Frappe makes defining DocTypes easier without the need for code to be used everywhere, since everything in Frappe is a DocType. The framework also includes a single-page application with forms, lists, and search navigation built in.

Additionally, users have the ability to define customer roles and permissions that are applied out of the box on every interaction, and they can create their own applications that can be extended by other apps with Frappe’s modular architecture. 

The framework allows for integrations and comes with REST API and Webhooks on all models based on authentication. It also allows users to configure background workers as well as run periodic tasks that are powered by Python RQ.

Soket.io support based on NodeJS is also included, along with the ability to send, receive, view, and manage emails using SMTP and IMAP based email accounts.

Lastly, Frappe enables customers to host several sites on one server, with its database driven multi-tenant architecture. 

The post SD Times Open-Source Project of the Week: Frappe appeared first on SD Times.

With Tython, customers can design reusable security references architectures as-code with pre-built blueprints so that they don’t need to build custom parsers for every language and integrations for every tool.

Users also gain the ability to define security and governance policies in any programming language they want, including Python, Rust, Golang, Sentinel, and OPA.

This open-source offering also works to remove the need for traditional configuration management constraints with a meta-model of the user’s application architecture. According to the maintainers, this provides enhanced security visibility.

Furthermore, customers are enabled to identify security and compliance issues based on business application context, and then automatically apply security.

The maintainers also stated that Tython allows for the creation, remediation, and enforcement of the end users custom security policies as soon as possible from architecture design to post-deployment drift detection. 

The framework also natively integrates across the cloud, offering multi-cloud support, the ability for developers to choose their IaC tools, intelligent remediation and drift-detection, and full visibility to the entire cloud application architecture through an interactive graph. 

To learn more, visit the website.

The post SD Times Open Source Project of the Week: Tython appeared first on SD Times.

According to the company, this open-source offering provides a similar experience to frameworks such as Next.js, Nuxt, and SvelteKit, building on top of Angular.

Analog also supports filesystem-based routing on top of the Angular Router. Routes are defined using folders and files in the src/app/pages folder and only files ending with .page.ts are collected and utilized to build the set of routes. 

Additionally, it includes support for using markdown as content routes, as well as rendering markdown content in components. To use content files in Analog, the @analogjs/content package must be installed. 

Another key feature of this project is its support for defining API routes that can be used to serve data to the application. API routes are also based on filesystem, and are exposed under the default /api prefix in development.

It also supports Vite/Vitest/Playwright, Angular CLI/Nx workspaces, and Angular components with Astro. Lastly, Analog also provides hybrid SSR/SSG support. 

To learn more, visit the website.

The post SD Times Open-Source Project of the Week: Analog appeared first on SD Times.

OSC&R was created to establish a standard language and structure for comprehending and evaluating the tactics, techniques, and procedures (TTPs) utilized by attackers to breach the security of software supply chains. 

The goal is to provide the security community with a unified resource to evaluate their own approaches for securing software supply chains in advance and compare solutions, according to the framework’s founding members. 

“In one episode of Star Trek, while working on vulnerabilities of the Enterprise in relation to the threat actor, Mr. Spock said, ‘Insufficient facts always invite danger, Captain!’ The same certainly holds true in cybersecurity, where a lack of information increases vulnerability. By increasing the community’s knowledge, OSC&R holds tremendous potential to mitigate dangers to the software supply chain and reduce the attack surface more broadly,” said Dineshwar Sahni, director of product security at VISA who also just joined the consortium of cybersecurity leaders behind OSC&R.

OSC&R can be used by security teams to evaluate existing defenses, define which threats need to be prioritized, and how existing coverage addresses those threats, as well as to help track the behaviors of attacker groups.

The project was added to GitHub earlier this week and was also recently endorsed by former U.S. National Security Agency Director Admiral Mike Rogers.

The post SD Times Open-Source Project of the Week: OSC&R Software Supply Chain Attack Matrix appeared first on SD Times.

According to the project’s GitHub page, the SK extensible programming model brings together natural language semantic functions, traditional code native functions, and embeddings-based memory in order to access new potential and add value to apps with AI.

SK was designed to support and include design patterns from recent AI research, allowing developers to enrich their applications with complicated skills such as prompt chaining, recursive reasoning, and summarization.

Furthermore, users can infuse their apps with zero/few-shot learning, contextual memory, long-term memory, embeddings, semantic indexing, planning, and accessing external knowledge stores as well as the users own data.   

“By joining the SK community, you can build AI-first apps faster and have a front-row peek at how the SDK is being built. SK has been released as open-source so that more pioneering developers can join us in crafting the future of this landmark moment in the history of computing,” the project maintainers wrote on SK’s GitHub page.

Additionally, SK supports prompt templating, function chaining, vectorized memory, and intelligent planning capabilities out of the box.

More information is available in the documentation.  

The post SD Times Open-Source Project of the Week: Semantic Kernel appeared first on SD Times.

The plugin was developed by members of the accessibility and design teams at eBay and is released for public use on Figma.

The plugin can help an app designer select a frame for annotations, and then present a list of steps to ensure that the design meets accessibility standards. For instance, Include will create a list of images used in a mockup. The designer can mark an image as informative, and the plugin will prompt them to include alt text, which allows screen readers to describe the image.

There are also many additions to the plugin. One of them makes a copy of the design with text enlarged to 200%, so the designer can easily see where text may overflow, or where the design may break, which shows how the app might look for those who enlarge text on their devices. 

Other additions include functionalities for color contrast accessibility checks, methods for creating commonly-used layers and frames within the Figma document, and utility functions for working with Figma frames and strings.

Additional details on the project are available here.  

The post SD Times Open-Source Project of the Week: Include appeared first on SD Times.

OpenXLA is an open-source machine learning compiler ecosystem that allows developers to compile and enhance their models from ML frameworks in order to provide improved training and serving on a variety of hardware.

The compiler was co-developed by organizations such as Alibaba, AWS, AMD, Apple, Arm, Cerebras, Google, Graphcore, Hugging Face, Intel, Meta, and NVIDIA.

According to Google, OpenXLA will help developers achieve improvements in training time, throughput, serving latency, time-to-market, and compute costs.

The goals behind this open-source offering include: 

• Simplifying the process for developers to compile and optimize a model in their preferred framework for multiple different hardwares through a unified compiler API and pluggable device-specific back-ends optimizations.
• Providing increased performance for current and emerging models that scales across different hosts and accelerators, satisfies the constraints of edge deployments, and generalizes to novel model architectures.
• Building a layered and extensible ML compiler platform that offers developers MLIR-based components that are reconfigurable for specific use cases and plug-in points for hardware-specific customization of the compilation flow.

To learn more, read the blog post.  

The post SD Times Open-Source Project of the Week: OpenXLA appeared first on SD Times.

“It is still too difficult and time-consuming for software engineers to gain confidence in their day-to-day code changes. Most engineering teams suffer through long QA feedback cycles or resort to writing hard-to-maintain unit tests and integration tests. Sadly, for most types of software, writing reliable, automated, and developer-friendly tests is still very difficult,” Pejman Ghorbanzande wrote in a post. “Touca lets you describe the behavior and performance of any version of your software for any number of inputs.”

The testing tool submits a description written out by a software team to a remote server that automatically compares it against a previous baseline version and reports any differences.

It can then be used to share insights about new versions. 

Touca first started out as a regression testing solution for enterprise software companies building mission-critical systems but has now evolved to support individual developers and smaller teams, according to Ghorbanzande.

Version 2.0 was released last month and it contains an easy-to-self-host server that stores test results, a CLI that enables snapshot testing, four SDKs in Python, C++, Java, JavaScript, Test runner and GitHub action plugins, and more.

The post SD Times Open-Source Project of the Week: Touca appeared first on SD Times.

Helios was launched internally 6 months ago, and it enables product teams to create beautiful, consistent, and accessible user experiences and interfaces, all while being scalable and flexible.

“The public launch of Helios is an active choice to deliver beautiful user interfaces and experiences across the full range of our customer-facing touchpoints,” Brian Runnels and Misha Dhar from HashiCorp wrote in a blog post. “By establishing a standardized design language, we aim to increase design quality with greater consistency across our product lines. And we hope Helios can help others do the same.”

Helios contains reusable building blocks such as alerts, badges, button sets and much more to save developers time and also provides design decisions and guidance for colors, icons, typography, and more.

The company stated that it plans to add “atomic and molecular elements” to its library consisting of new icons, foundational components, and patterns that serve the needs of its products. HashiCorp also announced that it is also launching Hermes, a new open-source document management system that uses Helios.

The post SD Times Open-Source Project of the Week: Helios appeared first on SD Times.

With Builder.io, customers can drag and drop Visual CMS for React, Vue, Qwik, Angular, and more. Additionally, the project’s GitHub page stated that Builder.io can integrate with any site or app and allows users to drag and drop the components already in their codebase.

This open-source offering works to fight against bottlenecks and messy releases by utilizing an API-driven UI that allows for the decoupling of page updates from deploys; scheduling, a/b testing, and personalizing via APIs; the reducing of code; and increasing of composability.

According to the GitHub page, to get started the user first has to integrate the Builder API or SDK to their site or app and then they can create an account and drag and drop to create and publish pages and content.

Furthermore, the maintainers stated that all Builder.io content is delivered from the edge and renderable server side or statically.

Lastly, the content in Builder.io is structured in models, and customized with custom fields and targeting. 

Users gain access to Builder pages for full drag and drop control between the site’s header and footer, Builder sections to make a part of a page visually editable and use targeting and scheduling to decide who sees it, and Builder data to retrieve structured data from Builder and use it anything in the application.

For more information, visit the GitHub page. 

The post SD Times Open-Source Project of the Week: Builder.io appeared first on SD Times.