Clean GitHub repo tricks AI coding agents into running malware

An agentic coding tool tasked with cloning and setting up a seemingly benign GitHub repository could execute a malicious ...
ADTmag

Project Valhalla Targets JDK 28 as Java SE Expert Group Begins Work

The Java Community Process formally launches development of Java SE 28, with Project Valhalla once again positioned as the release's most closely watched feature.

The maker of ChatGPT wants to make open-source projects less of a security bargain

As AI tools flood open-source maintainers with low quality bug reports, OpenAI's new Patch the Planet initiative aims to filter out the noise and fix real threats.
IEEE

Combining Graph-Based Learning With Automated Data Collection for Code Vulnerability Detection

Abstract: This paper presents FUNDED (Flow-sensitive vUl-Nerability coDE Detection), a novel learning framework for building vulnerability detection models. Funded leverages the advances in graph ...
GitHub

Google Closure Compiler

The Closure Compiler is a tool for making JavaScript download and run faster. It is a true compiler for JavaScript. Instead of compiling from a source language to machine code, it compiles from ...
GitHub

OpenPDF is an open source Java library for PDF files

OpenPDF is an open-source Java library for creating, editing, rendering, and encrypting PDF documents, as well as generating PDFs from HTML. It is licensed under the LGPL and MPL open source licenses.
IEEE

License Compatibility Detection for OpenJavaWorks Open-Source Projects Based on Code Similarity

Abstract: This study investigates the relationship between code similarity and open-source license compatibility in Java projects. While the extensive use of open-source projects promotes code reuse, ...