Apache NetBeans

Tuesday June 09, 2020

[ANNOUNCE] Apache NetBeans 12.0 Released

Apache NetBeans 12.0 adds support for the latest Java language features, integrates new code donations from Oracle for Java Web development, enhances its best of breed Apache Maven tooling, brings multiple enhancements for users of Gradle, includes built-in features for Payara and WildFly for the first time, introduces new out of the box templates for JavaFX, upgrades and extends its PHP editor, provides new dark look and feel options, and includes a wide range of fixes.

All features provided by Apache NetBeans are supported out of the box, without additional plugins needing to be installed, and all for free. Apache NetBeans 12.0 is the first LTS release of NetBeans as a top level Apache project.

We would like to thank all contributors, the community, and the Apache Software Foundation for the great co-operation and enthusiasm enabling this complex and exciting project to continue to inspire and be of use to developers all over the world.

New & noteworthy features of the 12.0 release:

https://netbeans.apache.org/download/nb120/index.html

Downloads:

https://netbeans.apache.org/download/nb120/nb120.html

Feel free to share the good news!

Monday June 01, 2020

Newly Identified Inactive Malware Campaign: Impact on Apache NetBeans

Researchers at GitHub have identified 26 projects on GitHub that have been infected by malware[1]. The initial point of infection is undetermined and all activity with the malware has been shut down. The malware relied on project templates generated by Apache NetBeans using an older customized Apache Ant-based build system that has been in limited use since 2006. This does not impact users of other build systems like Apache Maven or Gradle or even most Apache Ant users. The majority of Apache NetBeans projects leverage native build tool integrations that are shared with continuous integration systems. With over 44 million repositories hosted on GitHub[2], the scope of these 26 projects looks isolated, these projects have been set to private, and their owners contacted, while GitHub has not had reason to contact the NetBeans community about this, indicating that this has no significant impact on the NetBeans community.

Note: Software Supply Chain attacks are not unique to any IDE and the NetBeans community will continue to monitor the threat landscape to keep developers safe and aware. Be aware[3] that any build system that you use when developing applications, with any IDE or build system, can be infiltrated by malware. Always make sure that the files you check into your versioning system are your own or that you know where they come from and what they do.

Related references:

  1. https://securitylab.github.com/research/octopus-scanner-malware-open-source-supply-chain
  2. https://www.zdnet.com/article/github-tops-40-million-developers-as-python-data-science-machine-learning-popularity-surges/
  3. http://wiki.apidesign.org/wiki/Malware

Calendar

Search

Hot Blogs (today's hits)

Tag Cloud

Categories

Feeds

Links

Navigation