Hackers love GitHub dorks - SecOps love outsmarting them Partner Content How GitGuardian enables auditing of GitHub footprints to mitigate past, present, and future leaks Partner Content
HashiCorp unveils 'Terraform 2.0' while tiptoeing around Big Blue elephant in the room HashiConf shindig oddly reluctant to mention impending IBM acquisition Devops18 Oct 2024 | 15
Google's memory safety plan includes rehab for unsafe languages Large C and C++ codebases will be around for the 'foreseeable future' Cybersecurity Month16 Oct 2024 | 30
You have issues with 'Issues' always being called 'Issues' in Jira, so Atlassian now allows them to be called ‘Tasks’ Developers get auto-coding ideas drawn from bug reports, and more AI besides Devops10 Oct 2024 | 22
Deno 2.0 looks to backward compatibility to move forward Modern runtime for JavaScript and TypeScript plays nicer with Node.js Devops09 Oct 2024 | 4
Rackspace internal monitoring web servers hit by zero-day Exclusive Intruders accessed machines via tool bundled with ScienceLogic, 'limited' info taken, customers told not to worry Cybersecurity Month30 Sep 2024 | 10
As IBM pushes for more automation, its AI simply not up to the job of replacing staff So say our sources, who warn job cuts, outsourcing risk depriving biz of seasoned technical talent Off-Prem24 Sep 2024 | 53
While HashiCorp plays license roulette, Virter rolls out to rescue FOSS VM testing Open Source Summit Europe BSL shenanigans continue to make waves Devops20 Sep 2024 | 7
Deadline looms: Google Workspace mandates OAuth by September 30 27 days to get your users' third-party apps on Google’s sign-in Devops03 Sep 2024 | 7
Alibaba Cloud boosts failure prediction with logfile timestamps Machine learning helps, but more data catches more faults - so Chinese champ has shared its data Devops03 Sep 2024 | 2
You probably want to patch this critical GitHub Enterprise Server bug now Unless you're cool with an unauthorized criminal enjoying admin privileges to comb through your code Patches21 Aug 2024 |
Core Python developer suspended for three months Code of Conduct violations include allegations that posts created 'atmosphere of FUD' Devops09 Aug 2024 | 236
It's 2024 and we're just getting round to stopping browsers insecurely accessing 0.0.0.0 Can't reach someone's private server on localhost from outside? No problem Research09 Aug 2024 | 39
Study backer: Catastrophic takes on Agile overemphasize new features Interview Users just want stuff that works. How hard can it be? Devops07 Aug 2024 | 92
OpenTofu hits version 1.8 with more crowd-pleasing features Open source TerraForm rival introduces a new file extension so users can 'keep older code around for compatibility' Devops31 Jul 2024 | 5
DigiCert gives unlucky folks 24 hours to replace doomed certificates after code blunder For the want of an underscore CSO31 Jul 2024 | 27
FYI: Data from deleted GitHub repos may not actually be deleted And the forking Microsoft-owned code warehouse doesn't see this as much of a problem CSO25 Jul 2024 | 49
Agile Manifesto co-author blasts failure rates report, talks up 'reimagining' project Interview Jon Kern is looking for Agile exemplars, not the 'Agile Industrial Complex' Devops16 Jul 2024 | 156
A friendly guide to containerization for AI work Hands on Save the headaches, ship your dependencies AI + ML07 Jul 2024 | 4
CISA looked at C/C++ projects and found a lot of C/C++ code. Wanna redo any of it in Rust? So, so many lines of memory-unsafe routines in crucial open source, and unsafe dependencies Research28 Jun 2024 | 81
Python dethrones JavaScript as the most-used language on GitHub Yearly report finds explosion of GenAI projects, new users from outside the coding community responsible for boost
Bitwarden switches password manager and SDK to GPL3 after FOSS-iness drama Open source tool chooses to become more open than ever
Amazon's nuclear datacenter dreams stall as watchdog rejects power deal Updated Federal Energy Regulatory Commission cites grid stability concerns
Buckle up, admins – Windows Server 2025 officially hits GA Thank you, vNext... and yes, there are plenty of updates to keep you busy
Schneider Electric ransomware crew demands $125k paid in baguettes Hellcat crew claimed to have gained access via the company's Atlassian Jira system
Why the long name? Okta discloses auth bypass bug affecting 52-character usernames Mondays are for checking months of logs, apparently, if MFA's not enabled
French govt finance panel mulls nationalizing Atos Protecting IT projects for military and other bits of the public sector
Public sector cyber break-ins: Our money, our lives, our right to know Opinion Is that a walrus in your server logs, or aren't you pleased to see me?
Microsoft has reached $1M giveaway levels of desperation to attract users to Bing Stuffing it full of AI hasn't helped, so let's try financial incentives
Google claims Big Sleep 'first' AI to spot freshly committed security bug that fuzzing missed You snooze, you lose, er, win
If you're using Polyfill.io code on your site – like 100,000+ are – remove it immediately Scripts turn sus after mysterious CDN swallows domain CSO25 Jun 2024 | 61
Bake an LLM with custom prompts into your app? Sure! Here's how to get started Hands on In Rust, we trust. But in gen-AI to not hallucinate? Eh, that's another story AI + ML22 Jun 2024 | 6
Um, what ever did happen with network automation? Systems Approach Is it lingering somewhere between fusion power and self-driving cars? Networks17 Jun 2024 | 10
From RAGs to riches: A practical guide to making your local AI chatbot smarter Hands on Nine out of 10 execs recommend adding Retrieval Augmented Generation to your daily regimen AI + ML15 Jun 2024 | 26
K8s celebrates KuberTENes: A decade of working together Give yourselves a pat on the back - all 88,000 of you Devops12 Jun 2024 | 1
More layoffs at Microsoft: What's really going on here? Analysis We had a record quarter, so sorry to see you go On-Prem04 Jun 2024 | 69
Google’s in-house docs about search ranking leak online, sparking SEO frenzy Updated GitHub trove details API features that 'contradict' Big G’s public statements about how its engine works Devops29 May 2024 | 39
By 2030, software developers will be using AI to cut their workload 'in half' Prepare for the HyperAssistant of the future, maybe Devops28 May 2024 | 98
Was there no one at Microsoft who looked at Recall and said: This really, really sucks Kettle Our vultures weigh in on the week that was more 'what we Built' than 'what you can Build' OSes25 May 2024 | 75
GitHub Enterprise Server patches 10-outta-10 critical hole On the bright side, someone made up to $30,000+ for finding it Patches22 May 2024 | 3
Computer sprinkled with exotic chemicals produced super-problems, not super-powers On Call The machine was so dead, hospital staff treated it like a corpse Devops17 May 2024 | 95
AWS CISO tells The Reg: In the AI gold rush, folks are forgetting application security RSAC 'Everybody's learning as they go. But there's a rush to get these apps out' AI + ML13 May 2024 | 5
Did IBM make a $6.4B blunder by buying HashiCorp? Opinion Terraform maker's programs are ideal fit for Big Blue, but why splash out when the software's free and open? Devops10 May 2024 | 48
I told Halle Berry where to go during a programming gig in LA On Call Five-star techies share stories of working from the lap of luxury Devops10 May 2024 | 95
Dear Stack Overflow denizens, thanks for helping train OpenAI's billion-dollar LLMs Microsoft-backed super-lab gets direct access to answers – and code forum gets its own AI AI + ML07 May 2024 | 26
Atlassian outsources office drudgery to GenAI agents Rovo will write to-do lists, create graphics, become virtual colleagues to whom you offload scutwork Devops03 May 2024 | 6
Open source programming language R patches gnarly arbitrary code exec flaw Updated An ACE in the hole for miscreants Patches01 May 2024 | 1
Turns out teaching criminals to write web code keeps them out of prison The software redemption Devops25 Apr 2024 | 29
Crooks exploit OpenMetadata holes to mine crypto – and leave a sob story for victims 'I want to buy a car. That's all' Cyber-crime18 Apr 2024 | 6
75% of enterprise coders will use AI helpers by 2028. We didn't say productively Dev teams must beware inflated expectations of tech leadership, Gartner warns Devops13 Apr 2024 | 45
What can be done to protect open source devs from next xz backdoor drama? Kettle What happened, how it was found, and what your vultures have made of it all Research06 Apr 2024 | 93
How this open source LLM chatbot runner hit the gas on x86, Arm CPUs Way to whip that LLaMA's ass Applications03 Apr 2024 | 3
Malicious xz backdoor reveals fragility of open source Analysis This time, we got lucky. It mostly affected bleeding-edge distros. But that's not a defense strategy Devops01 Apr 2024 | 98
Rust developers at Google are twice as productive as C++ teams Code shines up nicely in production, says Chocolate Factory's Bergstrom Devops31 Mar 2024 | 134
Docker launches Testcontainers on former rival Red Hat's OpenShift Interview CEO Scott Johnston on company pivots and trying not to surprise the community Devops23 Mar 2024 | 6
HashiCorp reportedly considering sale amid growing challenges Who would want to snap up Terraform? Devops18 Mar 2024 | 2
What is GitHub Copilot Enterprise? You and your org just might find out firsthand Big biz invited to like and subscribe, without fear of litigation Devops27 Feb 2024 | 6
Twilio reminds users that Authy Desktop apps die in March – not in August 'This is an excellent way to piss off thousands of developers' Devops15 Feb 2024 | 31
ANZ Bank test drives GitHub Copilot – and finds AI does give a helping hand Expert Python programmers saw the most benefit AI + ML10 Feb 2024 | 40
GitOps pioneer Weaveworks unravels after funding fabric frays Company burned through $61.6M in investment CxO06 Feb 2024 | 3
Google throws $1M at Rust Foundation to build C++ bridges Chocolate Factory matches Microsoft money for memory safety Devops05 Feb 2024 | 14
AI-generated bug reports are seriously annoying for developers Hallucinated programming flaws vex curl project Devops04 Jan 2024 | 15
CloudBees co-founder buzzes about open source drama and AI Interview Sacha Labourey on the HashiCorp license, Jenkins X experiments, and when LLMs will come for your job Devops03 Jan 2024 | 2
SUSE's Captain Container on sailing the open source seas Interview Peter Smails talks community, licensing, and AI pragmatism Devops18 Dec 2023 | 1
HashiCorp loses its Hashi, keeps the Corp as co-founder waves goodbye Mitchell Hashimoto departs, apparently unconnected to controversial licensing change Devops15 Dec 2023 | 3
GitLab admits IT ineptitude in finance reporting is ongoing Code shack has had two years since auditor's 'adverse opinion' to get house in order Devops07 Dec 2023 | 8
You can't deepfake diversity, and that's a good thing Opinion Fresh thinking and new approaches can only come from varied cohorts of people Devops04 Dec 2023 | 26
Now AWS gets a ChatGPT-style Copilot: Amazon Q to be your cloud chat assistant Re:Invent Anthropic CEO also rocks up on stage for reasons Devops28 Nov 2023 | 7
AWS previews AppFabric for productivity – pitched as AI-powered glue between apps Re:Invent Park user data in Amazon's servers for ML-generated insights and actions – yea or nay for you? Devops28 Nov 2023 | 1
DevTernity conference collapses amid claims women speakers were faked Anna? Oh, she was just a demo persona, says organizer Devops28 Nov 2023 | 21
CompSci teachers panic as Replit pulls the plug on educational IDE It 'was losing a ton of money for the business,' CEO complains Devops21 Nov 2023 | 36
Open source work makes me appreciate software testing. It's not an academic exercise Systems Approach Literally... Devops07 Nov 2023 | 18
HashiCorp CEO talks license changes and the role of foundations Interview Open Source or Source Available? Does anyone really care? Devops19 Oct 2023 | 8
HashiCorp Vault scans for skeletons in your code closet HashiConf Added functionality follows BluBracket acquisition earlier this year Devops11 Oct 2023 |
HashiCorp tweaks Terraform with user interface changes and AI infused testing HashiConf Can I use AI to write me a license that won't annoy the open-source community? Devops11 Oct 2023 |
If you want to fund open source code via Patreon with GitHub, well now you can Exploited open source maintainers get broader payment pleading options Devops03 Oct 2023 | 4
And now for something completely different: Python 3.12 Nobody expects more flexible string parsing Devops03 Oct 2023 | 29
GitHub alienates developers by force feeding them AI recommendations Decision to combine user-curated feed with algorithmic stuff leaves coders fuming Devops13 Sep 2023 | 40
AI coding is 'inescapable' and here to stay, says GitLab Getting strong FOMO vibes from devs – tho how ML is actually used among engineers may surprise you Devops05 Sep 2023 | 23
From browser brat to backend boss: Will WASM win the web wars? Opinion WebAssembly is getting a lot of hype, but is it the game-changer some think it is? Devops01 Sep 2023 | 68
OpenTF forks Terraform, insists HashiCorp is the splinter group Dude, stop hitting yourself Devops28 Aug 2023 | 13
Why these cloud-connected 3D printers started making junk all by themselves Message brokering software blamed for dumping backed-up print jobs on idle devices Devops24 Aug 2023 | 68
What DARPA wants, DARPA gets: A non-hacky way to fix bugs in legacy binaries When you need to patch a problem in your drone and no one's got the source Devops18 Aug 2023 | 66
Google opens up Chrome 117 Developer Tools box, drops in a few spanners Web devs, rejoice: Finally something is happening in the quiet and steady world of JavaScript Devops17 Aug 2023 | 8
PowerShell? More like PowerHell: Microsoft won't fix flaws in package gallery ripe for supply chain attacks Updated Billions of downloads and no defense against typosquatting feels like a bad combination in this day and age Devops16 Aug 2023 | 36
Google teases Project IDX, an AI-infused code editing thing Rival to CoPilot and CodeWhisperer sees the Big G join the error-ridden robo-coding market Devops09 Aug 2023 | 6
Google tightens Play Store dev rules while becoming more blockchain tolerant Trust and safety push promises ability to delete app-associated accounts Devops17 Jul 2023 | 5
GitLab deploys on a Friday and ... is down for a few hours Updated Snafu blamed on config change Devops07 Jul 2023 | 8
Microsoft's GitHub under fire for DDoSing crucial open source project website A tale of emergency firewalling, a little bit of victim blaming, and workflow scripts gone berserk Devops28 Jun 2023 | 48
Atlassian pipes software flaw reports into Jira, so the boss can see them too This could be a useful way to show what you’re up against, or give the clueless a stick to beat you with Devops07 Jun 2023 | 4
This typo sparked a Microsoft Azure outage Errant code fix deleted entire servers rather than snapshots of database Devops03 Jun 2023 | 89
Subpoenaed PyPI says bye-bye to as much IP address data as it can Python package pile prefers protecting programmer privacy Devops27 May 2023 | 9
PyPI subpoenaed: US govt demands data on developers Python package packhouse ponders privacy position Devops25 May 2023 | 9
Atlassian says 'Don't #@!% the Planet' so it can keep making money Which when you think about it, is a pretty good reason to build a sustainable business Devops24 May 2023 | 9
Microsoft wants you to think inside the Dev Box from July If you like the idea of building software on Windows in the cloud, this may be for you Devops23 May 2023 | 8
Python Package Index had one person on-call to hold back weekend malware rush We speak to infra director after project temporarily freezes new user accounts Devops22 May 2023 | 22
GitHub code search redesign can't find many fans Poll Missing capabilities, bugs, unloved interface decisions dog engine revision – and what do you think? Devops13 May 2023 | 17
Brexit Britain looks to French company to save crumbling borders and immigration tech Building a wall... of code Devops10 May 2023 | 166
GitHub dumps frustrating code search engine for Rust-powered Blackbird Here's hoping for fewer head-desk moments for devs Devops09 May 2023 | 6
Modular finds its Mojo, a Python superset with C-level speed LLVM champ Chris Lattner is at the helm, so consider us intrigued Devops05 May 2023 | 44
Fed up with Python setup and packaging? Try a shot of Rye For those envious of Rust and Cargo Devops04 May 2023 | 47
Python still has the strongest grip on developers And a reminder that experience points matter a lot Devops04 May 2023 | 57
How does Atlassian hope to actually improve Confluence and Jira? AI, of course! A bot shows up to help with a problem. Hopefully that's not two problems now Devops19 Apr 2023 | 13
Worried about the security of your code's dependencies? Try Google's Deps.dev Is this what the kids mean by owning the libs? Devops13 Apr 2023 | 13
Python head hisses at looming Euro cybersecurity rules Red-tape vague enough to land open source volunteers in hot water for iffy code Devops12 Apr 2023 | 63
Open source Socket Runtime arrives, with aim to drop cloud as a dependency Interview Web code-based cross-platform app kit offers a P2P alternative Devops11 Apr 2023 | 3
So you want to integrate OpenAI's bot. Here's how that worked for software security scanner Socket Exclusive Hint: Hundreds of malicious npm and PyPI packages spotted Devops30 Mar 2023 | 23
Free-Teams-gate: Docker apologizes for shooting itself in the foot Botched data deletion threat roils open source worlds Devops17 Mar 2023 | 21
The npm registry's safe word is Socket Exclusive GitHub's JavaScript failings are someone else's opportunity Devops16 Mar 2023 | 9