神刀安全网

The top 14 new open source projects

The top 14 new open source projects

See larger image

Open source rookies of the year

Welcome to the eighth edition of the Black Duck Open Source Rookies of the Year awards . Each year, Black Duck reviews the world of open source and recognizes the best new projects launched during the past year — and since 2014, we’ve published the results on InfoWorld.

Most of the top projects in this year’s Rookies are sponsored and contributed to by for-profit companies. Some projects are adjuncts to their sponsors’ core products or offshoots of internal development initiatives, while others drive development of the core products themselves. Generally, the award winners reflect three industry trends:

Voyage of the Docker container ship: Docker, a previous Open Source Rookies of the Year selection , has established containers and devops as heirs apparent to server virtualization. The Docker ecosystem continues to expand, with several projects, including ones sponsored by Red Hat and Capital One.

The rise of open collaboration:The success of Facebook messaging and Skype for personal use fuels demand for similar solutions in the office, with real-time tools like Slack and GoToMeeting gaining broad adoption. Those proprietary solutions face competition from open source alternatives, which promise all the same features of the originals without the lock-in.

The renaissance of artificial intelligence:We may be a long way away from truly sentient machines, but deep learning techniques are enabling computers to teach themselves by using multiple processing layers to model the neural network of a human brain.

The top 14 new open source projects

See larger image

Rocket.Chat

Rocket.Chat is an open source Web chat platform built for communities and companies that want to host their own chat service. The Rocket.Chat team has taken a modular “package” approach, enabling Rocket.Chat to offer an impressive array of features aimed at making real time communications work — from simple messaging and emoji support to face-to-face videoconferencing, multiuser audio conferences, screen sharing, and more. Rocket.Chat provides native desktop applications for OS X, Windows, and Linux, with mobile apps for iOS and Android. It even has a native Firefox OS application for both desktop and mobile. And because it’s open source, Rocket.Chat is a great option for developers looking to build and evolve their own chat platform.

The top 14 new open source projects

See larger image

Mattermost

Another open source alternative to Slack is Mattermost , whose story begins with the company’s origins as an HTML5 game developer. Initially built as a games portal and messaging app to reach gamers outside Facebook, Mattermost was recast as a collaboration solution when the company tried to change its internal messaging service, only to find its archives “held for ransom” by the provider. The result is an open source, on-premises Slack alternative written in Go and React.

Mattermost consolidates all team communication into one place through an intuitive interface that’s searchable and accessible anywhere. Users share messages and files across phones and PCs, keeping vital communications within the safety of a private IT infrastructure. Mattermost interfaces are Slack-compatible and provide access to third-party software created for Slack. The company offers two versions, one designed to support teams of one to 50, and another for organizations with hundreds or thousands of users.

The top 14 new open source projects

See larger image

Hubl.in

Videoconferencing solutions like WebEx and GoToMeeting have become standard tools in many office environments. These solutions have historically relied on proprietary desktop applications, but new Web browser capabilities are changing that.

Enter Hubl.in , a free and open source video conferencing solution from the open source software company Linagora, makers of the OpenPaaS collaboration platform. Hubl.in takes real-time communication to the next level by enabling free browser-based video conferencing without requiring a plug-in. The OpenPaaS team boasts, “if you can read this page, you can probably use Hubl.in right now.” Hubl.in is based on WebRTC, which enables decentralized communication between browsers. This means your videoconference is not streamed to Hubl.in in any way, increasing security and providing an additional layer of privacy.

The top 14 new open source projects

See larger image

MXNet

Deep learning techniques aim to teach computers to teach themselves by using multiple processing layers to model the neural network of a human brain, then feeding the network with large quantities data to learn from.

MXNet is a lightweight deep learning library created by DMLC, the people behind CXXNet, Minerva, and Purine2. It applies lessons learned from those projects to mix symbolic and imperative programming. At its core, MXNet uses a dynamic dependency scheduler that automatically parallelizes both symbolic and imperative operations on the fly. A graph optimization layer built on top makes MXNet both fast and memory-efficient. The library is portable and lightweight, and it readily scales to multiple GPUs and machines; it can even run such tasks as image recognition on a smartphone. The DMLC group is dedicated to making large-scale, open source machine learning widely available. To that end, MXNet also contains a collection of blueprints and guidelines for building deep learning systems.

The top 14 new open source projects

See larger image

Bazel

Enterprises of all sizes know they need to develop software quickly and efficiently to stay competitive. Google is very good at this, so to spread the wealth, it has released Bazel , a subset of its internal software build system.

Bazel aims to accelerate the build process and increase reliability through a shared code repository in which all software is built from source. It automates testing and releases, using both parallelism and caching to speed processing, and is particularly suited for projects with large codebases, multiple languages, multiple platforms, and extensive testing. Bazel’s core features have undergone thorough testing in the demanding work environment at Google. Its current iteration supports Linux and OS X, but not Windows.

The top 14 new open source projects

See larger image

React Native

Developers of mobile apps face a difficult decision: Should they build using native tools for Android, iOS, and the rest, or opt for a cross-platform solution? On the one hand, native apps are faster and offer a better user experience. But developing native apps means writing the same app at least twice in very different languages and frameworks. Cross-platform tools, typically for JavaScript coders, enable apps to be written only once, but those apps often perform poorly and serve up substandard user interfaces.

React Native , an open source project sponsored by Facebook, lets you have it both ways. A framework for building native applications using the React JavaScript library, React Native enables application logic to run in JavaScript, but keeps the user interface fully native across both iOS and Android. For developers, React Native represents a paradigm shift in how to approach mobile app development: “Learn once, write anywhere.”

The top 14 new open source projects

See larger image

Kontena

Docker containers are revolutionizing the way devops teams package and deploy applications, but many organizations still struggle to orchestrate container management at scale.

Enter Kontena , an open source container management solution “built to maximize developer happiness.” Kontena features a host of proven technologies and features for accelerating container development and breaking barriers to successful deployment: multihost, multi-AZ container orchestration, Weave overlay network technology, VPN access to backend containers, and an intuitive application deployment workflow. Kontena offers everything a company needs to develop, deploy, and monitor containerized systems. It can be installed into any cloud infrastructure, is fully open source, and will soon expand beyond Docker to support Windows containers, CoreOS rkt, and other container technologies.

The top 14 new open source projects

See larger image

Nulecule

Docker’s Open Container Initiative may have streamlined application packaging, but it can still be difficult to manage asset dependencies and relationships through every instance of a multicontainer application.

Nulecule is a specification for packaging complex multicontainer applications while ensuring smooth deployment across all instances. Sponsored by Red Hat, Nulecule offers a holistic system for managing the description and transportation of asset relationships. Most container orchestration systems treat multicontainer applications as individual components rather than as a larger entity. This approach limits flexibility and portability for the whole application. By contrast, Nulecule’s composite container-based application specification creates a standardized way to describe and package multicontainer applications while including all dependency references and orchestration metadata within each container image.

The top 14 new open source projects

See larger image

InSpec

The devops workflow is often cluttered with tricky, complicated compliance protocols that slow development and frustrate software engineers. InSpec eases the path to release by automating the compliance testing process to make compliance an integral part of the development lifecycle.

An open source framework for specifying compliance, security, and policy requirements, InSpec offers a host of sophisticated features, including tests specifically targeted to compliance issues, metadata tags for prioritizing controls, and a command-line interface to run tests quickly and efficiently. Users write controls with InSpec’s specially designed, human- and machine-readable language. InSpec then flags any security, compliance, or policy issues it detects according to those inputs. And because the inspection framework runs locally on the node being inspected, InSpec can examine any node in an infrastructure system.

The top 14 new open source projects

See larger image

Hygieia

The tech giants aren’t alone in investing in open source. This year Capital One went searching for a devops dashboard, but found both commercial and open source solutions lacking. So the company built its own: Hygieia , an enterprise devops dashboard released last year as an open source project on GitHub.

Capital One uses Hygieia during software development to give teams and leaders a simple, accessible snapshot view of the whole devops process. Rather than covering only a portion of the development process, as most conventional dashboards do, Hygieia offers a comprehensive overview via two view methods: widget view and pipeline view. Widget view reveals more detailed information: features in the current sprint, code contribution activities, continuous integration activities, code analysis, security analysis, unit and functional test results, and deployment and environment status. The pipeline view pulls back to show each component’s lifecycle progression through development, testing, and deployment stages.

The top 14 new open source projects

See larger image

Glucosio

When open source contributor Benjamin Kerensa was diagnosed with Type 2 diabetes in May 2015, he realized no open source tools existed to track glucose levels or other metrics for people like him. That September, Kerensa and a small team of developers released Glucosio, the first open source diabetes monitoring application.

Glucosio users enter and track blood glucose levels and get helpful tips through an in-app assistant that prompts users to stay hydrated or check their blood sugar. Users can even contribute to diabetes research by opting to submit anonymous demographic or personal glucose trend information. Kerensa and the Glucosio team are dedicated to providing free, user-centered apps for diabetes management and research. Glucosio is currently available in 20 languages and has been downloaded in every continent. Kerensa also plans to offer a free API for researchers to access anonymized diabetes data from users who opt in to the program.

The top 14 new open source projects

See larger image

Honorable Mention: Vault

San Francisco-based HashiCorp is best known for Vagrant, a tool to create and configure lightweight, portable development environments. HashiCorp’s new open source Vault project calls itself a tool for "securely managing secrets": API keys, passwords, certificates, employee credentials, and other sensitive resources.

Vault encrypts and decrypts data without storing it, allowing security teams to define encryption parameters and giving developers the power to store encrypted data without having to design their own encryption methods. Vault can even generate secrets on demand for AWS or SQL databases, then automatically revoke these dynamic secrets after their terms are up. Through a unified access interface, tight access control, and detailed audit logs, users can be confident their secrets are safe.

The top 14 new open source projects

See larger image

Honorable Mention: RancherOS

Rancher Labs has developed a highly efficient way to run containers: an operating system in miniature, with everything needed to run containers and nothing more. RancherOS is a 20MB Linux distribution specially designed to be the easiest way to manage Docker containers. The idea is similar to that of CoreOS, but with a twist: Everything within RancherOS runs as Docker containers — even the operating system itself.

RancherOS runs Docker directly on top of the Linux Kernel and distributes all user-space Linux services as Docker containers, resulting in two system instances. The System Docker instance initiates all system services (udev, DHCP, the console), each of which run in a container. The User Docker instance creates unique user containers within the larger User Docker container. RancherOS delivers updates and features through containers and can host container management platforms (such as Rancher Labs’ Rancher system) at any scale.

The top 14 new open source projects

See larger image

Honorable Mention: OWASP Security Knowledge Framework

OWASP (Open Web Application Security Project) Foundation is a nonprofit community that provides resources and tools for Web application security. Many Web developers aren’t aware of the security risks and vulnerabilities they face. To that end, the OWASP SKF (Security Knowledge Framework) provides a free, open source Web app security system, which also serves as a training tool to teach developers about application security.

The SKF supports software developers throughout the product lifecycle, ensuring security in both predevelopment and postrelease updates. OWASP-SKF analyzes the processing techniques that developers use to edit their data, then matches those patterns to known security vulnerabilities. After providing descriptions of linked vulnerabilities and offering feedback on how to implement solutions, the SKF validates that security fixes were implemented correctly.

转载本站任何文章请注明:转载至神刀安全网,谢谢神刀安全网 » The top 14 new open source projects

分享到:更多 ()

评论 抢沙发

  • 昵称 (必填)
  • 邮箱 (必填)
  • 网址
分享按钮