The new protections Defending Your Data include a contractual commitment to challenge government requests for data as well as a monetary commitment. These protections come after a ruling earlier this year from the Court of Justice for the European examining transfers of data from the EU as well as union and draft recommendations issued … continue reading
The new version of Electron JS includes upgrades to Chromium 87, V8, 8.7, and Node.js 12.18.3 as well as support for Apple silicon and general improvements. Other improvements include an added V8 crash message and location information to crashReport parameters and improved performance for sending wide objects over the context bridge. Additional details on all … continue reading
Gravitational changed its name to Teleport and released the Teleport Unified Access Plane. “The decision to formally change our name to Teleport supports the natural evolution that our company has followed from the point it was founded – to create software for engineers that allows them to quickly access any resource anywhere,” said Ev Kontsevoy, … continue reading
Exadel, a global provider of digital software engineering solutions and services, announced the release of CompreFace, an open-source facial recognition application. CompreFace can be integrated as a standalone service or deployed via the cloud. It’s convenient API offers state-of-the-art facial recognition. To get started with Compreface, visit: (https://github.com/exadel-inc/CompreFace#overview) “Facial recognition technology is being rapidly adopted across … continue reading
Merge Confidence is a new automated solution that helps developers safely update and remediate their open source dependencies by using a badge to show how likely an open source component can be updated without breaking the build. “Open source components are updated at such a staggering rate, it is impossible to manage this process manually. … continue reading
Android announced that it would migrate all of its current build systems to Bazel. While components of Bazel have been already checked into the Android Open Source Project (AOSP) source tree, this will be a phased migration over the next few Android releases and will include many concrete and digestible milestones to make the transformation … continue reading
WhiteSource announced new vulnerability-based alerts designed to speed up and simplify the vulnerability management process. It will provide developers with flexibility when managing alerts as well as providing a more granular view of the issues, according to the company. “The number of known security vulnerabilities has been rising exponentially over the past few years, and … continue reading
Apple announced that later this year users will be able to learn about some of the data types that certain apps collect, and whether that data is linked to them or used to track them. Starting on December 8th, developers will be required to summit this information when they add new apps and app updates … continue reading
TypeScript 4.1 RC was released with new features, new checking flags, editor productivity updates, and speed improvements. The new string literal types in TypeScript allow users to model functions and APIs that expect a set of specific strings. It has the same syntax as template literal strings in JavaScript, but is used in type positions. … continue reading
Sonatype’s 2020 State of the Software Supply Chain Report found that next generation cyber-attacks actively targeting open-source soft- ware projects increased 430% over the past 12 months. Industry and the Open Source communities recognize heightened security risks and are working to solve these. For example, in August 2020 the Linux Foundation launched the Open Source … continue reading
IBM has announced the Code Risk Analyzer, a focused effort to bring security and compliance analytics to DevSecOps. The Code Risk Analyzer can be configured to run at the beginning of a developer’s code pipeline and it reviews and analyzes Git repositories for known issues with any open-source code that needs to be managed. It … continue reading
Halloween is upon us, and while much of the world is focused on scary creatures like ghosts, ghouls, or werewolves, DevSecOps teams have a few scary creatures of their own to deal with. From the Dracula-like developer stuck in a world from centuries ago who is thwarting the creation of secure apps, to the DevOps … continue reading
