Version control

Synopsys Study Shows Uptick in Vulnerable, Outdated, and Abandoned Open Source Components in Commercial Software

Retrieved on: 
Tuesday, April 13, 2021

The report highlights trends in open source usage within commercial applications and provides insights to help commercial and open source developers better understand the interconnected software ecosystem they are part of.

Key Points: 
  • The report highlights trends in open source usage within commercial applications and provides insights to help commercial and open source developers better understand the interconnected software ecosystem they are part of.
  • It also details the pervasive risks posed by unmanaged open source, including security vulnerabilities, outdated or abandoned components, and license compliance issues.\nThe 2021 OSSRA report affirms that open source software provides the foundation for the vast majority of applications across all industries.
  • 95% of the marketing tech codebases contained open source vulnerabilities.\n98% of healthcare sector codebases contained open source.
  • "\nOther open source risk trends identified in the 2021 OSSRA report include:\nOutdated open source components in commercial software is the norm.

GitLab for Education Report Demonstrates Gap in Curriculum for DevOps in Universities

Retrieved on: 
Tuesday, March 30, 2021

SAN FRANCISCO, March 30, 2021 (GLOBE NEWSWIRE) -- Today GitLab Inc., the single application for the DevOps lifecycle, published findings from its GitLab for Education Report , which surveyed more than 800 global GitLab for Education users.

Key Points: 
  • SAN FRANCISCO, March 30, 2021 (GLOBE NEWSWIRE) -- Today GitLab Inc., the single application for the DevOps lifecycle, published findings from its GitLab for Education Report , which surveyed more than 800 global GitLab for Education users.
  • DevOps and GitLab have been transformational in teaching, learning and research for early adopters across institutions, said Dr. Christina Hupy, a former professor and current senior education program manager at GitLab.
  • The ability to have the entire DevOps lifecycle in one open platform has made it tremendously easier to teach DevOps culture and methodology.
  • The GitLab for Education Report found that GitLab, and DevOps in general, is used extensively by early adopters across an entire educational institution.

Call for Proposals Now Open for Virtual GitLab Commit 2021

Retrieved on: 
Tuesday, March 23, 2021

SAN FRANCISCO, March 23, 2021 (GLOBE NEWSWIRE) -- GitLab , the open DevOps platform and one of the worlds largest all-remote companies, announced today the Call for Proposals (CFP) for Virtual GitLab Commit 2021 , taking place online August 10 and 11.

Key Points: 
  • SAN FRANCISCO, March 23, 2021 (GLOBE NEWSWIRE) -- GitLab , the open DevOps platform and one of the worlds largest all-remote companies, announced today the Call for Proposals (CFP) for Virtual GitLab Commit 2021 , taking place online August 10 and 11.
  • GitLab Commit, GitLabs user event, first launched in 2019 to bring together the GitLab community for hands-on tips and tricks for maturing GitLab use cases and networking with other users and experts.
  • This year, the theme for Virtual GitLab Commit will be Innovate Together.
  • Each talk and experience submitted for Commit will be considered for its own merits and its connection to the GitLab community and product.

Jscrambler and GitLab Push New Integration to Automate Source Code Protection

Retrieved on: 
Thursday, March 11, 2021

This integration improves the user experience and security protocols for GitLab customers that are using Jscrambler to protect their JavaScript applications.

Key Points: 
  • This integration improves the user experience and security protocols for GitLab customers that are using Jscrambler to protect their JavaScript applications.
  • Jscramblers integration with GitLab greatly facilitates the implementation of these security controls, by adding a new protection job into GitLab CI pipelines to automate the code protection process.
  • Jscramblers integration with GitLab will allow development teams to seamlessly protect their source code and reduce their exposure to reverse-engineering, tampering, and data exfiltration attacks.
  • By using this Jscrambler and GitLab integration, users are able to:
    Protect source code seamlessly at build time;
    Add runtime protection capabilities to the source code;
    Instill threat detection mechanisms in the source code for improved monitoring capabilities in DevSecOps;
    Reduce the attack surface to code theft, piracy, cheating, automated abuse, and data exfiltration.

GrammaTech Announces GitLab Partnership for CodeSonar SAST Product

Retrieved on: 
Thursday, March 4, 2021

As part of the alliance, the GrammaTech CodeSonar Static Application Security Testing (SAST) product is now integrated with GitLabs Ultimate DevSecOps platform allowing customers to implement code analysis early and directly within CI/CD pipelines.

Key Points: 
  • As part of the alliance, the GrammaTech CodeSonar Static Application Security Testing (SAST) product is now integrated with GitLabs Ultimate DevSecOps platform allowing customers to implement code analysis early and directly within CI/CD pipelines.
  • Through this strategic partnership and integration, GrammaTech CodeSonar and its unique static application security testing capabilities are now natively available to development teams from within the GitLab CI/CD pipeline, said Vince Arneja, Chief Product Officer at GrammaTech.
  • GitLab is pleased to welcome GrammaTech as a strategic partner, said Michelle Hodges, VP - Global Channels at GitLab.
  • CodeSonar SAST GitLab Integration is available immediately from GrammaTech and its business partners worldwide.

Latest Releases of Open Source Tools from Iterative.ai Extend Traditional Software Tools for Machine Learning Engineers

Retrieved on: 
Wednesday, March 3, 2021

DVC and CML remove the need for proprietary AI Platforms (such as AWS SageMaker and Microsoft Azure ML Engineer) by extending traditional software tools like Git and CI/CD to meet the needs of ML Engineers.

Key Points: 
  • DVC and CML remove the need for proprietary AI Platforms (such as AWS SageMaker and Microsoft Azure ML Engineer) by extending traditional software tools like Git and CI/CD to meet the needs of ML Engineers.
  • With a lack of adequate tools for versioning data and models to meet the needs of the ML Engineers, Iterative.ai has built open source tools, DVC and CML, on top GitHub, GitLab and BitBucket to fill this gap.
  • Iterative.ai allows users to stay within their application development space and effectively extend the familiar dev environments with tools to support Machine Learning Engineers and Data Scientists.
  • DVC provides users with a Git-like interface for versioning data and models, bringing version control to machine learning and solving the challenges of reproducibility.

GitLab Announces New Report on Remote Work: Navigating the Shift from Office Mentality to Lifestyle Mentality

Retrieved on: 
Tuesday, February 9, 2021

For this report, GitLab surveyed working professionals around the world over the course of three months, with a focus on those whose fields are amenable to remote work.

Key Points: 
  • For this report, GitLab surveyed working professionals around the world over the course of three months, with a focus on those whose fields are amenable to remote work.
  • Going forward, remote work will not be viewed as much as a perk than as a lifestyle requirement.
  • Throughout modern history, we have fit life around the rigid confines of work, said Darren Murph, Head of Remote at GitLab.
  • Supporting remote work is a boon for retention: the data we collected shows an overwhelming link between company loyalty and support for remote work.

A Compliance Win: GitLab Successfully Completed SOC 2 Type II and SOC 3 Certifications

Retrieved on: 
Thursday, February 4, 2021

SAN FRANCISCO, Feb. 04, 2021 (GLOBE NEWSWIRE) -- GitLab , the single application for the DevOps lifecycle, today announced that it has successfully obtained the Service Organization Control (SOC) 2 Type II and SOC 3 Type II reports for GitLab.com.

Key Points: 
  • SAN FRANCISCO, Feb. 04, 2021 (GLOBE NEWSWIRE) -- GitLab , the single application for the DevOps lifecycle, today announced that it has successfully obtained the Service Organization Control (SOC) 2 Type II and SOC 3 Type II reports for GitLab.com.
  • The findings affirm that GitLab meets the SOC 2 and SOC 3 standards relative to the Security Trust Services Principle and Criteria.
  • These certifications, among the companys extensive list of security capabilities, is why GitLab is a pioneer in the emerging market of DevOps platforms.
  • In addition to SOC 2, GitLab continues to invest, iterate, and diversify its security and compliance program.

Vendia Announces $15.5M Series A Funding and Launches Vendia Share™ for Developers

Retrieved on: 
Wednesday, February 3, 2021

Vendia, a serverless, distributed data and code sharing platform, today announced a $15.5M Series A funding round and launched Vendia Share with a free tier for developers.

Key Points: 
  • Vendia, a serverless, distributed data and code sharing platform, today announced a $15.5M Series A funding round and launched Vendia Share with a free tier for developers.
  • Developers can use Vendia Share to build applications that allow multiple clients to query, update, and share data in real time with transactional semantics, even when they span accounts, regions, owners, or technology stacks.
  • Grace Isford, Investor, Canvas Ventures: Fortune 500 companies are struggling to share data across internal siloes, let alone share data securely.
  • Vendia automates these processes while adding document and revision tracking, all within a new collaborative workspace shared by the entire project team.

GitLab Partners with IBM to Support Acceleration of Customers’ DevOps Journey

Retrieved on: 
Thursday, January 14, 2021

GitLab for IBM Cloud Pak will streamline team collaboration and increase team productivity with a complete, easy to use DevOps platform.

Key Points: 
  • GitLab for IBM Cloud Pak will streamline team collaboration and increase team productivity with a complete, easy to use DevOps platform.
  • The power of AI via IBM Watson combined with the ability of GitLab IBM Cloud Pak to drive DevOps maturity and transformation enables customers to develop and deploy applications, securely, to the cloud environment of their choosing.
  • GitLab for IBM Cloud Pak allows customers to compose their DevOps solution using GitLab, with the IBM guarantee.
  • Support will be offered through IBM, providing help on pipeline running issues and working with GitLab support for more granular required assistance.