Threat Modeling the Supply Chain for Software Consumers – Open Source Security Foundation
By Jonathan Meadows In today’s digital landscape, the software supply chain security topic has certainly caught on in the mainstream with a surge of blogs, conference talks, presentations and startups actively engaged to help address this critical threat. We are also starting to see various frameworks and standards emerge to address this multifaceted puzzle as the number of supply chain attacks in
GitHub - Cicada-Software/cicada: A FOSS, cross-platform version of GitHub Actions and Gitlab CI
You signed in with another tab or window. Reload to refresh your session. You signed out in another tab or window. Reload to refresh your session. You switched accounts on another tab or window. Reload to refresh your session.
by Hugo Barra (former Head of Oculus at Meta) Friends and colleagues have been asking me to share my perspective on the Apple Vision Pro as a product. Inspired by my dear friend Matt Mullenweg’s 40th post, I decided to put pen to paper. This started as a blog post and became an essay before too long, so I’ve structured my writing in multiple sections each with a clear lead to make it a bit easier
Press Release: Future Software Should Be Memory Safe | ONCD | The White House
Leaders in Industry Support White House Call to Address Root Cause of Many of the Worst Cyber Attacks Read the full report here WASHINGTON – Today, the White House Office of the National Cyber Director (ONCD) released a report calling on the technical community to proactively reduce the attack surface in cyberspace. ONCD makes the case that technology manufacturers can prevent entire classes of vu
101. A Philosophy of Software Design (2/3) w/ twada | fukabori.fm
MP3ファイルをダウンロード 内容紹介 twadaさんをゲストに、A Philosophy of Software DesignをテーマにしたエピソードのPart2です。今回は「例外」についてひたすら語っていただきました。 出演者 話したネタ 書籍:A Philosophy of Software Design, 2nd Edition 書籍における例外・エラーの扱い Define error out of existence 例外はなぜ複雑性を増大させるのか? プロダクションレベルのコードにおけるエラーハンドリングの分量 結果に着目する設計へのシフト 防御的プログラミングとは Design by Contract エラーを適切に出すための「適切」とは その例外は回復可能なものかどうか?プログラミングミスなのか?という観点 エラーの運用側への通知 例外のバッドパターン:例外を catch
In recent years, it would appear that data engineering is converging with DevOps. Both have embraced cloud infrastructure, containerization, CI/CD, and GitOps to deliver reliable digital products to their customers. The convergence on a subset of tooling has led many to the opinion that there is no significant distinction between data engineering and software engineering. Consequently, the fact th
Statements of Support for Software Measurability and Memory Safety | ONCD | The White House
Read the full report here Read the fact sheet here Today, the Office of the National Cyber Director released a new Technical Report titled “Back to the Building Blocks: A Path Toward Secure and Measurable Software.” This report builds upon the President’s National Cybersecurity Strategy, addressing the technical community to tackle undiscovered vulnerabilities that malicious actors can exploit. Le
Finished software
One of the driving aspirations behind once.com is the notion that not all software needs to evolve forever. We’ve become so used to digital services being malleable that we’ve confused the possibility of software updates with their necessity. Some software can simply be finished, and a lot would be better if it were. That’s basically the antithesis of SaaS. Which relies on the pitch that the syste
GitHub - ZachGoldberg/Startup-CTO-Handbook: The Startup CTO's Handbook, a book covering leadership, management and technical topics for leaders of software engineering teams
You signed in with another tab or window. Reload to refresh your session. You signed out in another tab or window. Reload to refresh your session. You switched accounts on another tab or window. Reload to refresh your session. Dismiss alert
10 hard-to-swallow truths they won't tell you about software engineer job
Last weekend I had a chance to talk with some students who just got their degree. They are pursuing their first software engineer job. In conversation with them, I learned that they have a pretty wrong perception of this job. This is because the reality for these new kids is so skewed. They only see good pay, remote work, team building, and pizza parties. These are all good perks, but no one is ta
Free software pioneer Stallman reveals cancer diagnosis
A changed RMS appeared at the GNU 40th anniversary event in Switzerland Richard Stallman has revealed he is undergoing treatment for non-Hodgkin lymphoma, a form of cancer of the white blood cells, but says that his prognosis is good. The 70-year-old Stallman appeared at the GNU Project's 40th anniversary celebration in Switzerland on Wednesday a very changed figure. The GNU project is currently c
InfoQ Software Architecture and Design Trends Report - April 2024
InfoQ Software Architects' Newsletter A monthly overview of things you need to know as an architect or aspiring architects. View an example
Lichee Console 4A RISC-V devkit testing - Part 2: benchmarks and features in Debian 12 - CNX Software
Lichee Console 4A RISC-V devkit testing – Part 2: benchmarks and features in Debian 12 When checking out the hardware of the Lichee Console 4A portable RISC-V development terminal in the first part of the review, I noted that I had some troubles with the display that did not work properly. I did a little massage to “fix” the display, but unsurprisingly it ended up not being a long-term solution. S
2024年4月18日紙版発売 2024年4月18日電子版発売 B5判/192ページ 定価1,562円(本体1,420円+税10%) Amazon 楽天ブックス ヨドバシ.com Fujisan(定期購読のみ) 電子版 Gihyo Digital Publishing Amazon Kindle 本書のサポートページサンプルファイルのダウンロードや正誤表など 第1特集 型を制する者はTypeScriptを制す もっとTypeScriptの力を引き出そう TypeScriptは大規模開発を目的として,静的型付けの機能を中心にJavaScriptを拡張した言語だと言われています。ですが,TypeScriptの型システムが秘めている力はそれにとどまりません。 本特集では,TypeScriptにおける型の扱い方を基礎から解説し,TypeScriptを本格的に使ううえで避けて通れないUnion型,構造
From many to one: Moving our JavaScript code into a monorepo | Aha! software
Aha! Develop is for healthy enterprise development teams — that use scrum, kanban, and SAFe frameworks Learn more Do we need a monorepo? When I first joined Aha!, I was surprised by how well-structured the engineering onboarding program was. I spent several weeks getting to know all the teams and learning the pieces of our system. What I didn't realize at the time was these onboarding conversation
「Software Design 2023年12月号」に食べログのChatGPT特集を寄稿しました - Tabelog Tech Blog
食べログのメディア領域でサービス開発のエンジニアリングマネージャーをしている関戸です。 2023年11月17日(金)発売のSoftware Design 2023年12月号にて、ChatGPT特集の記事を寄稿しました。1つの特集をすべて食べログが担当し、3章構成で合計26ページの寄稿となりました。本記事では、寄稿のきっかけと記事の概要、おすすめポイントをご紹介します。 ChatGPTをはじめとした生成AIの企業における活用の概論を踏まえた上で、食べログで事業活用を進める中で得られた学びやノウハウをお伝えする内容になっています。 本寄稿のきっかけ ChatGPTに対する関心が高まる中で、食べログChatGPTプラグインについてのプレスリリースやTech Blog記事を見てお声がけいただきました。 プレスリリース:食べログ、ChatGPTプラグインの提供を開始 Tech Blog記事:日本初の
OpenAI Software Engineer Salary | $549K-$906K+ | Levels.fyi
Software Engineer compensation in United States at OpenAI ranges from $549K per year for L4 to $906K per year for L5. The median compensation in United States package totals $904K. View the base salary, stock, and bonus breakdowns for OpenAI's total compensation packages. Last updated: 4/8/2024
Cisco Systems(以下、Cisco)は2023年10月16日(現地時間)、ネットワーキングソフトウェア「Cisco IOS XE Software」のWeb UI機能に脆弱(ぜいじゃく)性が存在すると伝えた。 サイバー攻撃者がこれを悪用すると、影響を受けたシステムにおいて特権レベルアクセス15のアカウントを作成でき、遠隔からシステムの制御権を乗っ取ることが可能になる。 CiscoはWeb UIの脆弱性を「CVE-2023-20198」として特定するとともに、深刻度を共通脆弱性評価システム(CVSS)のスコアで最大の「10.0」とし、「緊急」(Critical)と評価している。この脆弱性は積極的に悪用されていることが確認されており、迅速な対応が求められる。 Web UI機能は「ip http server」や「ip http secure-server」といったコマンドで有効化でき
『Software Design 2023年11月号 追悼 Bram Moolenaar Vimへの情熱と貢献を振り返る』を読んだ - Magnolia Tech
Software Design (ソフトウェアデザイン) 2023年11月号 [雑誌] 技術評論社Amazon gihyo.jp 長年お世話になっているVim、その作者である Bram Moolenaar 氏が亡くなった。その追悼記事をMattnさんがSoftware Design 2023年11月号に書かれている。 Vimの開発の歴史から、Vimの開発スタイル、Bram 氏の人となりがわかる、とても良い記事だった。 Vim Confに来たのが実は一回だけだったというのも知らなかった(行けばよかった...) 一人のエンジニアに対して追悼企画がされる、というのは、それだけ残したものが大きかったのだろう。 Mattn氏も含めたメンテナンスチームが開発を引き継いで、さらに開発が続けられていくのが、ソフトウェアの一つの良い点なんじゃないかと思った。
List of formerly open-source or free software - Wikipedia
This article needs additional citations for verification. Please help improve this article by adding citations to reliable sources. Unsourced material may be challenged and removed. Find sources: "List of formerly open-source or free software" – news · newspapers · books · scholar · JSTOR (October 2021) (Learn how and when to remove this template message) This is a list of notable software package
5 Lessons I learned the hard way from 6 years as a software engineer
Hey there, Jordan here 👋. You’re probably familiar with most of my articles being a “how-to” guide. Those guides come from my real-world experience and lessons I learned—usually from mistakes I made. This article is going to cover the 5 biggest lessons I had to learn the hard way through feedback that surprised me. Each of these shaped the engineer I am today. Hopefully, sharing these lessons wit
ソフトウェアの設計を学び、メンテナンスしやすいテストを作ろう / Learn software design, Create tests that are easy to maintain
2023/12/9 ソフトウェアテスト自動化カンファレンス2023の発表資料です。
10 Things Software Developers Should Learn about Learning – Communications of the ACM
The dashed box on the left contains exactly the same information as the awkward textual description in the dashed box on the right. But if a developer only received one of the two to create an SQL database, they are likely to find the diagram easier than the text. We say that the text here has a higher extraneous cognitive load. When faced with a task that seems beyond a person’s abilities, it is
A Philosophy of Software Design, 2nd Edition (English Edition)英語版 John K. Ousterhout (著) 形式: Kindle版 Amazon.co.jpで詳細を見る 良い設計をするためのコンセプトを解説した本。類書はいろいろとあるが、自分が読んだものの中では一番良かった。ソフトウェアエンジニアリングを行う人には広くおすすめできる。コンパクトですぐに読み切れるのも良い。 複雑さをいかに削減するかという観点と、その対策としての深いモジュールというコンセプトを導入し、この軸ですべての章を論じている。筋が通っていて読みやすいし、納得感も高い これらのコンセプトを通して、従来は良しとされているプラクティスの再検討も行っていて、こちらも面白く納得しながら読めた。例えばできるだけメソッドは小さくするという慣習や、Clean Cod
Asset Management Made Simple | Shelf - Free Open Source Asset Management Software
📅 Plus, Team and Premium plans will have a price increase on Q1 2024 - Be fast and lock in your subscription on the current pricing today!
基礎から学ぶコンテナセキュリティ――Dockerを通して理解するコンテナの攻撃例と対策 (Software Design plusシリーズ) | 森田 浩平 |本 | 通販 | Amazon
*Amazon.co.jp発送商品の注文額 ¥3,500以上は非会員も無料 無料体験はいつでもキャンセルできます。30日のプライム無料体験をぜひお試しください。
Kanban: A Project Management Approach to Software Development
Kanban is a popular agile project management framework. Kanban methodology shares a few similarities with Scrum, primarily in terms of its focus on early release through collaborative and self-management teams. The origin of the Kanban concept goes back to the production line of Toyota factories during the 1940s. Kanban methodology is highly visual. This visualization helps develop optimal results
Guide for Foreigners to Find Software Developer Jobs in Japan
Guide for Foreigners to Find Software Developer Jobs in Japan Have you ever wondered what it would be like working in Japan as a software developer? This article is about finding a tech, specifically an Information Technology job in Japan, including software development and other software engineering positions. Most of us wish to travel to other countries, experience different cultures and learn a
If you're interested in pursuing a software developer job in Japan and wondering about the salary prospects, this article will provide you with valuable information. We'll explore various aspects of IT jobs in software development in Japan, including front-end, back-end, and full-stack positions. While being bilingual in Japanese is advantageous, it's worth noting that there is also a significant
Learn about git objects, plumbing commands and more
InfoQ Software Architects' Newsletter A monthly overview of things you need to know as an architect or aspiring architects. View an example
In order to knit a new scarf using this software: Load it from Github pages: https://alefore.github.io/knit/ Optionally, save a local copy. I recommend using a local copy as a way to freeze the version you're working on. I may change the implementation. Make sure all files (including the JavaScript logic) are saved and loaded from your copy (rather than just the index.html entry point). Optionally
Forty years of GNU and the free software movement — Free Software Foundation — Working together for free software
You are here: Home › FSF News › Forty years of GNU and the free software movement BOSTON, Massachusetts, USA -- September, 18, 2023 -- On September 27, the Free Software Foundation (FSF) celebrates the 40th anniversary of the GNU operating system and the launch of the free software movement. Free software advocates, tinkerers, and hackers all over the world will celebrate this event, which was a t
For the past 25 years, application software startups have had a singular focus: increasing company and employee (including developer) productivity. This looked like building software that increased productivity at the employee level, increased collaboration across employees and teams, and/or enabled better oversight and management at the leadership level. More often than not, this software has bee
Engineer’s Codex is a publication about real-world software engineering. Subscribe now I recently built and designed a massive service that (finally) launched successfully last month. During the design and implementation process, I found that the following list of “rules” kept coming back up over and over in various scenarios. These rules are common enough that I daresay that at least one of them
j次のブックマーク
k前のブックマーク
lあとで読む
eコメント一覧を開く
oページを開く
Vision Pro is an over-engineered “devkit” // Hardware bleeds genius & audacity but software story is disheartening // What we got wrong at Oculus that Apple got right // Why Meta could finally have its Android moment
Sequence diagrams, the only good thing UML brought to software development
Data Engineering is Not Software Engineering
Santiago on X: "Scrum is a cancer. I've been writing software for 25 years, and nothing renders a software team useless like Scrum does. Some anecdotes: 1. They tried to convince me that Poker is a planning tool, not a game. 2. If you want to be more effi
「AMD Radeon」ユーザーモードドライバーに2件の脆弱性 ~「AMD Ryzen」にも影響/任意のコードを実行される恐れ、「AMD Software」のアップデートを
Software Design 2024年5月号
Bertrand Meyer on X: "We lost a titan of programming languages, programming methodology, software engineering and hardware design. Niklaus Wirth passed away on the first of January. We mourn a pioneer, colleague, mentor and friend."
CVSSは「10.0」 Cisco IOS XE Softwareに「緊急」の脆弱性、回避策は未提供
BACK TO THE BUILDING BLOCKS: A PATH TOWARD SECURE AND MEASURABLE SOFTWARE | FEBRUARY 2024 | THE WHITE HOUSE
読書メモ: A Philosophy of Software Design
Are Software Jobs Well-Paying in Japan
The Software Pro's Best Kept Secret.
How to Become a High-Performing Software Team
GitHub - alefore/knit: Software for knitting
AI startups: Sell work, not software
4 Software Design Principles I Learned the Hard Way