Auto Added by WPeMatico

Dark Theme Is Now Available in Toolbox App 1.18.

It’s been a while since you made this wish, and now we’ve finally made it come true! We are happy to introduce the frequently requested feature – the Dark Theme. :tada:

Don’t have the Toolbox App yet? Click the link below to download the free Toolbox App and start working with the theme you like the most.

Download now

You shouldn’t wait any longer to see it in action. Just update your Toolbox App to version 1.18, if you haven’t set the Toolbox App to update automatically and select the Dark Theme in the “Appearance & Behavior” section of the Toolbox App Settings.

Dark Theme

Currently, the app offers two options – Light or Dark Theme – which you can change manually. Go to the Toolbox App Settings and choose the theme you like under the “Appearance & Behavior”.
Theme Settings

Bug Fixes 🛠

In the same release, we’ve fixed the following issues:

TBX-4898 – Generation of shell scripts on macOS for Android Studio 4.0 and 4.1 now works correctly.
TBX-4985 – Toolbox now correctly updates taskbar shortcuts on Windows.
TBX-5031, TBX-5066 – The uninstall process on Windows now works correctly.
TBX-5199 – Toolbox now updates Linux .desktop files if there is a broken symlink.
TBX-5233 – We’ve fixed a bug that caused Android Studio 4.1 not to start from the Toolbox App on macOS.

See the full list of fixed issues here.

As always, the Toolbox App team is happy to get your feedback! Leave us a message in our issue tracker or on Twitter by mentioning @JBToolbox.

Stay safe, and stay productive!
The Toolbox App team

Continue Reading Dark Theme Is Now Available in Toolbox App 1.18.

JetBrains Toolbox 2020.2. Summary

All tools in the JetBrains Toolbox and included in the All Products Pack subscription have been updated to their new 2020.2 versions. Below you can read about what the updates bring to particular tools you use from the toolset, and you can update to the newest version via the Toolbox App or from the tool itself.

IntelliJ IDEA

IntelliJ IDEA 2020.2 lets you review and merge GitHub pull requests right from inside the IDE, quickly navigate between warnings and errors in a file through the new Inspections Widget, view the full list of issues in a current file with the Problems tool window, and get notified if your changes break other files. You can use Jakarta EE, and get better support for Quarkus, Micronaut, and OpenAPI.
WebStorm

WebStorm 2020.2 comes with a long-awaited option for using Prettier as the default formatter, best-in-class (now we can finally say so!) support for Vue, new intentions for JavaScript, full support for GitHub pull requests, and much more!
PyCharm

PyCharm 2020.2 comes out with a lot of improvements to increase your productivity and code quality. Now you can perform the full Pull Request workflow without leaving your IDE, using PyCharm’s newly designed UI. You can also easily catch exceptions in your code with the new preview window that will stop the code execution and point out the line of code that is generating the problem. Finally, changing method signatures and renaming classes have been made easier with the new in-place refactoring feature. Just type your changes in the editor, review it, and apply it to all its usages.
RubyMine

RubyMine 2020.2 introduces a new way to review problems in code, a whole host of new intention actions, support for the Liquid template language, full support for GitHub pull requests, and many more new features for Ruby, Rails, JS, and database tools.
ReSharper

ReSharper 2020.2 brings new inspections and quick-fixes for C#8 and nullable reference types, the much-awaited Code Cleanup on Save, and a revamped Unit Test Runner. Also, ReSharper C++ brings you to the next level of Unreal Engine development and comes with a lot of improvements for C++/CLI support, navigation, and code analysis.
Please note the new licensing for ReSharper covered in this blog post.
icon_AppCode

AppCode 2020.2 is here with initial Swift Package Manager support, speed improvements for code completion, navigation, and highlighting, the Change Signature refactoring for Swift, a brand new Problems view and inspection widget, full support for GitHub pull requests, and more!
PhpStorm

PhpStorm 2020.2 is a major update for the IDE. It brings support for PHP 8 Union Types, a new control flow engine for PHP, full GitHub pull requests workflow support inside the IDE, a brand-new Inspection Widget, OpenAPI support via a plugin, and more.
GoLand

GoLand 2020.2 includes new features for Go Modules, better presentation of possible problems and weak places in your code, new code inspections, new code editing features, such as the long-awaited Add Caret Per Selected Line, updates for version control including WSL2 support for Git on Windows, and more!
Rider

Rider 2020.2 delivers several highly requested features such as the Localization Manager to help you work with resources in your app or website, and Shader support in our Unity integration. We’ve completely reworked the Unit Test Runner and the debugger API to make them faster, more powerful, and more stable.
CLion

CLion 2020.2 covers a wider variety of C++ projects by adding Makefile projects and polishing CMake support. Thanks to better compliance with the C++20 standard, many reworked code analysis checks, and new unit testing abilities, writing high-quality modern C++ code has never been easier.
DataGrip

DataGrip 2020.2 brings a separate editor for cell values, DML preview in the data editor, Google BigQuery dialect, and more!

With these releases out, we’ve already started working on further improvements. This means that early access programs for 2020.3 should open very soon. Stay tuned!

Your JetBrains team

Continue Reading JetBrains Toolbox 2020.2. Summary

JetBrains Security Bulletin Q2 2020

In the second quarter of 2020, we resolved a number of security issues in our products. Here’s a summary report that contains a description of each issue and the version in which it was resolved.

Product Description Severity Resolved in CVE/CWE
Datalore Stack trace disclosure. (DL-7350) Low Not applicable CWE-536
Datalore Reverse tabnabbing was possible. (DL-7708) Low Not applicable CWE-1022
JetBrains Account Throttling for reset password functionality was missing if 2FA was enabled. Reported by Manu Pranav. (JPF-10527) Medium 2020.06 CWE-799
JetBrains Website Stack trace disclosure in case of an incorrect character in request. (JS-12490) Low Not applicable CWE-536
JetBrains Website Reflected XSS on jetbrains.com subdomain. Reported by Ritik Chaddha. (JS-12562) Low Not applicable CWE-79
JetBrains Website Open-redirect issues on kotlinconf.com. Reported by Ritik Chaddha. (JS-12581) Low Not applicable CWE-601
JetBrains Website Clickjacking was possible on a non-existent page. Reported by Pravas Ranjan Kanungo. (JS-12835) Low Not applicable CWE-1021
YouTrack Subtasks workflow could disclose the existence of an issue. (JT-45316) Low 2020.2.8527 CVE-2020-15818
YouTrack An external user could execute commands against arbitrary issues. (JT-56848) High 2020.1.1331 CVE-2020-15817
YouTrack SSRF vulnerability that allowed scanning internal ports. Reported by Evren Yalçın. (JT-56917) Low 2020.2.10643 CVE-2020-15819
YouTrack It was possible to change a redirect from any existing YouTrack InCloud instance to another instance. (JT-57036) Medium 2020.1.3588 CWE-601
YouTrack The markdown parser could disclose the existence of a hidden file. (JT-57235) Low 2020.2.6881 CVE-2020-15820
YouTrack A user without the appropriate permissions could create an article draft. (JT-57649) Medium 2020.2.6881 CVE-2020-15821
YouTrack The AWS metadata of a YouTrack InCloud instance was disclosed via SSRF in a workflow. Reported by Yurii Sanin. (JT-57964) High 2020.2.8873 CVE-2020-15823
YouTrack SSRF was possible because URL filtering could be escaped. Reported by Yurii Sanin. (JT-58204) Low 2020.2.10514 CVE-2020-15822
Kotlin Script cache privilege escalation vulnerability. Reported by Henrik Tunedal. (KT-38222) Medium 1.4.0 CVE-2020-15824
Space Draft title was disclosed to a user without access to the draft. (SPACE-5594) Low Not applicable CWE-200
Space A missing authorization check caused privilege escalation. Reported by Callum Carney. (SPACE-8034) High Not applicable CWE-266
Space Blind SSRF via calendar import. Reported by Yurii Sanin. (SPACE-8273) Medium Not applicable CWE-918
Space Drafts of direct messages sent from the iOS app could be sent to the channel. (SPACE-8377) Low Not applicable CWE-200
Space Chat messages were propagated to the browser console. (SPACE-8386) High Not applicable CWE-215
Space Missing authentication checks in Space Automation. (SPACE-8431) Critical Not applicable CWE-306
Space Missing authentication checks in Job-related API. (SPACE-8822) Low Not applicable CWE-306
Space Incorrect checks of public key content. (SPACE-9169) Medium Not applicable CWE-287
Space Stored XSS via repository resource. (SPACE-9277) High Not applicable CWE-79
Toolbox App Missing signature on “jetbrains-toolbox.exe”. (TBX-4671) Low 1.17.6856 CVE-2020-15827
TeamCity Users were able to assign more permissions than they had. (TW-36158) Low 2020.1 CVE-2020-15826
TeamCity Users with the “Modify group” permission could elevate other users’ privileges. (TW-58858) Medium 2020.1 CVE-2020-15825
TeamCity Password parameters could be disclosed via build logs. (TW-64484) Low 2019.2.3 CVE-2020-15829
TeamCity Project parameter values could be retrieved by a user without the appropriate permissions. (TW-64587) High 2020.1.1 CVE-2020-15828
TeamCity Reflected XSS on administration UI. (TW-64668) High 2019.2.3 CVE-2020-15831
TeamCity Stored XSS on administration UI. (TW-64699) High 2019.2.3 CVE-2020-15830
Upsource Unauthorized access was possible through an error in accounts linking. (SDP-940) Low 2020.1 CVE-2019-19704

If you need any further assistance, please contact our Security Team.

Subscribe to receive the bulletin in your mailbox.

Your JetBrains Team
The Drive to Develop

Continue Reading JetBrains Security Bulletin Q2 2020

Partner with JetBrains Space to Grow Your Business

partners

Space is designed as a platform from day one, both in terms of extensibility and having a partner ecosystem in mind. Whether you are a reseller, a professional services provider, or a software vendor who would like to build on top of our platform, there are rich opportunities to collaborate and grow your business with Space.

We have created three partner programs which should cover most partnership business models: Channel Partnership, Service Partnership, and Technology Partnership.

Channel Partnership

Working with channel partners (such as resellers, distributors, VARs, and VADs) helps JetBrains reach and assist customers in more territories and industries than we would ever be able to cover ourselves.

As an integrated team environment, Space will need an even more extensive channel partner network to ensure that we reach all prospective customers.

There are plenty of benefits, including generous reseller margins, lead sharing, sales and marketing support, training, an online reseller portal, and much more.

Learn more and apply to become a Channel Partner.

Service Partnership

A professional services partner ecosystem will help Space grow and mature in even more territories and target industries. Because Space may require some handholding when introduced into a customer’s organization, this presents excellent opportunities for consulting, training, and deployment partners.

On the toolchain side, Space does not exist in a vacuum. There is already a wide range of collaboration tools used in organizations, which makes this a perfect market for our implementation, custom integrations, and data migration partners to tackle.

There are plenty of benefits, including financial incentives, lead sharing, training, technical certification, no competition from the vendor (as JetBrains relies on partners to provide services), and much more.

Learn more and apply to become a Service Partner.

Technology Partnership

Space can be easily customized and extended to meet the unique needs of any organization. Our customers and technology partners can create applications, integrations, workflows, and publish them on JetBrains Marketplace, or use them in their own Space organizations. Support for both free and paid extensions is coming soon.

The technology partnership program is designed for closer collaboration between the JetBrains Space team and software vendors. It also targets collaboration with individual developers building on top of the Space platform, and especially those building their technology-oriented business on top of our tools.

Learn more and apply to become a Technology Partner.

We can envision and accommodate a wide range of joint opportunities beyond these programs. If none of the pre-designed partner programs seems like a 100% fit for you, please contact us by completing any of the available program application forms.

Many JetBrains partners already mix and match our partner programs. For example, you can develop applications and provide services as a reseller, while at the same time consulting customers as a technology partner, with no restrictions.

Let’s be partners!

Continue Reading Partner with JetBrains Space to Grow Your Business

The State of Developer Ecosystem 2020

Check out the fourth annual JetBrains report on the state of the developer ecosystem! 

This year it includes more topics than ever before, as well as insights into the lives of developers.

Along with the 15 languages and dozens of technologies we’ve covered before, this year we’ve added some new sections: R language, Microservices, Testing, Big Data, and even developer lifestyles!

This time we adopted a new methodology that let us include far more responses than in previous years. This report is based on the opinion and experiences of almost 20,000 developers.

1200x675_blog_post_with_border

Here are just a few of the fascinating facts we’ve uncovered:

  • Python has overtaken Java in the list of languages used in the last 12 months, but Java is still the most widespread primary language.
  • Go, Kotlin, and Python are the top 3 languages developers are planning to adopt or migrate to.
  • Websites are the most common type of application that developers work on. Almost 70% of developers who work on websites are involved in backend development.
  • The main hobby developers pursue in their free time is… drum roll, please… programming! 

We will share the complete results along with the anonymized raw data later, so stay tuned!

VIEW THE STATE OF DEVELOPER ECOSYSTEM 2020 REPORT

We would like to thank every one of the 34,076 developers who took part in the survey. You’ve helped us create an up-to-date picture of the developer world, share exciting facts with the community, and even opened our eyes to new horizons and ideas to improve our products. Thank you!

Do you enjoy learning new things about the Ecosystem and the development community? Join our Research panel! You’ll be first in line to participate in our Developer Ecosystem Survey 2021, as well as many other surveys and other research activities like interviews and UX studies. Our panelists are eligible for cool prizes, too.

Continue Reading The State of Developer Ecosystem 2020

Big Data Tools EAP Is Now Also Available for DataGrip and PyCharm

At the end of last year, we announced a preview of the IntelliJ IDEA Ultimate plugin that integrated Apache Zeppelin notebooks into the IDE. At the same time we shared our roadmap, in which we promised to support more tools for working with Big Data. Since then, the plugin team has been working hard and has extended the plugin with support for Apache Spark, Apache Hadoop’s HDFS, AWS S3, Google Cloud Storage, and Parquet files.

Because the plugin originally started with the Scala support in Zeppelin notebooks, it was reasonable for it to only be available for IntelliJ IDEA Ultimate. Now that the plugin supports a much wider set of scenarios and tools, the time has come to make it available for other IDEs too. With that, we are excited to announce that Big Data Tools is now also available for DataGrip and PyCharm Professional.

Why DataGrip and PyCharm? Big Data Tools is one of the first JetBrains plugins that aims to solve problems involving both code and data. Since the plugin offers tools for working with data, we think it’s logical to make the plugin available to DataGrip users. We believe the plugin will extend the capabilities of DataGrip users when it comes to working with distributed file storage systems and columnar file formats. At the same time, the users of PyCharm who use PySpark or who also work with data will benefit from having this plugin available in their IDE.

It’s important to highlight that Big Data Tools is still under EAP and has some limitations. One of the most important limitations, for now, is that the current version of the plugin for PyCharm and DataGrip offers all features that are available in IntelliJ IDEA except Zeppelin notebooks. Adding Zeppelin notebooks support is in our roadmap and we hope to have it soon.

The current feature set includes:

  • A file browser for distributed file storage systems, such as AWS S3, HDFS, GCS (support for other cloud storage is coming soon, too, e.g. Microsoft Azure). With this browser, you can browse folders and files, preview files, and manage files, e.g. creating, copying, renaming, deleting, uploading, and downloading them.

  • A viewer for columnar file formats, such as Parquet (the support for other formats is coming soon too, e.g. Avro and ORC).

  • A monitoring console for Spark clusters. With this console, you can browse cluster nodes, Spark jobs, their stages, and tasks.

Please note that the plugin is currently available for IDEs with version numbers 2020.1 or higher.

Additional information on the plugin can be found in the plugin repository.

Documentation for the plugin is now available for both DataGrip and PyCharm.

The easiest way to install the plugin is by opening the IDE’s Plugin settings, clicking Marketplace, searching for “Big Data Tools”, installing and then restarting the IDE.

Feel free to try the plugin, share your feedback, and spread the word!

The JetBrains team
The Drive to Develop

Continue Reading Big Data Tools EAP Is Now Also Available for DataGrip and PyCharm

Toolbox App 1.17 is Out: Quality Improvements Arrive with a New Build Completely Rewritten in Kotlin

TL;DR Focusing on the quality of the Toolbox App, we have completely rewritten it in Kotlin. We’ve introduced a new Settings page, updated system requirements, and fixed dozens of bugs.

Toolbox App 1.17 Released

In this update, we’ve focused on bug fixes and on the overall quality of the Toolbox App.

The story

The Toolbox App began as a Hackathon project, though it had a different name. The state of the technology was very different at the time, however. Java was still in version 8, and Kotlin had not been released yet. We decided to try something new, so we implemented the core of the application in C++, and for the UI we used React with our own Ring UI library. This latter part has stayed with us through all these years and has proved itself to be successful. The elegant and polished interface is not only pleasing for the eyes, but it is also easy to develop and allows us to effortlessly present rich content in the “What’s new” notes for our products.

On the other hand, the core written in C++ is different. C++ is a powerful language (sometimes too powerful for our use case), and it often requires a “gloves-on” approach. Every time we switched to it from other projects that used Kotlin, we weren’t as productive as we had been before. It was also impossible to share code between the IntelliJ Platform and the Toolbox App, which would have benefitted both parties. The tool landscape has also changed. With the arrival of modular JDK, it is now possible to bundle a very small runtime with the app or even compile it to native code with Kotlin/Native.

With all this in mind, we made a decision last year to rewrite the core of the Toolbox App in Kotlin, and we are now happy to present the result. In this first iteration, we deliberately made as few changes as possible and stayed close to the original codebase, except, of course, for some third-party dependencies that we needed to replace with their JVM counterparts. Luckily there is no lack of high-quality Java libraries out there. You can easily find one for every purpose.

We didn’t want to repeat the same mistakes though, so when we needed to rewrite something from scratch, we fixed some bugs in the relevant components, as well. Below is a brief overview of the changes we’ve made.

Download the Toolbox App

Bug fixes

Depending on your preferred operating system, we’ve reimplemented the system tray icon (on Windows), menu bar icon (on macOS), and appindicator (on Linux). It now correctly appears in most cases and is no longer blurred on HiDPI screens. Improved screen detection also fixes a number of issues with incorrect application scaling. Many performance issues have been resolved, as well.

On Linux, JetBrains Account credentials are now stored correctly and the app handles SSL certificates better.

You can find the full list of resolved issues here.

Proxy servers

Previously, the Toolbox App always used the system proxy if it was set. It wasn’t possible to change the proxy address or to turn it off. There is now a dedicated page in Settings for setting up a custom proxy server and enabling and disabling it when necessary.

Proxy Settings

Settings

Speaking of settings, we’re happy to introduce the revamped Settings page. We’ve regrouped all options and made the most important categories available at a glance.

Toolbox App 1.17 Settings

System requirements

As we’ve previously announced, we are dropping support for 32-bit Windows. We are also updating the minimum supported OS versions to Windows 8 or newer and macOS 10.13 or newer. This change brings our system requirements into alignment with those of all the JetBrains IDEs which will not run on older OS versions. For Linux, we generally support only the latest regular and LTS releases.

Even though there might be not so many visible changes in the application, this update builds a solid foundation for future improvements. We are already working on some of the suggestions you shared with us on New Year’s Eve.

Thank you for your collaboration and your helpful feedback! We are listening!

Download the Toolbox App

Stay home, stay healthy, and stay tuned!
The Toolbox App team

Continue Reading Toolbox App 1.17 is Out: Quality Improvements Arrive with a New Build Completely Rewritten in Kotlin

JetBrains Toolbox 2020.1 is Available: Update Your Tools

The time has come to update your tools and start using their new features. All the JetBrains IDEs are now polished and new, ready for you to create something great.

Take a look at this short summary of what you can find in the new versions of the JetBrains IDEs.
We would also like to remind you that the easiest way to update your tools is via the Toolbox App.

Download the Toolbox App

IntelliJ IDEA

IntelliJ IDEA 2020.1 adds support for Java 14 and new features for a number of frameworks, upgrades the debugger with dataflow analysis assistance, adds a new LightEdit mode, and downloads and configures the JDK for you. You will also discover new in-place Rename and Change Signature refactorings, in-editor rendering of Javadocs, lots of VCS improvements, and so much more.
WebStorm

WebStorm 2020.1 comes with a more polished look and feel, out-of-the-box support for Vuex and Vue Composition API, an option for running Prettier on save, and some improvements for JavaScript and TypeScript.

Rider

Rider 2020.1 features the new .NET Core edition and Xamarin Hot Reload. Profiling is now easier with a brand new feature called Dynamic Program Analysis. The editor’s severity can now be configured with one click, and Unity developers benefit from lots of major updates and fixes.
PhpStorm

PhpStorm 2020.1 provides out-of-the-box support for composer.json, PHP type inference improvements, support for code coverage with PCOV and PHPDBG, PHPUnit toolbox, the Grazie grammar checker, and many other improvements.
GoLand

GoLand 2020.1 includes a variety of upgrades for Go Modules support, code-editing features that require little to no interaction from the user, an expanded code completion family, and more!
PyCharm

PyCharm 2020.1brings a lot of things that make development easier, like interactive rebasing, smart debugging, and more. It is now possible to turn the commit dialog into a tool window that’s open next to your code. In the debugger, what used to be Smart Step Into has become even smarter yet and is now the default Step Into.
CLion

CLion 2020.1 brings dozens of improvements across many IDE features. This includes CUDA support, formatter and refactoring enhancements, deeper integration with Clang-based tools, and new options in Run/Debug configurations. For Windows developers the new version comes with support for the Clang-cl compiler, while for Embedded projects CLion adds IAR compiler support and an experimental PlatformIO plugin.
RubyMine

RubyMine 2020.1 improves navigation between Rails entities and adds smarter code assistance. Setting up run configurations, SSH, and Docker are now more convenient. The new LightEdit mode allows you to quickly edit files without loading a project. This update also includes improvements for version control, the terminal, JS, and database tools.
icon_AppCode

AppCode 2020.1 brings completion during indexing, faster code assistance in pure Swift and mixed projects, the generation of documentation comments, new inspections and intentions, the Type Hierarchy view for Swift, and new sorting modes for the Swift Structure view.
ReSharper

ReSharper Ultimate 2020.1 offers support for more C# 8.0 and C++20 features, Dataflow Analysis for integer values, and some performance modifications under ReSharper’s hood. Also, ReSharper C++ includes better code completion, new inspections with quick-fixes, and initial HLSL support.
ReSharperC++

ReSharper C++ 2020.1 includes more support for C++20 features, better code completion, and new inspections with quick-fixes. For game developers, this release better aligns with Unreal Engine 4 guidelines and introduces initial HLSL support.
DataGrip

DataGrip 2020.1 makes it possible to run configurations and export to Excel. It also includes results in the editor, geo viewer, and more!

In the meantime, all the product teams have started working on the newest features and upcoming EAPs for the 2020.2 release. Stay tuned to the dedicated product blogs for news about their progress. And don’t forget to follow us on Twitter.

Stay home, stay healthy, have fun!
The JetBrains team

Continue Reading JetBrains Toolbox 2020.1 is Available: Update Your Tools

JetBrains Security Bulletin Q1 2020

In the first quarter of 2020, we resolved a number of security issues in our products. Here’s a summary report that contains a description of each issue and the version in which it was resolved.

Product Description Severity Resolved in CVE/CWE
Datalore User’s SSH key can be deleted without appropriate permissions. Reported by Callum Carney (DL-7833) Moderate Not applicable CWE-639
Datalore SSRF could be caused by an attached file. Reported by Callum Carney (DL-7836) High Not applicable CWE-918
GoLand Plain HTTP was used to access plugin repository (GO-8694) Low 2019.3.2 CVE-2020-11685
IntelliJ IDEA License server could be resolved to untrusted host in some cases (IDEA-219748) High 2020.1 CVE-2020-11690
JetBrains Account Non-unique QR codes were generated during consequent attempts to set up 2FA (JPF-10149) Low 2020.01 CWE-342
JetBrains Account Clickjacking was possible on a JetBrains Account page. Reported by Raja Ahtisham (JPF-10154) Moderate 2020.01 CWE-1021
JetBrains Account Customer name enumeration by numeric customer ID was possible (JPF-10159, JPF-10301) High 2020.03 CWE-200
JetBrains Account Country value coming from a user wasn’t correctly validated (JPF-10258) High 2020.02 CWE-285
JetBrains Account Information disclosure from JetBrains Account was possible via the “Back” button. Reported by Ratnadip Gajbhiye (JPF-10266) Low 2020.02 CWE-200
JetBrains Website Reflected XSS at jetbrains.com was possible. Reported by Rahad Chowdhury (JS-11769) High Not applicable CWE-79
Hub Content spoofing at Hub OAuth error message was possible (JPS-10093) Moderate 2020.1.12099 CVE-2020-11691
Plugin Marketplace Uploading malicious file via Screenshots form could cause XSS (MP-2637) Moderate Not applicable CWE-79
PyCharm Apple Notarization Service credentials were included in PyCharm distributive for Windows. Reported by Ruby Nealon (IDEA-232217) High 2019.3.3, 2019.2.6 CVE-2020-11694
Space Session timeout period was configured improperly (SPACE-4717) Low Not applicable CVE-2020-11795
Space Stored XSS in Space chats was possible. Reported by Callum Carney (SPACE-6556) Moderate Not applicable CVE-2020-11416
Space Password authentication implementation was insecure (SPACE-7282) High Not applicable CVE-2020-11796
TeamCity Password values were shown not being masked on several pages (TW-64186) Low 2019.2.2 CVE-2020-11687
TeamCity Project administrator was able to see scrambled password parameters used in a project (TW-58099) Moderate 2019.2.2 CVE-2020-11938
TeamCity Project administrator was able to retrieve some TeamCity server settings (TW-61626) Low 2019.1.4 CVE-2020-11686
TeamCity Application state kept alive after a user ended their session (TW-61824) Low 2019.2.1 CVE-2020-11688
TeamCity A user without appropriate permissions was able import settings from settings.kts (TW-63698) Low 2019.2.1 CVE-2020-11689
YouTrack DB export was accessible to read-only administrators (JT-56001) Low 2020.1.659 CVE-2020-11692
YouTrack DoS could be performed by attaching a malformed TIFF to an issue. Reported by Chris Smith (JT-56407) High 2020.1.659 CVE-2020-11693

If you need any further assistance, please contact our Security Team.

Subscribe to receive the bulletin in your mailbox.

Your JetBrains Team
The Drive to Develop

Continue Reading JetBrains Security Bulletin Q1 2020

The JetBrains Toolbox browser extension now works on self-hosted GitHub, GitLab, and Bitbucket instances

We’ve updated the JetBrains Toolbox browser extension for Chrome and Firefox. It can now clone and open files from private instances in JetBrains IDEs, whether you use corporate repositories at GitHub Enterprise or self-hosted GitLab or Bitbucket instances.

Install the extension

Please keep in mind that to start using this extension with private instances, you first need to enable it on your custom domain. Follow the steps below:

  1. Install the extension if you haven’t yet done so.
  2. Right-click the Toolbox extension icon on the browser toolbar to open its preferences.
  3. Tick “Enable on this domain” to enable the extension on the current webpage.

Toolbox extension at GitHub Enterprise

Now the Toolbox extension should work on your self-hosted instances, giving you access to the functionality that was previously available for open-source repository hosting services:

  • Clone projects from the main GitHub, GitLab, and Bitbucket repositories, and open them in available JetBrains IDEs.
  • Navigate from a highlighted line of code in a previously cloned GitHub project to that line in your IDE.

Read more about the main features of the Toolbox extension in this blogpost.

Stay home, stay healthy, stay productive!
The JetBrains Toolbox team

Continue Reading The JetBrains Toolbox browser extension now works on self-hosted GitHub, GitLab, and Bitbucket instances

The JetBrains Website is Now Available in Brazilian Portuguese

Read this post in Brazilian Portuguese

A couple of months ago we launched the JetBrains site in 7 new languages. Today we’re happy to announce that we’re adding Brazilian Portuguese to the list of supported languages.

You can change the language of the site anytime: just use the switch at the bottom of the page.

We would love to get your feedback on our Brazilian Portuguese website: there’s a button on the right-hand side of every page that you can use to highlight an area on the page and provide a comment.

Check out our website in Brazilian PortugueseChinese (Simplified), French, German, Japanese, Klingon, Korean, Russian, Spanish, or English!

The JetBrains Team

Continue Reading The JetBrains Website is Now Available in Brazilian Portuguese

JetBrains 20th Birthday Round-up

On February 5th we celebrated JetBrains 20th birthday with our beloved community online and in the special section of JetBrains 2019 Annual Highlights. Thank you for the heartfelt and warm birthday greetings that we received. We appreciate the love and would like to share a few of the many birthday wishes that hit home!

@RobEden on Twitter
Congratulations on 20 years, JetBrains! Your tools have made me a better developer. I love how, even as the company has grown, it’s always been clear that my feedback matters. #JB20Bday

@CalvinNrnha on Twitter
Started using @androidstudio and appreciated it for it’s amazing feature set. Found out that it’s based on IntelliJ IDEA. Started using @pycharm @WebStormIDE @intellijidea and @kotlin First thing I search when learning a language – does JetBrains make an IDE for it? #JB20Bday

Davyd McColl on Facebook
Favorite JB products? All of them! I use Rider, Webstorm, Datagrip, dotPeek daily. But any time I try another, it feels like home.

Mikael Rozee on LinkedIn
I’ve been using JetBrains products for nearly 8 years now. They make the transition between technologies or languages much smoother as I know I always have a robust IDE to depend on.

Bernard Deffarges on LinkedIn
Happy birthday! I have been using IntelliJ for 20 Years and I’m still developing with pleasure. IntelliJ has been a companion that became more helpful with every release. Whenever I move to a new company, my first question is always “can I work with JetBrains tools?”. It’s an amazing work you have done!

@Ned.yotov on Instagram
Wow 20 years 0.0 I was just starting with JS 6 or 7 years ago, and trying different IDEs and editors and friend recommended me WebStorm with university licence that we had. I used Uni edition as long as I could and than started to pay for my own licence – since it is the best IDE that I customised so much with shortcuts and plugins, so I can’t think of changing it 🙂 #JB20Bday

JetBrains’ 20th birthday celebration continued into Friday with beautifully organized site parties that included cake, games, music, dancing, and hours of fun. Here’s a small taste of the action from our offices.










It’s been a great 20 years and we’re already looking forward to the next milestone, whatever that may be!

Continue Reading JetBrains 20th Birthday Round-up

End of content

No more pages to load