Have we reached a point of no return on managing software dependencies?
Guest post originally published on Paolo Mainardi’s blog by Paolo Mainardi, Founder and CTO of Sparkfabrik Software Supply Chain security issues are hitting hard the whole OSS ecosystem; not a day goes by without a security incident going into the wild,…
Supply chain security framework: S2C2F
Guest post originally published on the SIGHUP blog by Simone Ragonesi In this article, we will introduce you to S2C2F. The Secure Supply Chain Consumption Framework is a combination of requirements and tools for any organization to adopt…
The Flux project is thrilled to announce the general availability (GA) release of Flux v2. Flux’s move to general availability represents a significant milestone in the CNCF ecosystem. This progression not only exemplifies the CNCF’s commitment to the…
Linkerd edge roundup: 21 June 2023
Project post originally published on the Linkerd blog by Matei David Linkerd’s edge releases are a big part of our development process that we’re going to start talking more about – and so far in June, we’ve done…
From mentee to mentor: my journey through LFX mentorship
Mentorship post originally published on Dev.to by Asmit Malakannawar Are you already actively contributing to open source and looking to take your involvement to the next level? You can participate in the LFX Mentorship program. Through the LFX…
Announcing results of Notation security audit 2023
Project post by Notary maintainers In early 2023, Notary Project, under the guidance of Cloud Native Computing Foundation began work with Ada Logics to perform the first security audit of the Notation libraries and CLI. The Notation libraries and CLI are a…
Version after version; how the open source project Kubernetes releases its software
Guest post by Leonard Pahlke, CNCF Ambassador & Chair TAG Environmental Sustainability In this article, we look at how the open source project Kubernetes manages its software releases. By exploring the established and evolved community structures, this discussion…
5G deployment, as simple as GitOps thanks to FluxCD
End user post by David Blaisonneau, Software/Cloud Expert for Network services at Orange, and Sylvain Desbureaux, DevSecOps engineer at Orange Context Orange is a worldwide Telecom operator supporting end-user and enterprise market customers. In Europe, it’s nearly 70…
Kubernetes Project Journey Report
Introduction Kubernetes is a fault-tolerant, extensible, scalable platform for managing containerized and cloud native applications. It is the most widely used container orchestration platform in existence. Initially created by Google engineers in 2014, it became the Cloud Native…
Vitess announces security audit results
Project post by the Vitess maintainers The Vitess Maintainer team is pleased to announce the results of a recent third-party security audit of the Vitess code base. Vitess had previously been audited in 2019. Given the amount of…