Google ya tabbatar da ƙaddamar da buɗaɗɗen tushe kuma ya ƙaddamar da wani shirin kyauta na bug 

Google

Google yana fadada fayil ɗin shirye-shiryen kyauta

Google ya sake tabbatar da kudurinsa na bude tushen kuma an sake shi sabon shirin don tallafawa masu binciken tsaro da mafarauta na kurakurai miƙa tsabar kudi lada duk wanda zai iya gano lahani a cikin buɗaɗɗen ayyukan software da yake jagoranta.

An sanar da Shirin Kyauta shine sabon ƙari ga dangin Google na shirye-shiryen kyauta masu rauni da yana mai da hankali kan masu bincike masu lada waɗanda ke nemo kwari waɗanda za su iya cutar da wasu ayyukan buɗaɗɗen tushe da aka fi amfani da su a duniya.

An kafa shi don ramawa da gode wa waɗanda ke taimakawa wajen tabbatar da lambar Google, ainihin shirin VRP na ɗaya daga cikin na farko a duniya kuma yanzu yana gab da cika shekaru 12. A tsawon lokaci, layinmu na VRP ya faɗaɗa don haɗa shirye-shiryen da aka mayar da hankali kan Chrome, Android, da sauran wurare. A dunkule, wadannan shirye-shiryen sun bayar da tukuicin da aka gabatar sama da 13, tare da bayar da jimillar sama da dala miliyan 000.

Kamar yadda mutane da yawa za su sani, Google ne da farko ke da alhakin yawancin manyan ayyukan buɗaɗɗen tushe, irin wannan shine misalin Android, Golang, tsarin tsarin aikace-aikacen yanar gizo na tushen TypeScript Angular, da tsarin aiki na Fuchsia don na'urorin gida masu wayo kamar Nest.

A yau muna ƙaddamar da Google's Open Source Software Reward Reward Program (OSS VRP) don ba da lada ga binciken raunin da aka samu a cikin ayyukan buɗaɗɗen tushen Google. Kamar yadda yake da alhakin manyan ayyuka kamar Golang, Angular, da Fuchsia, Google yana cikin manyan masu ba da gudummawa da masu amfani da buɗaɗɗen tushe a duniya. Tare da ƙari na Google's OSS VRP ga danginmu na Shirye-shiryen Kyautar Rauni (VRPs), masu bincike yanzu za a iya samun lada don gano kwaro waɗanda za su iya yin tasiri ga duk yanayin yanayin buɗe ido.

Lalacewar babbar matsala ce, in ji Google a cikin wani blog post. Ya ce an samu karuwar hare-haren da aka kai da kashi 650 cikin XNUMX zuwa ga sarkar samar da kayan aikin software a bara, wanda ya haifar da manyan al'amura kamar raunin Log4Shell da ake amfani da su.

" Farautar kwaro wani sanannen kayan aiki ne ba kawai don haɓaka ingancin hadayu na software ba, har ma don haɓaka masaniyar masu haɓakawa yayin aiki a matsayin abin ƙarfafawa don zurfafa hulɗa tare da lambar," in ji Holger Mueller na Constellation. Research Inc. "Game da wannan. yana da kyau a ga cewa Google yana ba da wani binciken kwaro, mai lakabin Open Source Software Vulnerability Program. Dukkanin sigogin suna da kyau, al'ummomin masu haɓakawa ba su da ƙarfi, don haka za mu ga yadda martanin zai kasance kuma, mafi mahimmanci, wane lahani da ƙarin ɗaukar matakan da za a iya samu. ”

Shirin OSS VRP da aka sanar a yau wani bangare ne na wannan sadaukarwar.

A nasa bangaren, Google yana ƙarfafa masu bincike su sake duba lambar buɗe tushen software kuma su ba da rahoton duk wani rauni da suke ganowa Google ya ce zai biya tukuicin ne bisa la’akari da tsananin rauni da kuma muhimmancin aikin, daga dala 100 zuwa dala 31,337. Hakanan za'a biya manyan lamuni ga ƙarin "masu lahani na ban mamaki ko musamman masu ban sha'awa," wanda Google ke ƙarfafa masu bincike don yin ƙirƙira.

Baya ga lada, masu amfani kuma za su iya samun amincewar jama'a don bincikensu idan sun zaɓa. Ga wadanda ke son ba da gudummawar ladarsu ga sadaka, Google ya ce zai yi daidai da waɗancan gudummawar daga tarin kuɗin nasa.

Google ya bayyana cewa ya kamata masu bincike su mayar da hankali kan kokarinsu kan mafi sabbin nau'ikan ayyukan budaddiyar manhaja da yake jagoranta, wadanda za a iya samu a wuraren ajiyar jama'a a shafin GitHub na Google. Har ila yau, farautar kwaro ya ƙara zuwa abubuwan dogaro na ɓangare na uku na waɗannan ayyukan.

Finalmente Idan kuna sha'awar iya sanin game da shi game da bayanin kula, zaku iya tuntuɓar sanarwar da Google ya fitar a cikin bin hanyar haɗi.


Kasance na farko don yin sharhi

Bar tsokaci

Your email address ba za a buga. Bukata filayen suna alama da *

*

*

  1. Wanda ke da alhakin bayanan: Miguel Ángel Gatón
  2. Manufar bayanan: Sarrafa SPAM, sarrafa sharhi.
  3. Halacci: Yarda da yarda
  4. Sadarwar bayanan: Ba za a sanar da wasu bayanan ga wasu kamfanoni ba sai ta hanyar wajibcin doka.
  5. Ajiye bayanai: Bayanin yanar gizo wanda Occentus Networks (EU) suka dauki nauyi
  6. Hakkoki: A kowane lokaci zaka iyakance, dawo da share bayanan ka.