Break point: JetBrains updates, GitLab security fixes, Datadog acquires Ozcode

team

JetBrains has issued a slew of announcements this week, including the CLion 2021.3 Early Access Preview, Spring Cloud 2021.0.0-RC1, the fourth PyCharm 2021.3 EAP build, WebStorm 2021.3 Beta, and the IntelliJ IDEA 2021.3 Beta.

CLion is the firm’s cross-platform IDE for C and C++ development, and the Early Access Preview build 213.5605.4 is now available from the website. It adds a number of new features, including an action to push all commits up to the one the user has selected in a list.

Also available is Release Candidate 1 (RC1) of the Spring Cloud 2021.0 Release Train, codename Jubilee. Spring Cloud is a framework for building cloud applications, and the RC can be found in the Spring Milestone repository.

PyCharm 2021.3 EAP #4 is slated as the final EAP build before the release of this version of the IDE for Python developers. The focus now is on fixing important bugs and improving the new features after user feedback. It can be downloaded from the website.

WebStorm is the JetBrains IDE for coding in JavaScript and related technologies, and WebStorm 2021.3 has reached the Beta release milestone. Improvements include Type checking in Vue templates, better support for monorepos and support for text and JSON streams. It can also be downloaded from JetBrains.

The Beta version of IntelliJ IDEA 2021.3 is also now available. This is an IDE for Java development, plus other JVM languages like Kotlin. This build has all the changes introduced in the earlier EAP builds and can be downloaded from the website.

GitHub adds code review limits to tackle spam pull request approvals

GitHub has added a feature called code review limits, aimed at preventing drive-by pull request approvals and requested changes.

The GitHub team said that it has introduced this feature after feedback from many maintainers that spammy pull request approvals and requested changes are frustratingly common when collaborating with external contributors.

To address this, code review limits allows maintainers to limit who can approve and request changes on pull requests. At the repository level, a maintainer can limit approvals and requested changes to only those users who they have explicitly granted read or higher access.

Once code review limits is enabled for a repository, if a user without explicit access starts a pull request review, they will not be allowed to approve or request changes, and a tooltip will explain why. The user will still be able to leave a comment, however.

Full details can be found on the GitHub blog.

Datadog acquires Ozcode

Cloud monitoring service provider Datadog has acquired Ozcode, developer of a live debugging tool

Datadog said the move was to help address the issue of bugs that occur in a production setting, but can be difficult to reproduce locally in the development environment. Developer teams need the same depth of visibility into their production environments as they do into their local environments.

Ozcode’s Live Debugger includes several features that bring the local debugging experience to production environments. It lets developers step through the entire code execution flow and view contextual data, such as local variable values and method parameters, the firm said, helping teams identify the root cause of the issue as quickly as possible.

GitLab security alert and Patch Release 13.12.15

GitLab has issued a security advisory for self-managed customers on critical severity vulnerability, CVE-2021-22205.

This is the result of improper validation of image files by a 3rd-party file parser Exif-Tool, resulting in a remote command execution vulnerability that can lead to the compromise of a GitLab instance.

This issue was remediated and patched in the GitLab 13.10.3, 13.9.6, and 13.8.8 release from April 14, 2021. However, The firm has confirmed reports of the vulnerability being exploited on self-hosted public-facing GitLab instances. GitLab.com users are not affected.

GitLab has also released version 13.12.15 for GitLab Community Edition and Enterprise Edition, in order to resolve a number of regressions and bugs in the GitLab 13.12 release. To update, users should check out the GitLab update page.

The merge requests in this patch release include:

For full details, please see the GitLab blog.

Chronosphere adds Query Builder for PromQL

Cloud-native observability platform provide Chronosphere has created Query Builder, a tool to make it quicker and simpler to create queries in PromQL and chart the data.

PromQL is the standard way for engineers to query and aggregate metrics from the Prometheus open source monitoring tool. However, it is said to be a challenging query language to learn, with concepts that have to learned and a specific syntax that must be followed.

For this reason, Chronosphere has created Query Builder, a tool to quickly and simply create queries in PromQL, and the enhancement is now available to all Chronosphere customers. Query Builder allows users to dynamically build and modify PromQL queries with visualisations provided at every step along the way. It also enables users to chart the data they want to see quickly, and detect and fix any potential errors with hints and actions that can be applied with a press of a button.