GitHub 推出安全通知的功能

剛好是之前推出 Dependency Graph 後可以拿出來善用的利用:「Introducing security alerts on GitHub」,先前提到的 Dependency Graph 則是在「A more connected universe」這邊。

Vulnerability coverage 的部份有提到範圍,至少有公開 CVE 的會納入:

Vulnerabilities that have CVE IDs (publicly disclosed vulnerabilities from the National Vulnerability Database) will be included in security alerts. However, not all vulnerabilities have CVE IDs—even many publicly disclosed vulnerabilities don't have them. We'll continue to get better at identifying vulnerabilities as our security data grows. For more help managing security issues, check out our security partners in the GitHub Marketplace.

然後這系列功能目前只支援 JavaScriptRuby,下一個應該是 Python

The dependency graph and security alerts currently support Javascript and Ruby—with Python support coming in 2018.

Google Chrome 59 之後的新功能:看 CSS 與 JS 的 Coverage

在「What's New In DevTools (Chrome 59)」這邊看到 Google Chrome 59 後所推出新的工具,可以看目前網頁的 CSS 與 JS 跑過的 coverage 比率。

像是這樣,總大小以及未使用的比率:

然後可以再直接看有哪些部份沒跑到:

可以拿來分析,降低使用者下載的量。不過真的要切的話好像不太好做...

Skip-gram

一路翻資料翻到 Skip-gram:「A CloserLook at Skip-gram Modelling (PDF)」,不確定是 2005 年 (出自「CiteSeerX — Citation Query A Closer look at Skip-gram modeling」) 還是 2006 年 (出自「CiteSeerX — A Closer Look at Skip-gram Modelling」) 的論文,不過 Google Scholar 是標 2006 年...

Skip-gram 實際上的定義很簡單,就是允許跳幾個字的意思... 依照原論文裡的定義,這個句子:

Insurgents killed in ongoing fighting.

在 bi-grams 的時候是拆成:{insurgents killed, killed in, in ongoing, ongoing fighting}。

在 2-skip-bi-grams 的時候拆成:{insurgents killed, insurgents in, insurgents ongoing, killed in, killed ongoing, killed fighting, in ongoing, in fighting, ongoing fighting}。

在 tri-grams 的時候是:{insurgents killed in, killed in ongoing, in ongoing fighting}。

在 2-skip-tri-grams 的時候是:{insurgents killed in, insurgents killed ongoing, insurgents killed fighting, insurgentsin ongoing, insurgents in fighting, insurgents ongoing fighting, killed in ongoing, killed in fighting, killed ongoing fighting, in ongoing fighting}。

這樣就有辦法在整篇文章都是用「台灣大學」的情況下以「台大」找到文章,解決一些「同義詞」想要解決的問題。

在論文裡有分析 coverage,不過這邊 coverage 是指什麼客觀評估方式就不知道了,等下來找找看到底是什麼...