Many Java teams already generate Software Bills of Materials (SBOMs). In isolation, that is not particularly difficult. What is more challenging, and increasingly important under the EU Cyber Resilience Act (CRA), is demonstrating that an SBOM accurately reflects what is actually running in production. Ixchel Ruiz is a senior software...
Welcome to issue number three hundred and nineteen of Hashtag Jakarta EE! As I am writing this, I am sitting in my hotel in Johannesburg, South Africa. Me being here is actually as success story. I was supposed to present Jakarta EE at I Code Java on Tuesday and Wednesday...
While IDE usage declines, the underlying Eclipse Platform technologies remain mature and widely deployed. Eclipse Rich Client Platform (RCP) and many of the components delivered through the Eclipse Simultaneous Release are embedded in a large number of commercial products, including industrial software, engineering tools, embedded platforms, and other long lived...
The Eclipse Foundation supports a global open source community by providing trusted platforms, services, and governance. As a vendor-neutral organisation, we operate infrastructure that enables collaboration across projects, organisations, and industries. This infrastructure supports project governance, developer tooling, and day-to-day operations across Eclipse open source projects. While much of it...
IoT systems rarely fail because of hardware constraints. They fail because we continue to design them as collections of isolated devices rather than as distributed systems. As edge infrastructure, cloud platforms, and AI workloads become integral to modern deployments, device-centric approaches to IoT architecture at scale begin to collapse under...
This year’s Jfokus was probably the busiest I have had. My schedule filled up even though I didn’t have a talk at this year’s conference. This year, I joined the group of volunteer stage hosts, so I had the pleasure of introducing speakers in one of the rooms on Wednesday...
In the past year, several high-profile outages disrupted airports, cloud platforms, and critical digital services worldwide. In each case, the software involved had been tested, certified, and deployed in accordance with accepted practices. Yet, when assumptions broke, the impact travelled fast across organisations, supply chains, and international borders. These recent...
As the Cyber Resilience Act (CRA) moves closer to enforcement, engineering teams across Europe are being asked to demonstrate secure development practices, software supply chain transparency, and improved vulnerability management. For many organisations, the focus has shifted to compliance: what needs to be shown, documented, and certified. However, compliance alone...
Welcome to issue number three hundred and eighteen of Hashtag Jakarta EE! As I write this, I am in Brussels for FOSDEM’26. Stay tuned for an update from this conference in a separate post shortly. Fun fact is that I am sitting in exactly the same place in the lobby...