Trending Topics This Week

Here is what people are talking about this week in the world of free and open source software: 

Developers Are Working Increased Hours During COVID-19

Our friends at JRebel by Perforce just released a report highlighting the struggles developers and companies are facing under COVID-19. Alongside a number of eye-opening findings, the report found that 58% percent of development professionals are working more hours per week during the COVID-19 crisis, and 19% reporting an increase of over six hours per week.

You can download the full COVID-19 Developer Impact Report here.

Key Security, Maintenance, and Features Releases

Non-Security Updates


Apache Ant 1.10.9
Apache Ant 1.10.9 are now available for download as source or binary from 
The Apache Ant team currently maintains two lines of development. The 1.9.x releases require Java5 at runtime and 1.10.x requires Java8 at runtime. Both lines are based off of Ant 1.9.7 and the 1.9.x releases are mostly bug fix releases while additional new features are developed for 1.10.x. We recommend using 1.10.x unless you are required to use versions of Java prior to Java8 during the build process.
Ant 1.10.9 contains a bugfixes and support for using GraalVM JavaScript inside the script family of tasks and types..
It also addresses an insecure temporary file vulnerability vulnerability, see the security report for details.

Apache Tomcat 7.0.106
Fix 64582: Pre-load the CoyoteOutputStream class to prevent a potential exception when running under a security manager. Patch provided by Johnathan Gilday. (markt)
Add: Refactor the Default servlet to provide a single method that can be overridden (generateETag()) should a custom entity tag format be required. (markt)
Fix: Improve the validation of entity tags provided with conditional requests. Requests with headers that contain invalid entity tags will be rejected with a 400 response code. Improve the matching algorithm used to compare entity tags in conditional requests with the entity tag for the requested resource. Based on a pull request by Sergey Ponomarev. (markt)
Update:Deprecate the JDBCRealm. (markt)

Jenkins 2.259
Show display names in change list again (regression in 2.243). (issue 63712)
Update the bundled version of Script Security Plugin from 1.73 to 1.75. (pull 4947)
Update the bundled version of Display URL API plugin from 2.0 to 2.3.1. (pull 4948)
Developer: Cloud implementations are given more context about ongoing planned nodes. Add CloudState to be passed to Cloud#provision and Cloud#canProvision methods. (pull 4922)

View all OpenUpdate editions >