Open source wins concessions in new EU cyber law

The European Cyber Resilience Act (CRA) has undergone substantial revisions, bringing relief to the open-source community.

Back in April, the Python Software Foundation (PSF) had expressed concerns about potential repercussions for CPython and PyPI if the initial form of CRA were to be enacted.

The primary worry was that, in the course of providing open-source software, the PSF and the Python community might assume legal responsibility for security issues in products...

15 January 2024 | Open Source

Checkmarx uncovers persistent Python package threat

Checkmarx has uncovered a threat actor that has been quietly infiltrating the open-source ecosystem for nearly six months, planting malicious Python packages with a focus on deception and financial gain.

The malicious actor employed a systematic approach, disguising their packages with names closely resembling popular legitimate Python packages. These decoy packages, camouflaged to blend in, successfully garnered thousands of downloads. The malicious payload, embedded within the...

16 November 2023 | Developer

GitHub launches Innovation Graph for interactive development insights

GitHub has unveiled its Innovation Graph, an open data and insights platform for measuring and understanding the global impact of developers.

The ambitious initiative aims to address a longstanding challenge faced by policymakers and researchers: the lack of reliable and comprehensive data on trends in software development.

Understanding the Innovation Graph

The Innovation Graph is a repository of longitudinal metrics that track software development across economies...

22 September 2023 | Developer

Ruby on Rails creator deplores ‘open-source hooliganism’

Ruby on Rails creator David Heinemeier Hansson has expressed his concerns about what he called "open-source hooliganism."

Hansson recounted a recent incident involving the TypeScript community and their reaction to a decision made by the team behind Turbo.

Hansson began by acknowledging the passion that many developers have for their preferred programming languages and tools. He noted that the enthusiasm displayed by these individuals is a testament to their dedication...

8 September 2023 | Developer

Graphcore joins PyTorch Foundation as a general member

The PyTorch Foundation, a home for the deep learning community to collaborate on the open-source PyTorch framework and ecosystem, has announced that Graphcore is joining its ranks.

Graphcore – a Bristol, UK-based company specialising in designing and manufacturing AI accelerators, hardware, and software tailored for AI and machine learning workloads – has joined as a general member of the foundation.

PyTorch has long been a go-to framework for developers in the field...

7 September 2023 | Artificial Intelligence

Software Freedom Conservancy calls on FOSS contributors to ‘exit Zoom’

In the wake of the revelation that Zoom has been repurposing private user data to train machine learning models, the Software Freedom Conservancy (SFC) has taken a stand to emphasise the importance of Free and Open Source Software (FOSS) alternatives.

The SFC, an advocate for software rights and freedom, is extending its efforts to provide ethical technology choices and promote FOSS solutions for various needs.

The pandemic-driven shift towards digital technologies –...

16 August 2023 | Open Source

Stability AI CEO: AI will replace human coders in five years

In a recent interview with Peter H. Diamandis for the Moonshots and Mindsets Podcast, Emad Mostaque, the founder and CEO of Stability AI, made a bold prediction: "There will be no programmers in five years."

Mostaque's vision of the future is one shaped by the transformative power of artificial intelligence and he believes that AI will play an increasingly dominant role in shaping our world.

Mostaque's argument is supported by data from GitHub, which reveals that an...

4 July 2023 | Artificial Intelligence

Sonatype uncovers further malicious PyPI and npm packages

Sonatype continues to uncover a significant number of malicious packages within the PyPI and npm software registries.

Among the flagged packages were several Python packages published on PyPI, masquerading as legitimate libraries named after the popular npm "colors" library.

The malicious packages, including names such as "broke-rcl," "brokescolors," and "trexcolors," exclusively targeted the Windows operating system. Once installed, these packages would initiate the...

23 June 2023 | Developer

Google releases Flutter 3.7 and teases future improvements

Google held its Flutter Forward event this week where it announced version 3.7 of the framework and teased future improvements.

Flutter started life as a framework for developing Android and iOS apps. Over the years, it’s expanded to help developers build apps for not just mobile, but also desktop, web, and more, all from a single Dart codebase.

Google says Flutter has attracted five million developers and over 700,000 apps have been created using it. Based on GitHub...

26 January 2023 | Developer

GitHub is ending Sponsors payments via PayPal

GitHub has announced that it’s ending the ability for Sponsors to make payments via PayPal.

In a statement, GitHub wrote:

“Starting on February 23, 2023, GitHub Sponsors will no longer support PayPal as a payments processor. As such, it will no longer be possible to sponsor individuals or organizations using PayPal.

If you are sponsoring anyone on GitHub using PayPal, please update your GitHub payment method to pay by credit or debit...

24 January 2023 | Developer