Announcements

ADL streamlines agent design, helping enterprises cut complexity, speed deployment, and scale agentic AI with confidence.

Over the past few weeks, the Open VSX team and the Eclipse Foundation have been responding to reports of leaked tokens and related malicious activity involving certain extensions hosted on the Open VSX Registry.

BRUSSELS – 30 September 2025 – The Eclipse Foundation, one of the world’s largest open source software foundations, today announced the availability of The State of Enterprise Java: 2025 Jakarta EE Developer Survey Report,

By adopting Eclipse Temurin and joining the Adoptium Working Group, Bloomberg is strengthening their infrastructure, reducing costs, and leading open source innovation.

The global software ecosystem runs on open source infrastructure. As demand grows, we invite the businesses who rely on it most to play a larger role in sustaining it.

An open letter from the stewards of public open source infrastructure, signed by Alpha-Omega, Eclipse Foundation (Open VSX), OpenJS Foundation, Open Source Security Foundation, Packagist (Composer), Python Software Foundation (PyPI), Rust Foundation (crates.io), Sonatype (Maven Central).

The global open source community will gather in Brussels from 21 to 23 April 2026 for the Open Community Experience (OCX) 2026. It isn’t just another conference; it’s where six open source communities collide to shape the future of software, developer tools, mobility, AI, compliance, and research. With one pass, you get access to six experiences and endless opportunities.

Microsoft, Red Hat, and other new members join ORC, as the group marks a key milestone with its inventory of CRA resources.

EU-funded open source initiative delivers free tools to help SMEs and developer teams meet Cyber Resilience Act requirements.

Your organisation can play a leading role in making open source a shared experience. Check out Gaël Blondelle's new blog post to find out why you should sponsor OCX26.

A vulnerability in the Eclipse Open VSX Registry’s automated publishing system could have allowed unauthorized extension uploads. It did not affect existing extensions or admin functions.

The issue was reported on May 4, 2025, fully fixed by June 24, and followed by a complete audit. No evidence of compromise was found, but 81 extensions were proactively deactivated as a precaution.

We would like to thank the researchers for reporting the issue, reviewing the proposed fixes, and supporting the resolution process, as well as the members of the Eclipse Open VSX team who were involved.

Our annual report highlights the key achievements of the past year, including significant project and industry collaboration milestones, membership growth, and notable community engagement initiatives.

The new Jakarta EE release modernises testing, boosts developer productivity, improves performance, and expands Java platform support.

This initiative is hosted by the Eclipse Foundation under the Eclipse S-CORE project, fostering an open and interoperable ecosystem for the entire automotive industry.

Leading automakers and technology partners unite behind open source automotive middleware as first release approaches

As enterprises seek vendor-neutral Java options, the Adoptium Working Group unveils the latest Temurin release, an ROI tool, and a funding model to support the future of open source Java.

After the first series of training focused on general concepts, the Eclipse Foundation Security team is offering a new set of training, this time focused on vulnerability management and related subjects like dependencies and Software Bills of Materials.

In late March 2025, a security researcher in our community reported a security concern about a publicly accessible API endpoint containing user information on accounts.eclipse.org. After reviewing the issue, we determined this API endpoint was unnecessary and have since disabled it.

We looked through our access logs for the past few months and confirmed that the only requests were from the security researcher and the Eclipse Foundation staff who verified the report.

The report uncovers challenges related to open source support and Big Data management: Organizations using EOL software were almost three times more likely to have failed a compliance audit last year and 47% of organisations that handle Big Data expressed low confidence in the administration of those technologies.