open source governance
open source governance news search results
Developer news items we found relating to open source governance
6 results
Private Repository Secures the AI-driven Development Boom
Friday, March 27, 2026 by Austin Harris
ActiveState has launched ActiveState Curated Catalog. This new offering provides organizations with a private, secure repository of open source components from the ActiveState Library, giving developers and AI code generators access to vetted packages from a trusted internal source instead of pulling them directly from the open internet.
Directly pulling open source ...
DevSecOps 7th annual Community Survey results
Wednesday, April 15, 2020 by Brittany Hainzinger
Sonatype published findings from its seventh annual DevSecOps Community Survey, based on responses from 5,045 software engineering professionals. The survey, developed and conducted in partnership with Carnegie Mellon’s Software Engineering Institute, CloudBees, DevOps Institute, DevOps.com, DevSecOps Days, NowSecure, Security Boulevard, Verica, and All Day DevOps...
How cloud computing is changing the developer world
Thursday, January 2, 2020 by Richard Harris
Cloud computing is continuing to change the way the world builds and interacts with technology, and the developers that make that possible are under more pressure than ever to keep innovating and pushing boundaries. With the launch of the latest version of its Cloud Pak for Data, IBM is helping them do just that, all while prioritizing what matters most: data privacy an...
Open Source security comes to GitHub
Thursday, August 16, 2018 by Richard Harris
Sonatype announced Sonatype DepShield, a new GitHub application that enables developers to experience basic open source security governance, free of charge. Powered by Sonatype’s OSS Index, DepShield integrates directly into GitHub repositories and allows developers to easily identify and avoid using open source components with known vulnerabilities.
“The...
DevOps practices more likely to integrate automated security
Saturday, April 21, 2018 by Austin Harris
Sonatype published findings from its 5th annual DevSecOps Community Survey of 2,076 IT professionals. The survey shares practitioner perspectives on evolving DevSecOps practices, shifting investments, and changing perceptions. Survey respondents with mature DevOps practices were 338% more likely to integrate automated security than organizations with no DevOps pra...
Why software is no longer being written from scratch
Tuesday, November 1, 2016 by Richard Harris
Application developers are increasingly reliant on open source component parts because pre-fabricated components speed up innovation and save developers the time (and money) of having to write code from scratch.But with 6.1% of component downloads containing a known security vulnerability it’s inevitable that defective parts will make their way into production – especia...
