Welcome to MergeBase Blog
Read about SCA, Vulnerability Scanning, Open Source Security Management and More!
Read about SCA, Vulnerability Scanning, Open Source Security Management and More!
Discover March’s hot tips, latest vulnerabilities, and industry headlines. Plus, news of an upcoming interview with Cassie Crossley
Firecracker microVM is a virtual machine monitor that allows you to create and manage microVMs. It leverages the Linux Kernel-based Virtual Machine (KVM) and utilizes a minimalist design for increased security. As firecracker microVMs do not include unnecessary devices and guest functionality, they provide a reduced memory footprint and attack surface area. The firecracker architecture is used by and integrated with several infrastructure solutions such as appfleet, containerd, fly.io, and OpenNebula. In this article, we will be building a firecracker containerd microVM and scan it for any known vulnerabilities with MergeBase. In this article:
Introduction Über jars are a type of reuseable Java library that applications sometimes (knowingly or not) incorporate into their systems. Über jars are particularly challenging for software composition analysis (SCA) tools to understand because their structure and organization are complex. In this blog post, I explain what über jars are and why they exist, and I provide a mini-benchmark to see how current SCA tools deal with this type of Java library.
In this article: 1. What’s a Git Rebase Fight? 2. Solution: Optimistic Build Status Propagation 3. What Causes Git Rebase Fights? 4. Triple-Dot-Diff and “git patch-id” What’s a Git Rebase Fight? Have you ever experienced this situation?