The Shai-Hulud Cyber Worm and more thoughts on supply chain attacks.
Table of Contents first, a word about ecosystemsSpeed first.Still optimised for speed.Open Source Security Doesn’t Work the Way You Think It DoesThis matters more than people realise.The Inevitable AI in the MixEnter Shai-HuludThen it pivoted.The defining shift.This Is Also What ...
Table of Contents The Chaos and the CrowdFOSDEM isn’t a conference so much as a live snapshot of the open source ecosystem in action.Navigating the FirehoseSo why go in person when you could watch from your sofa?Trends and Tensions in …
Table of Contents Are you sitting comfortably?The CVE is (almost) not importantThe Inversion of the Security TimelineHabit vs. HypeThe Flawed Assumption of Loud AlertsPrioritising Changes Over StoriesThe main timelineAre we done?How the message dilutesA common scenerioWhat This Means to You …
Table of Contents In this article you’ll learnIntroductionWhat this article is aboutBack in the real worldCode FlowsA different type of waterfallUnpredictable as the weather?The idealised workflowThe ethics of vulnerability patchingUnreported is not safeDownstream’s responsibility to the ecosystemEnd of Life software …
Table of Contents Accountability Cannot Be OutsourcedThe AI Act: Europe’s Regulatory BeaconThe US: Executive Orders and Sector-Specific PushUK and China: Innovation vs ControlFollowing the tech …What’s Next? As we settle into 2025, legislation around AI and cybercrime is no longer …
Table of Contents 10x Insights on a different view of quality assuranceBugs costWhen’s the best time to find bugs?How should we really test?Changing the status quoThree challenges to overcomeWe have almost all the piecesTesting is multiI-dimensionalTortoise and the Hare vs …
This is part 2 of the interviews we recorded at the JCON conference earlier this month in Germany. In this episode, you get two main topics: Maven and Code Quality.
The “enlightenment roadmap” of a Java developer can be scary. How do you become the 10x Java Developer you always dreamed of becoming?
AI and Java what is there?, what can it do?, what do we want it to do?, Asking for your input readers. Share your thoughts at Foojay.io
Sonatype have just released the 9th edition of their State of the Software Supply Chain Report. I thought I’d pull out some highlights for Java Developers!
Friends of OpenJDK Community Survey. Kickoff and instructions for a community driven data gathering exercise.
- 1
- 2
The hottest #Java unconference in the world is coming back 27-31 July 2026 (starting evening of 26th). Deep discussions about Java and life. We are making some seats available using a lottery system. Draw will be on Friday the 20th Feb. Sign up here: https://www.jcrete.org/lottery
Confession: I usually lose the Flow switching between Quality Gates and Code 📉😅
But I connected @claudeai + #SonarQube via #MCP
Verify & Fix vulnerabilities without touching the mouse.
Zero context switching. Pure flow. 🚀
https://foojay.io/today/claude-code-sonarqube-mcp/
#Java #AI @foojayio
Hola Java devs! 👋 The #SonarQube AI Code Assurance #article is LIVE on @foojayio ! 🎉
Stop just finding bugs. 🛑 Use SonarQube's new AI "Magic Button" to auto-fix them instantly! 🤯🪄
Crush that tech debt fast. 🚀☕️ #Java #AI @SonarSource
https://foojay.io/today/sonarqube-part-4-ai-code-assurance/
