GitLab is strongly recommending users upgrade to any of the newest versions for GitLab 8.2 through 8.7 GitLab Community Edition (CE) and Enterprise Edition (EE) because they contain security fixes.
One of the security fixes is for a critical privilege escalation. GitLab said that during an internal code review, it discovered a critical security flaw in the “impersonate” feature of GitLab. It wrote that it was possible for any authenticated users (administrator or not) to log in as any other user. Developers can look at the full issue for more details.
GitLab recommended developers upgrade to:
Pants 1.0 release
The Pants open-source project has seen its first major release, and Twitter is participating in the milestone.
Pants is a tool for monorepo-style source repositories. Pants also provides better user experience with installation, allowing it to be set up with an empty pants.ini file. It also has stable public APIs and options with a clear deprecation policy and regular vetted stable releases from release branches.
Pants was open-sourced in 2012 under the Apache 2.0 license, and currently Twitter is committed to developing it to improve its performance, add support for mobile, and to make it become a “best-in-class” build tool, wrote Matt Olsen, a software engineer for Twitter, in a blog post.
Sauce Labs integration for JIRA
To allow development and testing teams to create tickets within Sauce Labs, the cloud-based platform announced its new integration with JIRA today.
Sauce Labs’ new integration optimizes development processes for Continuous Integration and Continuous Deployment workflows, which will allow developers to write their software faster, according to the company.
“Software development teams continue to look for ways to speed up their processes without compromising quality,” said Lubos Parobek, vice president of product for Sauce Labs. “In order to help address this challenge, Sauce Labs continues to extend our development ecosystem integrations and plug-ins with other key software build-chain tools.”
The new integration for JIRA offers the ability to create tickets directly from the Sauce Labs interface, automatically upload test data and debugging tools to JIRA, attach a job detail link to a JIRA ticket, and more.
WalkMe Apps released to help mobile developers
As a way to address some of the challenges that mobile app developers face, WalkMe launched WalkMe Apps, a free solution for developers.
WalkMe Apps allows developers to focus their full attention on developing software, and it provides user and customer engagement tools to help them boost experiences and improve app ratings. These tools are called “applets,” and they are standalone onboarding, user engagement and monetization components that can be codelessly integrating into any developer’s app.
Using applets can accelerate the release cycle by negating the need to code new features and then resubmit the app to the App or Google Play store, according to the company.
XL Deploy 5.5 new provisioning features
XL Deploy 5.5 by XebiaLabs has new provisioning features that were introduced today, allowing the spin up of cloud infrastructure and deployment. This means it doesn’t matter where deployment is happening, and provisioning in the infrastructure can be the same as it was for team’s deployments.
With XL Deploy, the un-deployment of applications can be linked to the tearing down of environments, helping control cloud costs, according to the company. Cloud provisioning with XL Deploy also allows developers to add capacity using both cloud and data center resources, which will be automatically created when needed.
The new feature also takes the advantages of Xebia Labs’ deployment approach, and it applies it to the environment provisioning process, seamlessly adding an enterprise orchestration layer on top.