Tag Archives: opensource

Google’s open-source bug bounty aims to clamp down on supply chain attacks

Google’s open-source bug bounty aims to clamp down on supply chain attacks

Google has introduced a new vulnerability rewards program to pay researchers who find security flaws in its open-source software or in the building blocks that its software is built on. It’ll pay anywhere from $101 to $31,337 for information about bugs in projects like Angular, GoLang, and Fuchsia or for vulnerabilities in the third-party dependencies that are included in those projects’ codebases. While it’s important for Google to fix bugs in its own projects (and in the software… Source link

Read More »

Introducing Beta of userver, an Open-Source Framework for Creating Microservices | by Antony Polukhin | Yandex | Jul, 2022

Introducing Beta of userver, an Open-Source Framework for Creating Microservices | by Antony Polukhin | Yandex | Jul, 2022

Today we’re announcing that userver, our framework for building high-load applications, has made it to open source. This is an important way for us to share the experience we’ve accumulated developing microservices. If you follow this link to GitHub, you’ll find a repository with source code, documentation, examples, a template for creating your own services (with configured CI, a build, and a test environment), and a dynamic config service. Everything is published under the Apache 2.0… Source link

Read More »

Introducing Beta of userver, an Open-Source Framework for Creating Microservices | by Antony Polukhin | Yandex | Jul, 2022

Introducing Beta of userver, an Open-Source Framework for Creating Microservices | by Antony Polukhin | Yandex | Jul, 2022

Today we’re announcing that userver, our framework for building high-load applications, has made it to open source. This is an important way for us to share the experience we’ve accumulated developing microservices. If you follow this link to GitHub, you’ll find a repository with source code, documentation, examples, a template for creating your own services (with configured CI, a build, and a test environment), and a dynamic config service. Everything is published under the Apache 2.0… Source link

Read More »

Introducing Beta of userver, an Open-Source Framework for Creating Microservices | by Antony Polukhin | Yandex | Jul, 2022

Introducing Beta of userver, an Open-Source Framework for Creating Microservices | by Antony Polukhin | Yandex | Jul, 2022

Today we’re announcing that userver, our framework for building high-load applications, has made it to open source. This is an important way for us to share the experience we’ve accumulated developing microservices. If you follow this link to GitHub, you’ll find a repository with source code, documentation, examples, a template for creating your own services (with configured CI, a build, and a test environment), and a dynamic config service. Everything is published under the Apache 2.0… Source link

Read More »

The OpenInfra Foundation launches ‘directed funding’ as a new way to support open-source projects

The OpenInfra Foundation launches ‘directed funding’ as a new way to support open-source projects

The OpenInfra Foundation, the open-source foundation that used to be the OpenStack Foundation until it expanded its scope beyond its flagship project a few years ago, today announced an interesting new way for companies to fund open-source projects inside the foundation. Traditionally, corporate members of open-source foundations support the organization by paying a membership fee, which, for the most part, the foundations then distribute as they see fit. Now, with its new ‘Directed Funding’… Source link

Read More »

Google will start distributing a security-vetted collection of open-source software libraries

Google will start distributing a security-vetted collection of open-source software libraries

Google announced a new initiative Tuesday aimed at securing the open-source software supply chain by curating and distributing a security-vetted collection of open-source packages to Google Cloud customers. The new service, branded Assured Open Source Software, was introduced in a blog post from the company. In the post, Andy Chang, group product manager for security and privacy at Google Cloud, pointed to some of the challenges of securing open-source software and stressed Google’s… Source link

Read More »

Google calls for new government action to protect open-source software projects

Following a summit on open-source security hosted at the White House Thursday, Google has called for increasing government involvement in identifying and securing critical open-source software projects. In a blog post published shortly after the summit, Kent Walker, president for global affairs and chief legal officer at Google and Alphabet, said that collaboration between government and the private sector was needed for open-source funding and management. “We need a public-private… Source link

Read More »