There is "Signed Pages" by the debeloper of EteSync. It is a browser extension, that checks webapps based on signatures in the html file. The addon then warns the user if the signature is not correct or - if I remember correctly - the source changed. This allows you to be sure what webapp code was delivered. But it seems like it did not really get used outside of his own projects. - Source: Hacker News / 4 months ago

EteSync has implemented something called Signed Pages, this might be worth looking closer at. This uses PGP keys which is preloaded into the browser; but I suspect that will be a barrier too high for most non-tech users. Source: about 1 year ago

There are also projects like signed web pages which can also help increasing the trust level to some degree. But that requires that you can download the source code and regenerate the verification hash locally - or have other trusted methods to verify the hash value hasn't been modified as well. The current concept is reasonably sane, but it requires too much from users currently to make it widely used. Source: almost 2 years ago

> The server can at any time start serving malicious payloads True, and I call this threat model "Beware Each and Every Fetch" (BEEF) in contrast to the more common TOFU model (although if you trust a desktop app to auto-update itself then these two models might not be all that different). In any case, I think you're being a little quick to dismiss the idea of server-hosted applications. It's true that browsers... - Source: Hacker News / about 2 years ago

Something like a browser extension for this does already exist, fortunately: https://github.com/tasn/webext-signed-pages. - Source: Hacker News / over 2 years ago

This is thread for people who just got rejected by YC, what are you building?, Your next customer, Co-founder or investor could be here. Let's increase our chances of getting in For the next batch!!! I am building Sixth, an AI platform for code and application security, URL: https://marketplace.visualstudio.com/items?itemName=Sixth.sixth. - Source: Hacker News / 6 days ago

VSJournal Extension for VSCode: ! I have release a Visual Studio Code extension which allows you to effortlessly create journals and notes right within VSCode and sync them to your remote Git repository. Whether you're a developer who likes to keep detailed notes or someone who enjoys journaling, VSJournal has got you covered. Key Features: Create daily journal entries with a single command. Easily add and manage... - Source: Hacker News / 7 days ago

I've been using this fork which has Helix bindings: https://marketplace.visualstudio.com/items?itemName=silverquark.dancehelix Works great even though it's labeled as an alpha. - Source: Hacker News / 7 days ago

There are Kakoune-style bindings for vs code: https://marketplace.visualstudio.com/items?itemName=gregoire.dance I use them every day :) There is a discussion of Helix-style bindings on their github, and some proofs of concept, but nothing polished yet AFAIK. - Source: Hacker News / 7 days ago

> I noticed that the syntax highlighting for the Go html/template examples in the article is incomplete. Sorry, it might be something wrong with my blog setup. I use hexo, might need to play around with the config. I use this VSCode extension for coding and it works fairly well: https://marketplace.visualstudio.com/items?itemName=jinliming2.vscode-go-template. - Source: Hacker News / 8 days ago