In our previous blog post we discussed the challenges with relying on external servers for downloading pre-build tools such as Curl, CLI, wget, Maven, Gradle, npm and others. We discussed how they can sometimes cause stability issues, also called “Environmental Issues”, that will break the build.
For some organizations, even the best isn’t quite enough. That’s why JFrog Xray provides a way for you to specify your own additional data, to detect even more sensitive issues in your binaries before they can reach production. JFrog Xray is a tool for DevSecOps teams to gain insight into the open source components used in their applications.
We’re excited to announce the new and improved ConanCenter! Use our new center with an enhanced UI experience to discover your favorite Conan C/C++ packages. If you’re not familiar with Conan yet, it’s a decentralized package manager for C/C++ that empowers developers to share packages through a push-pull model similar to Git. ConanCenter is a central repository for open source Conan packages, created and maintained by JFrog.
Golang developers care a lot about security and as Go modules become more widely used, they need more ways to assure these publicly shared files are safe. One unique feature included with Golang version 1.13 is the foresight that went into authentication and security for Go modules. When a developer creates a new module or a new version of an existing module, a go.sum file included there creates a list of SHA-256 hashes that are unique to that module version.
In the holiday spirit, we’re bringing a little cheer to the Golang community by celebrating the achievements of some noteworthy Go module authors. We’re excited to launch a new program within JFrog GoCenter that honors select “Top Gophers.” Using key metrics of success such as number of downloads and imports, quality metrics, and usage in GoCenter, we aim to highlight projects that we think are really helping improve software development for the Go developer community.
In recent weeks, some of the most recognizable companies in the DevOps space have had their foundations rattled, perhaps shaking developer confidence. The acquisition of Docker Enterprise by Mirantis, the acquisition of Sonatype (Nexus) by a capital firm and the open-sourcing of Quay by Red Hat leave many development shops wondering what will happen next with their strategic tool choices.
JFrog is excited to announce it has expanded its DevOps offerings on the AWS Marketplace to include the most advanced Container Registry in the market, and an advanced Universal DevSecOps solution allowing developers to invent the best code ever while leaving the overhead to us. In this blog, we will introduce our latest offerings – JFrog Container Registry and Cloud Pro X.
Developing for Google Cloud Run in a hybrid system managed by Anthos isn’t a solo race, it’s a relay between cloud and on-prem. To win, you’ll need an advanced Docker registry that can swiftly pass your containers for Cloud Run functions from one environment to the next. In our example hybrid architecture, you’ll see how JFrog Container Registry can be that reliable relay partner.
Ever since container technology hit the scene in 2013, it’s generated excitement from developers and operations teams. Using containers to deliver apps and microservices helps enable large scalable deployments with smoother rollouts, accomplishing in minutes what used to take hours, if not days. Delivering the containers themselves, however, can still be challenging to do across all types of modern infrastructure.
For over a decade, JFrog has been performing heavy lifts. We pioneered artifact management, have served developers with industry-leading tools, and helped them get containers quickly and safely where they need to go. Today we’re delighted to announce JFrog Container Registry, the world’s most advanced, fully hybrid Docker registry that’s free to use on-prem, in the cloud, or both.
