5.1 C
New York
Friday, March 14, 2025
Home Blog Page 3

android – React Native Internet – How do undo viewport shift when the keyboard is closed on Cell Browsers on iOS?

codesanitize
-
0
android – React Native Internet – How do undo viewport shift when the keyboard is closed on Cell Browsers on iOS?


For somewhat undertaking I’m taking part in round React Native Internet and I am operating into an odd situation that I am not likely certain the best way to clarify what’s going on. I’ve a easy type that has two TextInput members from react-native-paper.

Nevertheless, when I’m opening the undertaking in a cell browser on iOS (examined with Firefox, Chrome and Safari), the view will get shifted upwards to accommodate the keyboard, however it would not shift again when the keyboard is dismissed. On Android, it is fully advantageous.

Listed below are the steps I am doing.

  1. Opening the view (Which you’ll see right here)
  2. Clicking on the “Description Area” to get the keyboard to open.
  3. Dismissing the keyboard
  4. Scratching my head on the end result (proven right here)

I’ve seen a number of issues speaking about KeyboardAvoidingView, however it’s my interpretation that does not truly work on Internet?

Does anybody have any options or maybe an evidence as to what is going on on? Any assist can be appreciated for the reason that objective is to mess around with React Native Internet since I am simply taking part in round with the library.

Here is the undertaking variations:

  • react-native: 0.76.5
  • react-native-paper: 5.12.5
  • react-native-web: 0.19.13
  • expo: 52.0.23

Lastly right here is the demo code that reveals the issue for me.

import { Button, Textual content, TextInput, useTheme } from "react-native-paper";
import { Controller, useForm } from "react-hook-form";

import { DatePickerModal } from "react-native-paper-dates";
import HeaderBar from "../parts/header/HeaderBar";
import { View } from "react-native-web";
import { useState } from "react";

interface EventFormData  null;
  title: string;
  description?: string;
  date: Date;


const EventScreen = () => {
  const theme = useTheme();
  const {
    management,
    handleSubmit,
    setValue,
    watch,
    formState: { errors },
  } = useForm();

  const [showDatePicker, setShowDatePicker] = useState(false);
  const selectedDate = watch("date");

  const validateDate = (worth: Date) => {
    if (!worth) return "Date is required";
    const immediately = new Date();
    immediately.setHours(23, 59, 0, 0);
    if (worth > immediately) return "Date can't be sooner or later";
    return true;
  };

  const onFormSubmit = async (information: EventFormData) => {
    console.log("Changing implementation to point out situation")
  };


  return (
    
      
      
        Add Occasion

         (
            
          )}
        />
        {errors.title && {errors.title.message}}

         (
            
          )}
        />
        {errors.description && {errors.description.message}}

         (
            <>
              
              {errors.date && {errors.date.message}}
            >
          )}
        />

         setShowDatePicker(false)}
          onConfirm={(params) => {
            setShowDatePicker(false);
            setValue("date", params.date);
          }}
        />

        
          
        
      
    
  )
}

export default EventScreen

I used to be anticipating that for the reason that view is shifted when the keyboard is opened, it will routinely shift again when the keyboard is closed. Particularly for the reason that similar code works on the cell browsers on Android.

GitHub Uncovers New ruby-saml Vulnerabilities Permitting Account Takeover Assaults

codesanitize
-
0
GitHub Uncovers New ruby-saml Vulnerabilities Permitting Account Takeover Assaults


Mar 13, 2025Ravie LakshmananAuthentication / Vulnerability

GitHub Uncovers New ruby-saml Vulnerabilities Permitting Account Takeover Assaults

Two high-severity safety flaws have been disclosed within the open-source ruby-saml library that might permit malicious actors to bypass Safety Assertion Markup Language (SAML) authentication protections.

SAML is an XML-based markup language and open-standard used for exchanging authentication and authorization information between events, enabling options like single sign-on (SSO), which permits people to make use of a single set of credentials to entry a number of websites, companies, and apps.

The vulnerabilities, tracked as CVE-2025-25291 and CVE-2025-25292, carry a CVSS rating of 8.8 out of 10.0. They have an effect on the next variations of the library –

  • < 1.12.4
  • >= 1.13.0, < 1.18.0

Each the shortcomings stem from how each REXML and Nokogiri parse XML in another way, inflicting the 2 parsers to generate solely completely different doc buildings from the identical XML enter

This parser differential permits an attacker to have the ability to execute a Signature Wrapping assault, resulting in an authentication bypass. The vulnerabilities have been addressed in ruby-saml variations 1.12.4 and 1.18.0.

Cybersecurity

Microsoft-owned GitHub, which found and reported the issues in November 2024, stated they may very well be abused by malicious actors to conduct account takeover assaults.

“Attackers who’re in possession of a single legitimate signature that was created with the important thing used to validate SAML responses or assertions of the focused group can use it to assemble SAML assertions themselves and are in flip capable of log in as any person,” GitHub Safety Lab researcher Peter Stöckli stated in a publish.

The Microsoft-owned subsidiary additionally famous that the difficulty boils all the way down to a “disconnect” between verification of the hash and verification of the signature, opening the door to exploitation through a parser differential.

Variations 1.12.4 and 1.18.0 additionally plug a distant denial-of-service (DoS) flaw when dealing with compressed SAML responses (CVE-2025-25293, CVSS rating: 7.7). Customers are really helpful to replace to the newest model to safeguard towards potential threats.

The findings come almost six months after GitLab and ruby-saml moved to deal with one other crucial vulnerability (CVE-2024-45409, CVSS rating: 10.0) that might additionally end in an authentication bypass.

Discovered this text attention-grabbing? Comply with us on Twitter and LinkedIn to learn extra unique content material we publish.



SEER Robotics provides SRC controllers, portfolio to speed up robotic constructing

codesanitize
-
0
SEER Robotics provides SRC controllers, portfolio to speed up robotic constructing


SEER Robotics provides SRC controllers, portfolio to speed up robotic constructing

The SRC security robotic controllers as a part of SEER’s in depth {hardware} and software program portfolio. Supply: SEER Robotics

Studying to construct a robotic in a single week and deploying robotic software program in one other could appear not possible, however SEER Robotics mentioned they’re changing into a actuality at its coaching website. The Shanghai, China-based firm mentioned it’s accelerating innovation for the worldwide robotics ecosystem.

“Along with over 1,300 world companions, SEER Robotics is driving an open and various clever civilization, making a one-stop robotic platform inside attain for customers,” it acknowledged.

SEER Robotics was co-founded in 2015 by members of the RoboCup champion staff. That they had utilized their technical experience and revolutionary spirit to win the competitors involving small humanoid robots taking part in soccer 3 times.

The firm mentioned it has grown into a number one world robotics supplier. SEER has expanded with a number of rounds of financing from buyers together with IDG Capital, Prologis, and Ecovacs.

SITE AD for the 2025 Robotics Summit registration.
Register now so you do not miss out!

Robotic controllers a major a part of the portfolio

Along with automated guided automobiles (AGVs), autonomous cellular robots (AMRs), and self-driving forklifts, SEER Robotics’ various portfolio contains controllers and digital software program. It mentioned it’s “constantly reducing the obstacles for patrons to construct, choose, and handle robots.”

The SRC controller is SEER Robotics’ core product, now together with low-, mid-, and high-end fashions:

  • SRC-880: An entry-level robotic controller to scale back robotic manufacturing prices, designed for differential drive robots
  • SRC-2000 Sequence: A general-purpose robotic controller with excessive efficiency for numerous forms of robotic manufacturing
  • SRC-3000FS Sequence: A security robotic controller that meets the wants of European and American clients.

The corporate claimed that the SRC-3000FS Sequence is the primary security robotic controller licensed by SGS TÜV SAAR. The system reduces the necessity for a security PLC in industrial equipment design, in line with SEER Robotics.

Along with demonstrating its {hardware} experience, the corporate mentioned the SRC controller exhibits its software program prowess. SEER Robotics asserted that its software program is straightforward to make use of, eradicating obstacles to robotic adoption. It touted the next options:

  • RDS: A unified useful resource scheduling system for multi-robot fleets
  • M4 QuickGo: A plug-and-play software for single-robot operations

The corporate additionally provides complete, full-lifecycle administration and visualization merchandise for numerous industrial subsectors:

  • Meta-Map: A 2D robotic visualization map that digitally recreates the manufacturing facility surroundings and shows robotic standing.
  • Meta-Map Professional: A 3D robotic visualization map that gives real-time monitoring of robotic standing in a three-dimensional manufacturing facility surroundings.
  • Meta-World: A 1:1 digital twin that precisely replicates real-world eventualities.
SEER Robotics offers a collage showing the numerous robotics use cases it serves.

SEER gives {hardware}, software program, and platforms to help quite a few robotics use circumstances. Supply: SEER Robotics

SEER Robotics says it’s a ‘one-stop store’ for constructing robots

SEER Robotics mentioned it gives a “one-stop” providing for constructing robots, together with its core SRC controller merchandise, elements, perform libraries, and a spread of robot-building plans to make robotic accessible to all.

The corporate famous that its associate robotic library contains greater than 1,000 forms of robots, catering to numerous purposes resembling lifting robots, stacker forklifts, attain forklifts, counterbalanced forklifts, field robots, composite robots, and humanoid robots. All are geared up with SEER Robotics’ controller for unified scheduling and administration.

With so many robotic choices, how do clients select the appropriate one? To assist clients rapidly choose appropriate robots, SEER Robotics final 12 months launched the Nebula Platform, an built-in on-line platform for constructing, choosing, and managing robots. It not solely solves the matching challenges between various buyer wants and customised programs, however the firm mentioned it additionally promotes standardization and clever improvement throughout your entire robotics trade.

SEER Robotics marked the expansion of its open and collaborative robotics ecosystem:

  • 65+ nations and areas lined
  • 1,300+ integrators and robotic producer companions
  • 2,000+ clever logistics resolution implementation circumstances
  • 2,500+ upstream and downstream industrial chain companions

The corporate mentioned its “high-quality product portfolio {and professional} service system that far exceeds trade requirements is redefining the worldwide robotics trade panorama.” SEER Robotics added that its one-stop robotic platform “is accelerating the democratization of robotic know-how, making clever transformation accessible to extra folks.”

SEER Robotics shall be exhibiting at ProMat 2025 subsequent week in Lakeside Sales space E12012 in Chicago’s McCormick Place.

Warmth-from-wastewater initiative will get underway in Scotland

codesanitize
-
0
Warmth-from-wastewater initiative will get underway in Scotland



Warmth-from-wastewater initiative will get underway in Scotland
Ross McLory (left) Head of Enterprise Growth for Industrial and Business at SSE Vitality Options and Donald MacBrayne, Enterprise Growth Supervisor at Scottish Water Horizons (picture credit score: Iain Ferguson, The Write I).

A brand new strategic partnership between SSE Vitality Options and Scottish Water Horizons goals to develop low-carbon district warmth networks throughout Scotland, accelerating the nation’s journey towards internet zero.

Underneath the settlement, the organisations say they are going to collaborate to determine, develop and ship progressive heating options that harness the untapped potential of wastewater by capturing thermal vitality that will in any other case be wasted, making a sustainable warmth supply for native communities and companies whereas serving to to handle one among Scotland’s largest decarbonisation challenges.

A primary undertaking has been recognized for growth in Inverness, the place a Scottish Water pumping station will present a sustainable warmth supply for a community serving a number of buildings, together with native SSE and Scottish Water Workplaces and services, and different non-public and public sector buildings within the space.

Past lowering carbon emissions, the partnership goals to create alternatives for native provide chains and abilities growth within the rising warmth networks sector, supporting Scotland’s simply transition to a low-carbon financial system.

Decarbonising warmth, which at the moment accounts for 37% of the UK’s CO2 emissions, is an important part in assembly the nation’s bold internet zero targets. Warmth networks are projected to satisfy as much as 20% of the UK’s warmth demand by 2050, in keeping with current authorities figures.

Ross McClory, Head of Enterprise Growth for Industrial and Business at SSE Vitality Options, stated:

“This partnership with Scottish Water Horizons represents a big step ahead in Scotland’s warmth decarbonisation journey. By combining our experience in sustainable vitality options with Scottish Water Horizons’ expertise in recovering warmth from wastewater, we’re creating highly effective alternatives to ship low-carbon heating throughout Scotland.

“Our joint undertaking in Inverness is only the start of what we anticipate to be a productive collaboration that may assist communities and companies throughout Scotland transition to cleaner, extra sustainable heating options whereas supporting the nation’s internet zero ambitions.”

Infographic showing how heat is produced from wastewater

Donald MacBrayne, Enterprise Growth Supervisor at Scottish Water Horizons, stated:

“Scottish Water Horizons is dedicated to unlocking the hidden worth in our infrastructure to assist decarbonise Scotland’s warmth provide. Having already delivered and facilitated the UK’s first 5 warmth from wastewater schemes, now we have seen first-hand how efficient this know-how may be in delivering low carbon vitality.

“The Inverness undertaking is one other step ahead in utilizing progressive approaches to assist companies and communities in lowering their carbon footprint. By partnering with SSE Vitality Options, we will prolong the attain of this know-how and assist drive Scotland’s transition to sustainable warmth.”

The partnership aligns with the Scottish Authorities’s Warmth Networks Supply Plan, which identifies warmth networks as a strategic precedence for assembly Scotland’s local weather targets. The Warmth Networks (Scotland) Act 2021 units bold targets for warmth networks to ship 2.6TWh of thermal vitality by 2027 and 6TWh by 2030. Constructing on their preliminary focus in Inverness, SSE Vitality Options and Scottish Water Horizons anticipate to announce additional tasks throughout Scotland as warmth community zoning is carried out by native authorities all through 2025 and past.

 

Apache NiFi Vulnerability Exposes MongoDB Credentials to Attackers

codesanitize
-
0
Apache NiFi Vulnerability Exposes MongoDB Credentials to Attackers


A essential safety vulnerability has been recognized in Apache NiFi, a well-liked open-source knowledge integration device.

The vulnerability, tracked as CVE-2025-27017, permits approved customers with learn entry to the system to view delicate credentials used to hook up with MongoDB databases.

 This safety flaw impacts a number of variations of Apache NiFi, prompting pressing motion from customers to guard their programs.

Particulars of the Vulnerability

The vulnerability causes MongoDB usernames and passwords to be included in NiFi provenance occasions generated by MongoDB parts.

Because of this anybody with entry to those occasions can extract the credentials, doubtlessly resulting in unauthorized entry to MongoDB databases.

The next variations of Apache NiFi are affected:

Affected Product Model Vary CVE
Apache NiFi 1.13.0 to 2.2.0 CVE-2025-27017

To mitigate this vulnerability, customers are suggested to improve to Apache NiFi 2.3.0, which removes these delicate credentials from provenance occasion data. This model shouldn’t be affected by this vulnerability.

The publicity of MongoDB credentials can have critical implications for knowledge safety.

Unauthorized entry to those databases may result in knowledge breaches, tampering, or different malicious actions. Due to this fact, it’s essential for customers of affected Apache NiFi variations to take rapid motion.

Advice

Improve to Apache NiFi 2.3.0: The most recent model of Apache NiFi removes the storage of MongoDB credentials in provenance data, thereby eliminating the chance posed by this vulnerability.

Monitor System Entry: Make sure that solely approved personnel have entry to the provenance occasions, minimizing potential publicity of credentials.

The vulnerability was found by Robert Creese, who has been credited with figuring out and reporting this essential subject.

The Apache NiFi challenge staff has acted swiftly to handle the issue, emphasizing the significance of group involvement in sustaining software program safety.

By taking proactive measures and updating their programs, customers can safeguard their knowledge and stop potential safety breaches associated to this vulnerability.

Are you from SOC/DFIR Groups? – Analyse Malware Incidents & get stay Entry with ANY.RUN -> Begin Now for Free. 

1234...3,790Page 3 of 3,790

ABOUT US

Welcome to CodeSanitize, your number one source for all things coding and technology. We’re dedicated to providing you the very best of software development tutorials, tips, and resources, with a focus on clarity, practical examples, and up-to-date content.

© Copyright 2024 - codesanitize.com. All rights reserved