated, remote attacker to trigger a reload, resulting in a DOS condition on an affected device. The vulnerability is due to insufficient error handling when parsing DNS requests. An attacker could exploit this vulnerability by sending a series of malicious DNS requests to an Umbrella Connector client interface of an affected device.
* Multiple vulnerabilities in the [web management framework of Cisco IOS XE][10] Software could allow an authenticated, remote attacker with read-only privileges to elevate them to _Administrator_ on an affected device. For example, a vulnerability in the APIs of the web management framework of Cisco IOS XE Software could lead to such an attack. Another weakness in the authentication controls of the web management framework of Cisco IOS XE Software could allow an authenticated, remote attacker with read-only privileges to elevate privileges to _Administrator_ on an affected device.
Workarounds are not available, but patches or software updates addressing all of the vulnerabilities are [available][11], Cisco stated.
Join the Network World communities on [Facebook][12] and [LinkedIn][13] to comment on topics that are top of mind.
--------------------------------------------------------------------------------
via: https://www.networkworld.com/article/3583654/cisco-turns-out-security-patches-25-high-threat-flaws-for-ios-ios-xe.html
作者:[Michael Cooney][a]
选题:[lujun9972][b]
译者:[译者ID](https://github.com/译者ID)
校对:[校对者ID](https://github.com/校对者ID)
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出
[a]: https://www.networkworld.com/author/Michael-Cooney/
[b]: https://github.com/lujun9972
[1]: https://www.pexels.com/photo/man-in-blue-and-brown-plaid-dress-shirt-touching-his-hair-897817/
[2]: https://www.networkworld.com/article/3446044/network-pros-react-to-new-cisco-certification-curriculum.html
[3]: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-zbfw-94ckG4G
[4]: https://www.networkworld.com/article/3230457/what-is-a-firewall-perimeter-stateful-inspection-next-generation.html
[5]: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-splitdns-SPWqpdGW
[6]: https://www.networkworld.com/article/3268449/what-is-dns-and-how-does-it-work.html
[7]: https://www.networkworld.com/article/3299438/dhcp-defined-and-how-it-works.html
[8]: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-wpa-dos-cXshjerc
[9]: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxe-umbrella-dos-t2QMUX37
[10]: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ios-webui-priv-esc-K8zvEWM#d
[11]: https://tools.cisco.com/security/center/home.x
[12]: https://www.facebook.com/NetworkWorld/
[13]: https://www.linkedin.com/company/network-world

83
translated/talk/20200625 Wi-Fi 6E- When it-s coming and what it-s good for.md
View File

@ -1,83 +0,0 @@
[#]: collector: (lujun9972)
[#]: translator: ( chenmu-kk )
[#]: reviewer: ( )
[#]: publisher: ( )
[#]: url: ( )
[#]: subject: (Wi-Fi 6E: When its coming and what its good for)
[#]: via: (https://www.networkworld.com/article/3563832/wi-fi-6e-when-its-coming-and-what-its-good-for.html)
[#]: author: (Zeus Kerravala https://www.networkworld.com/author/Zeus-Kerravala/)
Wi-Fi 6E它何时到来又有何作用
======
Extreme Networks的一位高管表示近来专用于Wi-Fi的新无线频谱可以提供更多的信道和更高的密度部署但是要支持它的设备要到2020年才能得到广泛部署。
智库
今年开春 [FCC在6GHz频段内开辟了一系列新的未经许可的无线频谱][1] 目的在于使用Wi-Fi的同时可以提供更低的延迟和更快的数据速率。与已经专用于Wi-Fi的频段相比新频谱的范围更短支持的频道更多因此适合在体育场馆等高密度区域部署。
为了进一步了解什么是Wi-Fi 6E以及它与Wi-Fi 6有何不同我最近与网络解决方案提供商Extreme Networks的产品管理总监Perry Correll进行了交谈。
**了解更多关于5G和WiFi 6的信息**
* [什么是5G相较于4G它更好吗][2]
* [如何确定WiFi 6是否适合你][3]
* [什么是MU-MIMO为什么它在你的无线路由器中不可或缺][4]
* [何时使用5G何时使用WiFi 6][5]
* [企业如何为5G网络做准备呢][6]
**Kerravala:** **Wi-Fi 6似乎得到了许多炒作而Wi-Fi 6E却没有。为什么**
**Correll:** 这666个号码中有太多混乱会吓死您。 Wi-Fi 6Wi-Fi 6E 之后Wi-Fi 6仍具有其他增强功能具有多用户多入多出多用户MIMO功能。 之后是6GHz频谱但这并不是Wi-Fi 6的名称的由来这是第六代Wi-Fi。 最重要的是我们刚刚掌握了5G并且已经在谈论6G-认真研究它将会变得更困惑。
**Kerravala:** **为什么我们需要Wi-Fi 6E和常规Wi-Fi 6**
**Correll:** 上一次我们获得UNII-2和UNII-2 Extended的优势是15年前而在当时智能手机甚至还没有起飞。 现在能够获得1.2GHz的频率已经非常大了。 使用Wi-Fi 6E我们不会将Wi-Fi空间增加一倍事实上我们是将可用空间增加了三倍。 根据您所处的地点频谱的数量要多三倍四倍或五倍。此外你不必担心DFS [动态频率选择] ,尤其是在室内。
Wi-Fi 6E将不会拥有快于Wi-Fi 6的速度并且不会添加增强的技术功能。 最妙的是运行6GHz需要Wi-Fi - 6或以上的客户端。所以我们不会有任何速度慢的客户也不会有很多噪声。我们将在更清洁的环境中使用更快的设备来提高性能。
**Kerravala:** **你们还会运营更宽的频道吗**
**Correll:** Exactly, that's the cool thing about it. If youre in a typical enterprise environment, 20 and 40MHz is pretty much all you need. In high-density environments like stadiums, trying to do 80 or 160MHz just became tough. Wider channels are really going help things like [virtual reality], which can take advantage of those channels that are eating up the rest of the spectrum. Thats probably the biggest use case.
确切地说那是一件很酷的事情。如果你处于一个典型的企业环境中20和40MHz已经在体育馆这种高密度环境中仅使用80或160MHz资源也会很紧张。更宽的通道将会真正有助于像虚拟现实这类可以利用这些频谱中剩余的通道。这可能是最大的使用情况了。
没错这才是最酷的地方。如果您在一个典型的企业环境中20和40MHz几乎足够满足你的需求。在像体育场这样的高密度环境中想要做到80或160MHz就变得很困难了。更宽的频道确实有助于[虚拟现实]这样的事情,它们可以利用那些使用过后剩余部分中的频道。这可能是最大的用例。
在未来的三四年里如果你想在体育场做频谱的数字标识牌或者屏幕边缘处理则可以使用160MHz的80带宽而不会受到其他任何影响。已经有传言说Wi-Fi 7将会有320MHz宽的频道。
**Kerravala:** **这将主要是对大多数Wi-Fi策略的增强吗**
**Correll:** 在短期内边缘上将会非常的明确。第一批产品大概会在今年底发布并且他们将会是消费级的。对于企业来说6GHz合格产品将会在下一年开始出现。直到2022年你才会实际的看到任何密度——所以并不会很快。
短期内肯定会处于边缘。首批产品大概会在今年底发布它们将是消费类产品。对于企业来说支持6GHz的产品将会在明年亮相。在2022年之前你不会真正看到任何密集信息——所以短期内不会。对于智能手机公司来说Wi-Fi并不是什么大事他们更愿意关注其他功能。
但它仍是一个巨大的机会。6GHz与CBRS [公民宽带无线电服务] 或5G相比最棒的一点是 [许多人] 宁愿坚持使用Wi-Fi也不愿迁移到不同的架构。这些用户将推动驱动部件制造商转向物联网设备或机器人或任何需要6GHz的设备。这是一个干净的频谱可能比普通的Wi-Fi 6还要便宜也更节能。
**Kerravala:** **这是一场5G替代Wi-Fi 6的讨论。它的实用性在哪里**
**Correll:** 事实上你不能将SIM插入所有的设备中。 但是出现的主要问题之一是数据所有权,因为运营商将拥有你的数据,而不是你。 如果你想使用你的数据进行任何类型的业务分析,运营商是否会以一定价格将数据返还给你?这是一个可怕的想法。
Wi-Fi未被淘汰有太多的理由。当具备Wi-Fi 6和5g功能的设备问世时其他只有Wi-Fi功能的笔记本电脑、平板电脑和物联网设备将会发生什么呢将会有Wi-Fi或Wi-Fi和5G设备但5G不会完全取代Wi-Fi。如果你看看5G无线网络的主干Wi-Fi就是其中的一个组成部分。这是一个幸福的大家庭。这些技术是为了共存而设计的。
加入 [Facebook][7] 和 [LinkedIn][8] 上的网络世界社区,就你最关心的话题发表评论吧。
--------------------------------------------------------------------------------
via: https://www.networkworld.com/article/3563832/wi-fi-6e-when-its-coming-and-what-its-good-for.html
作者:[Zeus Kerravala][a]
选题:[lujun9972][b]
译者:[chenmu-kk](https://github.com/chenmu-kk)
校对:[校对者ID](https://github.com/校对者ID)
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出
[a]: https://www.networkworld.com/author/Zeus-Kerravala/
[b]: https://github.com/lujun9972
[1]: https://www.networkworld.com/article/3540288/how-wi-fi-6e-boosts-wireless-spectrum-five-fold.html
[2]: https://www.networkworld.com/article/3203489/what-is-5g-how-is-it-better-than-4g.html
[3]: https://www.networkworld.com/article/3356838/how-to-determine-if-wi-fi-6-is-right-for-you.html
[4]: https://www.networkworld.com/article/3250268/what-is-mu-mimo-and-why-you-need-it-in-your-wireless-routers.html
[5]: https://www.networkworld.com/article/3402316/when-to-use-5g-when-to-use-wi-fi-6.html
[6]: https://www.networkworld.com/article/3306720/mobile-wireless/how-enterprises-can-prep-for-5g.html
[7]: https://www.facebook.com/NetworkWorld/
[8]: https://www.linkedin.com/company/network-world