By my count, six of the sixty projects cited were initiated by the amazing Armin Ronacher (aka mitsuhiko), whose genius for designing and implementing clean, intuitive library interfaces has, for the past decade or so, been a boon to the world of open-source software development. Kudos to him.
[*] click, flask, itsdangerous, jinja, markupsafe, and werkzeug
Armin's work is great but I'm curious if the Mars rover really implements a web interface? Are all the boto AWS libs just dependencies of opencv with its mess of supported data sources? Why are they deploying unit testing code to Mars? Given the 28 minute average round trip time between Mars and Earth for a light speed signal, they can't realistically be running distributed workloads partly happening on Earth.
All the PKI libs are amusing, too. JPL isn't sending signals to Mars via public networks, are they?
It looks like Python libraries are somewhat over-represented here because they credited every library in the Python dependency graph, but didn't do the same for dependencies in other languages. For example: lxml depends on libxml and libxslt, which are not credited.
The reason for the discrepancy is probably the lack of a straightforward, programmatic way to view the dependency graph of a C library. But they could have probably gotten a pretty good approximation by looking at Debian package dependencies (e.g., 'apt-rdepends python3-lxml').
This would massively expand the credits, but that's sort of the point here, no? (i.e., to celebrate the massive tapestry that is the open source ecosystem.)
I think part of that is because these libraries do not live on github, or have different identities attached to them (different email addresses like @gnome.org for libxml2 stuff).
It is essentially a hard problem, one that ohloh.net (now openhub) tried to make fun a while ago, to encourage people to claim their own contributions to tie their identities together.
I do wonder if they could have used openhub data to improve identity links though. Still doesn't solve the dependency graph lacking.
> All the PKI libs are amusing, too. JPL isn't sending signals to Mars via public networks, are they?
They're using radio waves so yeah, it's public. In fact I suspect the protocols are pretty much standardized because why reinvent those wheels?
I'm sure there's some blog post at the bottom of an internet rabbit hole where someone figured out the protocol, or just knows it, or is the one who invented it.
It's not a defense thing, NASA may well have published the details themselves. In fact, that's pretty much the point of NASA.
The CCSDS provides full access to all their recommended standards on their website ( https://ccsds.org )
There are some recommended standards published regarding crypto and security: "Security Architecture for Space Data Systems" (CCSDS 351.0-M), "Space Data Link Security Protocol" (CCSDS 355.0-B) , "CCSDS Cryptographic Algorithms" (CCSDS 352.0-B), and others.
And to wrap up, they also have standards regarding deep space communications inside "Radio Frequency and Modulation Systems—Part 1: Earth Stations and Spacecraft" (CCSDS 401.0-B) https://public.ccsds.org/Pubs/401x0b31.pdf which has been an active recommended standard for over 30 years now, so everything currently operating at Mars (NASA, ESA, and the China National Space Administration (CNSA) are all participating in CCSDS) is likely conforming pretty closely to the radio communications standards in CCSDS 401.0-B
Overall its a pretty amazing amount of detail provided by them, a real wealth of technical information regarding spacecraft operations and engineering.
The airwaves can be intercepted, sure, but that isn't what I mean. I've done quite a bit of work that involved ground processing of signals from government owned spacecraft and all of it was encrypted using pre-shared hardware keys, not PKI. Granted, that was military applications and maybe JPL and NASA don't have the same security requirements, but seemingly they should? Maybe the Mars rover is less of a desirable attack target for a nation state adversary than a spy satellite, but it is a pretty expensive project you would seemingly still want to protect as much as you can.
I suspect the data streams are readable but the commands are encrypted, I mean satellites would be dropping out of the sky left and right (proverbially?) if that wasn't the case.
[*] click, flask, itsdangerous, jinja, markupsafe, and werkzeug