After pushing out a security release just a week ago, GitLab discovered that one of the fixes could be easily bypassed, meaning the platform was left with another high severity vulnerability. Now available versions 13.7.4, 13.6.5, and 13.5.7 have been developed to mitigate the issue, so a quick update is “strongly recommended”.
Serverless Framework looks into AWS issues
The team behind the Serverless Framework has done a bit of maintenance work on its software, results of which can now be downloaded with version 2.18 of the tool. While at it, the team also improved AWS tags validation, and implemented event support for AWS iotFleetProvisioning, which should make the provisioning of new things via AWS IoT Core a little easier.
Go devs give generics another go
After some failed attempts to introduce a form of generic programming into the Go programming language, a new language change proposal for adding generics has landed in the project’s repository. It is based on a design using type parameters and is fully backward compatible, so shouldn’t keep old programs from functioning. Should the community accept the proposal, a complete implementation is hoped to be done by the end of the year, which could then be spread for trying through the Go 1.18 betas.
Eclipse Foundation gets European home
The Eclipse Foundation, steward of the IDE of the same name and various adjacent open source projects, has “formally established the Eclipse Foundation AISBL, an international non-profit association based in Brussels, Belgium”.
The move of its legal residence and corporate governance was announced last May and was driven by the foundation’s strong European base. The Eclipse Foundation claims to be the “largest open source organization in Europe as measured in staff, projects, developers, and members” while also being the home of some European funded research projects.
In its FAQs, the foundation states that it aims to “advance open source projects that can transform the global economy, for the benefit of industries and developer communities worldwide”. It also reassures members that its US and German subsidiaries will not close down as a consequence of moving to Europe.
ScyllaDB introduces project Circe
In a bid to make the NoSQL database an all-round stronger contender for enterprise customers, the team behind ScyllaDB has used its user conference to kick off its improvement initiative project Circe. The plan is to use 2021 to improve on aspects such as consistency, elasticity, and ease of use, presenting significant features to further those goals each month.
New year, new cloud native ecosystem additions: Say hi to Slim.ai and Otomi
To make 2021 a bit more interesting for friends of containerisation, and obscure the cloud native landscape even further, Kubernetes-centric company Red Kubes launched its enterprise container management project Otomi this week. Otomi aims to offer an integration platform which provides wiring for all sorts of open source tools, so that teams don’t have to come up with glue code for that anymore. To stand out between competing offers such as Triggermesh, Otomi has put their focus on working to meet developers needs.
Another newbie trying to snatch up software developers is fresh-out-the-box Slim.ai. The new company by the creator of container image minification project DockerSlim plans to let devs “gain control over containerized application size, performance, cost, security and deployment times without specialized knowledge” through a sort of automation platform. For now, however, the company website simply links to DockerSlim and lets interested parties register for early access to new products, so we’ll have to wait and see how this will look exactly