Home 零对冲(ZeroHedge)每日HackerNews

显示HN:Tangent – 开源安全数据管道
Show HN: Tangent – Security log pipeline powered by WASM

原始链接: https://github.com/telophasehq/tangent

Tangent是一个快速、可共享且沙箱化的流处理工具包,旨在简化日志转换和数据操作。与传统系统不同,Tangent避免使用特定领域语言(DSL),允许用户使用任何可以编译为WebAssembly (WASM) 的语言编写插件,包括Rust、Go和Python。 插件被视为核心组件,易于开发、测试和基准测试,并配备了专门的CLI工具。其关键特性是为每个插件提供的安全、轻量级的WASM沙箱,确保安全性和接近原生性能。 Tangent通过可共享的插件库促进协作,实现社区贡献和常用转换的重用。它提供强大的测试和基准测试功能,以便在生产部署*之前*捕获错误。安装方式包括Homebrew、专用安装脚本、Cargo或Docker。 Tangent优先考虑真实代码而非DSL,使转换过程可审查、可测试且对LLM友好。

切线(Tangent)是一个新的、开源的安全数据管道,使用Rust构建,旨在解决日志处理和规范化中的常见挑战。由Ethan和Danny创建,它利用WebAssembly (WASM) 插件进行所有数据操作——规范化、丰富和检测,提供了一种灵活且可共享的方法。 切线通过允许用户使用熟悉的语言(如Go、Python和Rust)编写插件,来解决不断变化的模式和重复映射工作等问题。 社区已经提供了一个插件库,该系统甚至可以在WASM中运行现有的DSL,例如Bloblang。 一个关键优势是易于与LLM集成;开发者只需进行少量调整即可生成新的映射器。性能强大,在典型的JSON日志上达到约480 MB/s。该项目可在GitHub上找到 ([https://github.com/telophasehq/tangent](https://github.com/telophasehq/tangent)),开发者正在寻求Hacker News社区的反馈。
相关文章
原文

Tangent logo

Stream processing without DSLs. Shareable, sandboxed, fast.

Build status X

Documentation   •   Discord   •   Issues

Tangent is a stream‑processing toolkit that treats plugins (user‑defined functions) as first‑class citizens – exceptionally easy to write and share. Perfect for vibe-coding those pesky log transformations.

Plugins run in a lightweight WASM sandbox with near-native speed and full language flexibility — no DSLs, no vendor-locked runtimes. Plugins are designed to be shareable, so common transformations (e.g. GuardDuty findings → OCSF) can be written once and shared with the community.

Tangent ships with everything you need to develop, test, and benchmark your own transforms:

  • tangent plugin scaffold – generate plugin boilerplate
  • tangent plugin compile – compile plugins to WASM
  • tangent plugin test – run plugin tests
  • tangent bench – measure throughput and latency before deploying
  • tangent run – start the Tangent runtime

  1. Use real languages, not DSLs – Real code > DSL. Reviewable, testable, LLM‑friendly.

  2. Catch breakage before prodtangent plugin test for correctness; tangent bench for throughput/latency.

  3. Shareable and secure – Data transformations are easy to write and share. Publish and discover open-source plugins in the Tangent Plugins library. Each plugin runs in its own lightweight sandbox.

Benchmarks show end-to-end throughput with simple log transformation plugins implemented in Rust, Go, and Python. Each plugin is compiled to WASM and run inside Tangent.

Source → Sink Rust Go Python
tcp → blackhole 483.35 MB/s 399.54 MB/s 76.91 MB/s

Benchmarks are run nightly on a dedicated 16-core AMD runner. See nightly benchmarks.

# Homebrew
brew tap telophasehq/telophase
brew install tangent-cli
tangent --version

# with install script
curl --proto '=https' --tlsv1.2 -LsSf https://github.com/telophasehq/tangent/releases/download/latest/tangent-cli-installer.sh | sh
tangent --version

# cargo
cargo install --git https://github.com/telophasehq/tangent tangent-cli

# docker
docker pull ghcr.io/telophasehq/tangent-toolchain
docker run --rm --init ghcr.io/telophasehq/tangent-toolchain <command>
  • Intro
  • WASM Plugins
  • CLI
  • Configuration

Apache-2.0. See LICENSE.

联系我们 contact @ memedata.com