Skip to content

Software Development News: .NET, Java, PHP, Ruby, Agile, Databases, SOA, JavaScript, Open Source

Methods & Tools

Subscribe to Methods & Tools
if you are not afraid to read more than one page to be a smarter software developer, software tester or project manager!

Open Source

Eclipse Newsletter - Language Server Protocol 101

Eclipse News - 20 hours 9 min ago
Everything you need to know about the Language Server Procotol (aka LSP) is in this month's newsletter!
Categories: Open Source

Today in Tech – 1961

SourceForge.net: Front page news - Wed, 05/24/2017 - 05:20

On this day in 1961 American physicist Wesley A. Clark officially began his work on LINC, the Laboratory Instrument Computer, at MIT’s Lincoln Laboratory. The LINC was originally created for biomedical research, designed by Clark and Charles Molnar to be easy to program, maintain and could be communicated with during its operation. It was one of the earliest examples of a “user-friendly” machine, considered the first minicomputer and set the standard for personal computer designs that followed.

Wes Clark and the LINK at Lincoln Laboratory in 1962. Image taken from www.digibarn.com

Wes Clark and the LINC at Lincoln Laboratory in 1962. Image taken from www.digibarn.com

Categories: Open Source

It’s time to organise Eclipse Oxygen DemoCamps

Eclipse News - Tue, 05/23/2017 - 10:35
What is an Eclipse DemoCamp and why should I organise one?
Categories: Open Source

Java coded templates ( or code snippets )

Date Created: Mon, 2017-05-22 16:19Date Updated: Wed, 2017-05-24 12:19Florian IngerlSubmitted by: Florian Ingerl

This is an Eclipse plugin that allows the user to write code templates (or code snippets) for the Java editor where some template variables are computed from other template variables.

You can manage your Java-coded templates via the menu Window -> Preferences -> Java -> Editor -> Java-coded templates. Hit the New-button to start coding a new template.

E.g. the following would be code for a template for a private field with a getter-method

private ${type} ${field_name};
public ${type} ${getter: (String type, String field_name) ->
{
String s = Character.toUpperCase( field_name.charAt(0) ) + field_name.substring(1);
if(type.equals("boolean") )
return "is" + s;
else
return "get" + s;

}
}(){
return ${field_name};
}

After having successfully written your template, just type the first letters of the template's name into a Java editor and invoke content assist via Ctrl + Space.

Categories: Open Source

Projects of the Week, May 22, 2017

SourceForge.net: Front page news - Mon, 05/22/2017 - 05:20

Here are the featured projects for the week, which appear on the front page of SourceForge.net:

The FreeType Project

FreeType is written in C. It is designed to be small, efficient, and highly customizable while capable of producing high-quality output (glyph images) of most vector and bitmap font formats for digital typography. FreeType is a freely available and portable software library to render fonts.
[ Download The FreeType Project ]


JSToolNpp

A javascript plugin for Notepad++ (formerly JSMinNpp). * Douglas Crockford’s JSMin algorithm to minimize javascript code. * My own algorithm to format javascript code. * A JSON data viewer. This JSON data viewer can handle >10MB JSON file easily. * Support 64bit Notepad++ (from version 1.20.0, “.64.zip” package). Really helpful to javascript coder on Notepad++ and really easy to use it. Made in China. Project Site http://www.sunjw.us/jstoolnpp Any bugs, please send me email: sunjw8888 at? gmail.com Thanks Source code repository has been moved to GitHub. Please check https://github.com/sunjw/jstoolnpp.
[ Download JSToolNpp ]


arch-openrc

OpenRC, eudev and no-systemd packages for Arch Linux (and, possibly, derivatives). For migrating from existing systemd installations read the guide at http://systemd-free.org, which currently uses the [openrc-eudev] repository and contains both openrc and nosystemd packages. Go to arch-openrc for a clean OpenRC installation with the provided ISO and [arch-openrc] repository. Use the [arch-nosystemd] repository for completely systemd-free installations. Links ~~~~~ Github: https://github.com/cromerc/arch-nosystemd https://github.com/cromerc/arch-openrc Installation guide: http://systemd-free.org/install.php
[ Download arch-openrc ]


NAPS2 (Not Another PDF Scanner 2)

Visit NAPS2’s home page at www.naps2.com. NAPS2 is a document scanning application with a focus on simplicity and ease of use. Scan your documents from WIA- and TWAIN-compatible scanners, organize the pages as you like, and save them as PDF, TIFF, JPEG, PNG, and other file formats. Requires .NET Framework 4.0 or higher. NAPS2 is currently available in over 30 different languages. Want to see NAPS2 in your preferred language? Help translate! See the wiki for more details. This is a fork of the NAPS project with many improvements.
[ Download NAPS2 (Not Another PDF Scanner 2) ]


GNS3

GNS3 is a graphical network simulator that allows you to design complex network topologies. You may run simulations or configure devices ranging from simple workstations to powerful Cisco routers. It is based on Dynamips, Pemu/Qemu and Dynagen. Go to GNS3.com for last releases.
[ Download GNS3 ]


deepin

deepin is a distribution that aims to provide an elegant, user-friendly, and stable operating system.
[ Download deepin ]


FreeCAD

WARNING: FreeCAD has moved! FreeCAD code and release files are now hosted on github at https://github.com/FreeCAD/FreeCAD Only older files and code are available here. FreeCAD is a general purpose feature-based, parametric 3D modeler for CAD, MCAD, CAx, CAE and PLM, aimed directly at mechanical engineering and product design but also fits a wider range of uses in engineering, such as architecture or other engineering specialties. It is 100% Open Source and extremely modular, allowing for very advanced extension and customization. FreeCAD is based on OpenCasCade, a powerful geometry kernel, features an Open Inventor-compliant 3D scene representation model provided by the Coin 3D library, and a broad Python API. The interface is built with Qt. FreeCAD runs exactly the same way on Windows, Mac OSX and Linux platforms.
[ Download FreeCAD ]


opencover-50OpenCover

OpenCover is a free and open source code coverage tool for .NET 2 and above (Windows OSs only – no MONO), with support for 32 and 64 processes and covers both branch and sequence points. It uses the profiler API that is currently only available to .NET Frameworks running on the Windows platform.

OpenCover is an attempt at building a code coverage utility that addresses certain issues in maintaining PartCover support for 64-bit processes.
[ Download OpenCover ]


redis-desktop-50Redis Desktop Manager

Redis Desktop Manager is a fast, open source Redis database management application based on Qt 5. It’s available for Windows, Linux and MacOS and offers an easy-to-use GUI to access your Redis DB. With Redis Desktop Manager you can perform some basic operations such as view keys as a tree, CRUD keys and execute commands via shell. It also supports SSL/TLS encryption, SSH tunnels and cloud Redis instances, such as: Amazon ElastiCache, Microsoft Azure Redis Cache and Redis Labs.
[ Download Redis Desktop Manager ]

Categories: Open Source

Top 5 Scheduling/ Project Management Software of the Week

SourceForge.net: Front page news - Fri, 05/19/2017 - 05:24

This blog series features the top-performing projects on SourceForge under specific categories. This week, we feature the top 5 scheduling/ project management software of the week available on SourceForge.

Scheduling and project management software have become indispensable tools for businesses, and for many individuals they are necessary to keep even personal tasks and events organized. Developers can benefit greatly from such software in managing different software projects.

Here are the top 5 scheduling/ project management software available here at SourceForge, based on weekly downloads:


Outlook CalDav Synchronizer

Outlook CalDav Synchronizer is a free Outlook plugin that synchronizes events, tasks and contacts between Outlook and Google, SOGo, Horde or any other CalDAV or CardDAV server. It supports Outlook versions 2016, 2013, 2010 and 2007. It was previously awarded “Staff Pick” Project of the Month and has landed on our Projects of the Week list more than once. Highly-rated and feature-filled, it’s a superb software for calendar synchronization and more.

[ Download Outlook CalDav Synchronizer ]


OpenProj – Project Management

OpenProj is an open-source desktop project management application similar to Microsoft Project. It allows you to create very intuitive and self-explanatory projects with plenty of tools and different pages for timelines, tasks delegating and more. It is also interoperable with Project, Gantt and PERT charts. Though some learning, skill building and adjustments may be required, it is worth getting to know how the system works because you may produce very clear, clean and efficient projects with this software.

[ Download OpenProj ]


Vtiger CRM

Vtiger CRM is an enterprise-class CRM that enables sales, support, and marketing teams to organize and collaborate and thus measurably improve customer experiences and business outcomes. It includes email, inventory, project management and other tools, providing a complete business management suite.

[ Download Vtiger CRM ]


DavMail POP/IMAP/SMTP/Caldav to Exchange

DavMail is a POP/IMAP/SMTP/Caldav/Carddav/LDAP gateway allowing users to use any mail/calendar client with an Exchange server, even from the internet or behind a firewall through Outlook Web Access on any platform. It’s been tested on Windows, Linux (Ubuntu) and Mac OSX, and with the Iphone (gateway running on a server).

[ Download DavMail ]


GanttProject

GanttProject is a free project scheduling and management tool written in Java and featuring Gantt chart, resource management, calendaring, and import/export (MS Project, HTML, PDF, spreadsheets). Create tasks and milestones, organize tasks in a work breakdown structure, draw dependency constraints and more with GanttProject.

[ Download GanttProject ]

See and know more of the many other scheduling/ project management software available on SourceForge here.

Categories: Open Source

PostgresOpen SV 2017 Registration Opens; 2 weeks for CFP!

PostgreSQL News - Fri, 05/19/2017 - 01:00

PostgresOpen and PGConf SV have joined forces this year to put together a fantastic PostgreSQL conference, PostgresOpen SV 2017, being held in
downtown San Francisco from September 6th to 8th.

Early Bird Registration for PostgresOpen SV 2017 is now open!

Simply go to our tickets page and register to attend the longest running annual PostgreSQL conference in the US.

The Program Committee is excited to be able to offer tickets for PostgresOpen SV at the same rate as last year, with a $200 discount for early bird registrations!

We also want to remind you that the Call for Papers is only open until May 30th, Anywhere on Earth (AoE), this is the last chance for you to submit your talk for PostgresOpen SV 2017, there's only two weeks left!

Presentations on any topic related to PostgreSQL including, but not limited to, case studies, experiences, tools and utilities, application development, data science, migration stories, existing features, new feature development, benchmarks, and performance tuning are encouraged.

Tutorials will be announced in the coming weeks- watch our blog for updates!

The Program Committee looks forward to bringing the best PostgreSQL presentations and tutorials from speakers around the world to the fantastic Parc55 in downtown San Francisco.

Speakers will be notified by June 6th, 2017 AoE, with the schedule to be published once selected speakers have confirmed.

PostgresOpen SV 2017 is only able to happen with the support of our fantastic sponsors. We are extremely pleased to be able to recognize our Diamond launch sponsors:

2ndQuadrant

CitusData

and head to our site to see all of our Gold, Silver and Supporter sponsors

Sponsorship opportunities are still available!

We look forward to seeing everyone in San Francisco!

Any questions? Please contact: program2017@postgresopen.org

Categories: Database, Open Source

Case Study: Deploying Eclipse IoT on Germany's DB Railway System

Eclipse News - Thu, 05/18/2017 - 10:55
We worked with Deutsche Bahn (DB) to find out how they use Eclipse IoT technology on their railway system!
Categories: Open Source

PostgreSQL 10 Beta 1 Released

PostgreSQL News - Thu, 05/18/2017 - 01:00

The PostgreSQL Global Development Group announces today that the first beta release of PostgreSQL 10 is available for download. This release contains previews of all of the features which will be available in the final release of version 10, although some details will change before then. Users are encouraged to begin testing their applications against this latest release.

Major Features of 10

The new version contains multiple features that will allow users to both scale out and scale up their PostgreSQL infrastructure:

  • Logical Replication: built-in option for replicating specific tables or using replication to upgrade
  • Native Table Partitioning: range and list partitioning as native database objects
  • Additional Query Parallelism: including index scans, bitmap scans, and merge joins
  • Quorum Commit for Synchronous Replication: ensure against loss of multiple nodes

We have also made three improvements to PostgreSQL connections, which we are calling on driver authors to support, and users to test:

  • SCRAM Authentication, for more secure password-based access
  • Multi-host "failover", connecting to the first available in a list of hosts
  • target_session_attrs parameter, so a client can request a read/write host
Additional Features

Many other new features and improvements have been added to PostgreSQL 10, some of which may be as important, or more important, to specific users than the above. Certainly all of them require testing. Among them are:

  • Crash-safe and replicable Hash Indexes
  • Multi-column Correlation Statistics
  • New "monitoring" roles for permission grants
  • Latch Wait times in pg_stat_activity
  • XMLTABLE query expression
  • Restrictive Policies for Row Level Security
  • Full Text Search support for JSON and JSONB
  • Compression support for pg_receivewal
  • ICU collation support
  • Push Down Aggregates to foreign servers
  • Transition Tables in trigger execution

Further, developers have contributed performance improvements in the SUM() function, character encoding conversion, expression evaluation, grouping sets, and joins against unique columns. Analytics queries against large numbers of rows should be up to 40% faster. Please test if these are faster for you and report back.

See the Release Notes for a complete list of new and changed features.

Test for Bugs and Compatibility

We count on you to test the altered version with your workloads and testing tools in order to find bugs and regressions before the release of PostgreSQL 10. As this is a Beta, minor changes to database behaviors, feature details, and APIs are still possible. Your feedback and testing will help determine the final tweaks on the new features, so test soon. The quality of user testing helps determine when we can make a final release.

Additionally, version 10 contains several changes that are incompatible with prior major releases, particularly renaming "xlog" to "wal" and a change in version numbering. We encourage all users test it against their applications, scripts, and platforms as soon as possible. See the Release Notes and the What's New in 10 page for more details.

Beta Schedule

This is the first beta release of version 10. The PostgreSQL Project will release additional betas as required for testing, followed by one or more release candidates, until the final release in late 2017. For further information please see the Beta Testing page.

Links
Categories: Database, Open Source

Open sourcing the Firebase SDKs

Google Open Source Blog - Wed, 05/17/2017 - 22:00
Today, at Google I/O 2017, we are pleased to announce that we are taking our first steps towards open sourcing our client libraries. By making our SDKs open, we’re aiming to show our commitment to greater transparency and to building a stronger developer community. To help further that goal, we’ll be using GitHub as a core part of our own toolchain to enable all of you to contribute as well. As you find issues in our code, from inconsistent style to bugs, you can file issues through the standard GitHub issue tracker. You can also find our project in the Google Open Source directory. We’re really looking forward to your pull requests!
What’s open?We’re starting by open sourcing several products in our iOS, JavaScript, Java, Node.js and Python SDKs. We'll be looking at open sourcing our Android SDK as well. The SDKs are being licensed under Apache 2.0, the same flexible license as existing Firebase open source projects like FirebaseUI.

Let's take a look at each repo:
Firebase iOS SDK 4.0https://github.com/firebase/firebase-ios-sdk

With the launch of the Firebase iOS 4.0 SDKs we have made several improvements to the developer experience, such as more idiomatic API names for our Swift users. By open sourcing our iOS SDKs we hope to provide an additional avenue for you to give us feedback on such features. For this first release we are open sourcing our Realtime Database, Auth, Cloud Storage and Cloud Messaging (FCM) SDKs, but going forward we intend to release more.

Because we aren't yet able to open source some of the Firebase components, the full product build process isn't available. While you can use this repo to build a FirebaseDev pod, our libraries distributed through CocoaPods will continue to be static frameworks for the time being. We are continually looking for ways to improve the developer experience for developers, however you integrate.

Our GitHub README provides more details on how you build, test and contribute to our iOS SDKs.
Firebase JavaScript SDK 4.0https://github.com/firebase/firebase-js-sdk

We are excited to announce that we are open sourcing our Realtime Database, Cloud Storage and Cloud Messaging (FCM) SDKs for JavaScript. We’ll have a couple of improvements hot on the heels of this initial release, including open sourcing Firebase Authentication. We are also in the process of releasing the source maps for our components, which we expect would really improve the debuggability of your app.

Our GitHub repo includes instructions on how you can build, test and contribute.
Firebase Admin SDKsNode.js: https://github.com/firebase/firebase-admin-node
Java: https://github.com/firebase/firebase-admin-java
Python: https://github.com/firebase/firebase-admin-python

We are happy to announce that all three of our Admin SDKs for accessing Firebase on privileged environments are now fully open source, including our recently-launched Python SDK. While we continue to explore supporting more languages, we encourage you to use our source as inspiration to enable Firebase for your environment (and if you do, we'd love to hear about it!)

We're really excited to see what you do with the updated SDKs - as always reach out to us with feedback or questions in the Firebase-Talk Google Group, on Stack Overflow, via the Firebase Support team, and now on GitHub for SDK issues and pull requests! And to read about the other improvements to Firebase that launched at Google I/O, head over to the Firebase blog.

By Salman Qadri, Firebase Product Manager
Categories: Open Source

EclipseCon Europe 2017 | Call for Papers Open

Eclipse News - Wed, 05/17/2017 - 15:29
Submissions are now open for EclipseCon Europe 2017, October 24 - 26, in Ludwigsburg, Germany.
Categories: Open Source

Today in Tech – 1943

SourceForge.net: Front page news - Wed, 05/17/2017 - 05:04

On this day in 1943 the US Army and the University of Pennsylvania signed a contract to develop the ENIAC or Electronic Numerical Integrator And Computer. The ENIAC was an early all-electronic computing system and one of the first general-purpose computers ever made. It was developed primarily to calculate ballistic firing tables for the US Army’s Ballistic Research Laboratory.

ENIAC was the first system to use vacuum tubes instead of electromagnetic switches, and could solve a large class of numerical problems on the order of one thousand times faster than electro-mechanical machines. A trajectory that took 20 hours for a human to solve would take the ENIAC a mere 30 seconds to calculate. This speed combined with general-purpose programmability excited both scientists and industrialists, and made the ENIAC a useful tool until the end of its operation in 1955.

An ENIAC function table on display at Aberdeen Proving Ground museum. Image taken from Wikipedia

An ENIAC function table on display at Aberdeen Proving Ground museum. Image taken from Wikipedia

Categories: Open Source

Free SQL Multi Select Basic Edition 3.2 released

PostgreSQL News - Wed, 05/17/2017 - 01:00

SQL Multi Select 3.2 Basic Edition is now free.

Run multiple scripts on multiple PostgreSQL databases with a single click. A description for how to use SQL Multi Select with other PostgreSQL tools is available here.

Changes in version 3.2:

  • various GUI changes to improve Wine compatibility.
  • added option to define default scripts for PostgreSQL, MySQL, and Oracle servers
  • modified the upgrade process to avoid having to reboot the Linux OS.

System requirements:

  • Runs on Windows XP to Windows 10.
  • Runs on Wine, tested on Ubuntu and Fedora.
  • Supports PostgreSQL 8.3 to 9.6, without the need for any additional database drivers.

For more information about SQL Multi Select for PostgreSQL, please visit http://www.yohz.com/sms_details.htm, or download a free 14-day trial.

About Yohz Software

Yohz Software is a developer of free and commercial database applications for most popular database engines. Visit our site at http://www.yohz.com.

Categories: Database, Open Source

Announcing Access to comprehensive PostgreSQL on Mapt

PostgreSQL News - Wed, 05/17/2017 - 01:00

Mapt - powered by Packt - is a comprehensive tech library stuffed full of the latest PostgreSQL knowledge. Mapt boasts over 170 hours of PostgreSQL courses, including the latest Packt PostgreSQL eBooks. It’s been designed for developers who need answers fast.

Newly released on Mapt, the PostgreSQL Administration Cookbook, High Performance Cookbook and High Availability Cookbook give you essential answers right at your fingertips. Now PostgreSQL community members can access these titles and more with an exclusive 50% off discount on Mapt Annual subscription.

You can receive a discount off of a whole year of Mapt with the discount code MptPgSQL50

Mapt’s PostgreSQL courses cover everything you need to know whether you’re just starting out with the basics, or looking for advanced tips and tricks to get the most from PostgreSQL. Get practical insight from real PostgreSQL experts with decades of database experience. Mapt authors include Simon Riggs, CTO of PostgreSQL consultancy 2ndQuadrant; Greg Smith, principal consultant for 2ndQuadrant, and Postgre Open speaker Shaun M Thomas.

On top of all that PostgreSQL knowledge, a Mapt subscription nets even more insight. Access to over 4,500 eBook and video courses on data, development, and more. Get career development guidance from Mapt’s Skill Plans. Make your learning stick with assessments, and take advantage of a global author community.

Categories: Database, Open Source

Open Source at Google I/O 2017

Google Open Source Blog - Tue, 05/16/2017 - 18:00
One of the best parts of Google I/O every year is the chance to meet with the developers and community organizers from all over the world. It's a unique opportunity to have candid one-on-one conversations about the products and technologies we all love.

This year, I/O features a Community Lounge for attendees to relax, hangout, and play with neat experiments and games. It also features several mini-meetups during which you can chat with Googlers on a variety of topics.

Chris DiBona and Will Norris from the Google Open Source Programs Office will be around Thursday and Friday to talk about anything and everything open source, including our student outreach programs and the new Google Open Source website. If you're at Google I/O this year, make sure to drop by and say hello. Find dates, times, and other details in the Community Lounge schedule.

By Josh Simmons, Google Open Source
Categories: Open Source

AccuRev-test

Date Created: Tue, 2017-05-16 00:36Date Updated: Tue, 2017-05-16 09:47Micro FocusSubmitted by: Prithviraj Pal

Sample Testing for deploying plugin to Eclipse Marketplace

Categories: Open Source

Projects of the Week, May 15, 2017

SourceForge.net: Front page news - Mon, 05/15/2017 - 05:10

Here are the featured projects for the week, which appear on the front page of SourceForge.net:

rEFInd

rEFInd is a fork of the rEFIt boot manager. Like rEFIt, rEFInd can auto-detect your installed EFI boot loaders and it presents a pretty GUI menu of boot options. rEFInd goes beyond rEFIt in that rEFInd better handles systems with many boot loaders, gives better control over the boot loader search process, and provides the ability for users to define their own boot loader entries.
[ Download rEFInd ]


Free Manga Downloader

The Free Manga Downloader (FMD) is an open source application written in Object-Pascal for managing and downloading manga from various websites. This is a mirror of main repository on GitHub. For feedback/bug report visit https://github.com/riderkick/FMD
[ Download Free Manga Downloader ]


LXLE

Change is good but changing everything isn’t always great. Same is true for aging computers and their operating systems. Support is sometimes lost too quickly with a 6 month core release cycle. Graphics & Audio cards and chipsets get dropped along with other miscellaneous functions with programs or drivers that just go missing. We all like having updated software and we certainly don’t like down time or loss of features and capabilities. I believe most aging hardware just needs the right system on it, and lets face it, it helps keep a couple bucks in your pocket if you can squeeze a few more years out of your current system without sacrificing, performance, capability, usability and of course aesthetics. http://lxle.net/forums/
[ Download LXLE ]


Hugin

With Hugin you can assemble a mosaic of photographs into a complete immersive panorama, stitch any series of overlapping pictures and much more.
[ Download Hugin ]


Whole Platform

The Whole Platform is a technology for engineering the production of software. We provide an Eclipse based Language Workbench for developing, manipulating and transforming languages using a model driven approach.
[ Download Whole Platform ]


slackel

Slackel is a Linux distribution based on Slackware and Salix. It is fully compatible with Slackware and Salix but the difference is that it includes the current version of Slackware. So Slackware users can benefit from Slackel repositories. It is available in three editions, KDE, Openbox and Fluxbox. Slackel disc images are offered in two different forms, Installation disc image and Live disc image. Slackel is developed in Greece by Dimitris Tzemos.
[ Download slackel ]


SparkyLinux

SparkyLinux is a GNU/Linux distribution created on the “testing” branch of Debian. It features customized lightweight desktops (like E19, LXDE and Openbox), multimedia plugins, selected sets of apps and own custom tools to ease different tasks. Sparky is in-between the distros that are beginner-friendly and those that require some amount of Linux knowledge. Beginner Linux users are advised to consult the project forums regarding any issues or doubts.
[ Download SparkyLinux ]


FedBerry

FedBerry is a Fedora Remix specifically built for use with Raspberry Pi® 2/3 Model B computers.
[ Download FedBerry ]


lessmsi

lessmsi (formerly known as Less Msiérables) is a free utility with a graphical user interface and a command line interface used for viewing and extracting the contents of a Windows Installer (.msi) file.
[ Download lessmsi ]

Categories: Open Source

The Challenges Open Source Projects Face Today

SourceForge.net: Front page news - Fri, 05/12/2017 - 05:10

Looking back at the history of open source software, there’s certainly a lot to be proud of.

The field of FOSS has overcome many obstacles and dispelled opposing views. It has ultimately proven its value and made open source the majority’s preferred method of software development.

As far as FOSS has come however, there are still many other challenges that open source developers have yet to overcome. While open source development may no longer be plagued by opposition, its rampant adoption has revealed a new set of challenges– challenges which developers must not only be aware of but must act upon in order to keep FOSS moving in the right direction.

Security Issues

Probably the most pressing of these issues are those concerning security. It’s become very easy for developers to reuse open source code without really considering the challenges it may present to enterprises. Many times enterprises no longer track their open source code. As a consequence, patches are rarely kept up-to-date and any security vulnerability associated with the code remains unseen and unresolved. It’s important for the security of enterprises that their applications containing open source code be accompanied with proper tracking so bugs can be found and fixed right away.

Update Problems

Another issue revolves around software updates. Often there are several versions of an application that can be downloaded manually. This can lead companies to use several different versions of the same software, which in turn results in performance and compatibility problems. To avoid such problems it’s important for companies to have a formal policy when it comes to selecting and approving open source code. Apart from this, open source developers should also make it easy for users to obtain the latest updates.

License Compliance

Licenses vary among open source projects. Some are more restrictive than others, requiring that code be distributed under the same license. Some projects change licenses over the years. These incidents can make complying with licenses difficult or problematic. While it is the responsibility of enterprises to track their open source code and licenses, developers for their part should make it easy to comply with license provisions.

Corporate Influence

Many of today’s open source contributors are either fully employed by a company or are sponsored by one. While this is a good thing for developers and can impact open source projects positively, there’s also the real possibility of these employer businesses having too much influence on projects– steering project goals more towards what benefits them rather than what benefits the community as a whole.

Lack of Diversity

While some have taken action in order to increase diversity within their projects, current diversity statistics throughout the open source field are still far from ideal. There have been more females involved in open source in recent years, but this involvement along with the inclusion of various cultures and ethnicities can still be much improved.

These are among the most prevalent challenges that open source projects are facing today. Behind each challenge however, is an opportunity for developers to make not only their respective projects but the entirety of open source even better than before.

Categories: Open Source

2017-05-11 Security Update Release

PostgreSQL News - Thu, 05/11/2017 - 01:00

The PostgreSQL Global Development Group has released an update to all supported versions of our database system, including 9.6.3, 9.5.7, 9.4.12, 9.3.17, and 9.2.21. This release fixes three security issues. It also patches a number of other bugs reported over the last three months. Users who use the PGREQUIRESSL environment variable to control connections, and users who rely on security isolation between database users when using foreign servers, should update as soon as possible. Other users should plan to update at the next convenient downtime.

Security Issues

Three security vulnerabilities have been closed by this release:

  • CVE-2017-7484: selectivity estimators bypass SELECT privilege checks
  • CVE-2017-7485: libpq ignores PGREQUIRESSL environment variable
  • CVE-2017-7486: pg_user_mappings view discloses foreign server passwords

The fix for CVE-2017-7486 applies to new databases, see the release notes for the procedure to apply the fix to an existing database.

Any user relying on the PGREQUIRESSL environment variable is encouraged to use the sslmode connection string option, as use of PGREQUIRESSL is deprecated. CVE-2017-7485 does not affect the 9.2 series. For more information on these issues and how they affect backwards-compatibility, see the Release Notes.

Bug Fixes and Improvements

This update also fixes a number of bugs reported in the last few months. Some of these issues affect only the 9.6 series, but many affect all supported versions. There are more than 90 fixes in this release, including:

  • Fix to ensure consistent behavior for RLS policies
  • Fix ALTER TABLE ... VALIDATE CONSTRAINT to not recurse to child tables when the constraint is marked NO INHERIT
  • Fix incorrect support for certain box operators in SP-GiST which could yield incorrect results
  • Fixes for handling query cancellation
  • Skip tablespace privilege checks when ALTER TABLE ... ALTER COLUMN TYPE rebuilds an existing index
  • Fix possibly-invalid initial snapshot during logical decoding
  • Fix possible corruption of init forks of unlogged indexes
  • Several fixes to postmaster, including checks for when running as a Windows service
  • Several planner fixes, among others assorted minor fixes in planning of parallel queries
  • Avoid possible crashes in walsender and some index-only scans on GiST index
  • Fix cancelling of pg_stop_backup() when attempting to stop a non-exclusive backup
  • Updates to ecpg to support COMMIT PREPARED and ROLLBACK PREPARED
  • Several fixes for pg_dump/pg_restore, among others to handle privileges for procedural languages and when using --clean option
  • Several fixes for contrib modules, such as dblink, pg_trgm and postgres_fdw
  • Fixes to MSVC builds, such as using correct daylight-savings rules for POSIX-style time zone names and supporting Tcl 8.6
  • Several performance improvements
  • Fix cursor_to_xml() to produce valid output with tableforest = false
  • Fix roundoff problems in float8_timestamptz() and make_interval()
  • Fix pgbench to handle the combination of --connect and --rate options correctly
  • Fixes to commandline tools such as pg_upgrade and pg_basebackup
  • Several fixes to VACUUM and CLUSTER

Users of replication tools based on logical decoding, as well as users of unlogged indexes, should consult the release notes for potential extra steps during the upgrade.

This update also contains tzdata release 2017b with updates for DST law changes in Chile, Haiti, and Mongolia, plus historical corrections for Ecuador, Kazakhstan, Liberia, and Spain. Switch to numeric abbreviations for numerous time zones in South America, the Pacific and Indian oceans, and some Asian and Middle Eastern countries. The timezone library is synchronized with IANA release tzcode2017b.

EOL Warning for Version 9.2

PostgreSQL version 9.2 will be End-of-Life in September 2017. The project expects to only release one, or two, more updates for that version. We urge users to start planning an upgrade to a later version of PostgreSQL as soon as possible. See our Versioning Policy for more information.

Updating

All PostgreSQL update releases are cumulative. As with other minor releases, users are not required to dump and reload their database or use pg_upgrade in order to apply this update release; you may simply shut down PostgreSQL and update its binaries.

After update, users of replication tools based on logical decoding, as well as users of unlogged indexes, should consult the release notes for potential extra steps during the upgrade. See the Release Notes for more details.

Users who have skipped one or more update releases may need to run additional, post-update steps; please see the release notes for earlier versions for details.

Links:

Categories: Database, Open Source

Today in Tech – 1954

SourceForge.net: Front page news - Wed, 05/10/2017 - 05:21

On this day in 1954 Texas Instruments Inc. announced the first commercial production of silicon transistors. These were developed by Gordon Teal, who previously worked on germanium transistors at Bell Labs. This commercial introduction greatly lowered the price of transistors and paved the way for the completion of many other electronic inventions. The transistor continues to be a key component in many modern devices today and is considered to be one of the greatest inventions of the 20th century.

Categories: Open Source