SafeLog4j is an open-source tool that can detect and verify vulnerable Log4j applications and protect them. This project comes after a 0-day exploit in the Java logging library, Log4j (version 2) was discovered on December 9. The vulnerability resulted in Remote Code Execution by logging a certain string. SafeLog4j works inside an application, blocking the … continue reading
ZenML is an extensible open-source MLOps framework designed to create reproducible pipelines. The framework enables data scientists to write their code as automated pipelines from day one. It is built to encourage the iterative and experimental nature of machine learning work, but also to provide a path to an automated, production-ready software base that can … continue reading
While 82% of respondents to a recent survey by the Linux Foundation stated that they feel welcome in the open-source community, the remaining 18% came primarily from disproportionately underrepresented groups including people with disabilities, transgender people, and racial and ethnic minorities in North America. The study “Diversity, Equity, and Inclusion in Open Source” included the … continue reading
WireMock is a simulator for HTTP-based APIs that enables users to stay productive when an API that one depends on doesn’t exist or is incomplete. It supports the testing of edge use cases and failure modes that the real API won’t reliably produce. The company behind the project, MockLab, was recently acquired by UP9. The … continue reading
Immudb is a database written in Go that is immutable, which means that history is preserved and can’t be changed without clients noticing. “Traditional database transactions and logs are hard to scale and are mutable, so there is no way to know for sure if your data has been compromised,” the project’s website states. “Immudb … continue reading
Anaconda today officially launched its Embedded Partner Program in response to the rising demand for access to secure, managed Python packages and environments. With this, organizations can embed Anaconda tools, packages, and repositories into their own products and services. The launch of Anaconda’s Embedded Partner Program brings end users a seamless access experience. Regardless of … continue reading
Getting involved in an open source project is a great way to build your skills as a developer, especially for those looking to have some practical experience they can show to prospective employers. OSS Port is an open source repository of projects that are actively looking for contributors that can make it easier to find … continue reading
Selenium is the most widely used software for automating UI testing, and while some maintain it is flaky and not facile at managing dependencies, the project has found its way into many development shops. Last month saw the release of Selenium 4, which Simon Stewart, former lead of the open-source Selenium project, said introduced “a … continue reading
The Eclipse Foundation yesterday announced an open invitation for technology leaders to help define a new working group focused specifically on the Software-Defined Vehicle. Software-defined vehicles enable vehicle manufacturers as well as automotive suppliers to put software at the very center of vehicle development, with hardware considerations to follow. The aim behind the project using … continue reading
Sentry, in an attempt to raise the bar for how companies interact financially with the open source community, is launching FOSS Fund 155 and donating $154,999.89 to 108 individuals. The inspiration comes from other open source funds that came before it, including FOSS Fund Adopters, launched by Indeed, which resulted in a $10,000 to Sentry … continue reading
Today, IBM released the Open Source Cloud Guide which highlights various use cases that are important in hybrid cloud environments and features the important open-source projects in those areas. The guide offers an overview of the concept or use case, an explanation of a traditional solution to achieve it, key open-source projects, and a highlight … continue reading
Threatmapper is a cloud-native security observability platform that scans, maps, and ranks vulnerabilities from development through production across serverless, Kubernetes, container, and multi-cloud environments. This Wednesday, it was open-sourced by Deepfence under the Apache 2.0 license. “By open sourcing ThreatMapper, we aim to help developers, DevOps, DevSecOps, and security teams identify and prioritize threats quickly … continue reading