%term

The latest News and Information on Continuous Integration and Development, and related technologies.

Golden Paths Made Easy With Cloudsmith

Jul 14, 2025 By Cristian Garcia In Cloudsmith

Over the past few years, Platform Engineering has taken off as more and more as enterprise organisations adopt the practice of creating a centralised, self-service interface for developers to access the tools they need in order for them to do the job they were meant to do: build amazing software. At the heart of every Golden Path lies the ability to reliably produce, store, and consume build artifacts, from container images to internal libraries.

Read Post

Cloudsmith

Read more about Golden Paths Made Easy With Cloudsmith

The creator's mindset that makes AI your superpower

Jul 10, 2025 By CircleCI In CircleCI

When you focus on creating products people love rather than protecting how you work, AI becomes your ultimate creative accelerant. Rapid exploration, faster iteration, and the ability to try multiple ideas quickly.

View Video

CircleCI

CI CD
DevOps

Read more about The creator's mindset that makes AI your superpower

From painted doors to real prototypes - a mindset shift

Jul 10, 2025 By CircleCI In CircleCI

The economics of building software are changing everything. For years, entrepreneurs used "painted doors" - fake features to test demand - because building was too expensive. But when AI drops development costs, you can create real prototypes and gather genuine user data instead of pretending. This mindset revolution treats experiments like cheap option contracts - the lower the cost, the more you can explore. Ready to abandon painted doors for unlimited experimentation?

View Video

CircleCI

CI CD
DevOps

Read more about From painted doors to real prototypes - a mindset shift

How to think about quality in the age of cheap prototypes

Jul 10, 2025 By CircleCI In CircleCI

When AI makes prototyping incredibly cheap, your old quality standards become a bottleneck. The key mindset shift? Quality doesn't matter equally everywhere. You can experiment with lower-quality prototypes to learn faster, then apply high standards only to what customers actually see. This isn't about lowering standards - it's about applying the right quality mindset at the right stage. Stop letting perfectionism slow down your learning phase.

View Video

CircleCI

CI CD
DevOps

Read more about How to think about quality in the age of cheap prototypes

JFrog's EveryOps Day Sydney Recap

Jul 10, 2025 By Sunny Rao In JFrog

If there’s one thing we’ve learned from years of working with innovators across industries, it’s this: Progress happens when people come together—not just to showcase, but to share, ask questions, challenge one another, push both themselves and the industry to the next level, and co-create.

Read Post

JFrog

Read more about JFrog's EveryOps Day Sydney Recap

OWASP CI/CD Part 9: Improper Artifact Integrity Validation

Jul 10, 2025 By Nigel Douglas In Cloudsmith

Improper artifact integrity validation is a critical vulnerability in CI/CD pipelines characterised by insufficient mechanisms to cryptographically verify the authenticity and integrity of code and build artifacts traversing the pipeline. When these controls are weak or absent, adversaries with access to any pipeline stage can inject malicious or tampered artifacts that appear legitimate, enabling undetected propagation through the pipeline and eventual deployment into production environments.

Read Post

Cloudsmith

Read more about OWASP CI/CD Part 9: Improper Artifact Integrity Validation

Security is a leading priority for 2025

Jul 9, 2025 By Nigel Douglas In Cloudsmith

The Cloudsmith 2025 Artifact Management Report offers timely insights into how engineering and DevOps teams are evolving their approach to software artifact management and software supply chain security. With supply chain attacks on the rise and Generative AI reshaping development practices, teams are reevaluating how they manage, secure, and scale their artifact repository infrastructure.

Read Post

Cloudsmith

Read more about Security is a leading priority for 2025

Critical RCE Vulnerability in mcp-remote: CVE-2025-6514 Threatens LLM Clients

Jul 9, 2025 By Or Peles In JFrog

The JFrog Security Research team has recently discovered and disclosed CVE-2025-6514 – a critical (CVSS 9.6) security vulnerability in the mcp-remote project – a popular tool used by Model Context Protocol clients. The vulnerability allows attackers to trigger arbitrary OS command execution on the machine running mcp-remote when it initiates a connection to an untrusted MCP server, posing a significant risk to users – a full system compromise.

Read Post

JFrog

Read more about Critical RCE Vulnerability in mcp-remote: CVE-2025-6514 Threatens LLM Clients

Atlassian research: AI adoption is rising, but friction persists

Jul 9, 2025 By Andrew Boyagi In Atlassian

Atlassian’s 2025 State of DevEx Survey reveals a paradox: AI is saving developers time, but they’re still losing time to organizational inefficiencies.

Read Post

Atlassian

Read more about Atlassian research: AI adoption is rising, but friction persists

The Artifact Management Market Is Up For Grabs

Jun 26, 2025 By Glenn Weinstein In Cloudsmith

The enterprise artifact management market - which has belonged for a while to JFrog and Sonatype - is now truly up for grabs. Cloudsmith was built on the core principle that cloud-native architecture matters. So does simplicity in design and workflow. Partnerships matter, too. We’ve built a comprehensive platform that controls and secures every artifact as it’s built, scanned, signed, stored, and shipped across the software supply chain.

Read Post