A security bill of material (SBOM) is an inventory of the entire building components of a software application. These components include open source libraries, dependencies, commercial components, licenses, patch status, version information, upgrades available, CVEs, etc. Having an SBOM of a codebase or piece of software provides deep visibility into core components that help quickly identify and mitigate the security and licensing risks associated with the software supply chain.

From one designer to another, you should know why Playbooks is a fantastic addition to your design tool belt. Playbooks were designed with technical workflows in mind, from incident response to release management, but its flexibility makes it a perfect fit for any repeated process. I love it for creating reusable templates of design checklists and an excellent way to do design review sign-off.

Welcome to Open Source Matters, where we cover the latest developments in open source technology. In this special edition, we’re covering 5 open source projects you should consider contributing to in 2023. I’m your host, Ben Lloyd Pearson — now, in no particular order, let’s dive in!

One of the game changers in modern software development is Continuous Integration and Continuous Development (CI/CD). Both large, established organizations and small, growing companies use CI/CD to deliver software faster and to detect bugs in the software lifecycle. In this tutorial, I’ll create a full pipeline to practice CI/CD using Jenkins, including how to set up Jenkins on Docker. I’ll give an in-depth view of a Jenkins pipeline example using Jenkinsfile.

Applications and servers need to be constantly monitored to prevent failure and also be able to detect issues on time. This blog post outlines how developers can use Prometheus to monitor applications on AWS EC2 instances.

Organizing a software release is a cross-team effort and a large undertaking. Leveraging the power of Mattermost Playbooks can help your team stay on deadline and keep confusion at bay. In this post, we’ll learn how to quickly integrate Mattermost into your GitLab release pipeline to help streamline your release processes. At the end of the blog post, there’s a link to a release management demo that you can try out in the browser to see these ideas in action.

Welcome to the December 2022 edition of Open Source Matters. I’m your host, Ben Lloyd Pearson; let’s dive in!