Dear Consortium Members and Affiliates,
We hope this January update finds you healthy with a downturn in COVID cases in your region on the horizon. There's no apparent slowdown in science despite the latest surge, and our monthly news includes reminders about recent and upcoming webinars, a software push with 6 updates and 1 new title, 6 new members to welcome, information on the response to Log4j, a new position posting fromModeX Therapeutics, and 3 member publication highlights.
Jesse Hopkins opened up our webinar series in 2022 with a presentation on BioXTAS RAW, an open-source program for bioSAS data analysis, which is now up on our YouTube channel. Also newly posted is an earlier presentation from Florent Delhommel of Michael Sattler's group that we were holding until the data was published. You can find both of these talks, along with many others, on the SBGrid YouTube channel.
Our January software push includes updates to Bowtie, cryoDRGN, DENSS, ISOLDE, MoRDa, and PyEM, and one new title: PROPKA. See Software Changes below for complete details.
The new year brought six new SBGrid members, two from institutions already familiar to SBGrid - Ahmad Jomaa at University of Virginia and James Keck from University of Wisconsin-Madison, along with four from institutions new to us: Steffen Bruenle from Leiden University in The Netherlands, Katharine Michie from University of New South Wales in Australia, Christian Parry from Howard University, and Loxo Oncology. Welcome to our newest members!
Technical notes from our Software Team
SBGrid and Log4j
In late 2021, a potentially serious remote code execution vulnerability was identified in the java logging library Log4j (CVE-2021-44228), which prompted wide-spread news coverage and IT security activity. It was revealed that web application servers (Apache, Tomcat, or other Java web servers) using log4j may have "a remotely accessible endpoint that allows an attacker to send arbitrary data" (see https://access.redhat.com/security/cve/cve-2021-44228), meaning an attacker could use a web server to execute arbitrary malicious code via network access.
While the log4j package is included in some scientific applications in the SBGrid/BioGrids collections, exploiting the log4j vulnerability in this context is unlikely. Scientific programs are not typically run as services. Users execute them directly and, more importantly, do not listen for arbitrary network input that is necessary to exploit CVE-2021-44228, or have privileged access to system resources. Out of an abundance of caution and to further mitigate risk, we have removed the affected Java class files (`org/apache/logging/log4j/core/lookup/JndiLookup.class`) from SBGrid/BioGrids components. This modification should rule out the theoretical possibility of a malicious data file (or web service being used by an SBGrid/BioGrids application) being used to exploit the log4j vulnerability.
Community Position Postings
Seeking a highly skilled and motivated scientist to support biologics characterization, developability, and optimization for developing innovative biotherapeutics. This is an exciting opportunity to be part of a cross-functional team and contribute to the development of next-
Over 75 new member publications appeared in journals this month. You can find a complete listing on our website, along with a couple of notable highlights below:
Deposit your experimental datasets: If you're currently preparing a manuscript, please remember that, while you're making the PDB record deposit and publication submission, you can also preserve your primary experimental datasets with deposits to the SBGrid Data Bank.
Acknowledge SBGrid: SBGrid operations are funded with member fees and grants, so we are grateful when you are able to acknowledge SBGrid in your presentations and publications.
Please use this SBGrid logo on the acknowledgements slide of your presentations.
We recommend the following boilerplate language for inclusion in publications that report results obtained with SBGrid supported software:
SBGrid citations: SBGrid's eLife paper received 3 new citations in the month of January, from these SBGrid-member laboratories: George Phillips of Rice University in Acta Crystallographica: The crystal structure of DynF from the dynemicinbiosynthesis pathway of Micromonospora chersina; Jennifer Bridwell-Rabb of University of Michigan in Nature Communications: Design principles for site-selective hydroxylation by a Rieske oxygenase; and Catherine Drennan of MIT in Journal of Structural Biology: Effects of chameleon dispense-to-plunge speed on particle concentration, complex formation, and final resolution: A case study using the Neisseria gonorrhoeae ribonucleotide reductase inactive complex.
Bowtie 2 release 2.4.4 is now available.
DENSS was updated with commit 20211201.
ISOLDE 1.3 is out and ISOLDE's reference model restraints have been updated and improved to use AlphaFold's confidence in its own predictions. Also new is a "Problem Zones" widget that uses spatial clustering to find and fix issues, particularly during the early stages of modeling.
MoRDa 46 includes improvements to the structure solution program is a database extension.
PROPKA is new to SBGrid at version 3.4.0. PROPKA predicts the pKa values of ionizable groups in proteins and protein-ligand complexes based on the 3D structure.
PyEM release 20220107 is available.
Please note that not all software applications are available to every SBGrid member type. If you see an application that you would like to use, but is not included in your software tree, please contact us to find out what options are available for access.
This newsletter is sent to you because you are a member or affiliate of the SBGrid Consortium, the Structural Biology Grid computing consortium.
More information about the SBGrid Consortium is available at https://sbgrid.org
Report software bugs: sbgrid.org/bugs