InfoQ Homepage Open Source Content on InfoQ
-
Open-Source Package ngrok-go Aims to Make it Easier to Embed Ingress into Go Apps
Ngrok-go is an idiomatic Go package that enables Go applications to securely receive network requests through ngrok's ingress-as-a-service platform as if they were listening on a local port.
-
JetBrains Adds Taint Analysis for PHP to Qodana Code Quality Platform
Qodana, JetBrains' code quality platform, now provides support for PHP taint analysis in early preview. The feature aims to allow developers to detect taints in their programs, i.e. spots that are vulnerable to malicious inputs.
-
Traffic Protocol Analyzer Wireshark Gets its Own Foundation
The popular open-source protocol analyzer Wireshark has a new permanent home in the form of the Wireshark Foundation, which should provide the means for its further, long-term evolution, says Sysdig, which took over as the project's main sponsor in 2022.
-
GitHub Enhances CodeQL, Extends Language Support, Available Queries, and More
After adding support for Ruby at GitHub Universe 2022, CodeQL introduced Kotlin support in beta. Additionally, support for other languages has been extended to include more recent versions. GitHub has also extended available queries to fully cover several industry-wide vulnerability directories, and improved the CodeQL ecosystem.
-
Octosuite: a GitHub Open Source Intelligence Framework
Octosuite, an open-source intelligence (OSINT) framework, recently released its latest version 3.1.0. Octosuite provides a wide range of commands to investigate publicly-visible GitHub accounts and repositories through GitHub’s Public APIs. Written in Python, Octosuite provides a secure and user-friendly interface to easily search and explore data related to a repository, organization, or user.
-
Go 1.20 Improves Compiler Performance and Extends Coverage Support
The latest release of the Go language, Go 1.20, improves compiler performance, bringing it back in line with Go 1.17. Additionally, the language now supports conversion from slice to arrays and revises struct comparison.
-
HC-tree is a High-Concurrency Backend for SQLite Supporting Replication
HC-tree is a project aimed at building a new backend for SQLite specifically optimized for high-concurrency and lead-follower style replication. While still experimental, HC-tree can be used as an SQLite drop-in replacement, albeit with limitations.
-
Chromium to Allow the Use of Third-Party Rust Libraries to Improve Safety and Security
The Chromium Project is going to add a Rust toolchain to its build system to enable the integration of third-party libraries written in Rust, with the aim of improving security, safety, and speed up development.
-
GitHub Releases Copilot for Business amid Ongoing Legal Controversy
GitHub has announced Copilot for Business, a business plan for their OpenAI-powered coding assistant Copilot. The release follows a recent class action lawsuit against Microsoft, GitHub, and OpenAI for violating open-source licenses.
-
Prometheus Adds Long Term Support Model and Improved Remote Write Mode
Prometheus, the open-source monitoring tool, has added a number of new features including a reduced functionality remote write mode. Additional improvements include a new HTTP service discovery mechanism, native histogram support, additional integrations for Alertmanager, and a new long-term support model.
-
Android Extension SDK Aims to Simplify the Use of Modular System Components
Introduced with Android 10, Modular System Components enable updating end-user devices outside of the normal Android release cycles. The new Extension SDK framework, now public, aims to make their integration simpler for developers.
-
PyTorch-Nightly Struck by Supply Chain Attack Exfiltrating Data and Files
Developers who installed the nightly builds of PyTorch between December 25 and December 30, 2022, are recommended to uninstall it and purge their pip cache to get rid of a malicious package, say PyTorch maintainers. The new attack highlights a recent trend.
-
Amazon Releases Fortuna, an Open-Source Library for ML Model Uncertainty Quantification
AWS announced that Fortuna, an open-source toolkit for ML model uncertainty quantification, has been made generally available. Any trained neural network can be used with the calibration methods offered by Fortuna, such as conformal prediction, to produce calibrated uncertainty estimates.
-
Microsoft Brings Its Cloud Services and AI to the Edge
Microsoft recently announced the open-source release of Azure DeepStream Accelerator (ADA) in collaboration with Neal Analytics and NVIDIA, allowing developers to build Edge AI solutions with native Azure Services integration quickly.
-
Google Releases Open-Source Vulnerability Scanning Tool
Google has released OSV-Scanner, an open-source front-end interface to the Open Source Vulnerability (OSV) database. The OSV database is a distributed, open-source database that stores vulnerability information in the OSV format. The OSV-Scanner assesses a project's dependencies against the OSV database showing all vulnerabilities relating to the project.