Blog Posts

    Eclipse Open VSX Registry Security Advisory

    Wednesday, July 2, 2025 - 04:15 by Mikaël Barbero
    This security advisory provides additional technical details following our initial statement and the corresponding CVE record. TL;DR A vulnerability in the Eclipse Open VSX Registry’s automated publishing system could have allowed unauthorized extension uploads. It did not affect existing extensions or admin functions. The issue was reported on May 4...

    Security Training on Vulnerability Management and SBOMs - Videos are Online!

    Tuesday, July 1, 2025 - 05:39 by Marta Rybczynska
    In early June 2025, the Eclipse Foundation Security Team delivered the second part of our security training for developers. The first day covered the basics of vulnerability management, and the second day delved into more complex subjects like multi-project coordination, embargoes, and SBOM management. We also introduced our SBOM early...

    A Brazilian Dream: Otavio Santana’s Rise Through Open Source

    Monday, June 30, 2025 - 13:12 by Tatjana Obradovic
    “Sometimes, all someone needs is to believe it's possible” Brazil stands at the heart of the Global South, shaping global technology and community movements. Follow us as we explore Otavio Santana’s inspiring journey from his beginnings in Salvador, Brazil, to the international stages of Java stardom. Discover how community, discipline...

    Hashtag Jakarta EE #287

    Sunday, June 29, 2025 - 05:59 by Ivar Grimstad
    Welcome to issue number two hundred and eighty-seven of Hashtag Jakarta EE! Jakarta EE 11 is finally released! It took a little longer than anticipated due to the massive undertaking the refactoring of the TCK turned out to be. But, we are here now. Eclipse GlassFish was yet again the ratifying...

    Lisbon JUG 2025

    Friday, June 27, 2025 - 06:18 by Ivar Grimstad
    This week, I visited Lisbon where I spoke at the Lisbon JUG. The JUG if very active with monthly meetings, and even some in between. The June Java Meetup had two sessions on the agenda where mine was the second one. Check out the slides for my talk titled What...

    Vulnerability in Eclipse Open VSX Registry extension publication process

    Friday, June 27, 2025 - 04:15 by Mikaël Barbero
    On May 4th, the Eclipse Foundation (EF) Security Team received a notification from researchers at Koi Security regarding a potential issue in the Eclipse Open VSX marketplace extension publication process. The EF Security Team immediately contacted the Eclipse Open VSX team, and upon confirming the issue, work on a fix...

    Jakarta EE 11: Empowering Enterprise Java Developers with Enhanced Productivity and Performance

    Wednesday, June 25, 2025 - 14:42 by Tatjana Obradovic
    The Eclipse Foundation has announced the release of Jakarta EE 11 Platform, which builds on previous Core Profile (December 2024) and Web Profile (March 2025) versions. This release signifies advancement in simplifying enterprise Java, emphasising developer productivity and overall performance. Key highlights include modernised Test Compatibility Kits (TCKs), the introduction...

    Code4Health Hackathon: Empowering Southern Africa’s Youth to Improve Healthcare with Open Source

    Wednesday, June 25, 2025 - 12:16 by Thomas Froment
    How can open source tools empower young developers to reimagine healthcare in their local communities? The Code4Health Hackathon set out to explore exactly that: From 14–18 May 2025, high school students from across Southern Africa came together online for this event organised by the Girls Coding Academy in partnership with...