Testing is an integral part of the software development process and is one of the key ways development teams can better understand how applications function. Testing also prevents changes in the codebase that can affect other parts of the code, enabling you to measure the quality of the software and eliminate any errors before users can interact with it. Most development teams use unit and integration tests assess their software.

Ciara discusses how to analyze SBOMs for vulnerabilities using Open Source tools, and how Cloudsmith can take actions like quarantining your images if it contains vulnerabilities above a certain level.

What if there was a way to deploy a new feature into production — and not actually turn it on until you’re ready? There is! These tools are called feature flags (or feature toggles or flippers, depending on whom you ask). Feature flags are a powerful way to fine-tune your control over which features are enabled within a software deployment. Of course, feature flags aren’t the right solution in all cases.

There are multiple ways to create a task on a pull request. They can be added from the sidebar, top-level pull request comments, file-level comment or inline comments. Once created, they all appear in the sidebar. On any repository, merge checks can be configured for any branch to only allow merging if all pull request tasks are resolved. This is a very useful functionality if some tasks are critical to be resolved before changes are merged.

Software development teams face a large and growing number of obstacles: shifting design requirements, organizational blockers, tight deadlines, complicated tech stacks and software supply chains. One emerging challenge that developers and IT leaders face is the need to stay compliant with regulations and control frameworks that stipulate comprehensive data security, incident response, and monitoring and reporting requirements.