Repost: Embedded Vulnerability Detection command line tool

by Grant Murphy

“The Victims project is a Red Hat initiative that aims to detect known vulnerable dependencies in Java projects and deployments. Our initial focus was Java projects that were built using Maven. The victims-enforcer plug-in for Maven provides developers with immediate feedback if any of their project dependencies contain known vulnerabilities. However, until recently we did not have a good solution for scanning deployments or tools that work outside of a typical build and release cycle. The alpha release of the victims client for Java hopes to fill this gap. (more…)

DevNation 2014 recorded session: Slavek Kabrda – DevAssistant: What’s in it for You?

DevAssistant is a new project that aims to make developers’ lives easier by automating repetitive and time-consuming tasks. It uses assistants—Yaml “recipe files”—that contain information on how to create new projects, modify existing projects, and how to set up environments for developing upstream projects. (more…)

For more information about Red Hat Enterprise Linux and other topics related to this article, visit one of these sites:

Red Hat Enterprise Linux
Red Hat Enterprise Linux Developer Program
Red Hat Enterprise Linux 7 is now generally available


The ARM Arc

ARM.  When used in a sentence it may refer to the company (ARM Holdings), one of its numerous CPU versions, or even a way of life.  But we just call it ARM.  ARM (the company) creates low power processor designs which they license to other companies to implement; Licensees enhance ARM’s design and manufacture the actual chips.  The resulting processors are the defacto standard in the fiercely competitive consumer mobile space of tablets and cell phones.  Of course, the thing that makes ARM interesting to Red Hat isn’t consumer mobile, it is evaluating their potential in servers.  In theory if they perform well, their low-wattage designs might be quite compelling. (more…)

Dude, where’s my PaaS memory? Tuning Java’s footprint in OpenShift (Part 2)

Continued from part 1.

The test web service

The test web service implements a simple file cache storing up to 10 copies of any given named file. Uploading copies beyond the 10th one causes the oldest version to be discarded. The server supports a variety of requests allowing

  • a new version of a file to be uploaded
  • an existing file version to be downloaded
  • listing of the name and version counts of all files in the cache
  • deletion of all copies of a named file
  • deletion of the whole cache


You can learn more about Red Hat JBoss Middleware products by visiting:

For more information about Red Hat OpenShift and other related topics, visit:

Repost: Node.js – An Enterprise Situation Report | The New Stack

I found this interesting Node.js article from The New Stack.  A handy piece for those of you considering Node and especially now that we now have it in both Software Collections and OpenShift.

“Why Node.js is an excellent and underutilized enterprise tool

“Node.js, after cutting its teeth for a few years in the open source space, then being used by large-scale startups like LinkedIn and Joyent, it is now heading for the enterprise. From scaling virtualized hyper visors to operating system level virtualization with hot new technologies like Docker, Node.js and the army of JavaScript coders are pushing forward with new offerings, products and projects that make enterprise adoption a no-brainer.


For more information about Red Hat OpenShift and other related topics, visit:

For more information about Red Hat Software Collections or Red Hat Developer Toolset, visit