GitHub’s code scanning capabilities, a new feature introduced at the company’s Satellite conference in May 2020, has left the beta phase behind and is now generally available. The helper is the result of the 2019 acquisition of code analysis platform Semmle, whose analysis engine CodeQL can be found under the hood of the new scanning feature.
Code scanning can be enabled for free for public repositories, while GitHub Enterprise users will find an option to activate the capability through the advanced security settings. Once that’s done, the feature checks everything pushed to the platform for potential security vulnerabilities and offers help to get rid of the flaws.
CircleCI premiers Insights dashboard
Continuous Integration and Delivery platform CircleCI has made its product a bit more helpful by adding an Insights dashboard into the mix. It provides teams an overview about failing jobs and tests, and offers insight into the duration of workflows, pipeline throughput and success rate which can help to optimise processes. The new module should make the platform more competitive, since it mainly adds capabilities already present in similar products.
Puppet Remediate turns 1.4 with Enterprise tasks and risk management
IT automation tool provider Puppet’s product for minimising the risk of external attacks and data breaches, Remediate, can now be updated to version 1.4. Users will be happy to learn that the tool now comes with CLI commands to add and manage third-party signed TLS certificates, and allows for some risk management by letting users for example pause the reporting of individual vulnerabilities on selected notes.
Once updated, those combining Remediate with Puppet Enterprise (PE) can also add single Puppet Enterprise sources to the former to apply PE tasks on their network.
Jaeger team pushes v1.20 out the door
Cloud native tracing tool Jaeger and the accompanying operator have gotten updates and are now available in version 1.20. Though only a minor update, the new iteration comes with some breaking changes, namely the deprecation of –es.max-num-spans and a new default for query.max-clock-skew-adjustment, which is why the release notes are worth a quick look.
Apart from that, Jaeger now supports gRPC plugin archive storage, includes new storage metrics, and separate ports for gRPC and HTTP requests in Query Server. The operator mainly saw some changes in sidecar handling and was fitted with configuration for the agent’s securityContext and consolelink permissions for the cluster role.
Ruby 3.0 preview is ready for testing
The team behind the Ruby programming language has released a first preview for version 3.0 of the programming language which is supposed to land around christmas.
Developers are asked to share their thoughts on new features such as the RBS language for describing types of Ruby programs, and an experimental scheduler. Another addition worth checking out are the so-called Ractors, “an Actor-model like concurrent abstraction designed to provide a parallel execution feature without thread-safety concerns”.
HashiCorp tries new modules to get you up and running
Two more weeks until the kick-off of another edition of HashiCorp’s user conference HashiConf and company founder Mitchell Hashimoto keeps teasing his following with the prospect of new open source projects.
To make sure the time until then isn’t getting too long, the company has just announced a suite of Terraform modules providing implementations of the product reference architecture for Consul, Nomad, and Vault for the AWS Cloud. The modules are supposed to help those new to the tools to get them up and running quicker, while offering ops folks looking to experiment with the products something to work with as well.