GraalVM 0.26 released

New version of Oracle project available now, with new major features
01 August 2017   1513

Popular general-purpose programming language and computing platform

New version of GraalVM now available.

What is GraalVM?

Graal is Oracle project, designed to improve the performance of Java virtual machine-based languages to match the performance of native languages. Graal offers performance advantages not only to Java code, but also to scripting languages such as JavaScript, Ruby, and R. Additionally, it enables the execution of native code on the JVM via an LLVM-based front end (project Sulong). Languages are executed by Graal via the Truffle framework, which comes with seamless interoperability and polyglot debugging and profiling functionality.


  • Performance - Graal incorporates our research on compiler technology, and offers better peak performance on some workloads than a traditional JVM.
  • Polyglot - Java, JavaScript, Ruby, and R are all available at competitive performance within the same execution environment.
  • Interoperability - Languages executed in Graal can call each other without overhead and libraries from other languages can be used.
  • Embeddability - Embed dynamic languages and native code with sandboxing capabilities.
  • Tooling - Graal benefits from JVM-based tooling and all languages share common tooling such as debugging and profiling.

What's new in version 0.26?

This release contains some major changes/additions:

  • LLVM bitcode interpreter Sulong now a part of Graal
  • new GraalVM directory layout
  • Graal SDK
  • Native images for all languages
  • New guest launchers with standardized VM options

Sonatype to Create Vulnerability Checker Tool

New tool is called DepShield and available in the "Security" section of the GitHub Marketplace
16 August 2018   119

Sonatype has introduced a tool for developers called DepShield, which checks the code on GitHub for vulnerabilities.

The free version of the service is looking for vulnerabilities in the OSS Index database and gives recommendations on how to fix them. In the commercial version, you can configure automatic fixing of problems. Also in DepShield there are:

  • work with the Apache Maven framework;
  • View a list of known vulnerabilities in GitHub's Issue Tracker;
  • determine the range of versions for each vulnerability.


DepShield is available in the "Security" section of the GitHub Marketplace.

GitHub has introduced two new features that will help improve security and simplify the recovery of accounts. For this, the company recommends setting a strong password and two-factor authentication.