Ecosystems

Interested in ecosystem-specific posts? We’ve got your back! Read through our posts and learn how security impacts your environment.

64% of developers report that Java 8 remains the most often used release

Welcome to our annual JVM ecosystem report! This report presents the results of the largest annual survey on the JVM ecosystem, showing results from the survey gathering over 2000 responses in the second half of 2019. We would like to thank everyone who participated and offered their insights on Java and JVM-related topics. This report […]

February 5, 2020

Spring dominates the Java ecosystem with 60% using it for their main applications

Welcome to our annual JVM ecosystem report! This report presents the results of the largest annual survey on the JVM ecosystem, showing results from the survey gathering over 2000 responses in the second half of 2019. We would like to thank everyone who participated and offered their insights on Java and JVM-related topics. This report […]

February 5, 2020

IntelliJ IDEA dominates the IDE market with 62% adoption among JVM developers

Welcome to our annual JVM ecosystem report! This report presents the results of the largest annual survey on the JVM ecosystem, showing results from the survey gathering over 2000 responses in the second half of 2019. We would like to thank everyone who participated and offered their insights on Java and JVM-related topics. This report […]

February 5, 2020

Angular vs React: the security risk of indirect dependencies

Welcome to Snyk’s State of JavaScript frameworks security report 2019. In this section, we review the security risk of the indirect independencies for both Angular and React, and then we also review the direct dependencies, first for Angular and then for React. The modules reviewed in this part do not represent a complete list of […]

October 30, 2019

Comparing React and Angular secure coding practices

Welcome to Snyk’s State of JavaScript frameworks security report 2019, this section of the report is about Angular and React projects overall security posture. In this section, we explore both the Angular and the React project security postures. This includes secure coding conventions, built-in in secure capabilities, responsible disclosure policies, and dedicated security documentation for […]

October 30, 2019

JavaScript frameworks security report 2019

Welcome to Snyk's State of JavaScript frameworks security report 2019. In this report, we investigate the state of security for both the Angular and React ecosystems, looking at best practices, secure coding, and security vulnerabilities in React, Angular, and other frontend projects such as Bootstrap, Vue.js, and jQuery. Inside you will find the report in it's digital format as a PDF to download and review offline.

October 30, 2019

84% of all websites are impacted by jQuery XSS vulnerabilities

Welcome to Snyk’s State of JavaScript frameworks security report 2019. In this blog post we’ll review security vulnerabilities found in other frontend ecosystem projects. After reviewing Angular and React as major JavaScript frameworks, we’ll take a brief review of selected JavaScript and CSS frameworks: Vue.js, jQuery and Bootstrap. jQuery security jQuery took web development by […]

October 30, 2019

2019 side-by-side comparison of Angular and React security vulnerabilities

Welcome to Snyk’s State of JavaScript frameworks security report 2019. In this section, we review the impact that security vulnerabilities can have by looking at the severity, CVSS scores and more over the years for both Angular and React. Furthermore, we look into the time it takes for the vulnerabilities in each framework to be […]

October 30, 2019

Angular vs React: security bakeoff 2019

Welcome to Snyk’s State of JavaScript frameworks security report 2019. Let’s begin this report by exploring the different security vulnerabilities found in the core Angular and React projects. We then review the severity breakdown for each of the vulnerabilities and we inspect the differences between the two. Lastly, for both projects, we review the time […]

October 30, 2019

10 Java security best practices

In this cheat sheet edition, we’re going to focus on ten Java security best practices for both open source maintainers and developers. This cheat sheet is a collaboration between Brian Vermeer, Developer Advocate for Snyk and Jim Manico, Java Champion and founder of Manicode Security. We recommend you print out the cheat sheet and also […]

September 16, 2019

10 Eclipse plugins you shouldn’t code without

Developers primarily work from their favorite IDE (integrated development environment). For that reason, good IDE extensions and plugins are becoming more and more important. For this blog, I examined Eclipse IDE plugins and then narrowed it down to the top 10 most helpful plugins that I have added to my own toolkit. You can download […]

August 15, 2019