IN THIS ISSUE: Travis CI Security Flaw Fixed; Diversity Up in API Usage; Integrate Auth0 in Android Apps; Firebase Competitor Gets $10M Funding; DOM Injection Safety Tool; Chrome Keeps Pace with RenderingNG
There's good news and bad news for close to a million organizations using the Travis CI continuous integration system to automate development. A data leak detected last month has been fixed, but thousands of environmental keys might already have been exposed.
Developers are using a more varied mix of APIs and protocols than in previous years. That's according to the 2021 State of Software Quality API Survey, an annual report published by dev tool maker SmartBear. REST still leads the pack with 91 percent organizational usage.
Why reinvent the wheel when it comes to secure login? This step-by-step guide makes simple work of securing an Android app with log-in credentials using the Auth0 identity platform, which this month announced support for Microsoft Azure.
A company called Appwrite has developed an open-source backend-as-a-service tool that it claims offers many of the same features as Google's Firebase, but since it's self-hosted, organizations are not locked into a development structure and never lose control of their data.
DOM Injection offers a fast and easy way to manipulate an app without its source code. Unfortunately, hackers also can use it to perform cross-site scripting attacks. Offering a solution is Sanitizer API, which inspects untrusted HTML before insertion into a running app.
After Chrome hit the scene in 2008, Google promoted it with a series of videos to demonstrate its superior performance over competitive browsers. Results since then have been mixed. The community in June unveiled its next-gen rendering engine with a promise for release in 2021.