28. July 2018
Moving to Gitlab

We moved Panopticon development from Github to Gitlab, split the project into multiple repositories and relicensed it under LGPL v2.1+. This blog post explains why we did all this and what the future of Panopticon looks like.

Project Reorganization

When we started development we put everything into one repository. This had the advantage that we avoided having to manage changes across repositories. This was also before Github introduced the Project feature to help with cross-repository work. Now, that the project (and the number of crates in the repository) grew quite a lot it makes sense to split things to make the project manageable again.

We will split everything into multiple repositories, one with all the base crates, one for the UI (more on that in a later blog post) and one for each disassembler (AMD64/x86, Atmel AVR , MOS 6502).

Base Crates

This repository contains the p8n-types crate with the basic data structures and disassembly code, the p8n-data-flow and p8n-abstract-interp crates that implement more advanced program analysis algorithms and p8n-analysis that uses the former three crates to provide an easy to use and fast binary-to-CFG pipeline.

New UI

We will split the graphical user interface off to a separate crate. In the process, we will also move away from the current Qt5/QML based application. More on that later.

Disassembler Crate

All concrete disassembler for AMD64, MOS 6502 and AVR will be put into their own crate. The API between the base crates and the disassembler are mostly stabilized and some architectures have complex tests and large test files. Putting this into the same repository as the base crate does not longer make sense.

Gitlab Organization

When I started the Panopticon project everything was self-hosted but I moved to Github when I got tired of managing the server and all the needed services. I want to code, not administrate servers. I always felt uneasy about the vendor lock-in that comes with using proprietary software for issue tracking. Initially, we planned to create an organization on Github but after they got acquired my Microsoft, we decided to use Gitlab instead. I do not want to stir up drama, but to make it short, I do not trust Microsoft and making the project depended on the benevolence of them is more risk than I’m willing to tolerate. Gitlab is a bit slower and I like the UI of Github better, but it’s still a more complete replacement than Gitea/Gogs.

LGPL Version 2.1 Or Later

Initially, the whole project was licensed under GPLv3. I have to admit I did not think long about it. Now, that parts of Panopticon are a stand-alone library, it makes sense to have a more permissive license.

Future

Over the last few months, we changed a lot of internal data structures to make Panopticon faster and less memory hungry. This summer we will finish porting everything onto the new data structure and improve code recovery. Panopticon now implements narrowing and function summaries, both features will make our results more competitive.