c – erro tentando usar public static no unity

{
    public int vida = 10;
    public static Estatic parado;
    // Start is called before the first frame update
    void Start()
    {
        parado = this;
    }

    public void Cansado()
    {
        Debug.Log(vida);
    }
}
================================================================================
```public class Estatic2 : MonoBehaviour
{
    // Start is called before the first frame update
    void Start()
    {
        Estatic.parado.Cansado();
        Debug.Log(Estatic.parado.vida);
    }

    
}
>erro: public class Estatic2 : MonoBehaviour
{
    // Start is called before the first frame update
    void Start()
    {
        Estatic.parado.Cansado();
        Debug.Log(Estatic.parado.vida);
    }

    
}

>erro: NullReferenceException: Object reference not set to an instance of an object
Estatic2.Start ()

Unit Testing Private Function Through Public Interface

Am new to unit testing, and I have been struggling with the right approach to test private functions. I have done my research, and am going with testing through the public interface.

My problem is the following, if I have a private function used by two public functions, I encounter test case duplicates, which I don’t know how to overcome. Extracting the private function into another class doesn’t seem appropriate in the case am facing, as the function is sufficient only for the class am using it from.

Example:

// This function is called only once, once the view is loaded
override func handleViewDidLoad() {
    super.handleViewDidLoad()
    loadData()
    // I have extra setup code in here
}

 // This function is called when user double taps on the screen
 override func handleReloadData() {
    super.handleReloadData()
    loadData()
}

private func loadData() {
    delegate.showLoading()
    fetchData { (weak self) in
        self?.delegate?.hideLoading()
    }
}

// I have another function that uses this one. But it's not included in the sample
private func fetchData(then completion: @escaping (() -> Void)) {
    service.start() { (weak self) (_, error) in
        if error == nil {
            if self?.shouldTrackScreen == false {
                self?.shouldTrackScreen = true
                self?.delegate?.trackScreen()
            }
        }
        completion()
    }
}

So when I think about handleViewDidLoad function’s test cases. I will have the following:

  1. Check that showLoading is called.
  2. Check that hideLoading is called in case of service success.
  3. Check that hideLoading is called in case of service failure.
  4. Check that service.start() is called.

Same applies to handleReloadData test cases. This way I will end up with a duplicate of each test case of the above.
And if I have another function that uses fetchData function, I will also have to repeat the 4th test case.

Is there a way to overcome those duplicates?

certificate pinning – How to pin public root key when downloading an image with docker pull (Docker Content Trust)?

How can I execute docker pull (with Docker Content Trust enabled) such that it fails if the image doesn’t have a valid signature using the private key corresponding to (or subordinate to) the public key that I provide?

I just discovered that, in fact, DCT silently and dumbly downloads and trusts (TOFU) the root key when downloading an image for the first time.

My application for docker is a CI process that will use the debian:stable-latest docker image to build my application’s releases in ephemeral cloud instances. Because the server used to build my application is ephemeral, DCT literally provides me zero security and it will be vulnerable to a MITM of the docker image payload on every execution of my build process.

Therefore, it’s critical that I pin the public root key used by Debian to sign their docker images. So the questions are:

  1. How do I download the public root key used by Debian to sign their docker images and
  2. How do I tell docker pull to use the above key and fail if the image doesn’t contain a valid signature from that key or a key that’s downchain from the supplied root key?

apache – How do I keep my site invisible to the public until I am ready to publish it, but still have access to develop it?

I’m relatively new to website design and need help.

I am creating a website and it is very important that the page does not become available to the public until it is fully created, something that will definitely take time. These are the steps I have taken and what is not working:

  • I created a test subdirectory.

  • I password protected it with “Directory Privacy” and created a user and password.

  • I uploaded a theme.

  • Got a message that I needed to overwrite the .htaccess file to upload the theme.

  • Finding no way around it, I did.

  • Found I had to reset the password protection via “Directory Privacy”.

  • Was able to log into sitepad and edit site with password I had just set.

  • Site was visible at domain name when I logged out, even after I cleared my cookies-exactly what I did NOT want.

  • Logged in, followed my hosting site’s directions and set “permissions” to 700, instead of 750.

  • Was unable to log in to edit the site.

  • Site no longer accessible to the world, but also inaccessible to me for creation purposes.

What am I doing wrong? What is the way around this?

web development – Please help!- file permissions, how do I keep my site invisible to the public until I am ready to publish it?

I’m relatively new to website design and need help.

I am creating a website and it is very important that the page does not become available to the public until it is fully created, something that will definitely take time. These are the steps I have taken and what is not working.

I created a test subdirectory.

I password protected it with “Directory Privacy” and created a user and password.

I uploaded a theme.

Got a message that I needed to overwrite the .htaccess file to upload the theme.

Finding no way around it, I did.

Found I had to reset the password protection via “Directory Privacy”.

Was able to log into sitepad and edit site with password I had just set.

Site was visible at domain name when I logged out, even after I cleared my cookies-exactly what I did NOT want.

Logged in, followed my hosting site’s directions and set “permissions” to 700, instead of 750.

Was unable to log in to edit the site.

Site no longer accessible to the world, but also inaccessible to me for creation purposes.

What am I doing wrong? What is the way around this?
Thank you so much for you time and help!

bitcoin core – Is the `addmultisignature` API call dependent on order of public keys in the array? Or is it lexicographically sorted?

Say Alice and Bob are part of a partnership business that accepts Bitcoin. They store all their main funds in cold storage until the end of 3 months, when they cash out and use a new address. This cold storage is in a single address.

Both Alice and Bob have full nodes, running Bitcoin Core. They use the console feature to generate a 2-of-2 P2SH multisig address, using addmultisignature.

They exchange each other’s public keys, and input them as arguments.

If Alice used the following syntax:

addmultisignature 2 '(<alice's key>,<bob's key>)'

and Bob used:

addmultisignature 2 '(<bob's key>,<alice's key>)'

Will they end up with the script hash and address?

Follow up questions:

Can you give certain keys more “weighting” by specifying them more than once?

Does the same logic apply to SegWit (P2WSH) multisigs?

certificates – How to verify public key?

If you live in a jurisdiction where the public key server cannot be trusted (some countries in the world), the only way to authenticate the public is to compare the public key you received with the party that send the public key physically. But that exposes the association of parties. What do you do, any idea?

social media – Does anyone know why I can’t see a public Instagram profile from Tor?

I can access the profile I’m talking about without login on Instagram from Firefox, but when I try it with Tor browser I get this on Instagram “please wait a few minutes before you try again.” or sometimes I am being redirected with “302 http response, landing on login page”. I’ve tried changing my identity several times but it doesn’t work.

Is it possible that Instagram is denying access to anyone who is using
proxies and forcing you to log in?

public key infrastructure – Certificate Authority generates private key for Extended Validation code signing certificate?

My company upgraded to an Extended Validation code signing security certificate, which was delivered via mail on a physical USB key, called a “token.” The token contains a private key and the digital certificate, both generated by the Certificate Authority (CA). I was surprised that the CA created the private key. It is my understanding that private keys should never be shared with a third party, including a CA. I’m used to the Certificate Signing Request (CSR) process, where a company keeps its private key private and only shares its public key.

My question: What security concerns are there with a private key being generated and initially owned by (in possession of) a Certificate Authority? Is this standard practice for EV certificates delivered on a physical token? We are told that the private key only exists on the token and there are no other copies.

Perhaps I’m missing the point. Maybe it’s more about establishing trust with a CA, and therefore we should also trust that the private key was handled correctly and that we have the only copy (E.g., why do business with them if we don’t trust them). At the same time, alerts go off because a third party had our private key. I realize that it might not be practical to create a token unless the private key is present, so maybe it’s inevitable that the CA possesses it at some point.

Track code from Github public repos

I just started working in a small IT company and I work as a web developer. Now, I am still getting familiar with old projects and just found out that my previous developer has created all Github repos as public repos. So, everything he did for the company, during the company time, was in public repos.

Not just that, but he has his “own theme”, which is a copy of company work and his few edits on his Github profile which anyone can take advantage of. He is still using few repos and editing now and then – which we just found that out yesterday.

We just changed all those repos from public to private.

Is there a way to tell who is using those repos code? I know that once you download public code, there is no way to track. What are the company’s options?