GitHub says attackers accessed thousands of internal repositories after a company employee’s device was compromised through a malicious Visual Studio Code extension, though the company said it has removed the malicious extension, isolated the compromised endpoint, and launched an investigation. The company confirmed that approximately 3,800 internal repositories were affected. GitHub stated that investigators have […]
OpenSSF’s CRob: ‘The Runway Is Rapidly Running Out’ on EU CRA Readiness
The EU’s Cyber Resilience Act kicks into high gear this September, and companies are still clueless about how they must obey its strictures. MINNEAPOLIS — At Open Source Summit North America, Christopher “CRob” Robinson, Chief Security Architect for the Open Source Software Foundation (OpenSSF), spoke about the European Union’s (EU) Cyber Resilience Act (CRA). CRob […]
The Future of Observability: How OpenTelemetry is Shaping IT Operations in the Age of AI
OpenTelemetry (OTel) is going to do for IT operations what open-source software originally did for application development.
System Initiative Open Sources Digital Twin Tool for DevOps
System Initiative is making the digital twin tool it developed to manage DevOps workflows available under an open source Apache 2.0 license.
Creating a Growth Loop for Your Open Source Project
Every open source project hopes to achieve escape velocity, attracting enough users and contributors to become a successful, sustainable project that expands over time. But how do you attract developers and create the cycle of adoption that can lead to a thriving ecosystem? It obviously starts with building a great product that developers love to […]
DevOps Done Right: How to Succeed in DevOps From Day One
Whether you are diving into DevOps for the first time or trying to do it right this time, DevOps Onramp provides all the information you need for a successful DevOps journey. Join us on May 4, 2023, to learn how to get started with DevOps—and how to do it right. You’ll learn: DevOps best practices, […]
Voice.ai ‘Stole’ Code ¦ AWS Gets Filthier
In this week’s #TheLongView: Alleged theft of GPL code, and Amazon will run its data centers on gas.
Majority of Open Source Devs Open to Change Jobs in 2022
Open source is the foundation of most modern software applications. Now more than ever, retaining developers with experience working on and with open source projects is critical to maintaining software development agility. Yet amid the Great Resignation, it can be challenging to keep talent happy—organizations must demonstrate a commitment to employee benefits, mentorship and cutting-edge […]
Log4j: Is There Such a Thing as ‘Too Much’ Open Source?
The Log4j vulnerability got me thinking: Is there such a thing as too much open source? Before anyone immediately fires off a flaming email, rage tweet or scathing blog post, hear me out for a moment. If you know me, you know that I am an open source fanatic. I’ve been asked many times, “Should […]
Is Open Source More Secure Than Closed Source?
There’s no getting around the fact that security is one of the most essential factors in day-to-day operations for most software developers. From proprietary code to sensitive customer data and everything in between, there are hundreds – if not thousands – of crisis scenarios that can result from gaps in security. Data security is an […]