0xhexe / keycloak-hasura-connector Goto Github PK
View Code? Open in Web Editor NEWConnect hasura with the keycloak. Authentication for hasura
Home Page: https://httpsomkar.github.io/keycloak-hasura-connector/
License: MIT License
Connect hasura with the keycloak. Authentication for hasura
Home Page: https://httpsomkar.github.io/keycloak-hasura-connector/
License: MIT License
EC cryptography
Library home page: https://registry.npmjs.org/elliptic/-/elliptic-6.4.1.tgz
Path to dependency file: /tmp/ws-scm/keycloak-hasura-connector/package.json
Path to vulnerable library: /tmp/ws-scm/keycloak-hasura-connector/node_modules/elliptic/package.json
Dependency Hierarchy:
Found in HEAD commit: f3cf95440a4519dcf915ebf5d0c9e3f00fa2f823
all versions before 6.5.2 of elliptic are vulnerable to Timing Attack through side-channels.
Publish Date: 2019-11-13
URL: WS-2019-0424
Base Score Metrics:
Type: Upgrade version
Origin: https://github.com/indutny/elliptic/pull/203/commits
Release Date: 2020-04-30
Fix Resolution: v6.5.2
Step up your Open Source Security Game with WhiteSource here
the mighty option parser used by yargs
Library home page: https://registry.npmjs.org/yargs-parser/-/yargs-parser-11.0.0.tgz
Path to dependency file: /tmp/ws-scm/keycloak-hasura-connector/package.json
Path to vulnerable library: /tmp/ws-scm/keycloak-hasura-connector/node_modules/yargs-parser/package.json
Dependency Hierarchy:
the mighty option parser used by yargs
Library home page: https://registry.npmjs.org/yargs-parser/-/yargs-parser-11.1.1.tgz
Path to dependency file: /tmp/ws-scm/keycloak-hasura-connector/package.json
Path to vulnerable library: /tmp/ws-scm/keycloak-hasura-connector/node_modules/yargs/node_modules/yargs-parser/package.json
Dependency Hierarchy:
Found in HEAD commit: f3cf95440a4519dcf915ebf5d0c9e3f00fa2f823
Affected versions of yargs-parser are vulnerable to prototype pollution. Arguments are not properly sanitized, allowing an attacker to modify the prototype of Object, causing the addition or modification of an existing property that will exist on all objects. Parsing the argument --foo.proto.bar baz' adds a bar property with value baz to all objects. This is only exploitable if attackers have control over the arguments being passed to yargs-parser.
Publish Date: 2020-05-01
URL: WS-2020-0068
Base Score Metrics:
Type: Upgrade version
Origin: https://www.npmjs.com/package/yargs-parser
Release Date: 2020-05-04
Fix Resolution: https://www.npmjs.com/package/yargs-parser/v/18.1.2,https://www.npmjs.com/package/yargs-parser/v/15.0.1
Step up your Open Source Security Game with WhiteSource here
Even though the document says that X-Hasura-Admin-Secret will override the Hasura GraphQL Headers. But, when I give a header like X-Hasura-User-Id or X-Hasura-Organization-Id, the over ride is not happening and the query results contain filters done according to the User-Id and Organization-Id.
parse argument options
Library home page: https://registry.npmjs.org/minimist/-/minimist-0.0.8.tgz
Path to dependency file: /tmp/ws-scm/keycloak-hasura-connector/package.json
Path to vulnerable library: /tmp/ws-scm/keycloak-hasura-connector/node_modules/mkdirp/node_modules/minimist/package.json
Dependency Hierarchy:
parse argument options
Library home page: https://registry.npmjs.org/minimist/-/minimist-0.0.10.tgz
Path to dependency file: /tmp/ws-scm/keycloak-hasura-connector/package.json
Path to vulnerable library: /tmp/ws-scm/keycloak-hasura-connector/node_modules/optimist/node_modules/minimist/package.json
Dependency Hierarchy:
parse argument options
Library home page: https://registry.npmjs.org/minimist/-/minimist-1.2.0.tgz
Path to dependency file: /tmp/ws-scm/keycloak-hasura-connector/package.json
Path to vulnerable library: /tmp/ws-scm/keycloak-hasura-connector/node_modules/minimist/package.json
Dependency Hierarchy:
Found in HEAD commit: f3cf95440a4519dcf915ebf5d0c9e3f00fa2f823
minimist before 1.2.2 could be tricked into adding or modifying properties of Object.prototype using a "constructor" or "proto" payload.
Publish Date: 2020-03-11
URL: CVE-2020-7598
Base Score Metrics:
Type: Upgrade version
Origin: https://github.com/substack/minimist/commit/63e7ed05aa4b1889ec2f3b196426db4500cbda94
Release Date: 2020-03-11
Fix Resolution: minimist - 0.2.1,1.2.3
Step up your Open Source Security Game with WhiteSource here
I'm getting error from image
Stack Trace:
auth_1 |
auth_1 | > [email protected] start /usr/src/app
auth_1 | > node src/main.js
auth_1 |
auth_1 | /usr/src/app/node_modules/convict/lib/convict.js:686
auth_1 | throw new Error(output);
auth_1 | ^
auth_1 |
auth_1 | Error: AnonymousRole: must be of type String
auth_1 | at Object.validate (/usr/src/app/node_modules/convict/lib/convict.js:686:17)
auth_1 | at Object.<anonymous> (/usr/src/app/src/config.js:80:8)
auth_1 | at Module._compile (internal/modules/cjs/loader.js:936:30)
auth_1 | at Object.Module._extensions..js (internal/modules/cjs/loader.js:947:10)
auth_1 | at Module.load (internal/modules/cjs/loader.js:790:32)
auth_1 | at Function.Module._load (internal/modules/cjs/loader.js:703:12)
auth_1 | at Module.require (internal/modules/cjs/loader.js:830:19)
auth_1 | at require (internal/modules/cjs/helpers.js:68:18)
auth_1 | at Object.<anonymous> (/usr/src/app/src/main.js:3:16)
auth_1 | at Module._compile (internal/modules/cjs/loader.js:936:30)
auth_1 | npm ERR! code ELIFECYCLE
auth_1 | npm ERR! errno 1
auth_1 | npm ERR! [email protected] start: `node src/main.js`
auth_1 | npm ERR! Exit status 1
auth_1 | npm ERR!
auth_1 | npm ERR! Failed at the [email protected] start script.
auth_1 | npm ERR! This is probably not a problem with npm. There is likely additional logging output above.
auth_1 |
auth_1 | npm ERR! A complete log of this run can be found in:
auth_1 | npm ERR! /root/.npm/_logs/2019-12-04T20_22_20_529Z-debug.log
.env
KEYCLOAK_USERNAME=keycloak
KEYCLOAK_PASSWORD=keycloak
AUTH_MODE=single
KEYCLOAK_URL=http://localhost:8080/auth/
KEYCLOAK_REALM=hasura
KEYCLOAK_CLIENT_ID=Keycloak-hasura-connector
KEYCLOAK_SECRET=7741f5c8-dd5b-4bae-a838-e970c6ecc005
docker-compose.yml
version: '3'
services:
postgres:
image: postgres
restart: always
environment:
POSTGRES_DB: keycloak
POSTGRES_USER: keycloak
POSTGRES_PASSWORD: keycloak
volumes:
- auth_db_keycloak_connector:/var/lib/postgresql/data
keycloak:
image: jboss/keycloak:latest
ports:
- "8080:8080"
depends_on:
- postgres
environment:
KEYCLOAK_USER: ${KEYCLOAK_USERNAME}
KEYCLOAK_PASSWORD: ${KEYCLOAK_PASSWORD}
DB_VENDOR: postgres
DB_ADDR: postgres
DB_USER: keycloak
DB_PASSWORD: keycloak
auth:
image: httpsomkar/keycloak-hasura-connector:latest
depends_on:
- "keycloak"
environment:
KEYCLOAK_CLIENT_ID: ${KEYCLOAK_CLIENT_ID}
KEYCLOAK_SERVER_URL: ${KEYCLOAK_URL}
KEYCLOAK_REALM: ${KEYCLOAK_REALM}
KEYCLOAK_SECRET: ${KEYCLOAK_SECRET}
KEYCLOAK_DEBUG: "true"
postgres_db:
image: postgres
restart: always
volumes:
- db_data:/var/lib/postgresql/data
graphql-engine:
image: hasura/graphql-engine:v1.0.0-alpha42
ports:
- "8081:8080"
depends_on:
- "postgres_db"
- "auth"
- "keycloak"
restart: always
environment:
HASURA_GRAPHQL_DATABASE_URL: postgres://postgres:@postgres_db:5432/postgres
HASURA_GRAPHQL_ENABLE_TELEMETRY: "false" # https://docs.hasura.io/1.0/graphql/manual/guides/telemetry.html
HASURA_GRAPHQL_ENABLE_CONSOLE: "true" # set to "false" to disable console
HASURA_GRAPHQL_ADMIN_SECRET: admin
HASURA_GRAPHQL_AUTH_HOOK: http://auth:3000
volumes:
db_data:
auth_db_keycloak_connector:
Lodash modular utilities.
Library home page: https://registry.npmjs.org/lodash/-/lodash-4.17.14.tgz
Path to dependency file: /tmp/ws-scm/keycloak-hasura-connector/package.json
Path to vulnerable library: /tmp/ws-scm/keycloak-hasura-connector/node_modules/lodash/package.json
Dependency Hierarchy:
Found in HEAD commit: f3cf95440a4519dcf915ebf5d0c9e3f00fa2f823
a prototype pollution vulnerability in lodash. It allows an attacker to inject properties on Object.prototype
Publish Date: 2020-04-28
URL: WS-2020-0070
Base Score Metrics:
Step up your Open Source Security Game with WhiteSource here
Is your feature request related to a problem? Please describe.
From what I have read (and deduced, because this is not clarified in the docs) and from what I have tried with some sample code, I see some kind of duplication as far as assigning roles is concerned.
Assuming that I have:
my-app
(that acts as the main Keycloak client that my app logs against and where I have defined all my roles)hasura-auth-client
that keycloak-hasura-connector is using to validate credentials.Both these keycloak clients are created according to the docs of the repo here.
Now it seems that all the roles I have defined in my my-app
client will have to be duplicated under the hasura-auth-client
client too, because this is the array that the connector is trying to pull roles from.
Example:
"resource_access": {
"my-app": {
"roles": [
"roleA"
]
},
"hasura-auth-client": {
"roles": [
"roleA"
]
},
}
Using a hasura-auth-client
Keycloak with no roles assigned is not working, as no roles are passed to Hasura
One suggestion might be to define roles only in hasura-auth-client
but please note that for my business logic I need to use these roles in other parts of my application, and it does not make sense to be reading them from the hasura-auth-client
client id, as I would like to have them grouped under my-app
Describe the solution you'd like
My suggestion would be to initialize the connector with an additional Keycloak client that the connector could pull roles from.
Like:
KEYCLOAK_ROLES_CLIENT_ID: my-app
Describe alternatives you've considered
I have forked to project and tried something like this and it seems to be working
Additional context
I am just trying to verify if I am not seeing anything obvious here, or if I have not setup something correctly, or I am doing something weird or abusing with this suggestion. I'm no Keycloak expert.
What do you think?
In previous version of the documents screenshots existed that showed how the flow of not just keycloak but also the hasura backend. Was this a mistake or on purpose?
I noticed in your setup steps you add a mapper to put the user's ID in the token to populate the X-Hasura-User-Id
here.
Is it possible to use the sub
attribute of the token instead? Could simply keycloak setup process if so.
Error from images,
hasura docker yaml file
according to above example hasura graphql engine image was old so i updated the image versions
Docker-compose.yaml file
version: '3.6'
services:
postgres:
image: postgres:12
restart: always
volumes:
- db_data:/var/lib/postgresql/data
graphql-engine:
image: hasura/graphql-engine:v1.3.0
ports:
- "8080:8080"
depends_on:
- "postgres"
restart: always
environment:
HASURA_GRAPHQL_DATABASE_URL: postgres://postgres:postgrespassword@postgres:5432/postgres
HASURA_GRAPHQL_ENABLE_CONSOLE: "true" # set to "false" to disable console
HASURA_GRAPHQL_DEV_MODE: "true"
HASURA_GRAPHQL_ENABLED_LOG_TYPES: startup, http-log, webhook-log, websocket-log, query-log
HASURA_GRAPHQL_ADMIN_SECRET: supersecret
HASURA_GRAPHQL_AUTH_HOOK: http://auth:3000
auth:
image: httpsomkar/keycloak-hasura-connector:latest
environment:
KEYCLOAK_CLIENT_ID: hasura-keycloak-connector # Keycloak backend client id from the keycloak setup.
KEYCLOAK_SERVER_URL: http://192.168.0.113:8081/auth # Keycloak url in term of http://keycloak.COMPANY.com/auth
KEYCLOAK_REALM: Customer-Portal # Default to master if any new create change to it
KEYCLOAK_SECRET: 87fdcdd0-9ad8-4f18-86d9-950e2fb9c0d6 # Secret copied from the backend client -> Credentials
KEYCLOAK_DEBUG: "true" # If testing enable mention this file
volumes:
db_data:
Error from docker container logs:
[email protected] start /usr/src/app
node src/main.js/usr/src/app/node_modules/convict/lib/convict.js:686
throw new Error(output);
^Error: AnonymousRole: must be of type String
at Object.validate (/usr/src/app/node_modules/convict/lib/convict.js:686:17)
at Object. (/usr/src/app/src/config.js:80:8)
at Module._compile (internal/modules/cjs/loader.js:1176:30)
at Object.Module._extensions..js (internal/modules/cjs/loader.js:1196:10)
at Module.load (internal/modules/cjs/loader.js:1040:32)
at Function.Module._load (internal/modules/cjs/loader.js:929:14)
at Module.require (internal/modules/cjs/loader.js:1080:19)
at require (internal/modules/cjs/helpers.js:72:18)
at Object. (/usr/src/app/src/main.js:3:16)
at Module._compile (internal/modules/cjs/loader.js:1176:30)
npm ERR! code ELIFECYCLE
npm ERR! errno 1
npm ERR! [email protected] start:node src/main.js
npm ERR! Exit status 1
npm ERR!
npm ERR! Failed at the [email protected] start script.
npm ERR! This is probably not a problem with npm. There is likely additional logging output above.npm ERR! A complete log of this run can be found in:
npm ERR! /root/.npm/_logs/2020-08-11T16_58_11_866Z-debug.log
PS D:\Keycloak\Docker\hasura>
is it possible to see an example with vue somewhere?
Describe the bug
realm_access property on accessToken is optional https://www.keycloak.org/docs-api/5.0/rest-api/index.html#_accesstoken. realm_access is no longer included in JWT by default.
To Reproduce
Steps to reproduce the behavior:
Expected behavior
realm_access property on accessToken should be guarded with accessToken.hasRealmRole() in src/token.js. https://www.keycloak.org/keycloak-nodejs-auth-utils/token.js.html#hasRealmRole.
Desktop (please complete the following information):
https://lists.jboss.org/pipermail/keycloak-user/2018-July/014922.html
Is your feature request related to a problem? Please describe.
A working example with Nuxt Hasura would be awesome, everything working in harmony with docker-compose (Hasura + security) and running on Heroku? could you ask for more?
image: httpsomkar/keycloak-hasura-connector:latest
environment:
KEYCLOAK_CLIENT_ID: nextjs
KEYCLOAK_SERVER_URL: http://localhost:8080/auth //
KEYCLOAK_REALM: master
KEYCLOAK_SECRET: 6ff6bffd-21fe-486e-b183-6d68 // fake secret
Does this look like you would expect?
I'm not sure what this repo does and I'm not sure what you mean about organizations. I have not been able to understand to get keycloak + hasura integrated. Could you explain in more details?
hello
am trying to use this package, but it always returns unauthorized 401. I followed the documentation examples.
I noted in README you mentioned
Environment variables
KEYCLOAK_USERNAME=YOUR_KEYCLOAK_USER_NAME
KEYCLOAK_PASSWORD=YOUR_KEYCLOAK_PSSWORD
KEYCLOAK_CLIENT_ID=YOUR_KEYCLOAK_CLIENT_ID
but I didn't any information about these environment variables in the documentation.
how to use these Environment variables? are they necessary?
Do you have any idea how to get the authorization token from nextjs and use it in the headers?
🚨 You need to enable Continuous Integration on Greenkeeper branches of this repository. 🚨
To enable Greenkeeper, you need to make sure that a commit status is reported on all branches. This is required by Greenkeeper because it uses your CI build statuses to figure out when to notify you about breaking changes.
Since we didn’t receive a CI status on the greenkeeper/initial
branch, it’s possible that you don’t have CI set up yet. We recommend using Travis CI, but Greenkeeper will work with every other CI service as well.
If you have already set up a CI for this repository, you might need to check how it’s configured. Make sure it is set to run on all new branches. If you don’t want it to run on absolutely every branch, you can whitelist branches starting with greenkeeper/
.
Once you have installed and configured CI on this repository correctly, you’ll need to re-trigger Greenkeeper’s initial pull request. To do this, please click the 'fix repo' button on account.greenkeeper.io.
Thank you for this repo.
Please post road map or ideas and I will contribute the best I can.
Describe the bug
I created the two clients as described in the documentation. Nevertheless, access to the GraphQL API is denied. I have debugged the connector and found out that the access token of the client in the connector is not validated and therefore access is denied (kauth = {}
). Is keycloak-connect suitable for a bearer only api? The two articles on Stackoverflow do not read like this:
To Reproduce
Steps to reproduce the behavior:
Expected behavior
The access token of the frontend_app can be used to access the graphql api.
Desktop (please complete the following information):
Setup
Hi,
I've followed the tutorial and succeed to attached my token to my Hasura reauests from my frontend.
I have a question where user informations are store in Hasura after the decode done by Keycloak-hasura-connector ?
I would like to update some fields of my data model with those informations and use Hasura roles manager.
Thanks !
Maurice
the mighty option parser used by yargs
Library home page: https://registry.npmjs.org/yargs-parser/-/yargs-parser-11.0.0.tgz
Path to dependency file: /tmp/ws-scm/keycloak-hasura-connector/package.json
Path to vulnerable library: /tmp/ws-scm/keycloak-hasura-connector/node_modules/yargs-parser/package.json
Dependency Hierarchy:
the mighty option parser used by yargs
Library home page: https://registry.npmjs.org/yargs-parser/-/yargs-parser-11.1.1.tgz
Path to dependency file: /tmp/ws-scm/keycloak-hasura-connector/package.json
Path to vulnerable library: /tmp/ws-scm/keycloak-hasura-connector/node_modules/yargs/node_modules/yargs-parser/package.json
Dependency Hierarchy:
Found in HEAD commit: f3cf95440a4519dcf915ebf5d0c9e3f00fa2f823
yargs-parser could be tricked into adding or modifying properties of Object.prototype using a "proto" payload.
Publish Date: 2020-03-16
URL: CVE-2020-7608
Base Score Metrics:
Type: Upgrade version
Origin: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-7608
Release Date: 2020-03-16
Fix Resolution: v18.1.1;13.1.2;15.0.1
Step up your Open Source Security Game with WhiteSource here
Describe the bug
After struggling to get example client to work, decided to focus on core functions.
Deploying app per instructions; when I use Hasura api explorer, and use ‘authorization’ header with Bearer deduced from keycloak login, connector always seems to fail validation of token, and returning Anonymous role string
To Reproduce
Steps to reproduce the behavior:
Expected behavior
Bearer token privileges are confirmed
Screenshots
Desktop (please complete the following information):
Get the native type of a value.
Library home page: https://registry.npmjs.org/kind-of/-/kind-of-6.0.2.tgz
Path to dependency file: /tmp/ws-scm/keycloak-hasura-connector/package.json
Path to vulnerable library: /tmp/ws-scm/keycloak-hasura-connector/node_modules/kind-of/package.json
Dependency Hierarchy:
Found in HEAD commit: f3cf95440a4519dcf915ebf5d0c9e3f00fa2f823
Versions of kind-of 6.x prior to 6.0.3 are vulnerable to a Validation Bypass. A maliciously crafted object can alter the result of the type check, allowing attackers to bypass the type checking validation.
Publish Date: 2019-12-30
URL: WS-2019-0381
Base Score Metrics:
Type: Upgrade version
Origin: jonschlinkert/kind-of@975c13a
Release Date: 2020-03-18
Fix Resolution: kind-of - 6.0.3
Step up your Open Source Security Game with WhiteSource here
Get the native type of a value.
Library home page: https://registry.npmjs.org/kind-of/-/kind-of-6.0.2.tgz
Path to dependency file: /tmp/ws-scm/keycloak-hasura-connector/package.json
Path to vulnerable library: /tmp/ws-scm/keycloak-hasura-connector/node_modules/kind-of/package.json
Dependency Hierarchy:
Found in HEAD commit: f3cf95440a4519dcf915ebf5d0c9e3f00fa2f823
ctorName in index.js in kind-of v6.0.2 allows external user input to overwrite certain internal attributes via a conflicting name, as demonstrated by 'constructor': {'name':'Symbol'}. Hence, a crafted payload can overwrite this builtin attribute to manipulate the type detection result.
Publish Date: 2019-12-30
URL: CVE-2019-20149
Base Score Metrics:
Type: Upgrade version
Origin: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-20149
Release Date: 2019-12-30
Fix Resolution: 6.0.3
Step up your Open Source Security Game with WhiteSource here
An example with a demo angular does not start. Missing .ks file in directory app/utils/
import {kcConfig} from './kc';
Error from images:
auth_1 | > node src/main.js
auth_1 |
auth_1 | /usr/src/app/node_modules/convict/lib/convict.js:686
auth_1 | throw new Error(output);
auth_1 | ^
auth_1 |
auth_1 | Error: authMode: must be of type String
version: '3.6'
services:
postgres:
image: postgres
restart: always
volumes:
- ./data:/data
- db_data:/var/lib/postgresql/data
environment:
POSTGRES_DB: keycloak
POSTGRES_USER: keycloak
POSTGRES_PASSWORD: keycloak
auth:
image: httpsomkar/keycloak-hasura-connector:latest
environment:
KEYCLOAK_CLIENT_ID: hasura
KEYCLOAK_SERVER_URL: https://localhost
KEYCLOAK_REALM: master
KEYCLOAK_SECRET: dsfsdafsdfasdfasdfasd
ANONYMOUS_ROLE: "anonymous" # (optional) Use this variable to set anonymous role name for unauthorized users as shown in the documentation: https://docs.hasura.io/1.0/graphql/manual/auth/authorization/common-roles-auth-examples.html#anonymous-not-logged-in-users
USER_ID_FIELD: "sub" #The name of the token field that will be mapped to X-Hasura-User-Id
KEYCLOAK_DEBUG: "true" # If testing enable mention this file
graphql-engine:
image: hasura/graphql-engine:latest
ports:
- "9090:8080"
depends_on:
- "postgres"
- "auth"
restart: always
environment:
HASURA_GRAPHQL_DATABASE_URL: postgres://postgres:@postgres:5432/postgres
HASURA_GRAPHQL_ENABLE_CONSOLE: "true" # set to "false" to disable console
HASURA_GRAPHQL_ADMIN_SECRET: myadminsecretkey # Your admin secret
HASURA_GRAPHQL_AUTH_HOOK: http://auth:3000
volumes:
db_data:
Create nested values and any intermediaries using dot notation (`'a.b.c'`) paths.
Library home page: https://registry.npmjs.org/set-value/-/set-value-2.0.0.tgz
Path to dependency file: /tmp/ws-scm/keycloak-hasura-connector/package.json
Path to vulnerable library: /tmp/ws-scm/keycloak-hasura-connector/node_modules/set-value/package.json
Dependency Hierarchy:
Create nested values and any intermediaries using dot notation (`'a.b.c'`) paths.
Library home page: https://registry.npmjs.org/set-value/-/set-value-0.4.3.tgz
Path to dependency file: /tmp/ws-scm/keycloak-hasura-connector/package.json
Path to vulnerable library: /tmp/ws-scm/keycloak-hasura-connector/node_modules/union-value/node_modules/set-value/package.json
Dependency Hierarchy:
Found in HEAD commit: f3cf95440a4519dcf915ebf5d0c9e3f00fa2f823
set-value is vulnerable to Prototype Pollution in versions lower than 3.0.1. The function mixin-deep could be tricked into adding or modifying properties of Object.prototype using any of the constructor, prototype and proto payloads.
Publish Date: 2019-08-23
URL: CVE-2019-10747
Base Score Metrics:
Type: Upgrade version
Origin: jonschlinkert/set-value@95e9d99
Release Date: 2019-07-24
Fix Resolution: 2.0.1,3.0.1
Step up your Open Source Security Game with WhiteSource here
A declarative, efficient, and flexible JavaScript library for building user interfaces.
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google ❤️ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.