Open Source

Everyone loves open source, and for good reason. We want to help you use open source and stay secure. Read more to learn how this is achievable!

Shifting responsibly left with the enhanced Snyk security gating on pull requests

We’re pleased to announce we’ve enhanced Snyk’s security and license testing for pull requests to better support shift-left security and secure development workflows! Pull requests, are the backbone of GitHub-based development workflows, making it easier to collaborate on projects. Individual contributors can share changes they’ve pushed to a branch in a repository, discuss them with […]

March 31, 2020

Top 5 reasons why everyone should be using an open source vulnerability scanner

Cybercrime is on the mind of every business — from the largest enterprise to small and mid-sized companies that may have limited technical expertise. Minimizing risk and controlling vulnerability must start from the very beginning of website development.  Cybercrime resulted in business losses exceeding $2 trillion in 2019 alone. Much of this loss involved small […]

March 26, 2020

The State of Open Source Security Survey – 2020

Snyk is currently building our annual State of Open Source Security report and we want to hear from you! Complete this brief survey to help guide our research.

March 25, 2020

Snyk partners with the makers of Greenkeeper to help developers proactively maintain dependency health 

We’re pleased to announce the graduation of Automatic Dependency Upgrades, a Snyk Open Source capability that helps developers proactively reduce security vulnerabilities and maintain dependency health when using open source software. Automatic Dependency Upgrades is the result of an exciting new partnership between Snyk and Neighbourhoodie Software, who are the makers of Greenkeeper and developer […]

March 5, 2020

Automating remediation for vulnerabilities in Python dependencies using Snyk

We’re pleased to announce improved support for Python in Snyk Open Source, allowing developers to remediate vulnerabilities in dependencies with the help of automated fix pull requests! The Python Packaging Index (PyPI) had more than 14 billion downloads during 2018, a staggering number by any account (because of a mid-year error in the PyPI statistics […]

February 26, 2020

Ghostcat breach affects all Tomcat versions

Apache Tomcat is an open source implementation of the Java Servlet, JavaServer Pages, Java Expression Language, and Java WebSocket technologies. Tomcat is one of the most popular Java HTTP web server environments and was released in 1998. Ghostcat is a high severity vulnerability in Tomcat discovered by the security researchers of Chaitin Tech on January […]

February 25, 2020

JVM Ecosystem Report 2020

Welcome to our annual JVM ecosystem report! This report presents the results of the largest annual survey on the JVM ecosystem, showing results from the survey gathering over 2000 responses in the second half of 2019. We would like to thank everyone who participated and offered their insights on Java and JVM-related topics. This report […]

February 5, 2020

36% of developers switched from Oracle JDK to an alternate OpenJDK distribution, over the last year

Welcome to our annual JVM ecosystem report! This report presents the results of the largest annual survey on the JVM ecosystem, showing results from the survey gathering over 2000 responses in the second half of 2019. We would like to thank everyone who participated and offered their insights on Java and JVM-related topics. This report […]

February 5, 2020

Kotlin overtakes Scala and Clojure, to become the 2nd most popular language on the JVM

Welcome to our annual JVM ecosystem report! This report presents the results of the largest annual survey on the JVM ecosystem, showing results from the survey gathering over 2000 responses in the second half of 2019. We would like to thank everyone who participated and offered their insights on Java and JVM-related topics. This report […]

February 5, 2020

64% of developers report that Java 8 remains the most often used release

Welcome to our annual JVM ecosystem report! This report presents the results of the largest annual survey on the JVM ecosystem, showing results from the survey gathering over 2000 responses in the second half of 2019. We would like to thank everyone who participated and offered their insights on Java and JVM-related topics. This report […]

February 5, 2020

Spring dominates the Java ecosystem with 60% using it for their main applications

Welcome to our annual JVM ecosystem report! This report presents the results of the largest annual survey on the JVM ecosystem, showing results from the survey gathering over 2000 responses in the second half of 2019. We would like to thank everyone who participated and offered their insights on Java and JVM-related topics. This report […]

February 5, 2020