Tag Archives: opensource

Google has introduced a new vulnerability rewards program to pay researchers who find security flaws in its open-source software or in the building blocks that its software is built on. It’ll pay anywhere from $101 to $31,337 for information about bugs in projects like Angular, GoLang, and Fuchsia or for vulnerabilities in the third-party dependencies that are included in those projects’ codebases. While it’s important for Google to fix bugs in its own projects (and in the software… Source link

Today we’re announcing that userver, our framework for building high-load applications, has made it to open source. This is an important way for us to share the experience we’ve accumulated developing microservices. If you follow this link to GitHub, you’ll find a repository with source code, documentation, examples, a template for creating your own services (with configured CI, a build, and a test environment), and a dynamic config service. Everything is published under the Apache 2.0… Source link

Today we’re announcing that userver, our framework for building high-load applications, has made it to open source. This is an important way for us to share the experience we’ve accumulated developing microservices. If you follow this link to GitHub, you’ll find a repository with source code, documentation, examples, a template for creating your own services (with configured CI, a build, and a test environment), and a dynamic config service. Everything is published under the Apache 2.0… Source link

Today we’re announcing that userver, our framework for building high-load applications, has made it to open source. This is an important way for us to share the experience we’ve accumulated developing microservices. If you follow this link to GitHub, you’ll find a repository with source code, documentation, examples, a template for creating your own services (with configured CI, a build, and a test environment), and a dynamic config service. Everything is published under the Apache 2.0… Source link

The OpenInfra Foundation, the open-source foundation that used to be the OpenStack Foundation until it expanded its scope beyond its flagship project a few years ago, today announced an interesting new way for companies to fund open-source projects inside the foundation. Traditionally, corporate members of open-source foundations support the organization by paying a membership fee, which, for the most part, the foundations then distribute as they see fit. Now, with its new ‘Directed Funding’… Source link

Google announced a new initiative Tuesday aimed at securing the open-source software supply chain by curating and distributing a security-vetted collection of open-source packages to Google Cloud customers. The new service, branded Assured Open Source Software, was introduced in a blog post from the company. In the post, Andy Chang, group product manager for security and privacy at Google Cloud, pointed to some of the challenges of securing open-source software and stressed Google’s… Source link

Following a summit on open-source security hosted at the White House Thursday, Google has called for increasing government involvement in identifying and securing critical open-source software projects. In a blog post published shortly after the summit, Kent Walker, president for global affairs and chief legal officer at Google and Alphabet, said that collaboration between government and the private sector was needed for open-source funding and management. “We need a public-private… Source link

Scorecards provides an assessment of open-source packages, which developers can use to judge whether they are safe to introduce into their projects or systems. This new system is intended to help developers assess the risk level of a software package. Image: iStock Introducing… Source link