CVE Scanning and Guided Remediation with OSV Scanner

Figure 1. OSV Scanner Security is a critical aspect of software development, and staying ahead of vulnerabilities is essential for us application developers. Google’s OSV Scanner is a powerful tool that helps detect vulnerabilities in open-source dependencies. This article will guide us through setting up and using OSV Scanner to secure our projects, scan for invalid licenses, scan OCI images and finally how to fix findings via guided remediation. ...

March 28, 2025 · 8 min · 1577 words · Micha Kops

Install Docker on Linux

Goals Installing a specific Docker version on (Debian-based) Linux Freeze the version to avoid automatic updates Installation curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo apt-key add - (1) sudo add-apt-repository \ (2) "deb [arch=amd64] https://download.docker.com/linux/ubuntu \ $(lsb_release -cs) \ stable" sudo apt-get update (3) sudo apt-get install -y docker-ce=18.06.1~ce~3-0~ubuntu (4) sudo apt-mark hold docker-ce (5) 1 Add the Docker GPG key 2 Add the Docker repository 3 Update the index 4 Install docker 5 Freeze the version to avoid unwanted automatic updates ...

May 14, 2021 · 1 min · 86 words · Micha Kops

Generating Java Source Files with JavaPoet

For the most of us developers, generating Java source files is an occasionally happening task and we’re dealing with it e.g. when writing annotation processors, writing tools or interacting with meta-data files. JavaPoet is a nice library to simplify such tasks, offering an intuitive fluent-builder API to generate source files in no time. In the following tutorial I’d like to share a few examples by writing code generators with the help of this library. ...

February 28, 2015 · 5 min · 1035 words · Micha Kops