Blog Posts

    Understanding Software Provenance Attestation: The Roles of SLSA and in-toto

    Thursday, December 28, 2023 - 09:00 by Mikaël Barbero
    A software provenance attestation is a signed document that associates metadata with an artifact, encompassing details like the artifact’s origin, build steps, and dependencies. This information is critical for verifying the artifact’s authenticity and integrity. Featuring a cryptographic signature, provenance attestation ensures the document remains unaltered, playing a vital role...

    Conferences and Events 2023

    Thursday, December 28, 2023 - 02:56 by Ivar Grimstad
    2023 was a good conference year! I spoke at more than thirty conferences and meetups across four continents. In addition to the more traditional developer conferences, I visited a lot of Java User Groups this year. This is something I will continue to do next year. I already have a...

    Understanding Software Provenance

    Tuesday, December 26, 2023 - 09:00 by Mikaël Barbero
    In the ever-evolving landscape of open-source software development, the creation and distribution of artifacts—such as compiled binaries, libraries, and documentation—represent the tangible results of a multifaceted process. These artifacts are more than just a collection of code; they are the final product of myriad decisions, alterations, and contributions, each with...

    Hashtag Jakarta EE #208

    Sunday, December 24, 2023 - 05:59 by Ivar Grimstad
    Welcome to issue number two hundred and eight of Hashtag Jakarta EE! I don’t expect many readers on Christmas Eve, so I will keep this one very short. One of the last activities before the Holidays was to release a Milestone 1 release of Jakarta EE 11. You can find the...

    Eclipse Foundation Embraces Sigstore

    Saturday, December 23, 2023 - 05:00 by Mikaël Barbero
    As part of our ongoing commitment to fortifying the security of our software development processes, we’re excited to announce a significant enhancement for all Eclipse Foundation projects utilizing our Jenkins infrastructure. This advancement comes with the integration of Sigstore , a cutting-edge solution designed to bolster the security and integrity...

    Unveiling Open Code Experience

    Tuesday, December 19, 2023 - 16:57 by Thabang Mashologu
    TL;DR - We’re thrilled to announce Open Code Experience 2024, a new conference for our vibrant community of communities. Watch for updates at opencode-x.org. 2023 has been a year of continued growth for Eclipse Foundation communities. New and existing industry collaborations including Software Defined Vehicle , Eclipse ThreadX , Adoptium...

    Industry Collaboration in Action: Eclipse SDV, OpenMobility and ThreadX

    Monday, December 18, 2023 - 11:21 by Sharon Corbett
    If you’ve read my two previous blog posts, you already have an understanding of how interest groups and working groups provide two different mechanisms for industry collaboration, how your organisation can get started on its own collaboration journey, and the numerous benefits that come from collaborating on open source software...

    Elevating Software Supply Chain Security: Eclipse Foundation's 2FA Milestone

    Monday, December 18, 2023 - 11:00 by Mikaël Barbero
    In the realm of open-source software, security of the supply chain is not just a concern—it’s a crucial battleground. The Eclipse Foundation, at the forefront of this fight, has taken a decisive step with its 2023 initiative to enforce two-factor authentication (2FA) across its platforms. This move is more than...

    Celebrating Eclipse Theia’s Milestone: Full Compatibility with VS Code Extension API

    Monday, December 18, 2023 - 07:09 by Mike Milinkovich
    We are thrilled to announce a landmark achievement in the evolution of Theia: full compatibility with the Visual Studio Code (VS Code) extension API, marking a significant milestone in the journey of Theia towards becoming a universally adaptable development environment. Unleashing a World of Features with VS Code Extensions Theia...