Hi,
I wrote in Nim a Notepad++ plug-in that provides IDE features via nimsuggest etc.
Also I pushed the limit on "syntax highlighting".
I used Notepad++ a lot for a long time to program in Perl.
Will you make the dll open source?
Right now? I haven’t made my mind.
But maybe some day.
v1.3 is available.
What’s new:
Sorry, this doesn't look trustworthy enough. Only a compiled plugin is distributed, no code, no license, no other activity in the GitHub account, no other visible forum/community interactions.
Distributing a binary through GitHub is a known deception tactic used by bad actors to provide legitimacy to malware.
Also, If I were OK with closed source binaries I wouldn't use Notepad++.
Sorry, this seems like a great project but it just looks bad.
The integrity of the release including the DLL can be verified using the provided SHA-256 hashes and is signed.
Elevated privileges is not required to run this plug-in.
Just having an Open Source license does not imply security, if any. Note the recent discovery of obfuscated code in OpenSSH vulnerability related to backdoor in XZ Utils.
The integrity of the release including the DLL can be verified using the provided SHA-256 >hashes and is signed.
Still have to trust _you and not your readable code. I don't know you, thus I do not trust you.
Just having an Open Source license does not imply security, if any. Note the recent discovery of >obfuscated code in OpenSSH vulnerability related to backdoor in XZ Utils.
Make it a strict license (All copyright by me) but open the source so users can read it. Additionally you are not doing any special in your dll someone else can do it, too. There is nothing special on it.
The integrity of the release including the DLL can be verified using the provided SHA-256 hashes and is signed.
Since we're talking about automated GitHub releases made from singular git commits, integrity of a DLL is obviously of no concern.
Elevated privileges is not required to run this plug-in.
Never said so, I said that the whole host program might be habitually launched with such privileges, and I'm not aware of any plugin sandboxing implemented to ensure they are not transferred in Notepad++.
Just having an Open Source license does not imply security, if any. Note the recent discovery of obfuscated code in OpenSSH vulnerability related to backdoor in XZ Utils.
Discovery of obfuscated code does not require decompilation, so it's at least one seriously costly step easier. It would be surprising if you argued in good faith that security implications for running a binary vs compiling the code yourself carries equal security implications. Also, ironically, XZ backdoor involved injecting binary code into test files distributed with code, so I don't think your argument works as good as you imagined.
The nature of your answers, unfortunately, doesn't instill more confidence, on the contrary.
Moreover, this is a "Project Showcase" thread on a programming language forum. I believe showing code is generally expected.
Sorry for raining on your parade, I don't have anything bad to say about the plugin itself, it might be the coolest thing ever.