Sonatype announced its plan overhaul JavaScript scanning by providing new npm automated pull requests and more free developer tools.
The enhanced suite of JavaScript intelligence capabilities will provide developers with improved accuracy, increased policy control, and faster remediation of open source vulnerabilities, according to the company.
“The exponential growth in use of npm packages shows no signs of slowing and our aim is to ensure JavaScript developers have access to the highest quality components to build with,” said Brian Fox, the CTO of Sonatype.
Mendix expands cloud deployment options
Mendix announced the availability of Mendix’s portfolio of cloud-native deployment options across all public, private, and hybrid cloud environments.
“We pioneered cloud-native software deployment for low-code with Mendix Public Cloud, and we are committed to increasing the velocity and ease of cloud enablement and ROI with two new multi-cloud deployment options—Mendix for Private Cloud and Mendix Dedicated Cloud,” said Johan den Haan, the chief technology officer at Mendix.
Mendix for Private Cloud extends Mendix’s architecture to any privately configured location or data center, while Mendix Dedicated Cloud combines full portability, push-button migration, and effortless deployment of all Mendix cloud offerings.
More details are available here.
General Assembly launches CODE for Good
General Assembly launched CODE for Good, an enterprise coalition that aims to reskill women and underrepresented groups into software engineers.
Guardian, Humana, and Union Pacific Railroad will be the first partners to join GA’s new initiative, committing to training talent from within to fill available tech roles.
After three months of training, students will graduate the program with critical programming and technical problem-solving skills as well as hands-on experience with languages, frameworks, and libraries based on employer demand.
More details are available here.
Let’s Encrypt to revoke certificates due to rechecking bug
Let’s Encrypt announced that it will revoke many Let’s Encrypt TLS/SSL certificates by March 5th due to a rechecking bug found in its CAA code.
“Because of the way this bug operated, the most commonly affected certificates were those that are reissued very frequently, which is why so many affected certificates are duplicates,” Let’s Encrypt wrote in a post.
Approximately 2.6% of the certificates were found to be affected.