From the Frog's mouth

Accelerate Application Release with Environment as a Service

September 10, 2019

This blog is co-posted on the Quali blog. Liquid Software flows through a pipe, and that plumbing needs to be properly sealed. Releasing your application with agility requires your environment—infrastructure, applications, and data—to be ready at every point in the pipeline, from development to test to production. The different teams in that process face their…

Secure JCenter with HTTPS

September 6, 2019

Are you using Bintray JCenter to find and share public OSS JVM language packages? If so, we have some important news for you to help keep your builds running without interruption. Starting in January 2020, JCenter will only serve requests made with HTTPS. From that point on, all requests made with HTTP will be denied and…

JFrog CLI Lets You Do Magic with One Single Command

September 5, 2019

In our recent CLI 1.27.0 release, we announced one of the most useful features in JFrog CLI allowing you to perform operations on multiple repositories, by running a single command. Working with JFrog Artifactory is now smoother than ever, as you can search, upload, download, copy, move and delete files on Artifactory via the CLI,…

Building C/C++ Packages for Conan-center Made Easier with New CI Service

September 4, 2019

This blog is co-posted on the Conan blog. the Bintray Conan-center is the main repository for curated Conan packages. Users have been able to contribute to it by uploading packages to their own Bintray repositories, then submitting them via an “Inclusion Request” process. Bintray repositories account for a large number of downloads (24 million downloads…

Charting Helm Hub Through Artifactory

August 29, 2019

A great many Helm charts dot the landscape of the internet, and it can be hard to know about them all or their whereabouts. To help solve that, Helm created Helm Hub to provide a central catalog of the growing number of public Helm chart repositories. Browsing the awesome Helm Hub UI, you can see…

Artifactory 6.12 Released: Including Smart Remote Repositories on Edge Nodes

August 22, 2019

Quality is a core value at JFrog. This release of JFrog Artifactory is no exception, with heavy emphasis on releasing features and updates that are most important to you. We’re excited and proud to release Artifactory 6.12. As a precursor to the coming release of JFrog’s Unified Experience and JFrog Pipelines, Artifactory 6.12 includes: Support…

Ready, Set, GoCenter! Converting Projects for Go Modules

August 20, 2019

Ever since the introduction of Go’s new dependency management system in Go 1.11 and later, GoLang developers have embraced the package versioning solution. Those that do can use the GoCenter repository of immutable public Go modules, and gain faster Go builds with a more robust and reliable Go pipeline. But converting existing projects to use…

Kubernetes CI/CD Pipelines at Scale

August 16, 2019

This blog was originally published by Kamesh Pemmaraju on the Platform9 Blog. Kubernetes orchestrates containers reliably at scale while abstracting the underlying infrastructure. Unlike Virtual Machines, this helps developers separate the workloads from the complexities of the infrastructure. Kubernetes is ideal for CI/CD automation because it offers many built-in capabilities that makes application deployment standardized…

By 2020 Every Company will be a DevOps Company

August 15, 2019

Condensed from the keynote speech presented at swampUP 2019. I’m here to tell you that in the next year, by 2020, all companies will be DevOps companies. Now this is what you’re thinking: Here’s another cocky CEO talking on the keynote stage telling us the world is going to change in a few months. But…

4 Reasons to Automate DevOps with JFrog Pipelines

August 12, 2019

Every company is now a software company, and thus every company must become a DevOps company. While JFrog has helped thousands of companies enable DevOps, they have had to conquer one of the biggest challenges on their own: automate their entire sprawl of DevOps tools and processes. Until now. At our last swampUP user conference,…

4 Ways Xray and Artifactory Complete DevSecOps

July 30, 2019

Being universal is a huge part of what makes JFrog Artifactory so effective. Whether you use Jenkins, CircleCI, or Bitbucket to automate your CI/CD pipeline, Artifactory works with those and more. Whether you prefer to store your artifacts in an on-premises filestore or in the cloud, Artifactory will manage them. Which cloud? Artifactory is content…

5 Best Practices for GoLang CI/CD

July 24, 2019

For developers programming in long-established languages like Java, JavaScript or Python, the best way to build continuous integration and continuous delivery (CI/CD) workflows with Artifactory is pretty familiar. A mature set of dependency management systems for those languages and container solutions like Docker provide a clear roadmap. But if you’re programming your applications in GoLang,…

How to Use JFrog Artifactory and GoCenter Together to Build Go Apps

July 8, 2019

As a cloud native programming language, Go is picking up steam quite rapidly. In the latest StackOverflow Insights survey, Go was named as the third most wanted language. Go also has a vibrant community that produces a pretty stellar list of Go apps and modules and with the rise of public registries, like GoCenter, you…

Building Serverless on Kubernetes with OpenFaaS and JFrog Artifactory

June 27, 2019

Serverless (as an operational construct) and Kubernetes (as a powerful platform and enabler) are rapidly transforming how companies operate. Just looking at KubeCon + CloudNativeCon EU 2019 with close to 8000 attendees and the sold out Serverless Practitioners Summit as a pre-conference event shows how strongly developers feel the need to use them together well. …

Containing Artifactory with Red Hat UBI

July 2, 2019

Making your container smaller doesn’t always make it a good fit. It has to use and work with the components your organization requires as well. Artifactory is available for DevOps as a highly configurable, distroless image that offers many benefits, including reduced size and less potential for OS-level vulnerabilities. For some, this is not enough…

Artifactory & ElasticSearch: Analyzing your Support Bundle Logs

June 24, 2019

As an administrator, one of your daily challenges is troubleshooting ongoing events according to your own predefined parameters and filters. JFrog Artifactory logs contain different entries and events according to the activities from and to the server. Tailing these logs to search for specific entries might work in some cases, but as your environment scales,…

Automotive DevOps: Rules of the Road Ahead

June 20, 2019

Adapted from the swampUP 2019 keynote speech by Kit Merker, JFrog VP Business Development. With software powering all the devices that enable the things we do everyday, software engineers are now the mechanics that keep our modern times running. More and more, we trust the software they create with our lives. As JFrog works to…

JFrog Breaks DevOps Boundaries at swampUP 2019!

June 18, 2019

JFrog’s annual user conference has just started in San Francisco and the atmosphere is mesmerizing. This conference is for DevOps community members, supported by the major industry leaders, and dedicated to developers, to whom we listen closely every day of the year. swampUP 2019 provides four tracks to allow attendees to tailor their experiences based on…

Tallying Up: Artifactory vs GitHub Packages

June 3, 2019

GitHub recently announced a new service - GitHub Package Registry. It’s a package management service, currently in limited beta, that enables developers to publish packages next to their source code. We've heard some confusion in the community, so we wanted to set the record straight about what this announcement means to our loyal Artifactory customers.…

See Where Containers Travel with Portshift and Artifactory

June 4, 2019

Please welcome our technology partner Portshift, with this informative article that has also been posted on the Portshift company website. DevOps engineers often struggle with making their complete pipeline for Docker containers fully visible and traceable. Even after they succeed in mapping and controlling the CI/CD pipeline, there remains a gap between the pipeline and…

Shift Your IDE Left With Xray Plugins

May 28, 2019

Forewarned is forearmed,” cautions the old proverb, and that truth coined in the 16th century is even more apt for DevSecOps in the 21st. The earlier you know about vulnerabilities, the better you can avoid making them part of your software. That’s the same principle behind a “Shift Left” DevSecOps strategy. Rather than waiting for…

Steer Athens on Kubernetes with GoCenter Upstream

May 22, 2019

In a previous JFrog blog post we explored how to use Project Athens for Go modules with GoCenter as an upstream proxy. In this follow-up, we’ll examine how to install Athens into a Kubernetes cluster with GoCenter set as an upstream proxy. Athens is a Go modules repository that you can host privately on your…

Kubernetes Security: More than Meets the Eye

May 16, 2019

This blog is co-posted on the Rimas’ Mocevicius blog Evolution of Kubernetes security In the early days of Kubernetes, before Role-Based Access Control (RBAC) was introduced pods ran in the Kubernetes cluster with full admin rights when a service account was assigned. Basically, this gave users full admin rights to the cluster. Imagine how scary…

JFrog, Shippable, SwampUP and Everything in Between

May 9, 2019

You probably heard about the latest JFrog Shippable acquisition, and may have some questions. These may include, but are not limited to, “Will I have to use Shippable now?”, “Will JFrog stop supporting other CI solutions?”, “Can I still use Shippable now?”, “What’s this JFrog thing?!”, “What’s this Shippable thing?!”, “What’s up with the frog…

Protect Your Code with npm audit & JFrog Xray

May 14, 2019

One of the newest features available in the latest JFrog Artifactory version 6.10 release, is support for npm audit. What is npm audit? The npm audit command generates an audit report that provides a summary of all known security vulnerabilities in your npm packages and dependencies. It also provides npm commands and recommendations that will…

Persistence is Futile (or is it?) - How To Manage, Version and Promote Docker Volumes

May 6, 2019

In the movie Star Trek: First Contact, as the team comes across a very specific collective, they are greeted with the ever distinctive line: “We are the Borg. Lower your shields and surrender your ships. We will add your biological and technological distinctiveness to our own. Your culture will adapt to service us. Resistance is…

Leap Deep with Us into swampUP

April 23, 2019

Every year, for the past four years, JFrog has hosted the DevOps community at the annual DevOps conference. It is the premier event where you go to learn all about DevOps best practices from world-renowned companies. This year we've added a full-day training course and the possibility to get a JFrog stamp of approval with…

GoCenter’s Back to the Future Journey

April 22, 2019

Every science fiction fan knows that you can't fix the past. Try to, and it wrecks the balance of events that led to the present. That's also what we learned while making GoCenter. While trying to correct an early Go modules design choice and improve certainty, we accidentally made things harder for the Go community.…

How JFrog Makes Anthos DevOps Bloom

April 15, 2019

It must be spring, because Google has sprouted flowers, and JFrog is helping with the bouquet. At this year’s GCP Next, Google announced the rollout of Anthos (the Greek word for “flowers”), a powerful service to build and manage a modern hybrid cloud. With Anthos (formerly Cloud Services Platform), your choices in a computing platform…

Sail Athens Swiftly Upstream with GoCenter

April 12, 2019

It seems as if everyone is launching their craft into the waters of Go. Developed by Google, Go (or GoLang) has been adopted by many other major companies for developing large-scale projects. JFrog has embraced Go too, writing the JFrog CLI and JFrog Xray in Go, and making GoCenter, a public repository for Go modules,…

Two Tastes of Artifactory on Google Cloud Marketplace

April 9, 2019

When you’ve chosen Google Cloud Platform for your cloud DevOps environment, which flavor of JFrog Artifactory suits you best? Do you crave an artifact repository manager that you manage yourself and works with GKE? Or does a SaaS account managed by JFrog on GCP better satisfy your need? Two new ways to get Artifactory through…

GoCenter is Fast - How Does It Do That?

April 4, 2019

I recently wrote a blog saying “seeing is believing” (which is also your chance to score an awesome Go shirt), about the difference in speed downloading Go modules from a version control system or from GoCenter. From that blog post, we got a lot of positive comments in the Gopher community. We also got some…

Using JFrog CLI to See Your Builds Up Close

April 2, 2019

Artifactory has always helped you to know what’s in your builds. But it can still be hard to know why a build was made. An exciting feature in the JFrog CLI can help you connect the way you track issues (bugs and feature requests) directly to the builds where they’ve been addressed. So you can…

Steering Straight with Helm Charts Best Practices

March 28, 2019

Kubernetes, the popular orchestration tool for container applications, is named for the Greek word for "pilot," or the one who steers the ship. But as in any journey, the navigator can only be as successful as the available map. An application's Helm chart is that map, a collection of files that can be deployed from…

Build Times Matter - Speed is Everything

March 27, 2019

After GoCenter was first released the team at JFrog said it was faster to get modules from there than it was getting modules “the old way”. To be honest, when they said that, I did not believe them. Following the old proverb “seeing is believing”, I set out to test the speed and see whether…

Guest Blog: Deploying JFrog Artifactory with Nutanix Karbon

March 21, 2019

Anyone working with containers and Kubernetes knows the value of a rock-solid container registry. We’ll show you how to deploy JFrog Artifactory Enterprise in a highly available configuration as a Kubernetes Docker registry with Nutanix Karbon. This enterprise-grade Kubernetes Certified distribution by Nutanix simplifies the provisioning, operations and lifecycle management of Kubernetes with a native…

We’re Founding Members of the Continuous Delivery Foundation. Here’s Why.

March 14, 2019

I’m sure you know by now that JFrog is on a mission to make software liquid. We believe that software updates and new releases are constantly being pulled by an ever-hungry world, and that those updates should flow freely, like water, to the runtime endpoints across our lives. One of the most important pieces of a…

5 Special Repositories in Artifactory You Should Know About

March 7, 2019

Among the many different types of binary repositories managed within JFrog Artifactory as an artifact repository, there are 5 very useful repositories that you may have not noticed. Just like all repositories in Artifactory, these also store your binaries with all the added benefits of Artifactory, but serve a bit differently in their usage. Here’s…

JFrog Xray: Creating Jira Issues using webhooks in a breeze

March 6, 2019

JFrog Xray offers an end-to-end security scanning solution covering the full development lifecycle of your artifacts. This includes vulnerability analysis, security and license compliance, artifact flow control, distribution and more. When Xray finds a security or a licence issue, it will trigger a violation for it. One of the most common use cases during…

Pipes for JFrog, a Fitting Match for BitBucket Pipelines

February 28, 2019

Many users of Atlassian Bitbucket already choose JFrog Artifactory as their artifact repository with Xray as their DevSecOps tool to bring certainty and trust to the binaries in their software delivery pipelines. With Atlassian’s launch of Pipes for Bitbucket Pipelines, it’s easy for developers to manage their software releases from code through testing and release.…

Enterprise Cloud DevOps on Azure is Clicks Away

February 26, 2019

A deployment of Artifactory High Availability hosted in your Azure environment can help your cloud DevOps function with the scalability, performance, and security of an enterprise-grade system. But it takes the right supporting resources and configuration to be installed with it to operate effectively. Fortunately, we’ve now made the chore a lot easier, by offering…

Xray and VulnDB: Security at the Speed of DevOps Automation

February 25, 2019

JFrog Xray: A Powerful DevSecOps Solution JFrog Xray was originally announced at our annual JFrog user event, swampUP, back in 2017. So what does it do? Xray allows DevOps teams to discover, receive notification, and remediate open source vulnerabilities and software license compliance issues early in the development phase. The sooner a vulnerability is discovered…

We’ve Acquired Shippable to Complete DevOps Pipeline Automation From Code to Production

February 21, 2019

We’re extremely excited to announce our acquisition of Shippable, a leading continuous integration and DevOps automation company. Shippable’s complete portfolio of cloud-native and Kubernetes-ready CI/CD solutions will be incorporated into the JFrog platform, creating a complete, integrated DevOps CI/CD pipeline solution. Why did we do it? To move closer to our vision of Liquid Software…

Gain Visibility into Your NuGet Builds Using Build-Info in JFrog Artifactory

February 20, 2019

NuGet is an open-source package manager designed for the Microsoft development platform designed to support packaging DLL files with metadata. NuGet repositories in JFrog Artifactory support the application lifecycle from the developer's fingertips through distribution to consumers while covering application security, vulnerability analysis, and artifact flow control. After creating your NuGet repository in Artifactory, you…

Complete the Kubernetes Puzzle for IBM Cloud Private

February 14, 2019

Sometimes two things fit together so naturally, you sense they were built for each other. You might come to feel that way about IBM Cloud Private and JFrog Artifactory because, in important ways, it’s true. IBM Cloud Private (ICP) and Artifactory are both built to facilitate containerization, the growing technology that makes it easy to…

Artifactory and OpenFaaS - Containers Everywhere!

February 19, 2019

Right now, we live in a world where the Kubernetes website gets more visitors than the Seattle Seahawks website. That probably means that containers, and the orchestration platform on which they run, are one of the most important things. I mean, everything runs as a container doesn’t it? The other big ticket item for developers…

5 Steps to Hosting Your Application on Amazon Cloud Container Service

February 12, 2019

This article describes 5 steps to hosting an application on the cloud with Amazon Elastic Container Services (ECS) and Elastic Container Registries (ECR) using a multi-cloud strategy. Developers are moving towards hosting applications on the Cloud and using various cloud services provided by market leaders such as: Google (GCP), Amazon (AWS) and Microsoft (Azure). Nowadays,…

Naming is Hard: The Quest for the Right Name for "Go Module Repository"

February 11, 2019

TL;DR: There is a lot of confusion on the Go modules cache/proxy/registry/repository term. After much deliberation, we have agreed upon Go Modules Repository. Names Matter! You know the drill, naming is the single major reason for procrastination in software engineering, perhaps after expense reports. Coming up with a name for something can be extremely hard,…

Cruise Safely on IBM Cloud’s Road to DevOps

February 7, 2019

When you’ve chosen IBM Cloud for your DevOps platform, trust was certainly part of your decision. Like other public clouds, IBM Cloud offers a quick, flexible on-ramp to cloud native development. Their expertise, support, and a catalog of proven tools like IBM Cloud Kubernetes Service (IKS) gives you confidence. So trust is important to you.…

[White Paper] The JFrog Journey to Kubernetes: Best Practices for Taking Your Containers All the Way to Production

February 5, 2019

Kubernetes together with JFrog Artifactory allows you to reliably and predictably deploy your applications, scale them on the fly, seamlessly roll out new features and efficiently utilize hardware resources. This white paper reviews the complexity and the challenges facing companies wanting to adopt Kubernetes as their container orchestration tool. We hope that the lessons learned,…

Managing Binaries With JFrog CLI and GitHub Actions

February 4, 2019

Over the past few weeks, we’ve released a series of blog posts on how you can use the JFrog CLI, Artifactory, and GitHub Actions to build awesome software. Last week we created and published a Go module and recorded the Build Information and in this final post we’ll build and store the binary in Artifactory.…

Best Practices for Artifactory Backups and Disaster Recovery

February 1, 2019

Whether you have a small JFrog Artifactory instance or a complex cross-region topology, ensuring that your binaries are available at all times is vital to your DevOps pipeline. There are many different approaches to protecting your binaries from disaster, including: System backups, directly from the Artifactory UI or using a 3rd party solution such as…

Building a DevOps Path in IBM Hybrid Cloud

January 31, 2019

Sometimes you don’t want to have to choose between two great places, but combine them for the best of each. That’s the principle behind IBM’s hybrid cloud offering, where a private cloud and a public cloud work together to deliver an ideal blend of availability and security. But how can you best execute DevOps in…

Go at Full Speed with GoCenter

January 30, 2019

As Go programming accelerates, becoming one of the world’s fastest growing software languages, trying to create robust and reliable pipelines without an immutable repository is challenging. That's because Go modules (reusable OSS Go packages of code) that applications include as dependencies must be resolved from among thousands of independent source code repositories, each of which…

Publishing Go Modules To JFrog Artifactory Using The JFrog CLI

January 28, 2019

Over the coming weeks, we’ll release a series of blog posts on how you can use the JFrog CLI, Artifactory, and GitHub Actions to build awesome software. Last week we built a Go app using Artifactory, the CLI and GitHub Actions and this week we’ll continue that by publishing the Go app as a module.…

Go Modules Are Awesome, But There Is One Tiny Problem

January 27, 2019

Most programming languages and tools support the concept of packages and most of the times those packages have versions. The great thing about versions, whether they’re used by tools or not, is that they allow developers to clearly communicate what the dependencies are to build the final product. Go has struggled quite a bit with…

An Outstanding DevOps Year for JFrog China

January 22, 2019

Massive Adoption Since entering the Chinese market in 2016, JFrog’s growth there has been tremendous. By the end of 2018, we had over 120,000 users of our open source products, and thousands of enterprise users. Both domestic Chinese and foreign companies leading different industry verticals in China adopted JFrog as paying customers including Tencent, Huawei,…

Resolving Go Modules From JFrog Artifactory Using JFrog CLI

January 21, 2019

Over the coming weeks, we’ll release a series of blog posts on how you can use the JFrog CLI, Artifactory, and GitHub Actions to build awesome software. The first in the series was building a custom GitHub Action and this week we’ll continue that by building Go apps. Last year we added support for Go…

How DevOps Empowers Maslow’s Hierarchy of Needs 2.0

January 15, 2019

We're all familiar with Maslow's Hierarchy of Needs. Our most basic human requirements like food and water are at the base, and the pyramid moves upwards into ever-maturing needs like community, social interaction, self-worth and creativity. The progression inherently makes sense to all of us, and we identify with it as human beings across cultures…

Accelerate Azure DevOps or TFS with JFrog Artifactory and NuGet

January 10, 2019

Azure DevOps is the evolution of VSTS (Microsoft Visual Studio Team Services), which is also known as VSTS, support continuous integration/continuous deployment (CI/CD). Alongside support for Maven, NPM, Docker, and Generic builds, the JFrog Artifactory Extension for Azure DevOps and Team Foundation Server TFS has just been improved to support the NuGet package type. This…

Dare to Be an Artifactory Debian Devil

January 9, 2019

JFrog Artifactory supports Debian repositories covering the full lifecycle of your Debian packages to manage development, vulnerability analysis, artifact flow control and distribution. In this blog, you can review our most up-to-date features specially developed for the Debian community including the cool features that may have slipped under your radar. 9 reasons why you should…

Using the JFrog CLI with GitHub Actions

January 7, 2019

Over the coming weeks, we’ll release a series of blog posts on how you can use the JFrog CLI, Artifactory, and GitHub Actions to build awesome software. First up, building a custom GitHub Action. At GitHub Universe, probably the most interesting announcement was the release of GitHub Actions. GitHub’s way to create CI/CD pipelines and…

Herd Trust Into Your Rancher Labs Multi-Cloud Strategy with Artifactory

January 2, 2019

DevOps engineers have grown so reliant on the power and scalability of Kubernetes (K8s) clusters that one server platform can seldom accommodate them all. More and more enterprises now run their containerized applications in clusters across multiple platforms at once, in public clouds and on-prem servers. That can fuel a chaotic stampede in an enterprise-class…

KubeCon US 2018 Experiences

December 31, 2018

“Kubernetes is now very, very boring” or at least that is what Janet Kuo proclaimed in her keynote. She clearly meant that Kubernetes is now a stable platform and a lot of companies are running their day-to-day operations on it. I certainly wouldn’t use “boring” to describe KubeCon + CloudNativeCon 2018 US in Seattle. As…

Security is Hard. Let’s Make It Harder.

December 27, 2018

We all know that data breaches are horribly expensive for enterprises, whether due to direct costs of remediation, or from collateral costs due to lost customers, excessive support tickets, etc. This report from McAfee estimates that the global cost resulting from cybercrime will reach $600 billion in 2018. What you might not have known is…

Looking Up: 4 Technical DevOps Predictions for 2020

December 21, 2018

Very soon, we won’t have to look to the heavens to predict our fortunes. By 2020, says a study by IDC, there will be as many bits in the world’s accumulated data and binaries as there are stars in the universe. It will be these 44 zetabytes (44 trillion gigabytes), doubling every two years, that…

Get Critical Insights About Security Vulnerabilities Directly in Visual Studio

December 17, 2018

The JFrog Visual Studio extension was created to allow the developers an easy integration with JFrog tools from within their Visual Studio environment. The extension provides you with critical insights about the licenses and security vulnerabilities JFrog Xray identifies in the NuGet packages used in your projects. With this extension, developers using Visual Studio can…

The “Function” Package - Setting a Standard for Serverless Application Packaging

December 12, 2018

Reposted from the original which was published on the CNCF blog What's in a function Creating serverless applications is a multi-step process. One of the critical steps in this process is packaging the serverless functions you want to deploy into your FaaS (Function as a Service) platform of choice. Before a function can be deployed…

JFrog KubeXray Extends Deep Scanning Security to Kubernetes Runtime

December 11, 2018

Most security measures are designed to keep gremlins from getting loose. Identifying an application’s risks early means you can prevent or limit its deployment into your system. With that knowledge, any gremlins in your containers that might do damage can be safely kept behind the fence built by your policies. But what can you do…

Java 11 Licensing: What You’re Really Asking

December 6, 2018

There’s a bit of confusion in the market around Java 11 licensing, so it seems appropriate to share some thoughts and hopefully add some value by saving you the research. Disclaimer before we get going: of course, consult your legal and compliance teams before you make any decisions around Java 11 adoption or distribution. First…

It’s a Wonderful DevOps Life

December 4, 2018

In Frank Capra’s 1947 film, “It’s a Wonderful Life,” George Bailey wishes in the depths of his despair that he had never been born. So an angel shows him what that world would have been like. I sometimes feel the need of an angel, too. Not for the same reasons, of course. Our enterprise customers…

5 Signs You Need JFrog Enterprise+

November 19, 2018

The JFrog Enterprise+ platform we launched at swampUP last May really caused a stir in the industry heralding the liquid software revolution of continuous updates. The amount of interest and inquiries it generated shows that the platform truly addresses the pains that large enterprises are having in the end-to-end management of their binaries. But with…

JFrog Gives You DevSecOps in the Cloud, for the Cloud

November 27, 2018

You may have seen that we recently released a new version of JFrog Xray, along with releases of Mission Control and Artifactory. But one thing we’re super excited about is that this release train showcases that Xray is, for the first time, available in a pure cloud, SaaS model. Now you get to enjoy all…

Fearless Updates with JFrog Enterprise+: A Step-By-Step Demo

November 14, 2018

The JFrog Enterprise+ platform gives you a complete pipeline to control the flow of your binaries from build to production. Managing your software deployment end-to-end. The following screencast demonstrates a complete workflow from managing your JFrog services all the way to creating and securely distributing release bundles to target destinations. All part of the Enterprise+…

JFrog Xray Drills Deep Down into Your Docker Images

November 7, 2018

JFrog offers an end-to-end Docker security scanning solution covering the full lifecycle of your Docker images to manage development, vulnerability analysis, license compliance, artifact flow control, and distribution. JFrog Xray has access to the wealth of metadata Artifactory stores. Combined with deep recursive scanning, it puts Xray in a unique position to analyze the relationships between the…

Raising Helm – to Enterprise Scale

November 6, 2018

Reposted from the original which was posted on the AWS Open Source Blog TL/DR: Package managers in general are awful, but Helm, the package manager of Kubernetes, is… not bad at all. Of the seven deadly sins of package managers, Helm commits only two, and these are easily fixable. We’ll be explaining how below. We aren’t…

Accelerate Azure DevOps or TFS with JFrog Artifactory and Conan

October 29, 2018

For some C/C++ developers, working within the structure of continuous integration can be an awkward transition. Running a CI server and the supporting tools to resolve dependencies, share packages, and manage binaries may be unfamiliar, and getting them to work together well can be challenging. C/C++ Continuous Integration Challenges Microsoft’s Azure DevOps (formerly known as…

JFrog & Harness - Don’t Get Bogged Down with Continuous Delivery

November 1, 2018

Harness, a company that provides a Continuous Delivery as-a-Service platform, automates CD with machine learning and security. In this guest post, Stephen Burton, VP Marketing offers a primer on how customers use Artifactory, XRay and Harness together to accelerate Continuous Delivery. This post, also published on Harness.io, has been lightly edited from the original to…

Cluster Management Made Simple with JFrog Artifactory and HashiCorp Nomad

October 23, 2018

Many new technologies are laser-focused on cloud-native applications and architectures. However, not all applications are there just yet. Someone only reading trade press, may get the idea that all applications are there. The reality is that applications continue to take many forms, and will for a long time to come. It is refreshing to learn…

Managing Security Entities with JFrog Access

October 21, 2018

The Unsung Hero of Your Binaries’ Security JFrog Access is the sentinel that manages authentication and authorization for all JFrog services. Packaged and installed together with JFrog Artifactory, Access keeps your binaries secure by making sure that only authorized users can access them. And then, those that do access your binaries, can only do what…

Five Ways to Meet Deadlines When Developing with NPM

October 15, 2018

Node.js has risen to be the most popular development technology in use today. Don’t take my word for it, you can look at Stack Overflow’s 2018 survey. And if that’s not enough for you, pop into www.modulecounts.com and see how packages in public open source npm registries outnumber those from any other technology by a…

Two Models for DevOps - Rockets and Airplanes

October 2, 2018

More and more, agile enterprises require software development to function at supersonic, even interstellar speeds, turning around changes fast, yet safely. DevOps pipelines offer the best way, but what will you really need to fulfill that promise? Having a good way to understand the impact of CI/CD processes, and the role that container technologies like…

Tips and Best Practices for Developing with Artifactory on GCP

September 27, 2018

Hosting infrastructure on cloud-based services is becoming a standard in the tech industry. This comes as no surprise as multifaceted solutions for efficiency are the driving advantages of moving to the cloud. More specifically, some of the reasons that leave cloud solutions at an advantage include flexibility, cost and easier maintenance, allowing the team to…

The Unpleasant Surprises of OSS License Changes and How to Avoid Them

September 26, 2018

Three weeks ago a popular JavaScript tool Lerna underwent dramatic turmoil. One of the original founders and maintainers of the Lerna project suggested changing the license from the ordinary MIT to “MIT with personal exceptions” in effort to prevent certain software companies, including Microsoft, Amazon, Apple, LinkedIn, Walmart, Target, Tesla, Xerox, Dell, and others, from…

Automation Using Webhooks in JFrog Artifactory

September 25, 2018

You (probably) already know that Artifactory, as your repository manager, plays a vital role in your CI/CD pipeline by bridging the gap between development and operations. Now, we’re giving you the option to use webhooks with Artifactory to automate your processes even further. Read on... First, what are webhooks? In the most simple terms, a…

Fully Automated Promotion Pipelines with SonarQube and Artifactory

September 20, 2018

This blog post is co-authored by Jonathan Roquelaure of JFrog and Fabrice Bellingard of SonarSource, and co-posted on the SonarSource blog Our previous blog post showed how to connect Artifactory and SonarQube to help make better decisions when it comes to deploying or delivering good quality software. With a pretty simple script added to your…

Cloud Is Not a Binary Decision

September 18, 2018

To cloud or not to cloud? That isn’t really the question anymore. In choosing a public cloud service, many businesses are finding that instead of just one cloud, they prefer a crowd. Enterprises face a dizzying array of choices in how to host their IT infrastructure, to find the best combination that matches business needs.…

Jenkins X: Code to Production at High-Speed

September 17, 2018

NOTE: The Artifactory Jenkins X enhancement has been deprecated and is no longer being maintained. Following another year of successful Jenkins User Conferences (JUC) in France and Tel Aviv, bringing the Jenkins community together for one packed day full of announcements, this year the big news was Jenkins X. During his keynote talk at the…

You Have Docker - But Are Your Docker Registries Highly Available?

September 12, 2018

With Docker continuing to gain traction in production systems, and widespread use in pre-production, a company’s Docker registry can be central to its operations. This post explains how a high availability Docker registry can help companies avoid the enormous expense incurred when mission-critical systems go down. The Cost of Downtime Downtime is extremely costly, and…

Discoveries and a Release Management Plugin from JFrog

September 11, 2018

This is a repost of the original that was recently published as a guest post on the Atlassian blog. My time at Atlassian’s Bitbucket Cloud Dev Week proved to be very fulfilling, and not just for the cool code we produced. I’m excited about that too, of course. Using Bitbucket Cloud’s V2 APIs, I was…

Is Your Helm 2 Secure and Scalable?

September 6, 2018

Recently Rimas Mocevicius, a Kubernaut at JFrog and co-founder of Helm, spoke at our recent JFrog Helm meetup about the security issues relating to Helm 2 and offered an elegant workaround to secure your k8s cluster. Tiller Poses a Potential Security Threat In Helm 2, a new server-side component called “Tiller” was added. Tiller is…

Get Your License Compliance Reports with a Click of a Button

September 5, 2018

When releasing software, one of the key aspects you need is ensuring that you’re compliant and safe from any legal risks. Our previous blog post on DevOps and Compliance described how compliance can be a seamless part of the DevOps workflow in your organization. This blog post will address the way your company is enforcing…

5 Reasons You Should Be Using JFrog CLI

August 30, 2018

JFrog CLI is a useful compact client, which was developed in order to enhance and simplify command line interactions with JFrog products. In this blog post, I will present 5 reasons why you should be using JFrog CLI, and the most common use cases where it comes in handy with your Artifactory repository manager. Reason…

Gain Code Insights with JFrog Artifactory and Atlassian Bitbucket

September 4, 2018

At the 2018 Atlassian European Summit in Barcelona, Atlassian introduced a new UX in Bitbucket Server that empowers developers to be more productive. Called Code Insights, it gathers information from across the DevOps toolchain into Bitbucket’s pull request experience. On the heels of this news, JFrog is announcing a new integration that brings critical data…

Reusable Cloud Infrastructure as Code with Pulumi and JFrog Artifactory

August 29, 2018

This guest post is submitted by Chris Smith of Pulumi and is co-posted on the Pulumi blog. Pulumi enables you to specify cloud infrastructure with code. This empowers you to program the cloud in your favorite language, and benefit from useful and familiar features of coding like static analysis, type checking, IDEs, and more. One…

How to Achieve Fully Traceable Builds with Drone

August 28, 2018

A build without build-info is like a black box. You don’t know what’s in it, what dependencies it uses, who created it, when it was created and with which tool. And then there are properties, tags and a host of metadata that gives the build its identity. Without build-info, your build is essentially useless. The…

Drive Your Data Flow Pipeline to Production Using Artifactory Conda Repositories

August 23, 2018

Over the past decade, there has been an immense data explosion. Most companies use analytics data collected over months, weeks, or even days for business decisions and can respond to changes minute by minute. To do this real-time analysis and data mining, data scientists, data analysts, and software developers use Conda, as their open source,…

Accelerating C/C++ in IoT with Conan and Resin.io

August 20, 2018

With Conan and resin.io you can rapidly prototype and build your IoT tool reducing your C++ management pains. Creating C/C++ apps for IoT devices is always challenging. It requires setup of the compiler and toolchain to cross-build for the embedded architecture, managing dependencies of the app, and deploying it in a wise way. Conan takes…

Top 10 Reasons Why You Need JFrog Enterprise+

August 16, 2018

More and more companies rely on software to provide value to their customers through product or service updates, websites, mobile apps and more. Whether large or small, these companies can be in any industry segment such as financial, retail, manufacturing or healthcare. To keep providing value through software, you need to continuously develop new…

Accelerating Software Delivery in the Cloud

August 14, 2018

So you’ve decided to take your development to the cloud. That’s a smart choice as cloud automation offers the speed and agility businesses need to keep pace with competition and ever-changing market demands. Cloud DevOps tools offer greater flexibility, rapid deployment, reduced IT costs, and low upfront costs with subscription pricing. Cloud-based offerings are a…

12 Reasons You Don't Need Software Artifact Management

August 9, 2018

0. You have no code. If you have a project, which has no code, you don’t need to manage any artifacts. Well, you don’t need CI, you don’t need runtime, all you need is a bug tracker. And Kelsey, thank you again for the fun! 1. You have no users. If your software has no…

You have Docker; Now are your Docker images secure?

August 8, 2018

This is the second blog in our series on Docker. In our initial blog called You have Docker; Now what?, we discussed the reasons for using a universal binary repository when implementing Docker to production with confidence. It’s great that you're using Docker, but managing security vulnerabilities is vital to ensuring your Docker environment is free…

Delivering Shift-Left Security with NeuVector and JFrog Xray

August 1, 2018

Bringing Kubernetes app security insights to developers This post is co-authored by Craig Peters of JFrog and Henrik Rosendahl of NeuVector and is also cross-posted on the NeuVector blog. Kubernetes, the container and orchestration tool favored by enterprises, provides great benefit in automating many aspects of application deployment at scale. But, like any emerging technology,…

Cloud CI/CD with Visual Studio Team Services and the All New JFrog Artifactory Extension

August 6, 2018

JFrog Artifactory is well acquainted with Visual Studio Team Services (Azure DevOps) and Team Foundation Server (TFS) and has provided integration to these Microsoft DevOps tools for quite some time. And as these technologies have moved forward, so has JFrog. Out with the Old, In with the New We’re THRILLED to announce the all new…

You have Docker; Now what?

July 26, 2018

Almost all organizations developing software today use Docker. However, there are some that still don’t have confidence to take Docker to production. Let’s take a closer look at two main challenges behind this hesitation, which are visibility into the Docker images and where/how they are managed. Challenge 1: What’s in your Docker images Docker images…

Xray Policies: Govern Your Software Supply Chain with Ease

July 25, 2018

In modern software, there are many important aspects to governing software. You no longer only care for the quality of your own code, but also care for the quality, security, integrity, legal and other aspects of the open source packages that you use. The knowledge of how to handle the risks in these quality domains…

DevOps and Compliance; A Match Made in Heaven

July 23, 2018

Like the Borg in Star Trek, compliance can strike alarm in one’s heart. And resistance is (for the most part) futile because regulations are just another component of doing business. In any organized civil society, we’re all required to comply with rules of one sort or another. Sometimes those rules and regulations really are burdensome.…

From Code to Cloud with JFrog Artifactory and Azure AKS

July 19, 2018

Our Kit Merker, VP of Business Development, recently made a guest appearance on the Azure Friday show on Microsoft's Channel 9, showing how to use JFrog Artifactory as your repository manager with Azure and the importance of a Kubernetes Registry. Kit demonstrated the seamless flow from code to cloud, that includes JFrog Artifactory and DevOps…

Twistlock and JFrog Steer the Container DevSecOps Seas

July 16, 2018

Twistlock and JFrog have partnered to provide continuous scanning and security for your builds. Twistlock directly integrates with JFrog Artifactory, which provides a fully automated Docker promotion pipeline for maintaining your Docker registries. What is Twistlock? Twistlock is a versatile security solution that works well with the Kubernetes container orchestrator and integrates smoothly with JFrog…

Smart, Metrics-Based Release Management with SonarQube and Artifactory

July 9, 2018

Some of the most important decisions a release or build manager has to make are whether to promote builds through the CI pipeline. To make these decisions smart and qualified, quality metrics are needed to point out problems in the builds. But sometimes, the problems are at the source, and to detect those problems, you…

Accelerate R Package Development with Artifactory CRAN Repositories

July 10, 2018

'R' You Ready to Take the Leap? R is the leading statistical language used for statistical computation and graphics used by data scientists and data analytics to extract meaning from data. The Comprehensive R Archive Network (CRAN) serves as the package manager for R providing easy package install, the option to store multiple versions and…

What To Think About When Thinking About Onboarding Artifactory

June 27, 2018

If you’re reading this, you have probably decided to add Artifactory into your Software Development Life Cycle (SDLC) / CI and would like to understand the key points to consider for implementing this integration. In this blog post, we’ll review the high level aspects you should address when introducing Artifactory into your environment and CI/CD…

Containerize Node Microservices Using Atlassian Bitbucket Pipeline and JFrog CLI

June 21, 2018

Did you know? Atlassian provides tools to help development teams more effectively collaborate and deliver software fast. Atlassian introduced Bitbucket Pipelines in 2016 to automate continuous integration in a seamless way with the git repository. As Bitbucket Pipelines has matured we’ve seen more of our customers taking advantage of its ability to easily integrate CI/CD…

Latest Helm Chart Enhancements from JFrog

June 20, 2018

Google introduced Kubernetes (k8s) as an open-source container-orchestration system for automating deployment, scaling, and management of containerized applications less than four years ago. Since then it has been gaining rapid popularity. Today, it is being used in a number of vendor solutions including Microsoft for its Azure Kubernetes Service (AKS), Mesosphere for its DC/OS, Pivotal for its…

From Git to Cluster with JFrog Artifactory and Azure Kubernetes Service (AKS)

June 13, 2018

Securing the Flow of Software with Azure Kubernetes Service and JFrog Artifactory Thanks to the hard work of an amazing community, Kubernetes has become the standard container orchestration system. JFrog is thrilled to be a part of this growth by enabling DevOps teams to release software faster and more efficiently; and today, we’re excited to…

Scale your Development Experience by Migrating any Container Registry to Artifactory

June 12, 2018

With the range of available package formats developers have to work with today, the complexity of managing and maintaining these tools is continuously growing. JFrog Artifactory is a universal artifact manager that supports all major package formats, that fits in with virtually any development ecosystem - including Docker environments. For an enhanced experience working with…

10+ Reasons to Use Artifactory as your Docker Registry

June 12, 2018

There are so many good reasons to use Artifactory as your Docker registry: The recently-released Package Viewer emphasizes the most relevant metadata with the look and feel of a native Docker registry JFrog CLI lets you build Docker images with exhaustive build information and upload them to Artifactory JFrog Xray will do a deep recursive…

Deploy JFrog Artifactory High Availability Using Azure Resource Manager Templates

June 7, 2018

Why Use Microsoft Azure Services? Microsoft Azure services is used by many companies and government agencies for their software development and hosting infrastructure needs. Development teams can quickly set up and dismantle development environments and IT operation teams can quickly host their production software. It helps to avoid complexity and expenses in procuring and managing…

Artifactory: Your NPM Registry for Bit

June 6, 2018

We’re always excited to see the different ways Artifactory gets used. Bit (bitsrc.io) is a platform built to increase code reuse and reduce the overhead around it. It lets you isolate “bits” of Javascript source code from existing projects, share them with your teammates and the developer community, and use them as NPM packages by…

Use JFrog Artifactory to Deliver Software with Confidence to AWS EKS

June 5, 2018

AWS is launching the Amazon Elastic Container Service for Kubernetes (Amazon EKS) and is announcing JFrog as a proud integration partner. Over the past year, it seems that even companies that weren’t in the first phase of Kubernetes adoption are now joining the party. JFrog has been a key part of the container movement, launching…

swampUP 2018, RELOADED

June 5, 2018

If I had to summarize swampUP 2018 in one word, it would be “opportunity”. It was an opportunity to hear about the latest developments in DevOps and learn what the future holds from industry leaders in the biggest companies such as Google, Amazon, Microsoft and Netflix. It was an opportunity to share knowledge and experience…

Artifactory Docker Registries Feel Like Home

May 30, 2018

As a Universal Repository Manager, Artifactory supports all major package formats in common use today. That’s 23 (!) different formats, with more on the way. Being universal is great. It means that Artifactory fits in with virtually any development ecosystem. But this also comes with a cost. Each package format is constructed differently with…

Kubernetes Registry for Azure Container Instances (ACI)

May 28, 2018

What is an Azure Container Instance? Microsoft Azure Container Instances (ACI) offers users a fast and simple way to deploy container applications in the cloud without provisioning virtual machines or having to adopt a higher-level service. Using ACI, you can scale and orchestrate operations by deploying a Docker container that pulls a Docker image from…

Manage Your Docker Builds with JFROG CLI in 5 Easy Steps!

May 24, 2018

JFrog CLI is a useful client that provides a simple interface that works smoothly with JFrog Artifactory and Jfrog Xray. The simplified CLI commands enable you to create readable automation scripts that are easy to maintain, efficient and reliable. From version 1.14.0, JFrog CLI has extended its support to manage Docker builds, in addition to its…

Leap into the Universe of Fearless Updates

May 17, 2018

Most of us work in a modern company whose survival depends, amongst other things, on how quickly we can release and update software. One might argue that this is only true for technology companies, but in reality, whether you are a financial, retail, manufacturer or healthcare company, you’re probably developing software to maintain your products,…

Set Up Your JFrog Services in No Time!

May 10, 2018

JFrog Mission Control provides an easy way for JFrog administrators to set up, manage and monitor their Artifactory & Xray services using Configuration Scripts. Additional support, including Jenkins, will be available soon. Configuration scripts are written in Groovy and can be applied to one or more service at a time to perform a variety of…

Running an In-house Go Registry with Artifactory

May 2, 2018

Updated on January 31, 2019 to reflect the current state of the technology and JFrog support for Go. The need for a Go registry Since its inception over eight years ago at Google, Go has emerged as one of the most popular languages used by developers and DevOps today, so much so that it was…

SUSE and JFrog Accelerate Cloud Native Development for the Enterprise

May 1, 2018

Oh the things you can find, if you don’t stay behind! (On Beyond Zebra!, by Dr. Seuss (1955)) It’s time to get Enterprise class Kubernetes to run your applications. SUSE enables organizations to accelerate app development by providing a platform that streamlines lifecycle operations for traditional and cloud-native technologies. SUSE enables you to deploy, manage,…

Deploy JFrog Artifactory in Canonical Distribution of Kubernetes

May 1, 2018

This blog post is co-authored by Craig Peters of JFrog and Stephan Fabel of Canonical. A free-to-use rapid way to deploy Kubernetes (k8s) is a critical building block for accelerating development team’s adoption. The Canonical Distribution of Kubernetes (CDK) delivers a pure experience across a wide variety of cloud infrastructures. This enables enterprises to rapidly…

The 3 Kubernetes Essentials: Cluster, Pipeline, and Registry

April 26, 2018

This blog post is co-authored by Kit Merker of JFrog and Raziel Tabib of Codefresh, and is co-posted on the Codefresh blog. OK, so you’re adopting Kubernetes. Good choice. There is a dizzying array of good options to get a Kubernetes cluster up and running. But once it's there, how do you actually get…

JFrog Artifactory and ElectricFlow Accelerate Time to Market

April 25, 2018

JFrog and Electric Cloud have partnered to help customers accelerate software delivery, increase release quality, reduce delivery costs, and provide higher reliability and traceability to better compete in the market. Electric Cloud has developed a plugin that integrates JFrog Artifactory’s universal artifact repository manager that supports all major package formats (20+ languages) with their DevOps…

Use Terraform to Easily Manage Your Artifactory Infrastructure

April 24, 2018

Cloud-based solutions offer an abundance of opportunity to deliver potential game-changing possibilities for businesses. Your business can now deliver software at greater speed, and at a reduced cost. Cloud Deployment Challenges The Cloud is the way to go, but a cloud solution can be challenging when considering the various options available to you such as,…

Artifactory Cloud: Your Powerful DevOps Solution on AWS Marketplace

April 23, 2018

Increase software delivery and quality Gain universal support of development languages & DevOps tools Easily make Artifactory your Kubernetes registry You now have the freedom to use JFrog Artifactory. The most popular DevOps tool that was only available directly through JFrog, but is now available on the AWS Marketplace. The new offering is called JFrog…

swampUP 2018: A Technical Titan of a Conference

April 20, 2018

Have you heard about swampUP? If you’re not familiar with swampUP, then you have come to the right blog post. I’d like to take a few minutes of your time to give you a perspective on what swampUP is, why you should go, and what you can learn. swampUP 2018: What is it? It’s…

I Just Met a DB Called Maria

April 18, 2018

Checksum-Based Storage One of the key and unique features in Artifactory is checksum-based storage in which Artifactory stores an uploaded artifact’s checksum in a database and maps that checksum to the file’s location in storage. Using checksum-based storage optimizes your interaction with packages you upload through deduplication; copy, move and delete operations that happen at…

Relax, Your Binary JFrog Xray Vision is Highly Available

April 16, 2018

JFrog Xray provides continuous security governance and auditing of your software artifacts and dependencies at any stage of the application development lifecycle – build, test, and even production. JFrog Xray 2.0 introduces high availability, bringing even more security and governance to your software packages than ever before. Based on user feedbacks gathered over time, the…

Easily Scale JFrog Artifactory with AWS CloudFormation

April 12, 2018

Many businesses from small to medium companies to large enterprises are using Amazon Web Services (AWS) to host their infrastructure. But creating, keeping track of changes, and managing your infrastructure can be challenging. Replicating your entire stack multiple times for development and testing purposes can be a tedious, error-prone, and time-consuming process. AWS CloudFormation makes…

Conan Accelerates Your C/C++ Applications in OpenShift

April 17, 2018

C/C++ applications and build system scripts are monolith in nature. Achieving binary compatibility is becoming extremely difficult as applications include source information from a variety of local and third party sources, targeting a variety of platforms. Even classically monolithic applications may include a complex dependency graph, including transitive dependencies statically or dynamically linked. Another factor…

Gain Trust in Your Software Delivery with JFrog Xray

April 4, 2018

Universal analysis of binary software components has become an integral part of modern software development. This has been triggered by the growing need to trust the software you consume, and by the capabilities that various products offer in this space. JFrog Xray Integration with Artifactory With the release of JFrog Xray 1.12, you can experience…

JFrog @ Jenkins Days

April 2, 2018

Jenkins Days are upon us and JFrog is happy to be participating by sponsoring and giving a talk in both Boston (April 10) and Washington (April 12). Bruce Nguyen, JFrog Sr Solution Engineer, will talk about how "Binary Artifact Management is Crucial for any DevOps Implementation". In this talk he will cover the following topics: Binary…

JFrog Artifactory CE: Your Conan C/C++ Package Manager Repository

March 28, 2018

JFrog Artifactory Community Edition for C/C++ This product gives all the power and flexibility of the Artifactory repository for Conan and generic binaries to the C/C++ world completely free of charge to any software team. As the preferred Conan repository manager, Artifactory Community Edition features similar functionalities as the JFrog OSS edition, while containing support…

JFrog Artifactory: Your Kubernetes Registry

March 21, 2018

Composing software artifacts into containerized Kubernetes apps Containers let you simplify and manage your applications (especially microservices applications) at a level of abstraction from the specific hardware and even the VMs. As we’re seeing, a container orchestration system like Kubernetes lets you create apps and deploy them side-by-side without being concerned about compatibility between the…

JFrog and Google Cloud Platform for Open Source: A Year in Review

March 19, 2018

Open source projects are now influencing software development more than ever before. We are seeing communities grow and innovation being created through open collaboration across company boundaries. Building a community and working across boundaries is not an easy process, so Google and JFrog are working together to ease the way forward. In late 2016 we announced…

Effective Repository Naming Conventions to Help Scale Your Business

March 15, 2018

Why do I need a repository naming convention? How many repositories do I need? What should I call my repositories? These are just some of the commonly asked questions that are asked around the topic of how to get started implementing JFrog Artifactory repository structures and naming conventions. Creating the right repository naming conventions and…

Accelerate Your Finance DevOps Experience with JFrog Artifactory

March 8, 2018

Working closely with top financial services, such as Goldman Sachs, JFrog has gained insight for developing solutions that comply with the specific requirements and regulations facing DevOps teams in financial organizations. Promote Security and Compliance in DevOps To meet the strict regulations of the financial industry, JFrog Artifactory provides an advanced audit trail log feature that…

Protect Your Containerized Microservices on OpenShift Using JFrog Xray

February 19, 2018

In our previous blog, we described how JFrog Artifactory on OpenShift benefits enterprise users when deploying containerized microservices. Now we’ll take it a step further to review the main security challenges facing container content and container registries when developing microservices. We will proceed to discuss how policies are enforced while building and deploying containers on…

Control Your Kubernetes Voyage with JFrog Artifactory

February 20, 2018

Containerized microservices encapsulate a lightweight and consistent runtime environment for your application to run from development to testing to final deployment and production. As the number of containers grow over time, you will need a tool to help launch, track, and manage them. Kubernetes allows you to quickly and predictably deploy your applications using containerized…

How to Debug Docker Registries Like a Pro

February 15, 2018

Everyone is talking about Docker registries, so let’s take a few minutes to talk about how to debug them. Here are a few tools in my toolbox that I can recommend for troubleshooting Docker registries. Docker in Docker Also referred to as “dind”, this official project from Docker offers Docker images for pretty much every…

The Most Exciting DevOps Event of the Year! Are you in?

February 12, 2018

JFrog’s annual swampUP event of the year is here! The DevOps user conference will take place on May 16-18, 2018, in the beautiful Napa Valley. This is your opportunity to network and learn how other DevOps experts leverage JFrog products along with best practices from other DevOps thought leaders who will also be there. This…

Container Optimized Workflow for Tectonic by CoreOS (Now Red Hat)

February 2, 2018

Following our recent blog on Artifactory's integration with OpenShift, you can now deploy your binaries hosted on Artifactory to Tectonic, another major enterprise-ready Kubernetes platform that specializes in running containerized microservices more securely. Artifactory integrates with Tectonic to support end-to-end binary management that overcomes the complexity of working with different software package management systems, like…

JFrog and Valiantys: Partners in DevOps

February 1, 2018

The integration between IT and development is a significant pain point for many teams as they start their DevOps journey. With the introduction of agile methodologies, the need to deploy more frequently and in shorter cycles has increased. Yet, operations struggle to maintain the pace as “new” methodologies can create a bottleneck. Often, these development…

Confessions of a DevOps Frog: Automating Artifactory deployment to Kubernetes is Actually Easy!

January 31, 2018

Last updated on January 2, 2019 In our previous blog post, we described how Artifactory can serve as a Helm repository, and listed the best practices for using your Artifactory Helm repository to store your charts and deploy them to Kubernetes. Now we’ll demonstrate how easy it is to deploy your Artifactory as a single…

GitLab CI and Artifactory: On Your Mark, Get Set, Build!

January 29, 2018

Integrating JFrog Artifactory into your GitLab CI workflow makes JFrog’s ‘Release Fast or Die’ mantra, a living reality. This blog post describes how to integrate GitLab CI with Artifactory not only to resolve and deploy binaries but also to benefit from Artifactory’s Build Integration feature. Publish and manage your packages GitLab CI supports creating multiple builds…

JFrog Artifactory on OpenShift Has Arrived

January 24, 2018

More and more DevOps practices rely on Kubernetes to deploy containerized microservices. However, as an open source project, Kubernetes may not provide all the elements required for an enterprise environment such as business-level support, testing body or guided practices by a reputed entity/company. To address these enterprise requirements, Red Hat released Openshift, which is, essentially,…

Master Your Helm Chart Repositories in Artifactory

January 18, 2018

Following our initial release of Helm Chart repository support in Artifactory a few weeks ago, it's time to leap into the fast track and get your Helm repositories up and running. Just a short recap, Helm is the package manager for Kubernetes and helps you manage Kubernetes applications using Helm Charts. Artifactory now natively supports Helm…

npm Packages with JFrog CLI

January 15, 2018

JFrog CLI is a compact and smart client that provides a simple interface and greatly simplifies working with JFrog Artifactory. The simplified commands enable you to create readable automation scripts that are easy to maintain, efficient and reliable. From version 1.13.1, JFrog CLI has extended its support to include npm packages, in addition to its…

JFrog's Profile Grows Alongside its Enterprise Business and Offerings

January 17, 2018

Analyst: Jay Lyman 21 Dec, 2017 JFrog has grown its enterprise business with its flagship artifact management software, called Artifactory, as well as additional, integrated components centered on software distribution, security and large-scale DevOps implementation. Nearing 10 years in business, the software artifact and release process automator has built an impressive stable of large…

Conan 1.0. A Commitment to Stability

January 11, 2018

Conan joined JFrog towards the end of 2016, and we immediately embarked upon a journey to empower the C/C++ community with sound DevOps practices. Conan repositories were soon introduced to Artifactory giving C/C++ developers secure, private repositories to host their Conan C/C++ packages with fine-grained access control, automatic layout and storage for all platforms configured…

Your Enterprise Grade Helm Chart Repository with JFrog Artifactory!

January 2, 2018

With the 5.8 version release, JFrog Artifactory now natively supports Helm Chart Repositories, giving you full control of your deployment process to Kubernetes - the leading open-source orchestration platform for automating deployment, scaling, and management of containerized applications. JFrog fully supports deploying Artifactory to your Kubernetes cluster to serve as a universal repository manager for all…

The Best Ways to Synchronize Binaries Between Globally Distributed Teams

January 4, 2018

Distributed software development has become commonplace, especially in large enterprises that have several sites in different locations around the globe. This presents many challenges to ensure that all the development teams work on a coherent and synchronized code base. For example: Ensuring that developers all work with the same version of remote artifacts Ensuring that…

Your HA Installation and Upgrade Process Just Got Easier!

December 28, 2017

The HA installation and setup process has been redesigned to create a simple and even more secure infrastructure for your Artifactory HA clusters. Through the use of a Master Key, Artifactory adds a new security layer that replaces the previously used Bootstrap bundle mechanism, which is now deprecated. JFrog Artifactory handles all configuration and encrypted…

A Journey Into Modern DevOps and Continuous Integration in C and C++ Projects

December 24, 2017

C and C++ continue to be used and favored by many developers in all industries. However, when compared to other languages, C/C++ developers face greater challenges that include: long build times, diverse platforms and ecosystems, different build systems, binary compatibility, code inlining and embedding, and lack of standard for OSS. This featured DevOps.com article…

[Case Study] Supporting Multiple Disparate Tools While Optimizing Storage

December 14, 2017

The Mercedes-Benz brand immediately conjures up images of luxury and quality. We’d all be happy driving one, but beyond luxuries, Mercedes Benz is at the forefront of technology blazing the way forward in the field of autonomous connected cars. At the Mercedes Benz R&D facility in Sunnyvale (MBRDNA) research is conducted to add intelligence to…

Cloud Native CI/CD Pipelines using AWS CodeStar and JFrog Artifactory

December 5, 2017

Want to streamline your DevOps toolchain for a new project on the cloud? Want to manage, store, share, and version binary artifacts? It’s time to explore the composite solution offered by AWS CodeStar and JFrog Artifactory. When deciding to kick off a new project, technology companies and enterprise solution providers often run into walls when…

JFrog Artifactory Cloud Wins the Repository Challenge

December 5, 2017

Exactly one year ago, we launched our joint initiative with Google offering JFrog Artifactory Cloud hosted on Google Cloud Platform for free for selected open source projects. Since then, dozens of projects have been approved, and with the free open source hosting provided by JFrog and Google, are now able to put their efforts towards serving…

Easy CI with JFrog CLI

November 29, 2017

Continuous Integration is one of the foundations of a modern software supply chain. Most organizations wouldn’t consider developing software without one. The problem is that these sophisticated platforms require some expertise to set up and manage and usually require a dedicated server, an administrator and other resources. And to make things more complicated, different development…

JFrog and Kubernetes. Our Cloud-Native Journey Continues

December 4, 2017

Here at JFrog, we are avid users of Kubernetes in our various development efforts and in our different environments. That’s why we’re proud and excited to join the Cloud Native Computing Foundation so we can now also contribute from our technology and know-how. Learn more about our membership in this recent press release. JFrog benefits greatly…

JFrog Mission Control 2.0

November 23, 2017

Global Teams, Scale and Visibility For any product, a version 1.0 release must promise innovation in order to fill a gap or resolve a pain that nobody has addressed yet, otherwise, there is no justification to develop the product. This is what JFrog Mission Control did when it was first released. Mission Control 1.x started…

Google and JFrog Announce Grafeas: A Unified Language for Artifact Metadata

October 12, 2017

Today, Google and JFrog announce Grafeas, a first of its kind open source API that enables comprehensive auditing and governance for your software supply chain. Grafeas standardizes how you store, query and retrieve metadata attached to software artifacts. In particular, it provides rich auditing capabilities and acts as a central source of truth for organizations,…

Your Safe Repositories Just Got Safer with SHA-256

September 26, 2017

Artifactory was uniquely designed from the ground-up to optimally manage binaries with the capability to efficiently support packages in any format. One of the key features enabling this flexibility is Checksum-Based Storage. While all artifact files are stored and managed in one of the several options for binary storage supported by Artifactory, the files’ metadata,…

[Case Study] Before and After JFrog Bintray: Automating Package Distribution

September 25, 2017

Distributing large amounts of software packages? Interested in automating your distribution process? JFrog Bintray can help you make it happen. This case study will take you through James Ward’s personal journey of developing an automated process for on-demand deployments of WebJars, that are created, distributed and available within the community. His WebJars project was made…

Use File Specs in your CI/CD To Get Full Control of Your Artifacts

September 12, 2017

Getting creative with how you manage your artifacts in JFrog Artifactory? It's time to get familiar with File Specs. File specs allow you to specify the files you want to upload and download to and from Artifactory with a simple configuration. With only 2 mandatory fields, source (referred to as pattern) and target, you can…

The ABCs of Distributing Android Libraries

September 4, 2017

Bintray’s central repositories, JCenter and Conan-Center, are binary hubs for public OSS Maven and Conan (C++) packages respectively. They offer a great channel to distribute your public OSS packages. Having been around for a while, JCenter has become one of the most comprehensive sources for public OSS Maven packages, and is the channel-of-choice for many…

Vulnerability Detection For Your CI/CD Pipeline with JFrog Xray

August 30, 2017

My previous blog post talked about discovering vulnerabilities in your dependencies directly from within your IDE. However, sometimes this approach discourages the developer from doing their work and consequently reduces their productivity. Let’s take a look at how you can continue to detect vulnerabilities, as early on in the CI/CD process as possible, without interfering…

Real-Time Security Notifications at Your Fingertips with IntelliJ IDEA

August 14, 2017

JFrog has just made it even easier to identify securities and vulnerabilities in your dependencies directly from within your IntelliJ IDEA. This initial version of the JFrog IntelliJ IDEA plugin provides you critical insights as early as in the development phase, making it even less likely for vulnerable components to ever reach production. Through this…

Leap Forward and Be Proactive with DevOps Insights

August 3, 2017

Today, companies are adopting modern DevOps tools and practices at a rapid pace to increase high-quality software throughput and reduce inefficiencies (or as we call them, leaks) in the software development and delivery process. However, in most cases, there are very few metrics to prove that these DevOps-enabled pipelines are really performing better. So how…

Managing Software Updates “the DevOps Way”

August 2, 2017

At a recent DevOps event I attended, I spoke to some members of the DevOps team in one of the largest US banks. The discussion centered around patches and software updates in a Dockerized environment with many files and microservices. It didn’t take long to pinpoint their pain. “How do you manage software updates in…

Artifactory Enterprise. First-Class Artifact Management. Globally. At Scale

July 24, 2017

An Artifactory Enterprise license opens up a variety of unique and advanced features that offer solutions to real-life problems that global enterprises encounter. We document these features, and write blog posts and white papers about them, but being a community-driven company, there’s nothing quite like seeing people actually using these features in the field as…

Embracing DevOps and CI in C/C++ with Conan and Jenkins

July 17, 2017

This featured Jenkins blog post will show you how it’s now possible to implement DevOps best practices for C/C++ using Conan the C/C++ package manager, Jenkins CI, and JFrog Artifactory. Also included are code samples demonstrating how to define your own pipeline scripts to adapt to your specific workflows, using Jenkins Pipeline, Conan and JFrog…

Content-Driven Component Analysis

July 17, 2017

JFrog Xray was first released one year ago. Our first post about it highlighted what makes Xray more than just another security scanning tool. Over the last year, we have introduced more differentiating features like download blocking, integration with more security vulnerability providers like Aqua Security, BlackDuck, and integration with your CI/CD pipeline to keep your builds…

Monitoring and Optimizing Artifactory Performance

July 6, 2017

As Artifactory usage increases, its resources can gradually become depleted, causing hiccups or hits in performance. When usage increases, so does the importance of monitoring your system and its historical data. Monitoring usage patterns is an essential first step to optimizing Artifactory and ensuring its stability. Here, we would like to share with you some…

Artifactory 5.4: There’s More to it than Meets the Eye

June 28, 2017

In our product releases, we like to make a splash with the latest new features. Usually, these are features that you access through Artifactory’s UI or its REST API. Not this time! This time, the most significant addition to Artifactory 5.4 is invisible (well, sort of). I say “invisible” because outwardly, there’s no change in…

Clean Up Your Git LFS Repositories with JFrog CLI

June 20, 2017

Git has become an industry standard for source code control. However, it is not designed to store binary files efficiently, and storing large binary files in a Git repository can quickly inflate it, making it sluggish to respond. This is where Git LFS comes into play. Git LFS is a Git extension designed to accommodate…

Track Your Resource Allocation Globally

June 8, 2017

The recent release of JFrog Mission Control v1.11 has opened up a new dimension in the management of your global artifact workflow. For the first time, Mission Control lets you track and monitor how your resources are being used with the new Storage / Artifact Usage graph. Knowing how much storage the Artifactory instances you…

Increase your package visibility, the social way!

February 2, 2014

So, your binaries are hosted on Bintray and you are watching your package download stats grow. It's time for a boost! Two great new features online today; they might be small but they are powerful in spreading the word about your packages, or packages you like. The Latest Download Image Add a Download Link badge…

Speed Up Your Gradle Builds with JFrog Artifactory

June 7, 2017

Gradle introduced a cool built-in feature that lets you cache task outputs. Why is this cool? Because it reduces build time. How? By sharing the output of Gradle tasks between machines, subsequent builds are accelerated since they can reuse those outputs instead of rebuilding them. Now, this is where it gets even cooler. This feature…

Don't Let the Maven Deploy Plugin Trip You Up

June 1, 2017

Apache Maven is a commonly used build tool. It has many cool features such as default processing steps that are included out of the box, and is particularly good for compiling and packaging Java code. But this blog post is not an introduction to Maven. There are plenty of great books that provide that, and…

Time is of the essence: Make an impact using Firehose Events

May 25, 2017

Have you ever experienced the drive you get when you act on a sudden opportunity that really makes a valuable impact on something? On the other hand, have you ever experienced the disappointment of a missed opportunity? Let’s face it, every user action can be translated into a short window of opportunity that requires our…

JFrog Bintray Adds Support for Conan C/C++ Repositories and Launches Conan-center Managed Central Repository.

May 25, 2017

We are very excited to announce support for Conan repositories on JFrog Bintray, the Universal Distribution Platform. Currently serving more than 2 Billion downloads per month, Bintray offers developers the fastest and most reliable way to publish and consume software releases. In addition, JFrog will soon launch conan-center which will become the central public repository for…

Like C/C++ Development with Visual Studio? Like it Better with Conan.

May 15, 2017

Microsoft’s announcement of a Vcpkg was the dawn of a new era in package management for millions of developers using Microsoft Visual Studio for C/C++ projects. But while it’s great for retrieving and building OSS libraries from sources, it has limitations when trying to build user projects. Limitations such as the inability to manage (building,…

Why OpenMRS Migrated from Sonatype Nexus to JFrog Artifactory and Bintray

April 30, 2017

OpenMRS, the collaborative open source project to develop software that supports the delivery of healthcare in developing countries, recently announced that they have migrated from using Sonatype Nexus and Maven Central to JFrog solutions Artifactory and Bintray. “It all worked out great and we did not hear about any single issue from developers after the…

Enterprise Level Access Control with Keys and Entitlements

June 9, 2015

“Private repositories”, “Teams and Organizations”, “Permissions”..., sounds like that’s all you need to provide secure private downloads. Well, not quite. Those are great features that fit the bill if your consumer is a Bintray user. But what if she isn’t? Well, then there are signed URLs. Those should do the trick. Just sign your file…

Love Your Logs. It Pays Off

May 9, 2017

“My Artifactory won’t start”; “I see some lag”; “My artifacts are missing”; “I get issues when Jenkins tries to pull/deploy artifacts”; “I am getting 404 / 401/ 403/ 500 /409” … These are just a few of the common issues I hear from our customers. Very basic issues; right? We can triage them in a…

[White Paper] PHP Composer: 9 Benefits Of Using A Binary Repository Manager

May 8, 2017

PHP development has become one of the most popular platforms for client and server side web development. Each framework used for PHP development has its own set of advantages, but they all use PHP Composer to manage dependencies, alongside Packagist as the central repository. PHP Composer may be able to find the right packages for…

AQL and JFrog CLI: A Match Made in Heaven

May 4, 2017

One of the big advantages of running builds using JFrog Artifactory is the exhaustive build information that is created by many sources and used within your organization. However, as your organization continues to grow, efficiently leveraging and managing this amount of data becomes critical. It is very easy to simply use up valuable storage space…

OpenShift with Artifactory: A Powerful PaaS with a JFrog Stack

April 27, 2017

If you’re containerizing, cloudifying, and doing DevOps, you want your tools to work together nicely so you don’t have the headache of managing infrastructure. We are making it even easier to make your enterprise-grade devops environment work great with JFrog Artifactory on OpenShift - Red Hat’s container platform based on Kubernetes. Because you can run…

Closing the Release Velocity Gap with Datical and Artifactory

April 25, 2017

Many companies have already made the transformation to agile development methodologies and proudly show how they’ve managed to shorten their application release cycles significantly. But there’s one place where companies often falter in the process: their databases. They can’t update their database implementations as quickly as they update their applications creating a release velocity gap.…

Fully Reproducible Builds with CircleCI and Artifactory

April 24, 2017

Most of you are probably familiar with the following scenario. You build an NPM package using CircleCI using dependencies that are fetched from the public NPM registry. Suddenly, you discover that your package contains a major bug! You need to quickly rollback to the previous version, but discover that one of the dependencies from this…

What Makes a Dashboard “Premium”?

April 16, 2017

Once you’ve uploaded a package to Bintray, the one thing you want to see, more than anything else, is downloads. Without downloads, your package is like the proverbial tree that falls down in an empty forest, the proverbial sound of one hand clapping, the ... well, you get the picture. Bintray is happy to give…

Infrastructure as Binaries with Chef and Artifactory: Five Best Practices

April 20, 2017

Infrastructure as Binaries became a reality several weeks ago when we announced that Artifactory supports infrastructure management platforms such as Chef. Both we, here at JFrog, and our infrastructure champions at Chef, believe that establishing a canonical Artifactory repository for all artifacts used in a company’s infrastructure such as Ruby Gems, NuGet packages, RPMs,…

Best Practices for Installing JFrog Xray

April 4, 2017

JFrog first released Xray in July 2016, and the response was phenomenal. Customers were very excited about the ability to hook up their Artifactory repositories and have Xray automatically do a deep recursive scan of their artifacts to weed out issues and vulnerabilities. Now, after several months, with the diverse experience and feedback from the many customers…

Collaboration is the Key to Scaling Development

March 30, 2017

When you’re building a DevOps environment, no single tool will solve all your problems. There is no magic silver bullet to streamlining your engineering team and shipping faster. There are many pieces that need to work together seamlessly to create a repeatable system for releasing high quality, high value software to customers. In fact, the…

A Cloud Platform for Defragging Devops

March 23, 2017

Many software organizations see DevOps as the silver bullet that will streamline their delivery workflow to help them produce software faster than ever before. So they start looking into the tools they will need, and then reality hits like a jab to right cheek. It starts with source control, goes on to CI/CD systems and…

The C/C++ Packaging Paradigm Quandary

March 15, 2017

Should a C/C++ package manager bundle both debug and release artifacts in the same package? Some developers think so because it’s easy to work with these packages by simply changing your configuration. But other developers frown upon this paradigm claiming it is not best practice. They claim that debug and release versions should be packaged…

Automatically detect vulnerabilities trying to creep into your builds

March 20, 2017

Security breaches, license issues, and denial of service attacks are all vulnerabilities that put your production systems at high risk every day! JFrog Xray makes your life easier by performing artifact analysis for you, enabling vulnerability detection before your code is harmed. How about automating this analysis process and integrating it into your CI/CD? This can…

Unleash the DevOps!

March 14, 2017

DevOps tools have come a long way. From virtual machines in dev and QA environments to those in production, and now Docker. The more we are charmed by the idea of hardware as a code, the crazier the things we are trying to do with it. Take the “immutable server” pattern as an example. In 2000,…

Frogs and Ducks, Your Sentinels for Open Source Security

March 13, 2017

Black Duck Software creates products to secure and manage open source in applications and containers, eliminating pain related to open source security vulnerabilities and license compliance. The Tenth Annual Future of Open Source Survey they conducted in 2016, provided the numbers to prove many things about open source that we already knew. First and…

Artifactory Pro in Docker Easy as 1-2-3

March 2, 2017

With the new Artifactory 5.x, you can spin up an instance of Artifactory Pro in Docker in an instant! 1. On Mac or Linux, run the following command $ curl -L 'https://bintray.com/api/v1/content/jfrog/run/art-compose/$latest/art-compose?bt_package=art-compose' | sudo bash 2. Point your browser to http://<server>/artifactory/ and complete the onboarding wizard. 3. Start using Artifactory! NOTE: Data volumes on the host are…

The New Artifactory Docker Distribution

February 28, 2017

The recent release of Artifactory generation 5.x introduced many new features such as cloud-native storage and cluster license management for high availability, authentication, and authorization with access tokens, easy onboarding, and much more. In addition to new features, we also revamped our Docker distribution, completely redesigning it from scratch. Now, it’s much easier to spin…

Make Your Software Flow

February 27, 2017

Why Next Gen. DevOps Requires Strategic Thinking We live in an era where in order to survive, every type of company must transform itself into a technology company. Those who have not realized this yet have already lost the game. So, you’re one of those who survived the digital transformation? Congratulations, but that’s not enough.…

Automated EULA-protected Downloads

August 9, 2016

One of the great features of a Bintray Enterprise account is the ability to present a EULA when a user downloads one of your Products. That works well for the general case when the downloading user is a real person who can go through the Bintray UI and physically accept the EULA for publicly available…

Skill Up with DevOps Training at SwampUP

January 18, 2017

Team skills are directly proportional to project success Training and team talent are often overlooked as essential pieces of a project’s success. Analysis from IDC research suggests that the skills of a team are directly proportional to the team’s ability to deliver successful projects on time and with high quality. “To maximize project success and…

Infrastructure as Code Binaries

February 22, 2017

The advent of cloud computing has made it very easy for IT and DevOps to quickly spin up any variety of environment needed. From small individual boxes that a developer may need, to large and complex production datacenters. However, the ability to quickly and easily spin up environments, also opens up the risk of spinning…

The 5 Big DevOps Changes to Expect in 2017

February 7, 2017

Thoughts from the CEO desk 2017 started off with a DevOps bang; an enormous amount of capital was poured into DevOps technology companies by VCs, and larger-scale adoption of tools and methodologies was approved in this year’s IT budgets with the recognition that DevOps is a “must-have”. These changes follow a Gartner Report from 2016…

Visually Managing Your Container Delivery Pipeline with Nirmata and Artifactory

February 6, 2017

We’re always happy to make new friends, especially when their technology plays so well together with ours. Introducing Nirmata Nirmata is a cloud service that fully automates application management on any public or private cloud. How? Nirmata lets you visualize your container delivery pipelines and build them via easy to use, intuitive interfaces. This is…

Accelerating DevOps with a Frog in a Sandbox

January 24, 2017

Here at JFrog, we say “Release Fast or Die,” but this doesn’t apply only to us; it goes for all enterprises who are facing intense pressure to become more agile and reduce costs. One way to do this is by moving to DevOps and taking an automated “as-a-service” approach to delivering infrastructure and applications. However,…

JFrog Xray CI/CD Integration Keeping Your Builds Safe

January 18, 2017

When was the last time you closed off a sprint, happily marking all user stories as DONE and uploaded the build to your staging environment only to find out the build was riddled with security vulnerabilities. Hmm...there’s a point for discussion in your sprint retrospective, and now it’s time to redo your sprint planning for…

Securely Onboarding Colleagues through SAML Authentication

November 22, 2016

Once you’ve created your Bintray account, getting your colleagues on board with permission-based access to your organization’s content is not always so easy. You want to use the most secure authentication available, so why can’t you use your corporate SAML server to authenticate your users? The answer is, now you can. If you configure your…

Docker Registries and Container Lifecycles in Artifactory CI Pipelines

January 18, 2017

In a previous blog post we talked about the importance of a Continuous Integration (CI) process for docker images and how to set up private Docker registries in Artifactory to support a promotion pipeline. The configuration looks a little bit like this: This picture has a Jenkins CI butler in it. We often say that…

Xray and Aqua Keeping Your Containers in Safe Waters

January 5, 2017

While Docker has become all the rage, it is still a relatively new technology in the market. Many companies have introduced it into their organizations, but relatively few have taken Docker to production. One of the reasons is the security risk inherent in running a large set of containers, often based on open source code,…

Predictive Graphs and Notifications

January 5, 2017

In my last post about JFrog Mission Control, I introduced the new Graphs feature which shows how your instances and repositories have been consuming storage. Knowing your history can help you prepare for the future, but why should you have to second-guess what will happen? Mission Control now does that for you with predictive graphs.…

Whale Parts in Your Docker Registry

January 3, 2017

There are many good reasons why you would set up a private Docker registry in Artifactory to manage your Docker images. One of them is the ability to promote images, letting you easily move and copy images from one repository to another in your CI/CD pipeline while setting different access privileges. Another is Artifactory’s universal…

Keep Your Secrets Safe by Serving Encrypted Files

May 9, 2016

Once you have uploaded your content into Bintray private repositories, it’s pretty safe through Bintray’s management of users, organizations, and teams. But what happens when you need to send a private file to someone else? Signed URLs give you an easy way to do that. Just generate your URL signing key and use the URL…

IP Restriction with White CIDR and Black CIDR

September 1, 2016

Imagine this scenario. Your flagship product is doing OK; you’re getting downloads. Nevertheless, increasing sales is always a top priority, so you decide to create a free OSS version to boost usage and generate more awareness in the market. It’s also a great product, free to download, and is a great teaser for the upsell…

Geo Restriction Lets You Control Where Your Content Can Be Downloaded From

May 30, 2016

When you publish software for distribution on Bintray, you generally want to give it as wide a reach as possible and expose it to as many potential users as you can. But there are also cases in which you have to restrict access to certain countries. For example, government security or export regulations may forbid…

Developing for OpenWrt? Bintray Has an Opkg For You

July 12, 2016

OpenWrt is typically associated with network routers and similar equipment, and indeed the official OpenWrt website lists overs 1200 devices on which it runs. Network routers may sound boring (well, to some of us), but as the Internet of Things (IoT) continues its crusade around the world, many people don’t know that OpenWrt is also…

[Podcast] Artifact Repositories and Continuous Delivery Pipelines

December 14, 2016

Version control is one of the top two predictors of deployment lead time, deployment frequency and MTTR. Why is it so important for DevOps organizations? During JavaOne last September, I participated in an online panel on the subject of Artifact Repository, as part of Continuous Discussions (#c9d9), a series of community panels about Agile, Continuous…

Creating a Signed URL Using the Bintray UI

July 13, 2015

Creating a Signed URL is now available to you through the Bintray friendly User Interface, from start to end. If you are new to Signed URLs, you would rather check out this cool feature. Refer to the REST API Guide at URL Signing, and to the Sign me up! blog, discussing generating Signed URL using…

Manage your Bintray and GitHub organizations better together

November 5, 2015

Bintray's integration with GitHub is now moving to a new level with GitHub organizations! As a Bintray user who is also a GitHub user, you already know that you can import your GitHub repositories, tags, readme's, and release notes to Bintray. Now you can also import your GitHub organizations, the organization’s repositories, and even keep…

Who needs a EULA if nobody reads it?

April 25, 2016

As long as you’re distributing public open source software, you don’t need a EULA. Just choose from the over 100 open source licenses Bintray offers to get the level of protection you want. Once you move to distributing commercial software, you need a EULA. This is the contract that you make with all of your…

Publishing Your Maven Project to Bintray

September 17, 2015

Bintray gives you everything you need to share your Maven project, and much more: you will be able to monitor downloads and users with the statistics that Bintray keeps for you. You can also share your project via Bintray's JCenter repository (which is the largest public Maven repository out there), and effortlessly sync it with…

Feel secure with SSL? Think again.

August 4, 2014

Recently, we’ve heard a lot of discussion about the trust we place in public binary repositories. For example, Maven Central, a popular legacy repository maintained by Sonatype, was recently compromised by a successful MITM attack. In response, Sonatype set up an https access to central (removing the demand for a $10 donation to the Apache…

6 Reasons to Distribute Commercial NuGet Packages through Bintray

November 30, 2015

Developing on .NET? Then, most likely, you are no stranger to NuGet Gallery. It’s a great place to find public NuGet packages. But is it the best place to host and distribute your own private packages? With the recent addition of native support for NuGet, you can now point your NuGet client to Bintray and…

Catch that Millionth Download with Bintray’s New Statistics API

October 15, 2015

Want to know exactly how many times your packages have been downloaded? Bintray has always given you download statistics through its UI, but now you can also get them for professional repositories via REST API. Detailed statistics on downloads per version over any time frame give you deep insights into how your software releases are…

Is Docker Hub really the best way to distribute your images?

June 3, 2015

Docker is definitely one of the biggest things to hit the software industry in the last few years. Everyone is using Docker, and Docker Hub is growing rapidly serving over 45,000 images by now. But did you ever ask yourself if Docker Hub is really the best platform to distribute your Docker images. It stands…

Feeling secure with Bintray downloads

May 14, 2015

Remember our take on .asc files? The thing is, digital certificates alone cannot guarantee the identity of someone. To fully trust someone there needs to exist a reliable Web of Trust (WoT) that leaves little to no doubt that the signer is who he claims to be. So what’s the solution then? Use Bintray as…

Android Studio – Migration from Maven Central to JCenter

February 9, 2015

This post was originally published in Techno Talkative blog by Paresh Mayani. Feel free to comment here or there. During the android workshop, in the office and in the chat with some of the android developers, I have received some questions around build script and repository: Why earlier versions of android studio were using…

Enjoy Bintray and use it as pain-free gateway to Maven Central

February 11, 2014

What does it means when some tool or framework has literally dozens of guides, pages long each? It probably means that it is popular, or complicated to use. Usually, both. That’s the story of Maven Central (a.k.a. Central Repository, a.k.a. repo1, a.k.a. ibiblio). Of course, there is a better alternative nowadays - Bintray is already…

Sign me up!

November 6, 2014

Bintray Premium gives you cool new features such as private repositories, permission management, more storage and so much more. One of the biggest benefits of using a Premium account is the ability to create expirable, signed URLs for your repositories’ content. Signed URLs you said? What’s that? A signed URL is an obscure URL with…

Nodeclipse: 500k downloads per month and counting!

June 5, 2014

[caption id="attachment_373" align="alignright" width="140"] Paul Verest[/caption] Paul Verest, the Nodeclipse project lead posted to the Nodeclipse blog about his experiences with Bintray. He talks about how the Bintray distribution platform freed up resources to take care of the truly important things - driving Nodeclipse and Enide Studio forward! The main benefits Paul mentions are: Speed…

Hosting your Eclipse update site (P2) on Bintray.com

March 11, 2014

Did you know you can easily host your Eclipse update site on Bintray.com? After registering to Bintray (and optionally, creating or joining an organization), it's as easy as 1-2-3: Use the predefined 'generic' repo (or create a new one) if you are generating a plain P2 update site, or 'maven' repo if you are generating…

Download stats and logs - now with deep user insights

April 22, 2015

Ever wondered who exactly downloaded your software? I don’t mean just “someone from the United States.” I’m talking about getting down to the organization level in terms of “someone from Acme Corp. NY office”. Now you can get this information, from Bintray: This information is available for any package type for Bintray Premium users, but…

Bintray + GitHub = Synergistic Love Story

June 5, 2013

First things first - Bintray is not a competitor of GitHub. They complete each other, not compete. Here's how (I love vienn diagrams): [caption id="attachment_98" align="alignnone" width="300"] Click to enlarge[/caption] Bintray is an organic next step for developing software at GitHub - once your sources are built - distribute them from Bintray. Our job is…

5 Things You Should Know About Docker Registries in Artifactory

December 21, 2016

As a universal artifact repository manager, Artifactory is, among other things, a fully fledged Docker registry. In addition to storing and managing Docker images, Artifactory also offers extensive integration with your CI pipeline, supports authentication through external providers, high availability, massively scalable storage and is constantly updated to support the latest Docker client version and…

Push the Limits of Virtual Repositories

January 11, 2016

Our recent Developer and DevOps Trends 2015 survey showed that anyone using Docker also uses additional technologies. I’ll let you in on a little secret. That’s true in general, not just in relation to Docker. The vast majority of developers work with several different technologies at once. So most (if not all) of you are…

Sweet Dreams with Open Source Licensing

December 5, 2016

Has your release ever been held up due to open source licensing issues? Here’s a true story. In one of my previous jobs, the company I was working at was acquired by an industry monolith. It was a dream-come-true for this startup. There was cheering, happy smiling faces in the corridor, and much revelry. A…

JFrog CLI Offers Fully Reproducible Builds For All

November 30, 2016

One of the big advantages of running builds through Artifactory is that it stores exhaustive build information generated by the different plugins used with common build tools. This is the “Bill of Materials” that lets you fully reproduce any build even if it has already been deployed to production. It includes everything from artifact versions…

Historical Data and your Instances’ and Repositories’ Future

November 28, 2016

I never liked history in school. I was more interested in the latest technological developments and what the future had in store. What I didn’t realize at that time was age-old saying that (paraphrasing) you have to know your history to understand where you’re going. The same is true of your Artifactory instances and repositories.…

[Podcast] How to Achieve Continuous Software Delivery Using DevOps Tools and Methodologies

November 22, 2016

Listen to this podcast recorded at JenkinsWorld 2016 in which Fred Simon and Sacha Labourey talk about how to achieve continuous software delivery using DevOps tools and methodologies including Mesosphere, Kubernetes, Vagrant, Docker, and Swarm. Learn why JFrog Artifactory is the leading Universal repository manager that helps your teams automate the development processes and expedite…

JFrog Artifactory Cloud on Google Cloud Platform (GCP)

November 17, 2016

Through a special initiative to support the open source community, JFrog Artifactory Cloud hosted on GCP is available at no charge, jointly sponsored by JFrog and Google, for qualified open source projects. Register now > Last May we announced a collaboration with Google to host our JFrog Artifactory Cloud solution on Google Cloud Platform (in…

Stay in Context, See the World

July 17, 2013

New release, new features! Focus on what's important You know, Bintray supports various repository types, like Maven, YUM and Debs, and more types to come. But sometimes all those goodies are just too much. You want to see and search for only certain type of packages (e.g. focus only on Maven jars to use Bintray…

Hosting Debian Packages on Bintray Rocks!

December 16, 2014

Want to distribute your Debian packages? Bintray is the tool for you! Now it’s even better with improved support, including the current Debian repository format (a.k.a. “automatic” layout), in addition to the deprecated “trivial” layout, and signing metadata with GPG. All you need to do is upload your .deb files, and Bintray will calculate and…

Conan Joins JFrog

November 17, 2016

Conan.io, our favorite C/C++ package manager has just leaped into JFrog. This is one more great chapter in our story which began a few years ago, when JFrog products took a universal approach to provide developers the freedom of choice, using any technology they chose. With the recent addition PHP Composer, JFrog Artifactory currently supports…

No Internet? No Problem. Use Artifactory with an Air Gap

November 15, 2016

Virtually all development organizations need access to remote public resources such as JCenter, NuGet Gallery, npmjs.org, Docker Hub etc., to download dependencies needed for a build. One of the big benefits of using Artifactory is its remote repositories which proxy these remote resources and cache artifacts that are downloaded. This way, once any developer or…

Using Satis and Packagist for PHP Development? Think JFrog Artifactory!

November 1, 2016

If you’re developing server side code in PHP, there’s a pretty good chance you’re using PHP Composer to manage your dependencies and getting 3rd party components from Packagist. To host your internal private packages, you might be using Toran Proxy or your own Git repository. You might even be using open source Satis for your repositories.…

Blocking Downloads with Artifactory and Xray

September 26, 2016

Nobody wants to get sick, so we’ll wear jackets when it gets cold, take our vitamin C and avoid going out in the snow with wet hair. We all do different things to stay clear of nasty viruses and bacteria because we know that the loss in productivity and efforts we’ll have to make to…

JFrog CLI Working Files From Both Ends

October 18, 2016

Since JFrog CLI was introduced about a year ago, its popularity has skyrocketed in the CI community. When we asked our users what they liked most about JFrog CLI, the message we got back was clear: Simple, Native, Efficient. Simple: It’s simple and intuitive to use, and onboarding only takes a few minutes. Native: It’s…

JFrog, Proud Partners in DevOpsExpress

September 14, 2016

DevOps has become one of the hottest buzzwords to hit the software industry. Everybody is talking about DevOps, and everybody is supposedly doing DevOps, but there isn’t really a solid definition of DevOps that has caught. Nevertheless, if you look up a few different sources, they all talk about collaboration between developers and IT operations that…

It's Your Content, Claim The Logs For It

November 18, 2013

Improved statistics we introduced last month give you much more information about the users that download open source software you publish than any other binaries distribution platform ever. But why stop there? What if you want even more? One of the most powerful ways to slice and dice your download stats is to play with…

Introducing New and Improved Statistics

September 4, 2013

Bintray’s latest version introduces an upgraded graphic downloads statistics feature. Now you can view the statistics of all package downloads segmented by date, version and country. You can view the download stats for the last 24 hours by hour or select a wanted date range within the last 30 days. For unbounded date range download…

[White Paper] Developing Fast with CocoaPods

August 29, 2016

CocoaPods stepped into the realm of Xcode development to take dependency management from the domain of tiresome and tedious to make it simple and easy. Nevertheless, working with CocoaPods presents the challenges that are typical of working with any dependency manager that uses remote resources like Pod and Podspecs repositories, such as network or repository…

MBeans, MBeans They're Good For Your Heart

September 11, 2016

Some of you may have gotten a giggle from the title of this post, remembering that children's song about beans that many of us would gleefully sing every time one of our friends "let loose". But the truth is, MBeans really are good for your heart, especially if you have to monitor a multitude of…

IT IS TIME TO TRUST YOUR SOFTWARE!

August 3, 2016

JFrog Xray - not just another security vulnerabilities scanner. We have just officially launched JFrog Xray, and were already asked by customers why we think JFrog Xray should be used instead of $YOUR_FAVORITE_SECURITY_SCANNING_TOOL. Is Xray like Black Duck? Maybe it’s like Docker Security Scanning? Maybe it’s similar to Sonatype Nexus Component Intelligence? Before getting into…

Repository Log Analytics At Your Fingertips

July 20, 2016

Friday, late afternoon, and everything seems to be running smoothly. The weekend is just around the corner, so you lean back in your chair and start to plan all the fun you’re going to have. Suddenly, your phone screen lights up. An instant message from your boss that says, “Hey, some of the developers are…

Disaster Recovery Built Into Centralized Repository Management

July 7, 2016

Planning for Disaster Recovery is a bit like insurance. You know you need it so that when the 5#!7 hits the fan, you’re ready with a plan Artifactory sits at the heart of critical software development processes in any organization that has realized the need for advanced artifact management. Depending on who (or which CI…

Increase your Maven Package’s Exposure by Adding it to JCenter

October 8, 2015

If you already distribute your Maven packages via Bintray, your packages can gain further exposure by including them in Bintray's JCenter! (if you are not very familiar with Bintray’s support for Maven, please refer to the user guide and to my previous post). JCenter is the repository with the biggest collection of Maven artifacts in…

swampUP Announcements. Extra! Extra! Read all about it!

May 23, 2016

New announcements at swampUP JFrog Product Announcements: JFrog Xray: JFrog Xray is the first universal impact analysis product, giving organizations an unparalleled level of understanding about all of their container images, software packages and binary artifacts, even with the huge volume and variety of components that development teams share in the software build and distribution…

Empowering Azure DevOps /TFS with JFrog Artifactory

May 23, 2016

For those of you familiar with JFrog Artifactory and its integration with CI servers, you know that we have plugins for Jenkins, TeamCity and Bamboo that integrate and capture information from the CI server to provide full traceability between artifacts and their origin. We also have an integration with MsBuild which allows you to capture…

Empowering BitBucket Version Control with Promotion and Distribution

May 23, 2016

We're pleased to announce the integration of JFrog Artifactory and JFrog Bintray with Atlassian Bitbucket. This integration provides a unified dashboard that visualizes the entire release pipeline from commit, through CI, quality gates and release for distribution. The JFrog Bitbucket add-on lets you monitor a build pipeline that is flowing through Bitbucket -> Bamboo -> Artifactory -> Bintray. This…

The Benefits of Package Search in a Universal Repository

November 30, 2015

We don’t call Artifactory the Universal Repository Manager for nothing. You can now search for any package using search criteria specific to the package type. Looking for an image in your Docker registry? Specify its name, and/or its tag, or you can use its digest for a more specific search. Lost an Npm package? Search…

Migrating from Nexus to Artifactory

May 23, 2016

Migrating from Nexus to JFrog Artifactory is very simple by using nexus2art migrator. The migrator provides a user friendly wizard like interface for transferring everything in your Sonatype Nexus instance repositories, artifacts, users, and settings to an Artifactory instance. Easy setup Migrator tool requires an initial setup (i) to connect to your Nexus and JFrog…

Optimizing Repository Security and Performance with Include and Exclude Patterns

November 29, 2015

Repositories are the building blocks of Artifactory, and there are three basic types: Local repositories are where you store your in-house artifacts; remote repositories proxy remote resources and cache artifacts downloaded from them (e.g. JCenter, Nuget gallery, repositories in other Artifactory instances and others); and virtual repositories aggregate both local and remote repositories under a…

Taking Docker to Production with Confidence

April 5, 2016

Many organizations developing software today use Docker in one way or another. If you go to any software development or DevOps conference and ask a big crowd of people “Who uses Docker?”, most people in the room will raise their hands. But if you now ask the crowd, “Who uses Docker in production?”, most hands…

"Database is wrong for you" and all that FUD

November 24, 2015

Update November 2015: Sonatype introduces abstract blob storage in Nexus 3, almost completely mimicking Artifactory's checksum-based storage that they have been criticizing for years. Talk about leaders and followers. Checksum-based storage. It’s one of the key features that makes Artifactory better than the competition. Here is the typical false claim made by Sonatype (creator of…

If You're Not Using Git LFS, You're Already Behind!

April 5, 2016

The popularity of the Git version control system among developers has grown consistently over the last few years, with many Subversion users making the switch to Git's 'file system snapshot' approach, which differs from the 'file change logging' approach of classic VCS software. Git's Little Problem - Large Files However, Git was originally meant to…

JFrog Mission Control, we have lift-off!

October 29, 2015

It’s not every day we get to announce a brand new product, so we’re really excited with our first release of JFrog Mission Control. Why did we build Mission Control? Because it’s in the spirit of our long tradition of listening to our community. With more and more enterprises setting up more and more clusters…

[White Paper] JFrog Mission Control

March 28, 2016

As enterprises ramp up their use of JFrog Artifactory, and install multiple servers at globally distributed data centers, monitoring and managing the global binary workflow becomes more and more challenging. JFrog Mission Control overcomes these challenges by providing a centralized management console for global Artifactory instances.

Artifactory Vs. Nexus The Integration Matrix

February 26, 2019

This blog post was originally published by Shlomi Ben Haim, JFrog CEO, in February 2011, and has now been rewritten by Dror Bereznitsky, JFrog CPO, to reflect the current state of JFrog technology. If you’re reading this, you probably Googled “Artifactory vs Nexus”, and are trying to evaluate which product to use. Well, you’re…

Filestore Management In The Age of Petabytes

March 25, 2016

Artifactory 4.6 was released last week, and along with adding Google Cloud Storage to the already extended family of storage providers, introduces support for the most complex storage configuration needs of any company in today’s world of binaries management. This will make your filestore management much more reliable and flexible, allowing you to mix n’…

Tracking New Java Libraries Has Never Been Easier!

December 11, 2013

Want to know when a new version of $YourFavoriteJavaLibrary is released (and I mean - any Java library)? With Bintray, it's one-two-three. Go to bintray.com and search. [caption id="attachment_252" align="alignnone" width="300"] Click to enlarge[/caption] Click on the package you'd like to watch. [caption id="attachment_251" align="alignnone" width="300"] Click to Enlarge[/caption] Click "watch", (log in if needed).…

Hot on Bintray: Package Merging

October 10, 2013

We have recently introduced package merging: several packages from the same repository can now be merged into one. This is extremely useful when you have existing packages that are not aligned properly. For example, when you have many small technical packages (modules) that are logically one, single package, often using the same version scheme. Such…

Be the First to Know. Really.

June 26, 2013

So, you have an early-2000 style repository, like Maven Central: And let's say you are very, extremely interested to know when the new version of netty comes out. We understand, it's a natural addiction. How can you do it? Here are some ideas: Well, you can visit Maven Central every day. Couple of times a…

[White Paper] DevOps Without a Binary Repository? A Nightmare!

April 13, 2016

As the grease in the wheels of any software development machine, DevOps is a critical to keep development running smoothly. But to do that, DevOps engineers must efficiently manage an ever-growing matrix of binaries, environments and geographically distributed sites to ensure a smooth application workflow. Wanna wake up from the nightmare? Read/download the white paper.

Docker is Not Alone

October 15, 2015

JFrog Artifactory - The Only Universal Enterprise Repository Manager During DockerCon 2015 in SF, Solomon Hykes asked the audience: "Who is using Docker and nothing else"? No one in the audience raised their hand. Our Developer and DevOps 2015 Survey reinforces this point and adds what developers are using together with Docker. In JFrog’s Developer and…

Advanced repositories - get more out of the box!

September 8, 2015

The ability to proxy remote repositories and cache external artifacts from them is crucial whether they are Docker images, NuGet packages, npm, tar.gz files or any of the dependencies we use to create our own products. It speeds up our builds, ensures reliable access, gives control over the bill-of-materials and offers many more benefits making…

Process is Critical So Are the Systems of Record.

March 24, 2016

You probably read the awesome post in the Netflix Engineering Tools team blog about the build process that Netflix uses to continuously deploy the service that streams movies and TV shows to more than 75 million global Netflix members. And while the post concentrates on the build process - the build tool, the CI server and the…

Artifactory Command Line Interface (CLI) - Pure and Simple

October 22, 2015

Since writing this post, Artifactory CLI has evolved into JFrog CLI that works with both Artifactory and Bintray. I encourage you to read this follow-up post to learn about the power of the JFrog CLI when working with Artifactory, and then read the follow-up post to learn about the great things you can do with JFrog…

How not to care about unpublishgate

March 23, 2016

So, you all heard about #npmgate a.k.a. #unpublishgate. Azer removed left-pad from the official npm registry and all hell broke loose. Most of npm builds in the world are failing today because a tiny (17 lines of js code!), but very popular library was obliterated from a central repository (which teaches us a lesson about…

Meet the all-new Artifactory Online Dashboard

August 19, 2015

If you haven’t yet heard about our exciting new release of Artifactory 4, then you can read about it in our release notes. It comes with a whole bunch of new features, and most visibly, a brand new UI. Well, our Artifactory Online community is also reaping the benefits of this release, and, in addition…

JFrog CLI (mb)ing to New Heights

March 18, 2016

Remember Artifactory CLI? That was the tool we released several months ago to simplify your automation scripts while optimizing upload and download of files to and from Artifactory. Well, after hundreds of downloads and a lot of great feedback we got, we decided “what’s good for Artifactory, is good for Bintray too.” So please meet...…

[Case Study] Oracle Managing Artifacts at Scale

March 10, 2016

How do you manage terabytes of binaries? How do you move mountains of artifacts around the world, at peak performance, all the time? That's what Oracle does, every day. Download the case study to learn why Loreli Cadapan, Director of Development Operations at Oracle, chose Artifactory to manage the company's binary workflow at industrial scale.

Let’s prove what we all know is true

August 9, 2015

There are only a few more days for you to cast your vote for Artifactory at the DevOps Dozen hosted by DevOps.com. Artifactory has been nominated in the category of Repo Manager, and we all know that: Artifactory is the only repo manager that provides full support for Docker (and NuGet, and Npm, and virtually…

Creating a Signed URL Using the Bintray UI

July 28, 2015

How smart is your remote repository?

September 8, 2015

The ability to proxy remote repositories and cache external artifacts from them is crucial whether they are Docker images, NuGet packages, npm tar.gz files or any of the dependencies we use to create our own products. It speeds up our builds, ensures reliable access , gives control over the bill-of-materials and offers many more benefits…

swampUP 2016: JFrog User Conference

February 23, 2016

The JFrog User Conference, affectionately known as “swampUP”, is a yearly event where developers and DevOps come together to talk, network, learn from industry visionaries, and...enjoy an endless flow of fine food and wine (who said learning can’t be fun). Last year’s one-day event was so successful (here are some pictures), and generated so much…

Use the right tool for the job: Git LFS with Artifactory

July 15, 2015

In a recent conversation I had with a developer that works with my wife, who works as the QA Manager for an awesome educational games company, she shared with me a very painful issue that most game developers (probably) share: storing binary assets in Git. This is an issue for everyone in this industry - regardless…

Care for some CocoaPods?

February 16, 2016

The highlight of the latest release of Artifactory, version 4.5, is support for CocoaPods, and there are a bunch of additional updates which we thought you might like to hear about. CocoaPods - The main event Developing for iOS, watchOS, tvOS or OS X? Jumping on the Swift bandwagon now that it’s open sourced? CocoaPods means…

Improve Network Performance - Store Docker Images Locally with Artifactory

July 9, 2015

Goodbye network worries - hello remote Docker registries Docker Hub is an invaluable resource that you need on a regular basis, but as a remote resource, what do you do if Docker Hub goes down or if there is an issue with the network? JFrog Artifactory is an intermediary between developers and Docker Hub and…

JFrog Mission Control 1.0 Unleashed.

February 8, 2016

A couple of months ago we released the preview version of JFrog Mission Control. As a new product, we were eager to get it out there and start getting feedback. Since then we have been in constant contact with dozens of our customers who downloaded it learning what worked well and what was missing. So…

Goodies to Kick Off 2016

January 18, 2016

Holiday season is over. Gifts were exchanged, miles were traveled, resolutions were made, and much alcohol was consumed. Time to get back to work, renewed and energized for the new year. While we had our share of merry-making here at JFrog, we also managed to get some work done between the revelry, and released Artifactory…

Even more Vagrant love in Bintray

July 1, 2015

You, of course, know, that for nearly the last two years, you have been downloading your Vagrant software from JFrog Bintray. But recently, Bintray has taken Vagrant support to a whole new level; it is now is a fully fledged Vagrant repository allowing you to distribute your public and private Vagrant boxes from Bintray! As…

Another one bites the Maven Central dust (and saved by Bintray)

February 19, 2015

Today, I encountered another very detailed blog post on the woes of publishing on Maven Central. Jose Maria Arranz explains why he doesn't like Maven in general and publishing to Maven Central in particular (I am with him on a lot of valid points). I can't help quoting: Fortunately when searching for how-to articles and commenting…

New AsciiDoc support - our humble donation to easier documentation

December 22, 2013

Adding Release Notes and Readme's to your software can be a bit tedious. Well, not in Bintray! Thanks to the excellent Asciidoctor framework, Bintray now lets you annotate your software with online Asciidoc docs, so it's just as easy as writing code! [caption id="attachment_269" align="alignnone" width="282"] Click to Enlarge[/caption] Prefer Markdown? We've got you covered. Bintray supports…

JFrog's Developer and DevOps Trends Survey 2015

December 15, 2015

We started running these surveys in 2013 to stay in touch with our developer and DevOps communities, and to understand how they work and the challenges they address on a daily basis. This year’s survey ran from August 25th through September 3rd and received more than a thousand responses, from over 50 countries, mostly, the…

Enterprise Level Access Control with Keys and Entitlements

June 22, 2015

Advanced Cleanup Using Artifactory Query Language (AQL)

June 17, 2015

Each Artifactory administrator has his own methodology and policies for managing binaries within Artifactory, however, cleaning artifacts and freeing up storage space is a common need that every administrator has. As you probably know, Artifactory does provide a few cleanup methods out-of-the-box such as deleting complete versions, limiting the number of snapshots and deleting unused…

Pyramids, Antiques, Maven Central and Sonatype Nexus…

June 28, 2015

How can you compare one technology or tool to its competitors? Usually, there is no objective comparison available. So how do you know which is better? Eclipse or IntelliJ IDEA? Java EE or Spring? C# or Java? All you can usually find is a holy war and biased comparisons on vendor sites. But luckily, sometimes,…

6 Reasons to Distribute Commercial NuGet Packages through Bintray

December 6, 2015

4 best practices in repository configuration

June 9, 2015

1. If you are using several technologies, (e.g. Nuget, Maven, NPM, PyPi etc..) define a unique repository for each of them. By doing that you are making sure that all of the build requests are directed to the right place rather than going to a repository that may not even have the necessary packages. 2.…

AQL: A Comprehensive Query Language for Repositories

May 18, 2015

One of our mantras here at JFrog is that we’re community driven. At each roadmap meeting we discuss features arising from trends in the industry along with feature requests we frequently get from the Artifactory community. AQL is just such a feature. No… nobody said, “Hey guys, why don’t you build a super efficient query…

Jenkins Artifactory Plugin 2.3.0, Hot Off the Press

May 28, 2015

JFrog has recently released version 2.3.0 of the Jenkins Artifactory Plugin. In case you're not yet familiar with the Jenkins Plugin for Artifactory, here's some background. Artifactory has become the leading binary repository manager available today, and through a series of plugins, it can easily be plugged into the different components of your CI environment.…

Pyramids, Antiques, Maven Central and Sonatype Nexus…

March 2, 2015

Fronting Oracle Maven Repository with Artifactory

February 10, 2015

This post was originally published in The Buttso Blathers blog by Steve Button. Feel free to comment here or there. The JFrog team announced this week the release of Artifactory 3.5.1, which is a minor update that now works with the Oracle Maven Repository. http://www.jfrog.com/confluence/display/RTF/Artifactory+3.5.1 I spent a little while yesterday having a look…

Migrate from Nexus to Artifactory and Manage Your Binaries Better

February 22, 2018

Many businesses today are using a Binary Repository Manager to manage their binaries and artifacts as it is critical to the delivery of reliable, quality software, faster, and at a lower cost to better compete in the marketplace. However, as their business grows and matures, requirements change and they find the need for a more…

Docker Has Arrived, But Has Your Ship Really Come In?

November 21, 2014

In many ways it has. Docker has emerged as the “King of Containers” with more and more enterprises adopting Docker technology to run applications in data centers, on IT infrastructure and developer laptops alike. Docker’s decoupling of applications from their environments has effectively revolutionized how software is run. However, as with any (relatively) new technology,…

Wanna Download? Get Your Signed URLs Here

November 9, 2014

The new features that a Bintray Premium account exposes are exactly what you need for commercial software distribution. Private repositories, fine-grained permission management, storage-as-you-go and much more. Private repositories are a great way to control who can access your artifacts, but what happens if you want to give someone limited access to a specific artifact.…

JFrog leaps ahead with US offices, new investment from VMware

October 5, 2014

Analyst: Jay Lyman 29 Sep, 2014 Repository and binary management vendor JFrog continues to grow, thanks largely to its new US offices and continued growth of modern, agile, DevOps technologies and methodologies among more mainstream and larger enterprises. In July, JFrog announced $7m series B funding from VMware and previous investor Gemini Israel Ventures. JFrog says the funding has helped it to grow…

Continuous Integration (CI) using TFS, Visual Studio and NuGet with Artifactory

June 20, 2014

Part 2 - “Is the sky cracking”? In the first part of this blog, we covered the downloading of the sample projects, the installation of Artifactory PRO, the building of the MyLogger library, and its storage into Artifactory. In the previous blog we covered the ability of Artifactory to proxy build dependencies from a remote cloud repository…

Less is More!

August 27, 2014

A blog I wanted to read prior to Series B I decided to write this blog and share JFrog’s story with you, so if you’re doing or planning any fundraising, you'll have these silver bullets in your pocket to whip out at any decision points along the way. I used some “Getting Your Business Funded”…

Continuous Integration using TFS, NuGet, and Artifactory

June 6, 2014

This blog shows how Artifactory, a binary repository manager, can be used a) as the storage location for remotely located build references, b) as a drop site for locally built CI artifacts, c) and in a future blog how it can also function as a storage and of all these binaries. For this demo we will use the MyLogger solution.…

The Future of Open Source: Speeding Technology Innovation

June 28, 2014

As one of the contributors to Black Duck’s eighth annual Future of Open Source Survey, the industry’s leading indicator of open source software (OSS) industry trends, JFrog was pleased to be able to help show the world the true impact of open source software. This was the first year that we decided to take part in the survey.…

Using OneGet with Artifactory

June 26, 2014

Artifactory, OneGet, NuGet, Chocolatey, and Powershell Setup and Installations Recently there has been an enthusiastic buzz around OneGet, Microsoft’s new download manager for Powershell. With OneGet, Windows now has a first-class deployment manager quite similar to what the *inx folks had for years with the Apt-Get download manager. OneGet is a command line tools which…

JFrog joins the Cloud Foundry Foundation to help open source integration leap forward!

May 30, 2014

We are excited to join the Cloud Foundry Foundation as a Silver member! Well, that was a natural move for the frogs. As a true believers in OSS, Integration and cloud as a platform it is just natural for us to join the team and other members of the foundation and offer our value and experience to the community.JFrog streamlining…

Private npm Registry With Artifactory

April 9, 2014

The main reason for Node‘s explosive popularity is its thriving ecosystem. Likewise, it’s well understood that the main reason for that ecosystem’s growth is npm, Node’s package manager. npmjs.org usage has skyrocketed with statistics showing over 4 Million packages downloaded a day, and over 68,000 packages publicly available, and the numbers just keep going up. In fact,…

Power to the People - Customize and Extend Artifactory with User Plugins

April 3, 2014

From our experience with thousands of Artifactory users, we know one thing for sure:we don't know better. Every organization does its ALM differently: artifact approval flow, snapshot retention policies, build-to-release flow, governance, required metadata and much, much more - each organization is different. We definitely have some ideas on how the build and deploy process…

Introducing First Class RubyGems Support in Artifactory

December 5, 2013

Here's a short and down-to-business screen-cast that shows how to set up a feature-rich hosted Ruby Gems repository. You'll get the full monty - local repositories for sharing your private gems, remote repositories to stop being dependent on rubygems.org and a virtual repository that unifies and simplifies configuration. Of course, it plays awesomely with Jenkins, (by using Jenkins…

JFrog catching more enterprises as devops, legacy ops converge

December 3, 2013

https://jfrog.com/blog/how-devops-empowers-maslows-hierarchy-of-needs-2-0/Analyst: Jay Lyman JFrog is a commercial backer of the open source Artifactory repository management software. The company, with offices in Israel and Milpitas, California, reports an increase in enterprise customers melding new, more agile application development and release practices (aka devops) with legacy systems and processes. The company's repository management software and new Bintray for distributing binaries are significant components…

Share Your JavaScript Libraries With The World

October 29, 2013

Let's face it, developers are lazy (including myself). Philipp Lenssen agrees with this saying in his post by stating: Only lazy programmers will want to write the kind of tools that might replace them in the end. Lazy, because only a lazy programmer will avoid writing monotonous, repetitive code – thus avoiding redundancy, the enemy of…

Fight Crime with GPG

August 6, 2013

So you deliver your awesome library to hundreds of users each day, but they’re a tough bunch and they’re all like: “Hey man, we gotta see some ID” So you kneel to the whims of the rabble; you generate your GPG key pair and sign each artifact you deliver, because hell if you’re gonna let…

Google and GitHub insist - go store your binaries in a proper place!

May 30, 2013

Starting July 2nd GitHub is allowing hosting binaries again. Point about Google Code still remains valid. Plus, we believe we still do better job when it comes to binaries, comparing to GitHub, which is awesome (for your sources). Well, first GitHub, and now Google Code, both cease to host your binaries on their platforms. The…

Announcing the Gradle REST Plugin

April 13, 2013

Hosted and used by Bintray!

Taking Control of App Releases

August 22, 2013

Featuring report "Release Management for Enterprises", by RebelLabs Today’s software users have rapidly evolving needs, are mobile, and expect 24/7 connectivity and reliability. So dev teams need to churn out new features and versions frequently to keep up while still making sure that service is not interrupted. Sounds like a tall order, but fail to…

Does Ruby Need a Mature Binary Repository?

August 13, 2013

At some point in time, a Ruby developer realized the need to serve gems within a private network. The main reasons why: You can't rely onRubyGems.org You need a place to host the gems is not available in RubyGems. Those can be of two flavors: Something not hosted at RubyGems. For example, Vagrant. Something internal (neither open source nor…

wOwSCON 2013

August 5, 2013

I've been a part of the swamp for over a year now and managed to learn that being a part of the community means much more than sitting in front of the computer and writing code all day long. One of the ways JFrog stays in touch with the community is attending conferences and I…

2014: A Year of Revolution in Continuous Integration

December 22, 2014

This note isn’t just a recap of 2014, it is our commitment to the future! 2014 was a crucial year for the development and DevOps world – an explosive inflection point with vendors integrating tools to capture and pass information from development to operations to automate the entire application delivery process. The industry hasn’t…

3.0.x at Full Speed

July 9, 2013

You probably already noticed, but just in case - Artifactory 3.0 awesomeness is now delivered to you more frequently than ever. For example, we just released 3.0.2. This minor release completes the databases support matrix by adding PostgreSQL to the mix. In addition to the usual load of bug fixes we introduced a special treatment for `artifactory.content-type` property. Setting it…

Artifactory User Plugins in 5 Screenshots or Less

December 19, 2012

Actually, less (only 4).Remember the blog post about user plugins? How easy and fast is it to add or change functionality in Artifactory? When you went skeptic, like "come on, it's nice in the blog post, but how useful it really is?" Here's real live example from today:This morning (~09:30 AM in Netanya, Israel) I found…

Beat the binary repository developer (a.k.a. User Plugins)

November 15, 2012

From our experience with thousands of Artifactory users we know one thing for sure: we don't know better. Every organization does its ALM differently: artifact approval flow, snapshot retention policies, build-to-release flow, governance, needed metadata and much, much more - they are all different. We definitely have some ideas on how the build and deploy…

JavaOne - Next year in Vegas?

October 25, 2012

OK, my adrenaline is back to normal, and it's time for a wrap-up about JavaOne. As the Main Event in which we participate every year, this year’s JavaOne was big for JFrog. Judge for yourself: at JavaOne 2009 we introduced the Pro and Cloud versions of Artifactory Binaries Repository Manager at JavaOne. At JavaOne 2011…

Replication! What and How.

June 15, 2012

Update Jul. 24th 2012: As of version 2.6.2 Artifactory also supports event-driven replication. Benefit from all the worlds: pull/push/event-driven!Working in distributed teams isn’t easy. There are time zone differences, language and cultural differences, and… data distribution. When the data you need is away, you are miserable. So, let’s fix it. Bring your data home Let’s take binary…

Go beyond Java with CI server and Artifactory

May 31, 2012

During the last couple of years, continuous integration (CI) and automated release management methodologies have become much stronger in non-Java builds.Number of familiar tools are used for these methodologies, like the version control system to manages your sources, your build tool to actually build your software from sources and your build server, which builds your software continuously using…

JFrog jumps at Devops opportunity with continuous integration repository

April 12, 2012

Analyst: Jay Lyman Israel-based JFrog backs the open source Artifactoryrepository management software, where it finds audience with both application developers and IT operations teams. Its positioning between these two parties managing one of their common challenges in software artifacts and binaries places JFrog at the crux of the devops trend that is pulling development and IT operations together. While…

QCon 2012 - Perfect as Everything in London Should Be

March 15, 2012

Update 13 Jul. 2012: The video recording of my talk was published on infoq.comIt was JFrog's second QCon London, and it just gets better. Imagine: even the London weather was perfect, not to mention the sessions, booth traffic, show organization and food (what, you say, good English food? Well, great IndoPak food, at least). Due to high demand…

Dependency Management with .NET - Doing it Right

February 6, 2012

The problem of dependency management is neither new nor original, it exists in all development platforms, and .NET is no different. Let’s go through different solutions and see how they perform. I’ll list them here in no particular order. Keeping dependencies in your source control That’s a very popular solution, and for a reason. The…

Artifactory - Community Talks

November 1, 2011

We’d rather have our customers and users be the gauge of how well Artifactory met their Continuous Integration needs, rather than have you listen to our opinion.These are busy days for the froggers getting ready to release 2.4. The buzz is out there and proudly we can see more and more talks that cover Artifactory as…

The Frog Who Turned into a Prince

October 17, 2011

JFrog’s Artifactory Wins JavaOne 2011 Duke's Choice Award 3 years from the day it was founded, JFrog was recognized by Oracle and the Java community for Innovation Java Tools for Developer with Duke’s Choice Award at JavaOne 2011.This is not a marketing announcement nor a techie or an executive post, this blog is about how…

Jenkins New Maven and Gradle Release Management and Why You Should Look Into It?

June 2, 2011

Jenkins now offers a new robust solution for release staging and promotion in the form of the Jenkins Artifactory Plugin. This solution is fast, lightweight and works for for BOTH Maven and Gradle builds The Need for a Better Release Alternative If you are using Jenkins (or Hudson, before) then releasing and promoting build artifacts…

The Future of CI at JAX Conf

May 29, 2011

The Future of CI at JAX Conf - San Jose June, 2011 by Fred SimonThese are exciting days for Continuous Integration users and for us - JFrog Artifactory team.Following the successful CI Summit held in LinkedIn HQ last month, we are now heading to theSan Jose JAX Conf!This year, for the first time, the great European JAX conference…

Thinking in Gradle!

May 23, 2011

Since my first encounter with Gradle and Hans Dockter (TSSJS 2009 in Las Vegas), I slowly (but surely) started to use this new build tool in many environment and projects.Today, I’m hooked and I don’t think there is a better way to build!But, the main issue I encountered is how to convince other that Gradle is the…

The First Continuous Integration Summit - Video Available!

April 20, 2011

On April 7th, we held the First Continuous Integration Summit at LinkedIn HQ in the Silicon Valley. We were overbooked a week from opening the event registration page! This enthusiastic response, in addition to the feedback we received (and still getting) from the community, illustrates the great appetite for gaining and learning more about CI technologies and…

To Build or Not to Be - Seminar Videos

July 26, 2010

JFrog's Continuous Integration and Build Seminar "To Build or Not to Be", took place on July 1st, 2010 and was a big success.The sessions of Kohsuke Kawaguchi creator of Hudson and CEO of InfraDNA, and Hans Dockter creator of Gradle and CEO of Gradle Inc are now available online.Watch now the videos of "Gradle - A Better Way To Build".and "Doing More with Hudson" …

The case study of JBoss Repository Manager

May 11, 2010

Most of the issues encountered by JBoss developers with their new build infrastructure are discussed openly here. This is an important source of information about the problems encountered with a Hudson, Maven and Sonatype-Nexus integration. Since we (JFrog) worked on Hudson, Maven, and Repository Manager environment for many years, we provided some feedbacks to JBoss. …

Building an Enterprise Repository with Artifactory

March 3, 2010

*The content of this blog is a translation of a blog posted in Portuguese by Diego Pacheco.*I clearly recall experiencing DLL hell while working predominantly with Microsoft products. We suffered from dependency issues back then and we still suffer from them today.When I started working with Java I suffered from a similar development concern. The specifics are a little…

So you've decided to configure a remote repo and avoid headaches?!

January 14, 2010

Background There are a lot of public Maven 2 repositories out there (repo1, JBoss, SpringSource, etc.). When setting up your repository manager for your organization, configuring remote repositories can be one of the most difficult tasks. Finding the correct URL for those remote repositories, and more importantly, defining the correct include/exclude patterns for artifacts, is…

Empower Hudson with Artifactory - Track and Replay Your Build Artifacts

December 30, 2009

Overview In this blog, I will demonstrate how to integrate Hudson with JFrog's Artifactory repository manager to have full build-to-artifacts traceability. We will use Artifactory plug-in to deploy the Hudson build artifacts and track them back to their original build. Keeping the history and reproducibility of code is a must-have for any modern project. Using one of the different…

The one that talks, the one that does!

December 24, 2009

The one that talks, the one that does! In a blog "Why Putting Repositories in your POMs is a Bad Idea", Sonatype "asked" the open source community to manage their Maven2 POM file correctly.This is a good and important request, since Maven will not work correctly: Over time (due to URL changes) In a closed…

Search-based Promotion - Staging and Promotion Finally Made Simple!

November 5, 2009

Overiew One of the greatest features of Artifactory 2.1 is the support for artifacts staging and promotion. The idea behind this feature is that in many environments, before exposing a new release for public consumption, the release needs to go through a well-known life-cycle - the release is first made available in a staging environment…

Maven and JavaFX, the story of TwitterFX POM

May 11, 2009

JavaOne demo Our JavaOne 2009 technical presentation TS-4388 is a demo integrating Maven, JavaFX, Artifactory and WebStart in one smooth process for the developer and site operation manager. So, we were looking for a nice JavaFX demo with source code using external Java dependencies that will demonstrate the ease of use of Maven when using Java libraries.…

Avoiding Clear Text Passwords in Maven

January 25, 2009

On Secure LDAP Integration: Avoiding Clear Text Passwords in Maven Settings and Controlling Login FallbackFirst, Some BackgroundOne shortcoming of Maven is that it requires you to store your repository passwords in clear text inside the settings.xml file. Now, this stops being mere annoyance and starts becoming a real security hole once your repository's authentication is done…

Re: Contrasting Artifactory and Nexus

January 25, 2009

I do not care too much about product comparisons coming from product vendors since they are usually biased and written with a single mindset of "how do I make my product look better". Being labeled with an "I'm nonobjective" sticker from the start, I tend to take them with limited trust.I recently came across a blog…

Artifactory 2.0 has been released!

January 5, 2009

We are pleased to announce the availability of Artifactory 2.0. Artifactory is an advanced Maven repository manager, offering powerful enterprise features, such as LDAP/Active Directory integration and fine-grained permission control, behind an easy-to-use user interface.With this second major release of Artifactory, Artifactory is 100% configurable via an Ajax web UI and is packed with many enterprise-level…

Lists and Contextual Menus, MMI nightmare!

November 20, 2008

I'm more of a "server side" kind of developer.When I see too much HTML, CSS and Javascript, I need pills!Still, I like to challenge the MVC architecture of UI frameworks. I even wrote my own web framework for fun (but some poor developers, in India I think, are now suffering from it), and played with…

welcome to the frog’s blog

Latest:

Artifactory as a Caching Mechanism for Package Managers