ryelang

Code signing was on my mind for a long time. Any security related question is no panacea, but with careful consideration I think this can bring some benefits for multiple scenarios. Scripting languages basically run whatever code you point them to. In server scenario there is an obvious vector of attack where attacker uploads a malicious script and calls it or injects malicious code into your script files. Programs on the client could have a need for this too. When an update comes, it helps if the code won't run if it was not signed by the same developer. This doesn't work just for scripts. With Rye's "code is data" we also have live code. Live code (sometimes of a specific limited dialect or in specific limited context) can come over the wire or data can come over the vire and it could benefit from being digitally signed. You can see example of this in my blogpost about mobile code . Storing/retrieving data could also benefit, for example to prevent manual cha

  I upgraded a server recently that had a very simple email sender running, written in Python. The script was started repeatedly by a cron job, it read new messages from the database and sent them via SMTP protocol. The upgrade of Ubuntu triggered a waterfall of upgrades from database, to database library, to newer Python, which resulted in an unsupported mailer library. I solved all issues, but it took me an hour or two. So I thought to myself that I should try porting this small utility to Rye when I find some time. Rye is based on Go-lang , and Go has a very good gomail library. Email construction in general is quite complex or at least messy. With various headers, mime types, multipart bodies, attachments, encodings, quoted printables, etc. which gomail seems to handle perfectly. Above are two examples, first a more low level, gomail like api for constructing and sending email messages, then the one that uses more of Rye arsenal. Not all things in the examples are 100% implemente