InfoQ Homepage Open Source Content on InfoQ
-
Securing the Open-Source Software Supply Chain
Recent findings by security researchers at SonarSource showed multiple security vulnerabilities in popular package managers, including Pip, Yarn, Composer, and others. Package managers, though, are not the only weak link in the open source security chain. InfoQ has spoken with Sonatype CTO Brian Fox.
-
Quine Aims to Simplify Event Processing on Data in Motion
Developed at thatDot, Quine is an open source streaming graph solution aimed at high-volume event processing. Quine combines graph data and streaming technologies to enable the creation of real-time, complex event processing workflows at scale, says thatDot.
-
Couchbase Mobile 3 Brings New C and Kotlin APIs, Simplified Administration
NoSQL database maker Couchbase has released Couchbase Mobile 3, its edge-ready mobile database, introducing a new C API to embed Couchbase Lite on embedded platforms, Kotlin support on Android, a new administration REST API, and security enhancements.
-
AWS Introduces a New Open-Source Solution: AWS Virtual Waiting Room
Recently, AWS introduced a new open-source solution called AWS Virtual Waiting Room, allowing integration with existing web and mobile applications. In addition, the solution protects systems from resource exhaustion by buffering user requests during sudden traffic bursts.
-
OpenSSF Announces the Alpha-Omega Project to Improve Software Supply Chain Security
The Open Source Security Foundation (OpenSSF) in partnership with Google and Microsoft have announced the Alpha-Omega Project to improve supply chain security across open source software (OSS) projects. The project will focus on improving the security posture of the most widely deployed and critical OSS projects.
-
Moldable Development: How Custom Tools Make Systems Explainable
Moldable Development is a way of programming through which we construct custom tools for every software development problem. Glamorous Toolkit is a moldable development environment that can be used to mold custom tools.
-
Google and GitHub Announce OpenSSF Scorecards v4 with New GitHub Actions Workflow
GitHub and Google have announced the version 4 release of the Open Source Security Foundation (OpenSSF)'s Scorecards project. Scorecards is an automated security tool that identifies risky supply chain practices in open source projects. This release includes a new Scorecards GitHub Action, new security checks, and a large increase in the repositories included in the foundations weekly scans.
-
AngularJS Officially Reached End of Life
After a grace period induced by the current global pandemic, long-term support for AngularJS has been discontinued. While AngularJS will still remain available, its repo will be archived and will receive no more additional updates, including security patches.
-
MicroStream 6.0 Supports JDK 17, Spring Boot and Helidon
MicroStream, the JVM data storage engine providing in-memory storage to fully or partially persist and restore Java object graphs, has released version 6.0 featuring added support for Java 17, Spring Boot integration, Deep-copy utility and the elimination of various bugs.
-
AWS Announces Construct Hub and New Version of AWS Cloud Development Kit at re:Invent 2021
Recently, AWS announced the general availability (GA) of version 2.0 of the AWS Cloud Development Kit (AWS CDK) and AWS Construct Hub during its annual re:Invent conference.
-
Microsoft Introduces a Fully-Managed Azure Load Testing Service in Preview
Recently Microsoft announced a preview of Azure Load Testing. With this fully-managed load testing service, users can generate high-scale load with custom Apache JMeter scripts and gain actionable insights to catch and fix performance bottlenecks.
-
Pants Build System Adds Support for Java, Scala, and Go
In its upcoming release, now available to early adopters, build system Pants adds Java, Scala, and Go to previously supported Python. InfoQ has spoken with Benjy Weinberger, one of the creator of Pants alongside John Sirois, and currently CEO of Toolchain, Pants' main sponsor.
-
GitHub State of the Octoverse 2021 Highlights Trends and Predicts Good Practices
GitHub's latest State of the Octoverse research highlighted three major trends towards writing and shipping code faster, creating documentation, and supporting developer communities. It also includes three predictive models to help organizations identify what they can action to achieve success.
-
Dapr Joins CNCF Incubator: Q&A with Yaron Schneider
The Cloud Native Computing Foundation (CNCF) recently announced that it accepted the Distributed Application Runtime (Dapr) as a CNCF incubating project. This statement follows an earlier announcement by Dapr, announcing the formation of the Dapr project's Steering and Technical Committee (STC).
-
Microsoft Introduces a New Cloud-Native Offering with Azure Container Apps Service
During the recent Ignite conference, Microsoft announced a new cloud-native offering with Azure Container Apps, allowing developers to build microservice architectures using containers. This serverless Kubernetes-based service is in public preview.