Open-source can play a critical role in tackling the UK’s developer shortage

It is no secret that developers have never been more in demand. According to a recent analysis, the shortage of “programmers and software development professionals” only ranks behind HGV drivers and nurses as the occupation where worker shortages are most acute in the UK.

The sheer pace of digital transformation across every industry means the demand for developer talent continues to outstrip supply at a rapid rate – and the situation shows no sign of abating. Just about...

Rust vulnerability enables attackers to delete files and directories

Maintainers of the Rust programming language have warned of a critical vulnerability that enables attackers to delete files and directories.

In a security advisory, the Rust Security Response Working Group wrote:

“The Rust Security Response WG was notified that the std::fs::remove_dir_all standard library function is vulnerable to a race condition enabling symlink following (CWE-363).

An attacker could use this security issue to trick a privileged program into...

Developers can now create custom App Store offer codes

Apple is finally letting developers create their own custom offer codes for in-app subscriptions.

In 2020, Apple introduced the ability to generate offer codes for in-app subscriptions. However, there were two major limitations: they were randomly generated and were for one-time use.

On the Apple Developer website, the company announced that it’s lifting both limitations so developers can create offer codes like BRINGONSUMMER that can be used for as long – or,...

Software supply chain attacks increased over 300% in 2021

We all knew there was an increase in software supply chain attacks in 2021, but a new study has quantified just how bad things got.

Argon Security – recently acquired by Aqua Security – published the latest edition of its annual Software Supply Chain Security Review this week.

The headline stat from Argon’s report that software supply chain attacks grew by more than 300 percent in 2021 compared to 2020.

Eran Orzel, Senior Director of Argon Customer...

Library deliberately corrupted by its developer relaunches as community project

A popular library that was deliberately corrupted by its own developer has been relaunched as a community-driven project.

Last week, Developer reported that users of open-source projects depending on the ‘colors’ and ‘faker’ libraries by Marak Squires were confronted with their applications indefinitely printing gibberish messages on their console—rendering them useless.

Squires corrupted his own libraries, seemingly in retaliation for others using them for...

Apple is updating App Store prices in nine regions

Apple has announced App Store price changes in nine regions that will come into effect in the next few days.

The company updates App Store prices to account for changes in foreign exchange rates or taxes.

In the following regions, the price of apps and in-app purchases will increase:

Bahrain: Increase of value-added tax from 5% to 10%Ukraine: New value-added tax of 20%Zimbabwe: New digital services tax of 5%

Apple says your proceeds will be adjusted...

Open-source developer corrupted his own popular libraries

An open-source developer intentionally corrupted his own libraries that have been used by thousands of projects.

Users of open-source projects that depend on the ‘colors’ and ‘faker’ libraries by Marak Squires were confronted with their applications indefinitely printing gibberish messages on their console—rendering them useless.

The colors library receives over 20 million weekly downloads on npm alone and has almost 19,000 projects depending on it. The faker...

Extending Microsoft’s Azure Digital Twins for real-time analytics

As countless applications need to track live systems, developers face the challenge of implementing real-time analytics that can react to incoming telemetry and quickly identify problems or opportunities. Examples include telematics software that tracks vehicles in a fleet, security software monitoring physical points of entry or network endpoints in a cyber infrastructure, health-tracking systems that analyze telemetry from wearable devices, and many others. These applications are all...

App Store Connect now shows analytics for in-app events

Developers can now access analytics for in-app events through App Store Connect.

In-app events such as game competitions, movie premieres, and livestreamed experiences can be great ways of driving user engagement. Events can also be showcased in the App Store to help gain new users:

(Credit: Apple)

Measuring the effectiveness of an in-app event has been more difficult than it should be. Apple wants to fix that.

This week, Apple announced that developers can...

Ethereum still has the most Web 3.0 developers, but rivals are growing faster

Decentralised app platform Ethereum still has the most Web 3.0 developers, but it’s all to play for with rivals growing faster.

The data comes from research firm Electric Capital which released a report this week into the Web 3.0 development ecosystem.

Electric Capital found that more than 4,000 developers actively work on Ethereum per month. 

For comparison, just 680 developers actively work on Bitcoin per month. It’s a huge disparity, but it’s...