InfoQ Homepage Open Source Content on InfoQ
-
PyTorch-Nightly Struck by Supply Chain Attack Exfiltrating Data and Files
Developers who installed the nightly builds of PyTorch between December 25 and December 30, 2022, are recommended to uninstall it and purge their pip cache to get rid of a malicious package, say PyTorch maintainers. The new attack highlights a recent trend.
-
Amazon Releases Fortuna, an Open-Source Library for ML Model Uncertainty Quantification
AWS announced that Fortuna, an open-source toolkit for ML model uncertainty quantification, has been made generally available. Any trained neural network can be used with the calibration methods offered by Fortuna, such as conformal prediction, to produce calibrated uncertainty estimates.
-
Microsoft Brings Its Cloud Services and AI to the Edge
Microsoft recently announced the open-source release of Azure DeepStream Accelerator (ADA) in collaboration with Neal Analytics and NVIDIA, allowing developers to build Edge AI solutions with native Azure Services integration quickly.
-
Google Releases Open-Source Vulnerability Scanning Tool
Google has released OSV-Scanner, an open-source front-end interface to the Open Source Vulnerability (OSV) database. The OSV database is a distributed, open-source database that stores vulnerability information in the OSV format. The OSV-Scanner assesses a project's dependencies against the OSV database showing all vulnerabilities relating to the project.
-
AWS Releases Open-Source Tool for Command-Line Container Management
AWS has released Finch, an open-source, cloud-agnostic, command-line client for building, running, and publishing Linux containers. Finch bundles together a number of open-source components such as Lima, nerdctl, containerd, and BuildKit. At the time of release, Finch is a native macOS client with support for all Mac CPU architectures.
-
Linux 6.1 Officially Adds Support for Rust in the Kernel
After over two years in development, support for using Rust for kernel development has entered a stable Linux release, Linux 6.1, which became available a couple of weeks ago.
-
AirBnb Animation Engine Lottie Improves Performance by Adopting Core Animation
AirBnb has announced the fourth major iteration of its open-source vector-based animation engine Lottie. Thanks to the adoption of Core Animation, Lottie 4.0 provides significant performance improvements and reduces CPU load, says AirBnb iOS engineer Cal Stephens.
-
Apple Announces Full Swift Rewrite of the Foundation Framework
The Swift team has started to work on a new open-source implementation of the Foundation framework. To be written entirely in Swift, the new Foundation aims to improve performance by getting rid of conversion costs between Objective-C and Swift as well as to provide the opportunity for modularizing and clean it up.
-
Asahi Linux Gets Alpha GPU Drivers on Apple Silicon
After two years of work to reverse engineer Apple Silicon GPU instruction set and to implement the kernel driver, Asahi Linux has finally got an alpha-quality release of its GPU driver that is already good enough to run a smooth desktop experience and some games, Asahi developers Alyssa Rosenzweig and Asahi Lina say.
-
Triggermesh Introduces an Open-Source AWS Eventbridge Alternative with Project Shaker
Recently TriggerMesh, a cloud-native integration platform provider, announced Shaker, a new open-source AWS EventBridge alternative project that captures, transforms, and delivers events from many out-of-the-box and custom event sources in a unified manner.
-
Critical Vulnerability in VM2 Sandbox Found Affecting Spotify Portal Platform Backstage
Spotify Backstage, an open-source platform used to build developer portals and in use at a number of large companies, has been found vulnerable to a critical remote code execution vulnerability. Confirming that most vulnerabilities are found in indirect dependencies, the Backstage vulnerability is enabled by another vulnerability found in its JavaScript VM2 sandbox dependency.
-
First Open Source Copyright Lawsuit Challenges GitHub Copilot
A class-action lawsuit has been filed in a US federal court challenging the legality of GitHub Copilot and the related OpenAI Codex. The suit against GitHub, Microsoft, and OpenAI claims violation of open-source licenses and could have a wide impact in the world of artificial intelligence.
-
Threat-Detection Tool Falco Now Supports Multiple Event Sources, Syscall Selection, and More
The latest release of Falco adds the ability to handle multiple simultaneous event sources within the same instance, support for selecting which syscalls to capture, a new Kernel Crawler to collect the most recent supported kernel versions, and more.
-
Programming Your Policies: Justin Cormack at QCon San Francisco 2022
At QCon San Francisco 2022, Justin Cormack, CTO at Docker, presented on Programming your policies. The talk is part of one of the editorial tracks called "Languages of Infra: Beyond YAML."
-
Tapabrata Pal on DevOps at Fidelity: Investing in Inner Source and Engineering Excellence -DOES 2022
At the DevOps Enterprise Summit Vegas 2022, Tapabrata Pal presented the state of DevOps at Fidelity and their investment in DevOps and inner source. They were facing challenges with their tools sprawl, security, audit and compliance, and their metrics. They focused on a unified developer experience, their tools standardization, continuous compliance and contextual metrics.