Release Radar · October 2017
We’re kicking off Cyber Security month with a few projects to help up your security game with the tools and know-how to protect yourself from common vulnerabilities. These are the…
We’re kicking off Cyber Security month with a few projects to help up your security game with the tools and know-how to protect yourself from common vulnerabilities.
These are the new projects and releases on our radar built to keep your code safe from across the GitHub community, help you work more efficiently, and have some fun with quadrotors.
Brakeman 4.0.0: Guard your Rails apps from threats
Brakeman is an open source static analysis tool that checks for security vulnerabilities in Ruby on Rails applications. It can guard against common web vulnerabilities like SQL injection, Cross-Site Scripting (XSS), Cross-Site Request Forgery (CSRF) attacks, and more.
Installation is simple. Run brakeman
against your Rails app, and guard against Little Bobby Tables and friends:
Possible SQL injection near line 1337:
User.first.where((((("username = '" + params[:user][:name].downcase) + "' AND password = '") + params[:user][:password]) + "'"))
OWASP Juice Shop 5.0.0: Discover new vulnerabilities
OWASP Juice Shop is an intentionally insecure web application written entirely in JavaScript covering the OWASP Top Ten and other severe security flows. The release notes introduce some of the new features and challenges like the NoSQL Injection challenge.
Why not level up your web security skills or host a Capture the Flag (CTF) event? OWASP Juice Shop is easy to install on Windows/MacOS/Linux. Choose from Node.js, Docker, or Vagrant to deploy.
Speaking of Vagrant…
Vagrant 2.0: Create and configure lightweight development environments
Vagrant is a tool for building, maintaining, and distributing development environments running on local virtualized platforms like VirtualBox or VMware. Use Vagrant in the cloud via AWS or OpenStack—or in containers like Docker or raw LXC.
Find out more about in the Vagrant 2.0 annoucement.
Did you know: Since the project began more than seven years ago, 750 contributors have helped move it forward.
Stories Untold Update #3: An experimental text adventure
In Stories Untold, viruses and cybersecurity are the least of your worries. This award-winning game from No Code Studio is a compilation of experimental text adventure games that’ll have you on the edge of your seat.
The latest release fixes a number of bugs and introduces support for macOS.
Did you know: Stories Untold started out as game jam entry for the Ludum Dare competition. The first episiode, originally called House Abandon, was built in a single weekend by just two people.
Voyager 1.0: Get help with administrative tasks
Voyager is an Admin Package for Laravel to enable CRUD tasks (creating, replacing, updating, or deleting) content. Well, they prefer BREAD (reading, editing, adding, and deleting content).
Read more in the 1.0 announcement blog post.
AirSim 1.0: Experiment with AI
AirSim is an open source simulator for drones, cars, and more available as a plugin for Unreal Engine. Developed by Microsoft Research AI, AirSim is a platform to experiment with deep learning, computer vision, and reinforcement learning algorithms for autonomous vehicles. Find out more or read the recently-published paper from the Field and Service Robotics conference on their website.
Did you know: Quadrotors were the first vehicles to be implemented in the platform, but there’s also support for self-driving cars—and you can take over the controls manually.
React v16.0: A JavaScript library for building user interfaces
React, a declarative JavaScript library for building component-based user interfaces for web and mobile recently released v16.0. This is the first version of React built on top of a new core architecture, codenamed “Fiber”. The v16.0 announcement post has all the details.
Installing or upgrading with Yarn is as easy as:
yarn add react@^16.0.0 react-dom@^16.0.0
Speaking of Yarn…
Yarn 1.0.0: Fast, reliable dependency management
Almost a year after it was initially released, the Yarn JavaScript dependency manager just hit 1.0.
At Facebook, Yarn has been adopted across many codebases including the main Facebook app and website, Instagram, Oculus, and WhatsApp. Yarn supports hundreds of thousands of package installs on our systems every day. It was designed to scale even when a project has hundreds or thousands of direct or transitive dependencies.
The 1.0 release introduces a number of new features like Workspaces, auto-merging of lockfiles, and a whole bunch of performance improvements and bug fixes to help developers move fast and ship software. Find out more in their blog post.
JGProgressHUD 2.0: Simple progress HUDs for iOS and tvOS apps
Build simple progress HUDs for iOS and tvOS apps with JGProgressHUD. It’s simple to use, has customizable styles, and there are plenty of examples to play with. A little Swift can go a long way:
let hud = JGProgressHUD(style: .dark)
hud.textLabel.text = "Loading"
hud.show(in: self.view)
hud.dismiss(afterDelay: 3.0)
Speaking of Swift…
Swift 4.0
Congratulations to the Swift team and to all the contributors working on Swift 4.0! Find out more about the release in announcement blog post, or check it out for yourself in this Xcode playground showcasing the new features in Swift 4.0.
Thanks to everyone building projects that make our community great. Are you releasing something exciting soon? We’d love to help you celebrate! Send a note to releaseradar@github.com.
Written by
Related posts
Students: Start building your skills with the GitHub Foundations certification
The GitHub Foundations Certification exam fee is now waived for all students verified through GitHub Education.
Announcing GitHub Secure Open Source Fund: Help secure the open source ecosystem for everyone
Applications for the new GitHub Secure Open Source Fund are now open! Applications will be reviewed on a rolling basis until they close on January 7 at 11:59 pm PT. Programming and funding will begin in early 2025.
Software is a team sport: Building the future of software development together
Microsoft and GitHub are committed to empowering developers around the world to innovate, collaborate, and create solutions that’ll shape the next generation of technology.