La Grande Observer

Introducing Chainguard Libraries: Guarded Java Language Dependencies Built from Source

New product line provides a catalog of the 20,000 most popular Java projects with end-to-end integrity, furthering Chainguard’s mission to be the safe source for open source “Developers need a better ...
ZDNet

More than 75% of all vulnerabilities reside in indirect dependencies

The vast majority of security vulnerabilities in open-source projects reside in indirect dependencies rather than directly and first-hand loaded components. "Aggregating the numbers from all ...
SiliconANGLE

Chainguard introduces Java libraries for secure language dependency management

Secure software supply chain solution provider Chainguard Inc. today announced Chainguard Libraries, a new product line that offers secure language libraries for Java built directly from source in ...
Yahoo Finance

Hopper Uncovers Over 2.5 Million Vulnerabilities Hidden in Java

In a blog post titled "Fifty Shades of JAR: A Love Story Between Devs and CVEs," the Hopper team analyzed more than 16 million Java artifacts from Maven Central, uncovering a widespread industry blind ...
TheServerSide

What is Maven in Java? Crash course tutorial for beginners

Community driven content discussing all aspects of software development from DevOps to design patterns. Apache Maven is a Java build tool and dependency management engine that simplifies the ...
Computer Weekly

Virtually all vulnerable open source downloads are avoidable

Open source consumers are downloading about 1.2 billion known vulnerable Java dependencies every month, and whether out of lack of attention, ignorance, stress and overwork or something else, 96% of ...
PC World

Review: JArchitect analyzes Java code, revealing structures, dependencies, and design flaws

JArchitect provides valuable analysis and information, but the cost means this is not a casual purchase, if you’re spending your own money and not your company’s. Once you get past “Hello World,” code ...