What's new with Java? A discussion with the London Java Community

3 minute read time

What's new with Java? Musings from the recent London Java Community event, Including insight on Java 11 and Java 17 migration, Static Java, UI technology.
Read More...

How to Manage Your Open Source Licenses in 2022

By Luke Mcbride on June 02, 2022 licenses

6 minute read time

Development teams are using openly licensed software in their process, and lots of it. To comply with the requirements, you need license management tools.
Read More...

Wicked Good Development: Dev Nexus Reflections and Conversations Part 1

By Kadi Grigg on May 31, 2022 Community

19 minute read time

At our roundtable discussion on Devnexus 2022, we get a chance to interview two more developers who contribute to the open source community.
Read More...

What is Code Quality? 5 Software Development Checks You Should be Automating

By Stephen Magill on April 05, 2022 How-To

4 minute read time

One of the most tangible ways to improve software is writing and maintaining good source code, but how do you make that part of your process?
Read More...

Why Companies Should Contribute to Open Source – and How to Do It

By Matt Freeland on February 03, 2022 Community

7 minute read time

Your company relies on open source projects; giving back to them can reduce tech debt, accelerate innovation, and reduce your developers’ cognitive load. 
Read More...

New Year, New CVE: a Deep Dive into the ‘node-forge’ (CVE-2022-0122)

By Juan Aguirre on January 25, 2022 vulnerabilities

5 minute read time

There's no better way to kick off the new year than with an analysis of an open source vulnerability affecting the popular node-forge component on npm.
Read More...

'Faker' npm Library Gets New Home After Dev Throws in the Towel

By Ax Sharma on January 18, 2022 npm

4 minute read time

Reputable maintainers have taken over the popular (and crucial) open source component "Faker", and it's already seeing traction.
Read More...

Helping The Open Source Community Find, Fix, and Remediate Log4j

By Ilkka Turunen on December 15, 2021 vulnerabilities

5 minute read time

Assistance to protect the software supply chain from Log4j and other logging vulnerabilities. Open source intel, Pull Request Protection, SBOMs, and more.
Read More...

Prioritizing Open Source Vulnerabilities: Is Reachability Useful?

By Stephen Magill on December 06, 2021 Open Source

8 minute read time

Good software composition analysis (SCA) can reduce open source risk, but poor results slows development. Can prioritization based on reachability help?
Read More...