InfoQ Homepage DevOps Content on InfoQ
-
Yelp Open-Sources Fuzz-Lightyear, A Swagger-Based IDOR Vulnerability Detector
Business directory and crowd-sourced review service, Yelp, has open-sourced their in-house security testing framework, fuzz-lightyear, that identifies Insecure Direct Object Reference (IDOR) vulnerabilities.
-
Microsoft Announces Playwright Alternative to Puppeteer
Playwright is an open-source Node.js library started by Microsoft for automating browsers based on Chromium, Firefox, and WebKit through a single API. The primary goal of Playwright is improving automated UI testing.
-
Rust Moving Towards an IDE-Friendly Compiler with Rust Analyzer
Rust Analyzer is an experimental IDE/latency-oriented Rust compiler. This is an emerging endeavour within the Rust ecosystem, which is aimed at improving the IDE experience with Rust.
-
The Java EE Guardians Rebrand as the Jakarta EE Ambassadors
Under the auspices of the Eclipse Foundation, the rebranding of the Java EE Guardians to the Jakarta EE Ambassadors has been completed. They were a driving force that ultimately led to Oracle open-sourcing Java EE and transferring ownership to the Eclipse Foundation. Reza Rahman, program manager, Java on Azure at Microsoft, spoke to InfoQ about this rebranding.
-
Web Packaging Proposal to Enable Offline Distribution, Installation and Usage of PWAs and Websites
The Web Packaging proposal was recently published by the Web Platform Incubator Community Group (WICG). Web Bundles, more formally known as Bundled HTTP Exchanges, are a key part of the packaging proposal and seek to address the offline distribution, installation, and consumption of web resources.
-
CRI-O Infrastructure and Application Monitoring Now Supported by Instana
Kubernetes application performance management solution, Instana, has announced support for managing CRI-O Kubernetes run-time containers and the applications that run on that infrastructure.
-
Ballerina - An Open Source JVM Language and Platform for Cloud-Era Application Programmers
Open-source technology company, WSO2, has released Ballerina 1.1.0 with new features including: the new Ballerina Tool, enhanced IDE support for VSCode and IntelliJ IDEA; and improved performance in runtime type checking and creating and accessing maps, arrays and records. Lakmal Warusawithana, senior director, cloud architecture at WSO2, spoke to InfoQ about this latest release.
-
Sonatype Disables Unencrypted Access to Maven
Sonatype has disabled unencrypted HTTP access to Maven Central, improving security for build systems such as Maven, Gradle, SBT, and other dependency systems.
-
Gradle 6 Brings Significant Dependency Management Improvements
Gradle, the customizable open source build automation tool, has released version 6.0 with significant improvements to dependency management, out of the box support for javadoc and source jars, and faster incremental compilation of Java and Groovy code. In addition, the latest release 6.1.1 supports a relocatable dependency cache for speeding up ephemeral CI builds.
-
Confluent Offers Apache Kafka as a Service on the GCP Marketplace
In a recent blog post, Confluent announced the general availability of Confluent Cloud on the Google Cloud Platform (GCP) Marketplace. Confluent Cloud is a fully managed Apache Kafka service, which removes the burden of its users to manage Kafka themselves.
-
Database Access Misconfiguration Exposes 250M Customer Records at Microsoft
Comparitech security firm reported a major data breach at Microsoft that exposed 250 million customer records over a period of a couple of days. Microsoft said the leaked data, which did not include personally identifiable information, was not used maliciously.
-
QCon London - Keynotes & Workshops on Kubernetes, Apache Kafka, Microservices, Docker
QCon London is fast approaching. Join over 1,600 global software leaders this March 2-4. At the event, you will experience: talks that describe how industry leaders drive innovation and change within their organizations; a focus on real-world experiences, patterns, and practices (not product pitches), and implementable ideas for your projects and your teams.
-
Reducing Build Time with Observability in the Software Supply Chain
Tools commonly used in production can also be applied to gain insight into the CI/CD pipeline to reduce the build time. Ben Hartshorne, engineer at honeycomb.io, gave the presentation Observability in the SSC: Seeing into Your Build System at QCon San Francisco 2019.
-
Elastic Cloud on Kubernetes Moves into General Availability
Elastic recently moved Elastic Cloud on Kubernetes (ECK) into GA. Originally announced as an alpha release in May 2019, Elastic is looking to support the growing number of users leveraging Kubernetes for deploying ElasticSearch. This release includes support for many of Elastic's core features and can run on a number of public cloud Kubernetes offerings.
-
Q&A on Okteto: a Tool to Develop Applications in Kubernetes
Okteto is an open-source tool that runs locally to synchronize application code changes to a running pod in a local or remote Kubernetes cluster. There's no need to commit, build, and push a container image to start testing an application. Developers can continue using their existing IDE, debuggers, compilers or hot reloaders to test their code changes instantly.