Topic: code

Report: Security suffering due to a “zombie code” apocalypse

A majority of codebases contain outdated components, or “zombie code,” which can result in unpatched vulnerabilities lingering long after they should have been fixed. According to Synopsys’ Open Source Security and Risk Analysis report, which was released today, 91% of codebases contain components that are at least 10 versions out-of-date. Furthermore, 49% of codebases contain … continue reading

The future of developer enablement in software security

How developer-friendly is your organization’s security program? The answer is as important as ever in today’s digital economy. High-performing organizations empower developers with tools, training and resources to do high-quality work, with security top of mind. This results in the ability to build secure applications quickly that consistently meet expectations and mitigate risk. As we … continue reading

How clean code can help prevent headline-grabbing vulnerabilities

While errors and bugs in coding technology may not always be harmful, many of them can be exploited by bad actors and result in vulnerabilities. Bad actors can leverage vulnerabilities to get the software to act in unexpected ways, potentially impacting the performance and security of the software. This could also give untrustworthy agents access to … continue reading

SD Times Open-Source Project of the Week: Cadence

Cadence is a fault-tolerant stateful code platform created by Uber that enables users to write stateful applications without worrying about handling the complexity of handling process failures.  Workflows provide primitives to enable application developers to express complex business logic as code. It also provides asynchronous history event replication that can help users recover from zone … continue reading

The monorepo approach to code management

Codebases are as diverse, unique and interesting as the people who work on them. But almost all of them have this in common: they grow over time (the codebases, not the people). Teams expand, requirements grow, and time, of course, marches on; and so we end up with more developers writing more code to do … continue reading

With OSS, know when you’re vulnerable

Instead of building all software “from scratch” today, developers use open source to their advantage when needing to provide common or repetitive elements. Doing so primarily limits the use of the homegrown code they develop for proprietary features and functionality, while also being the adhesive that binds everything together. Consequently, developers spend much of their … continue reading

Swimm launches to help developers better understand codebases

Swimm, a developer onboarding and team collaboration tool provider, announced that it raised $5.7 million in seed funding and also launched its platform for sharing information about codebases.  The round of funding was led by Pitango First alongside TAU Ventures, Axon Ventures, Fundfire, as well as angel investors that included the founder of Snyk.  The … continue reading

Rollbar to improve code with new AI-assisted workflows and automation-grade grouping

Rollbar wants to shift developers’ focus to continuously improving code, instead of having to continuously fix it. The continuous code improvement platform provider announced two new features designed to reduce the time spent monitoring, investigating and debugging code.  The new AI-assisted workflows are automated workflows that help development teams catch and address errors before they … continue reading

Report: The emergence of Big Code comes with big problems

Despite efforts to make building and maintaining applications more maintainable, code is still growing in volume, variety, velocity and value. As a result, the trend Big Code has emerged and is expected to be just as disruptive to development teams as Big Data was to data teams.  “Today’s massive codebases make it difficult for developers … continue reading

premium Don’t throw away that throwaway code

Want to quickly know how good a project manager is? Here is an old consultant’s trick: Ask a programmer on the team how much throwaway code he or she used during the last project. A good 80/20 rule is the more throwaway code used during development, the better the project manager. Throwaway code refers to … continue reading

FSF reveals plans to build a public code hosting and collaboration platform

The Free Software Foundation (FSF) announced plans to launch a public code hosting and collaboration platform (“forge“) this year.  Members of the FSF tech team are currently reviewing ethical web-based software that will help teams work on their projects, with features like merge requests, bug tracking, and other common tools. “Infrastructure is very important for … continue reading

SD Times news digest: JDK 14 Rampdown Phase One, Codota acquires code prediction tool TabNine, and Apache Log4J2 2.13.0

The overall feature set for JDK 14 is now frozen and includes pattern matching for instanceof, a packaging tool and NUMA-Aware Memory Allocation for G1. The developers behind JDK 14 said the the stabilization repository, jdk/jdk14, is open for select bug fixes and, with approval, late enhancements per the JDK Release Process (JEP 3). The … continue reading

1 2 3 11
DMCA.com Protection Status