Vulnerability in GitLab’s API exposed confidential data

Popular web-based repository manager GitLab has fixed a bug with its API which may have exposed confidential data about projects.

An insecure direct object reference within the GitLab Events API made information such as private notes, merge requests, and issues available.

In a post, GitLab Director of Security Kathy Wang wrote:

“We discovered that this exposure dates back to June 22, 2017, with the 9.3 release. GitLab’s...

By Ryan Daws, 05 October 2018, 0 comments. Categories: Git, Industry, Platforms.

GitLab's shift from Azure to GCP is not due to ex-GitHub users

GitLab is shifting from Azure to Google Cloud but says its decision was not due to users who migrated from GitHub following its Microsoft acquisition.

Following the news of Microsoft’s acquisition of GitHub, traffic spiked of people using GitLab’s tool for importing projects from the world’s biggest Git service. It’s clear developers still have very...

By Ryan Daws, 26 June 2018, 0 comments. Categories: Cloud, Development Tools, Git, Industry, Platforms.

GitHub’s Learning Lab teaches developers how to collaborate

GitHub has introduced a new tool it’s calling ‘Learning Lab’ which teaches developers how to collaborate on code using its service.

In the company’s own words, “GitHub is more than a home for code. It’s a forum for collaboration, a sandbox for testing, a launchpad for deployment, and often, a platform for learning new skills.”

Learning how to use GitHub is almost essential for any developer — whether it’s for open-source projects, or for...

By Ryan Daws, 20 April 2018, 0 comments. Categories: Development Tools, Git.

GitHub was hit with the world’s largest DDoS attack

It went down for five minutes.

Yes, unlike the last record-breaking DDoS attacks, which caused disruption to major services for days — GitHub was able to quickly mitigate the attack so that few users would have even been aware of the downtime.

The attack was launched on Wednesday last week and GitHub was unavailable from 17:21 to 17:26 UTC. In

By Ryan Daws, 02 March 2018, 0 comments. Categories: Development Tools, Git, Hacking, Industry, Platforms, Security.

Apple suffers unprecedented leak as crucial iOS source code hits GitHub

Apple’s tight grip on its code has suffered a devastating blow as confidential iOS source code gets posted on GitHub.

The leaked iOS code is that of ‘iBoot’ which ensures a secure boot and is one of the most sensitive parts of the system. Its purpose is to load the kernel and verify everything is signed by Apple before it’s executed.

In fact, bugs in the boot process are such a concern that Apple values them at ~$200,000 as part of

By Ryan Daws, 08 February 2018, 0 comments. Categories: Apple, Git, Hacking, iOS, Platforms.

Microsoft will open source its 'Chakra' JavaScript engine

(Image Credit: Microsoft)

Microsoft has announced its decision to release its powerful 'Chakra' engine - used for JavaScript in the company's Edge browser – to the open source community. Although not the most surprising open source news in the past week, that award goes to Apple, it's a momentous step in helping to advance the engine.

With the intention to publish the ChakraCore repository to GitHub in...

By Ryan Daws, 07 December 2015, 0 comments. Categories: Git, Java, Languages, Windows.

Arcade emulator MAME aspires to be a 'learning tool for developers'

(Image Credit: iStockPhoto/micahmcdowell)

Popular arcade emulator, MAME, is becoming open-source in the hopes of becoming a learning tool for developers. Although the emulator's source code has been available for some time, it has been under a modified BSD license which prohibited commercial use of the code. 

MAME is going open source, if you have contributed in past and we still did...

By Ryan Daws, 18 May 2015, 2 comments. Categories: Gaming, Git, Industry, Testing.

Apple’s reported purchase and shuttering of FoundationDB angers developer community

Picture credit: Flickr/macwagen

Apple’s reported acquisition of database provider FoundationDB, only to then shut it down, has caused outrage among developers.

A quick look at the FoundationDB community page gives the following update: “Thank you for your support of FoundationDB over the last five years. We’re grateful to have shared our vision of building the best database software and we strongly value your participation in this community. We have made...

By James Bourne, 27 March 2015, 0 comments. Categories: Apple, Development Tools, Git.