Eclipse Jetty Security Audit Has Been Completed
We’re proud to share that the Eclipse Foundation has completed the security audit for Eclipse Jetty, one of the world’s...
security
Eclipse Foundation Publishes Results of Eclipse JKube Security Audit
Today, the Eclipse Foundation released the results of our security audit for Eclipse JKube, a collection of tools for building...
SECURITY.md: should I have it?
You might have noticed a SECURITY.md file in git repositories of multiple projects. Should you have it? The answer is...
Eclipse Foundation Publishes Results of Equinox p2 Security Audit
Over the past year, the Eclipse Foundation has made securing the open source software supply chain a priority. By growing...
How to Report a Security Issue in an Eclipse Foundation Project?
Have you found something that looks like a security issue in an Eclipse Foundation project? Here is a description of...
Eclipse Foundation Default Security Tracker Moves!
Eclipse Foundation projects share a default way to report security issues. Security researchers and all concerned users can create private...
New SLSA++ Survey Reveals Real-World Developer Approaches to Software Supply Chain Security
Answering even basic questions about software supply chain security has been surprisingly hard. For instance, how widespread are the different...
March 2023 Update on Security improvements at the Eclipse Foundation
Thanks to financial support from the OpenSSF’s Alpha-Omega project, the Eclipse Foundation is glad to have made significant improvements in...
Shell Hole: How Advanced Prompts are Putting Software Developers at Risk
Advanced shell prompts, such as those provided by theme engines like oh-my-zsh and oh-my-posh, have become increasingly popular among software...
European Cyber Resilience Act: Potential Impact on the Eclipse Foundation
Europe has proposed new legislation intended to improve the state of cybersecurity for software and hardware products made available in...