Jump to content

Darian Miller

Members
  • Content Count

    556
  • Joined

  • Last visited

  • Days Won

    12

Darian Miller last won the day on March 13

Darian Miller had the most liked content!

Community Reputation

335 Excellent

1 Follower

Technical Information

  • Delphi-Version
    Delphi 12 Athens

Recent Profile Visitors

The recent visitors block is disabled and is not being shown to other users.

  1. Darian Miller

    Minimal working Example for libgit2-delphi

    Try changing the variable "repoPP:PPgit_repository" to: "repoPP:PGit_repository" and call "git_repository_init(@repoPP..."
  2. Darian Miller

    Delphi Certified Developer Exam

    See this thread. I doubt it has changed much (or, at all.)
  3. We're getting ready to tackle this new problem of code signing with tokens. Do you have any guides for using AWS Cloud HSM with FinalBuilder? Is that available as an action? We're using an older copy of FinalBuilder - hopefully I can buy a new version and get this working.
  4. Darian Miller

    New RAD Studio 11.3 (Build 2024) posted Feb 20, 2024

    Konopka Controls are in the "Embarcadero General Packages Download for RAD Studio 11.3" available on https://my.embarcadero.com/
  5. Darian Miller

    Code Review for Delphi and Pascal

    Note that Ian recently did a webinar on this topic with a guy from: https://dersecur.com/main Apparently they have a Code Analysis security tool with support for Delphi.
  6. Darian Miller

    Code Review for Delphi and Pascal

    Sonar is a widely used tool. This is the latest plug-in to use: https://github.com/integrated-application-development/sonar-delphi There are a handful of GitHub repos with sonar-delphi but this one has combined all the changes into one and is being actively developed. Kiuwan is a specific tool for application security and it is an Idera brand...but they don't support Delphi code scanning. I've asked them multiple times for Delphi support over the last few years, and it's always been 'on the radar' but no progress has been made as far as I can tell. https://www.kiuwan.com/ See their FAQ for programming language support: https://www.kiuwan.com/docs/display/K5/FAQs+-+Frequently+Asked+Questions I believe they do offer Exe scans... I don't recall as it's been a year or so since I last looked at them. The problem is that most of these advanced tools simply do not support Delphi and I haven't seen anyone else push to get support added. (Another example: https://docs.snyk.io/getting-started/supported-languages-frameworks-and-feature-availability-overview) There are companies out there where you can submit your Windows executable for runtime analysis. They typically charge for each scan. Most seem to be obscure, potentially hard to find, and expensive. I just did a Google search and found these potentials (which I haven't used at all and do not necessarily recommend - but it should get you started.) https://secureteam.co.uk/services/application-penetration-testing/desktop-application-security-assessment/ https://cobweb-security.com/service/desktop-application-security-assessment/ https://roundsec.io/desktop-application-security-assessment/ One of the old-school leaders of software analysis is "Understand" from https://scitools.com/ Here is their supported languages list, which includes Delphi: https://support.scitools.com/support/solutions/articles/70000582794-supported-languages If you are looking for general static code analysis, the best source for Delphi is: https://peganza.com/ You can use static code analysis tools like Sonar, Understand, Peganza to satisfy some security audits as well as they want you to have some automation to trigger anomalies and non-standard coding practices. The current trend is to build these tools into the IDE so that your code gets flagged for security issues while you are editing it and many of the obvious issues are mitigated before the code is committed. For Delphi, this includes Pascal Expert (https://peganza.com/products.html#PEX) and FixInsight (https://www.tmssoftware.com/site/fixinsight.asp) In general, some of the things to look for: https://owasp.org/www-project-desktop-app-security-top-10/
  7. Darian Miller

    What's the general opinion on v12?

    Check out the What's New page: https://docwiki.embarcadero.com/RADStudio/Athens/en/What's_New But RAD Studio 12 does have some rough edges. See my wiki page for a few regressions: https://github.com/ideasawakened/DelphiKB/wiki/D29.ATHENS.12.0.0.0 Patch 1 (https://github.com/ideasawakened/DelphiKB/wiki/D29.ATHENS.12.0.0.1) fixes some of those, but some important ones remain. Update 1 was released 6 months after RS 11. So playing a guessing game...since RS 12 was released in early November, April might be a good guestimate for RS 12 Update 1 where most of the rough edges should be worked out.
  8. Darian Miller

    Can't complete installation of RAD 10.4

    This is due to their extended server outage. Most servers are back online but the GetIt server for 10.4 is not. To use the online installation features, you'll have to wait. Otherwise, use my.embarcadero.com and download and install from the ISO. https://ideasawakened.com/post/embarcadero-network-issues
  9. Darian Miller

    Embarcadero Sample Debugger Visualizers

    There is source in the Visualizers folder: Embarcadero\Studio\23.0\source\Visualizers It doesn't include the .dpk though.
  10. Darian Miller

    What new features would you like to see in Delphi 13?

    My top 3 'wish' list items: - MCCGA. Make ctrl-click great again (and actually work.) - A code formatter that handles all language features. AND don't add another language feature that isn't accompanied with an update to the code formatter to support it. - Refactoring tools that handles all language features. AND don't add another language feature that isn't accompanied with an update to the refactoring tools to support it. You have to be able to navigate code and I have wasted too many hours of life with a ctrl-click that does nothing. You shouldn't have to spend precious brain cycles on code formatting tasks. If refactoring doesn't work - the IDE doesn't work. Others: - Much more focus on debuggers - Quality, quality, quality - Keep current with platform support
  11. And it's been nearly two weeks since that blog update without a peep (publically) about GetIt other than Ian being bombarded and saying they are working on it. 2 hours is bad downtime. 2 weeks without an update for an outage lasting 24+ days and counting.... well, I have no response. If you avoid GetIt and discuss Quality Portal - the timeline on Jan 27 was "now" and "by next week, we'll have the new portal in place and we'll have a new blog post..."
  12. Delphi 12 seems to have more than a normal amount of regressions. I've listed some of them on its wiki page on GitHub: https://github.com/ideasawakened/DelphiKB/wiki/D29.ATHENS.12.0.0.0 GetIt being down stops fixes for these regressions being released. There aren't workarounds for all of these issues.
  13. As far as we know, it could be another 3 weeks. They could have screwed up the replacement system and it's not ready for the spike in traffic it is about to receive. It certainly can be difficult to validate new systems. 17,000 views of their blog post and it hasn't been updated since Jan 25th. That is truly astonishing. It makes zero sense to me.
  14. DocWiki is back online... but not GetIt (yet)
  15. Assumedly so - as DocWiki has been down all day
×