Chromium will support third-party Rust libraries

Google has announced that it will allow third-party Rust libraries in its Chromium open-source browser project.

Chrome security team member Dana Jansens published a blog post on Thursday announcing the decision.

Jansens says that Google is now actively pursuing adding a production Rust toolchain to its build system.

“Our goal in bringing Rust into Chromium is to provide a simpler (no IPC) and safer (less complex C++ overall, no memory safety bugs in a sandbox...

13 January 2023 | Languages

Sonatype Lift uses deep code analysis to suggest bug fixes

Sonatype has launched a new deep code analysis platform called Lift which can detect a wide range of bug types.

Lift detects bugs ranging from style issues to complex coding errors commonly found in first-party source code and third-party open source libraries.

Research from Veracode last year found that open-source libraries cause security flaws in around 70 percent of apps. However, open-source libraries are often critical to projects.

Using a deep code...

17 June 2021 | Development Tools

Veracode: Open-source libraries cause security flaws in 70% of apps

Research from Veracode suggests that 70 percent of apps have security flaws due to their use of open-source libraries.

The application security firm set out to determine the risk one flawed library can pose to software. For its The State of Software Security (SOSS): Open Source Edition report, Veracode analysed 351,000 libraries across the Veracode platform database of 85,000 applications.

On an initial scan, 70 percent of applications were found to have a security flaw...

27 May 2020 | Hacking & Security