Mikeal Rogers, a developer on the io.js team and an active member of the Node community, has posted a proposal on GitHub for reconciliation of the io.js fork with Node.js.

Rogers posted an open GitHub proposal entitled “Reconciliation Proposal #978,” laying out preliminary plans for the merger, the technical governance structure, proposed working groups, and a long-term support road map associated with merging the two evented JavaScript I/O forks. Under the proposal, io.js would retain much of its autonomy, but with all its working groups moving under the Node banner.

“While io.js is often used as a starting point, this document treats a future project under the foundation as a new organism made from the merger of each project and not as an extension of only Node.js or only io.js,” wrote Rogers. “The goal of the merger should be a project that is actually greater than the sum these parts.”

The proposal is currently under debate.

Top mobile application security issues
FireEye has released a report analyzing top mobile application vulnerabilities. The “Out of Pocket: A Comprehensive Mobile Threat Assessment of 7 Million iOS and Android Apps” report revealed that Android malware is growing and iOS devices are increasingly at risk.

“Today, mobile apps represent a significant threat vector for enterprises,” said Manish Gupta, senior vice president of products at FireEye. “Worse, most enterprises have little or no information on mobile security risks nor any way to deal with an advanced attack on a mobile device.”

Findings indicate mobile devices face risks from:

  • Malicious apps
  • Legitimate apps that are poorly written
  • Legitimate apps that use insecure or aggressive ad libraries
  • Malware/aggressive adware
  • Identify theft
  • SMS fraud

The full report can be found here.