Welcome to MergeBase Blog
Read about SCA, Vulnerability Scanning, Open Source Security Management and More!

Read about SCA, Vulnerability Scanning, Open Source Security Management and More!
Explore the intersection of security and productivity in software development. Learn about effective tool sequencing, the importance of developer engagement, and strategies to minimize security-related work overload.
Firecracker microVM is a virtual machine monitor that allows you to create and manage microVMs. It leverages the Linux Kernel-based Virtual Machine (KVM) and utilizes a minimalist design for increased security. As firecracker microVMs do not include unnecessary devices and guest functionality, they provide a reduced memory footprint and attack surface area. The firecracker architecture is used by and integrated with several infrastructure solutions such as appfleet, containerd, fly.io, and OpenNebula. In this article, we will be building a firecracker containerd microVM and scan it for any known vulnerabilities with MergeBase. In this article:
Introduction Über jars are a type of reuseable Java library that applications sometimes (knowingly or not) incorporate into their systems. Über jars are particularly challenging for software composition analysis (SCA) tools to understand because their structure and organization are complex. In this blog post, I explain what über jars are and why they exist, and I provide a mini-benchmark to see how current SCA tools deal with this type of Java library.
In this article: 1. What’s a Git Rebase Fight? 2. Solution: Optimistic Build Status Propagation 3. What Causes Git Rebase Fights? 4. Triple-Dot-Diff and “git patch-id” What’s a Git Rebase Fight? Have you ever experienced this situation?