Tag Archives: open source

Last Chance: 2013 Open Source Development Survey Closes Tomorrow Take It For Your Chance To Win A Brand New Apple Workstation

January 14, 2013 By Emily Blades

Don't Miss Out: Take Our Survey And This Could Be Yours!

Time is running out! Share your open source knowledge, experiences and challenges for your chance to win Jason’s brand new Apple workstation including a 15″ MacBook Pro with Retina display, a 27″ Thunderbolt display, an Apple Magic Mouse and an Apple Wireless Keyboard. We’ve also snagged both of his iPad minis. That’s enough loot for 3 winners!

Our survey closes at 11:59:59 pm EST, January 15, 2013, so don’t miss your chance! Also, if you respond to our survey, we’ll give you early access to our findings.

The survey will take less than 10 minutes. We promise.

*Official Rules for the Sonatype Open Source Survey Promotion can be found here.

Your Opinion Matters: Take Our 2013 Open Source Development Survey (plus, you could win Jason’s brand new Apple Workstation)

December 12, 2012 By Emily Blades

We Took Jason's Brand New Apple Workstation - Take Our Survey and it Could Be Yours

We want to hear about your experiences and challenges using open source software in development. Please take 10 minutes and share your thoughts.

In return, you could win Jason’s brand new Apple workstation including a 15″ MacBook Pro with Retina display, a 27″ Thunderbolt display, an Apple Magic Mouse and an Apple Wireless Keyboard. We’ve also snagged both of his iPad minis. That’s enough loot for 3 winners!

Last year, more than 2,500 of you shared some really interesting information. If you respond to this year’s survey, we’ll give you early access to our findings.

Take Survey Now

What are you waiting for? Take the survey now. It will take less than 10 minutes. We promise.

*Official Rules for the Sonatype Open Source Survey Promotion can be found here.

Evaluating an Open Source Project’s Security

April 10, 2012 By Tim O'Brien

Last week I wrote about how important it is to pay attention to the security of the OSS projects you depend on. This isn’t just a one-time responsibility when you are trying to choose which component to depend on, this is an ongoing requirement. Even if you use the most secure OSS projects out there, if you don’t pay attention to security updates, it is all for nothing. Staying secure requires constant vigilance.

In this post, I’m going to talk about OSS project security. Since we’ve been paying a lot of attention to OSS security, I wanted to lay out some guidelines for evaluating an OSS project’s security. There’s a wide range of approaches to security from OSS projects: on one end of the spectrum, a one-person OSS project on Github won’t have a formal approach to security; on the other end of the spectrum, a project that is at the center of a billion dollar commercial ecosystem (like Apache httpd or Tomcat) will have a dedicated security team.

Continue reading →

OSS Compliance: Lead or be Led, Your Choice

April 5, 2012 By Tim O'Brien

In case you missed it, we published the results of our Developer Survey as a PDF. One of the things we did this year was post some comparisons to last year’s survey, specifically the changing attitudes toward OSS license compliance and policy. Here’s a statistic that caught my attention:

These two ends of spectrum – no standards vs. total lock down – had huge movement between 2011 and 2012, and I predict that we’re going to see the same sort of movement in next year’s survey. Open source compliance is top of mind for a few reasons, but I think that the trend can be explained by the timing of corporate adoption of OSS over the last decade and the average lifecycle of enterprise development.

Continue reading →

Webinar: Why We Need To Care About OSS Security Now

April 4, 2012 By Jason van Zyl

Let’s talk about security. You may have seen that Sonatype released research on the security of some of the most commonly used open source components. To be honest, the results surprised me. However, now that we are aware of the realities, it’s important to be practical about this.

Join me for 30 minutes at 11:00AM EDT (GMT-0400) on Thursday, April 12, when I will be sharing some of our findings and my thoughts on how we can build a more healthy open source ecosystem.

Hope you can make it,

Jason

Sonatype Blog: Latest Posts