Tainted PHP code? JetBrains Qodana has a new detection feature

JetBrains has released a taint analysis feature for PHP in preview, via its early access programme. A “taint”, the company said, is “any value that...

Securing the developer: LastPass breach highlights risks of DevOps itself

Updated LastPass has published more details about how its systems were compromised via an attack on a home computer used by one of its...

GitHub Blocks: preview opening for all users soon but remains “experimental”

The GitHub Blocks experiment will soon be open to all users, according to senior director of research Idan Gazit, but whether it becomes a...

Kotlin debuts “experimental” Kotlin/Wasm target in new beta  – a new approach to frontend development?

JetBrains has released Kotlin 1.9.20 beta, including an experimental feature called Kotlin/Wasm that targets WebAssembly. The new release depends on native Wasm garbage collection...

Deno makes the case for server side rendering

Deno, maker of an JavaScript/Typescript runtime for use outside the browser as an alternative to Node.js, has published a rationale for applications that do...

GitHub revokes stolen code-signing certs, invalidates some versions of Atom and GitHub Desktop for Mac

GitHub reports that a “set of encrypted code-signing certificates” were exfiltrated from private repositories used in the planning and development of GitHub Desktop, a...

The biggest blocker to DevSecOps? Security teams and devs not getting on: Report

A new DevSecOps survey of enterprises says that only 28 percent of CISOs are confident that production applications are fully tested – with the...

CircleCI security incident report: customer secrets stolen, unauthorised access to GitHub repos and third-party systems

DevOps player CircleCI has published details of the security incident that forced it to warn cloud customers to revoke all secrets, tokens and credentials...

CircleCI warns devs to change passwords, check for unauthorized access after ‘security incident’

CircleCI, makers of a popular cloud-based continuous integration platform, has warned developers that it was hit by a security "incident" and strongly recommends that...

JetBrains Aqua: Preview is IDE for test automation but not yet comprehensive

JetBrains is developing an IDE for test automation, now in preview as Aqua. Although most IDEs already support at least unit tests, the company...

CodeCatalyst introduced at re:Invent: One-stop DevOps for AWS… on AWS

AWS has released new development tools for building serverless applications. AWS CodeCatalyst, now in preview, sets up new projects complete with a cloud development...

Microsoft releases .NET 7 spanning Windows to WebAssembly, but can it keep up with the modern web platform?

Microsoft has released .NET 7, along with a flurry of updates to related frameworks and tools, including C# 11, F# 7, Entity Framework Core...

GitHub has hit $1bn revenue and 90m users, says Microsoft CEO on 4th anniversary of acquisition

“Four years since our acquisition, GitHub is now at $1 billion in annual recurring revenue,” reported Microsoft CEO Satya Nadella yesterday, speaking to analysts...

Google introduces Cloud developer workstations with a JetBrains flavor – but cannot avoid Visual Studio Code

Google has introduced Cloud Workstations as part of its Cloud Next online event, competing with other online developer environments like GitPod, GitHub Codespaces, or...

State of DevOps report 2022: for secure software, team culture counts more than technology

Google’s DORA (DevOps Research and Assessment) team has published its 2022 State of DevOps report, finding a drop in what it calls “software operational...

AssemblyScript project: WASI damages open standards and the web

The AssemblyScript project has declared WASI (The WebAssembly System Interface) and the W3C (World Wide Web Consortium) support for it to be “harmful to...