InfoQ Homepage News
-
Critical Vulnerability in VM2 Sandbox Found Affecting Spotify Portal Platform Backstage
Spotify Backstage, an open-source platform used to build developer portals and in use at a number of large companies, has been found vulnerable to a critical remote code execution vulnerability. Confirming that most vulnerabilities are found in indirect dependencies, the Backstage vulnerability is enabled by another vulnerability found in its JavaScript VM2 sandbox dependency.
-
Amazon Releases Time Sync as Public NTP Service
Amazon recently announced the availability of Time Sync as a public NTP service. Previously available only for servers running inside AWS data centers, Time Sync utilizes a global fleet of redundant satellite-connected clocks to deliver the current time.
-
JetBrains Previews Aqua, New Test Automation-Oriented IDE
JetBrains Aqua, now available in preview, is a new IDE focusing on test automation and integrating a number of distinct tools that are at the core of an automation engineer's daily routine, says JetBrains. Its features include multi-language support, an HTTP client and a Web inspector, database management, integrated Docker support, and more.
-
Developing Applications in Space with Azure Orbital Space SDK
Microsoft recently announced the preview release of the Azure Orbital Space SDK to provide developers with a secure hosting platform and application toolkit designed to enable them to create, deploy, and operate applications on-orbit.
-
Azure SQL Trigger for Azure Functions in Public Preview
Azure recently announced the public preview of Azure SQL trigger for Azure Functions to build event-driven applications. The new functionality is currently available only for C# functions and can be triggered by changes to an Azure SQL table.
-
Spotify Introduces Kitsune Vulnerability Management Platform
Spotify recently introduced its security vulnerability management platform, Kitsune. Right from vulnerability detection to providing insights based on metrics, Kitsune manages the overall security vulnerability lifecycle. Kitsune’s development started one and a half years ago and it continues to evolve.
-
Cloudflare Releases Cache Reserve in Open Beta
Recently, Cloudflare announced the open beta of Cache Reserve, which provides a way to serve all static content from Cloudflare’s global cache persistently. It is a large, persistent data store implemented on top of R2.
-
Google Cloud Adds IAM Deny Policies
Google Cloud has moved IAM Deny policies into full general availability. IAM Deny policies work alongside the IAM Allow policies to provide more options for controlling which principals have access to which resources. IAM Deny policies are available with Google Cloud IAM for most permissions.
-
.NET 7 Removes Its Insecure XmlSecureResolver
.NET 7 has replaced the insecure XmlSecureResolver with a new ThrowingResolver type.
-
Spring Boot 3 and Spring Framework 6 Use Java 17 and Jakarta EE 9, Support Native Java with GraalVM
VMware released Spring Framework 6 and Spring Boot 3, a new generation for the Spring ecosystem. Spring Framework 6 requires Java 17 and Jakarta EE 9. It also embeds observability through Micrometer with tracing and metrics. Spring Boot 3 requires Spring Framework 6. It has built-in support for creating native executables through static Ahead-of-Time (AOT) compilation with GraalVM Native Image.
-
How We Can Use Data to Improve System Quality
To understand how systems are being used, we can collect metrics and identify trends over time. The data and insights gained can be used to improve system quality by improving software design or testing patterns.
-
Cloudflare Introduces Super Slurper Feature for Its R2 Object Storage in Private Beta
Cloudflare recently announced the R2 Super Sluper feature, which enables developers to move all their data to R2 in one giant slurp or sip by sip through an intuitive UI and API. The feature is in private beta by signing up.
-
AWS Opens New Region in Spain
AWS recently opened a new region in Spain to offer cloud services in the Iberian Peninsula and address in-country data residency and compliance requirements. The new eu-south-2 region is based in Aragón and has three availability zones.
-
Neo4j 5 Graph Database Supports Automated Scaling and Deployment Interoperability
Graph NoSQL database Neo4j version 5 supports query language and performance improvements, automated scale-up and scale-out capabilities, and cross-platform deployment interoperability. Neo4j team announced last week the general availability (GA) of latest product release of the graph database.
-
Heuristic Static Analysis Tool GuardDog Used to Detect Several Malicious PyPi Packages
GuardDog is new open source tool aimed at identifying malicious Python Packages using Sempreg and package metadata analysis. Thanks to a set of source code heuristics, GuardDog can detect malicious packages never seen before and has been used to identify several malicious PyPi packages in the wild.