GitHub announced new improvements that streamline the Codespaces experience when working with multi-repository and mono-repo projects. GitHub initially released Codespaces to address cloud-native applications that are housed in a single repository: the most common type of project on GitHub. For those that are developing a feature that spans many different types of services, GitHub added … continue reading
Kubeflow is an MLOps toolkit originally created by Google that has integrated components for model development, model training, multi-step pipelines, AutoML, serving, monitoring, artifact management, and experiment tracking. The project aims to reduce costs associated with Running production machine learning workflows at scale with new capabilities. The PyTorch training operator can now be scaled up … continue reading
GitHub announced a new feature for Dependabot alerts that helps developers see how vulnerabilities affect their code. Dependabot alerts use GitHub’s precise code navigation engine to determine if a repository directly calls a vulnerable function. The new feature marks a shift in how GitHub curates information on vulnerable packages from the Advisory Database to curating … continue reading
Facebook announced that it open-sourced Lexical, an extensible JavaScript web text-editor library that emphasizes reliability, accessibility and performance. The project’s set of editor states represent the current and pending states of the editor at any given time. Developers can attach a content-editable DOM element to editor instances, and also register listeners and commands. Users can … continue reading
In late 2021, a vulnerability was detected in the Java logging package Log4j, which is the most popular framework for logging in Java. It is used in millions of applications. Not only that, but it is used as a dependency in over 7,000 open-source projects, according to research from software security company Sonatype. Given the … continue reading
Grafana Mimir is a scalable open-source time series database that allows enterprises to scale to over 1 billion metrics, and features benefits like simplified deployment, high availability, and more. The project is built on the foundations of Cortex, which was started in order to build scalable Prometheus-compatible solutions designed to be run as a SaaS … continue reading
The library operating system MirageOS 4.0 has been released with better integrations and a significant change in how MirageOS compiles projects. The project constructs unikernels for secure, high-performance, low-energy footprint applications across various hypervisor and embedded platforms. The MirageOS networking code powers Docker Desktop’s VPNKit and is also in use in Citrix Hypervisor, Nitrokey, Robur, … continue reading
xGitGuard is a tool built by Comcast to keep inadvertently uploaded authentication secrets out of GitHub repositories that is now available as open-source software. It can be used to scan GitHub at scale and identify proprietary authentication secrets, specifically passwords, API keys, and tokens. Development teams can use xGitGuard to identify credentials in their own … continue reading
FastTreeSHAP is a Python package that enables the efficient interpretation of tree-based machine learning models by computing sample-level feature importance values.2 The project was recently open-sourced by LinkedIn and was used at the company to improve member experience in products such as People You May Know (PYMK), newsfeed ranking, search, and job recommendations, as well … continue reading
Quickwit is an open-source search engine on object storage with subsecond latency for large datasets. The project made by the authors of the Rust search engine library tantivy recently raised $2.6 million in a seed round co-led by FirstMark and firstminute with many more participants. Quickwit 0.2 was launched in January with new features such … continue reading
Spotify built and open-sourced Ruler, a tool to measure and analyze the size of Android apps, built with automation in mind. It was built to tackle the challenges that arise when working with large applications with numerous contributors that are adding features. Another consideration for building the tool is that shrinking download size has been … continue reading
The Linux Foundation and Harvard’s Lab for Innovation Science have teamed up to educate developers and security professionals on what the most widely used open-source application libraries are. The report, Census II, is a follow-up to Census I, which was conducted in 2015 to identify the packages in Debian Linux that were most critical to … continue reading