welcome to the frog’s blog

Latest:

Fearless Updates with JFrog Enterprise+: A Step-By-Step Demo

November 14, 2018

The JFrog Enterprise+ platform gives you a complete pipeline to control the flow of your binaries from build to production. Managing your software deployment end-to-end. The following screencast demonstrates a complete workflow from managing your JFrog services all the way to creating and securely distributing release bundles to target destinations. All part of the Enterprise+…

Read More

JFrog Xray Drills Deep Down into Your Docker Images

November 7, 2018

JFrog offers an end-to-end Docker security scanning solution covering the full lifecycle of your Docker images to manage development, vulnerability analysis, license compliance, artifact flow control, and distribution. JFrog Xray has access to the wealth of metadata Artifactory stores. Combined with deep recursive scanning, it puts Xray in a unique position to analyze the relationships between the…
Read More

Raising Helm – to Enterprise Scale

November 6, 2018

Reposted from the original which was posted on the AWS Open Source Blog TL/DR: Package managers in general are awful, but Helm, the package manager of Kubernetes, is… not bad at all. Of the seven deadly sins of package managers, Helm commits only two, and these are easily fixable. We’ll be explaining how below. We aren’t…
Read More

JFrog & Harness - Don’t Get Bogged Down with Continuous Delivery

November 1, 2018

Harness, a company that provides a Continuous Delivery as-a-Service platform, automates CD with machine learning and security. In this guest post, Stephen Burton, VP Marketing offers a primer on how customers use Artifactory, XRay and Harness together to accelerate Continuous Delivery. This post, also published on Harness.io, has been lightly edited from the original to…
Read More

Accelerate Azure DevOps or TFS with JFrog Artifactory and Conan

October 29, 2018

For some C/C++ developers, working within the structure of continuous integration can be an awkward transition. Running a CI server and the supporting tools to resolve dependencies, share packages, and manage binaries may be unfamiliar, and getting them to work together well can be challenging. C/C++ Continuous Integration Challenges Microsoft’s Azure DevOps (formerly known as…
Read More

Cluster Management Made Simple with JFrog Artifactory and HashiCorp Nomad

October 23, 2018

Many new technologies are laser-focused on cloud-native applications and architectures. However, not all applications are there just yet. Someone only reading trade press, may get the idea that all applications are there. The reality is that applications continue to take many forms, and will for a long time to come. It is refreshing to learn…
Read More

Managing Security Entities with JFrog Access

October 21, 2018

The Unsung Hero of Your Binaries’ Security JFrog Access is the sentinel that manages authentication and authorization for all JFrog services. Packaged and installed together with JFrog Artifactory, Access keeps your binaries secure by making sure that only authorized users can access them. And then, those that do access your binaries, can only do what…
Read More

Five Ways to Meet Deadlines When Developing with NPM

October 15, 2018

Node.js has risen to be the most popular development technology in use today. Don’t take my word for it, you can look at Stack Overflow’s 2018 survey. And if that’s not enough for you, pop into www.modulecounts.com and see how packages in public open source npm registries outnumber those from any other technology by a…
Read More

Two Models for DevOps - Rockets and Airplanes

October 2, 2018

More and more, agile enterprises require software development to function at supersonic, even interstellar speeds, turning around changes fast, yet safely. DevOps pipelines offer the best way, but what will you really need to fulfill that promise? Having a good way to understand the impact of CI/CD processes, and the role that container technologies like…
Read More

Tips and Best Practices for Developing with Artifactory on GCP

September 27, 2018

Hosting infrastructure on cloud-based services is becoming a standard in the tech industry. This comes as no surprise as multifaceted solutions for efficiency are the driving advantages of moving to the cloud. More specifically, some of the reasons that leave cloud solutions at an advantage include flexibility, cost and easier maintenance, allowing the team to…
Read More

The Unpleasant Surprises of OSS License Changes and How to Avoid Them

September 26, 2018

Three weeks ago a popular JavaScript tool Lerna underwent dramatic turmoil.  One of the original founders and maintainers of the Lerna project suggested changing the license from the ordinary MIT to “MIT with personal exceptions” in effort to prevent certain software companies, including Microsoft, Amazon, Apple, LinkedIn, Walmart, Target, Tesla, Xerox, Dell, and others, from…
Read More

Automation Using Webhooks in JFrog Artifactory

September 25, 2018

You (probably) already know that Artifactory, as your repository manager, plays a vital role in your CI/CD pipeline by bridging the gap between development and operations. Now, we’re giving you the option to use webhooks with Artifactory to automate your processes even further. Read on... First, what are webhooks? In the most simple terms, a…
Read More

Fully Automated Promotion Pipelines with SonarQube and Artifactory

September 20, 2018

This blog post is co-authored by Jonathan Roquelaure of JFrog and Fabrice Bellingard of SonarSource, and co-posted on the SonarSource blog Our previous blog post showed how to connect Artifactory and SonarQube to help make better decisions when it comes to deploying or delivering good quality software. With a pretty simple script added to your…
Read More

Cloud Is Not a Binary Decision

September 18, 2018

To cloud or not to cloud? That isn’t really the question anymore. In choosing a public cloud service, many businesses are finding that instead of just one cloud, they prefer a crowd. Enterprises face a dizzying array of choices in how to host their IT infrastructure, to find the best combination that matches business needs.…
Read More

Jenkins X: Code to Production in High-Speed

September 17, 2018

Following another year of successful Jenkins User Conferences (JUC) in France and Tel Aviv, bringing the Jenkins community together for one packed day full of announcements, this year the big news was Jenkins X. During his keynote talk at the Tel Aviv JUC, Kohsuke talked about the many different superpowers being shipped out to the…
Read More

You Have Docker - But Are Your Docker Registries Highly Available?

September 12, 2018

With Docker continuing to gain traction in production systems, and widespread use in pre-production, a company’s Docker registry can be central to its operations. This post explains how a high availability Docker registry can help companies avoid the enormous expense incurred when mission-critical systems go down. The Cost of Downtime Downtime is extremely costly, and…
Read More

Discoveries and a Release Management Plugin from JFrog

September 11, 2018

This is a repost of the original that was recently published as a guest post on the Atlassian blog. My time at Atlassian’s Bitbucket Cloud Dev Week proved to be very fulfilling, and not just for the cool code we produced. I’m excited about that too, of course. Using Bitbucket Cloud’s V2 APIs, I was…
Read More

Is Your Helm 2 Secure and Scalable?

September 6, 2018

Recently Rimas Mocevicius, a Kubernaut at JFrog and co-founder of Helm, spoke at our recent JFrog Helm meetup about the security issues relating to Helm 2 and offered an elegant workaround to secure your k8s cluster. Tiller Poses a Potential Security Threat In Helm 2, a new server-side component called “Tiller” was added. Tiller is…
Read More

Get Your License Compliance Reports with a Click of a Button

September 5, 2018

When releasing software, one of the key aspects you need is ensuring that you’re compliant and safe from any legal risks. Our previous blog post on DevOps and Compliance described how compliance can be a seamless part of the DevOps workflow in your organization. This blog post will address the way your company is enforcing…
Read More

5 Reasons You Should Be Using JFrog CLI

August 30, 2018

JFrog CLI is a useful compact client, which was developed in order to enhance and simplify command line interactions with JFrog products. In this blog post, I will present 5 reasons why you should be using JFrog CLI, and the most common use cases where it comes in handy with your Artifactory repository manager. Reason…
Read More

Gain Code Insights with JFrog Artifactory and Atlassian Bitbucket

September 4, 2018

At the 2018 Atlassian European Summit in Barcelona, Atlassian introduced a new UX in Bitbucket Server that empowers developers to be more productive. Called Code Insights, it gathers information from across the DevOps toolchain into Bitbucket’s pull request experience. On the heels of this news, JFrog is announcing a new integration that brings critical data…
Read More

Reusable Cloud Infrastructure as Code with Pulumi and JFrog Artifactory

August 29, 2018

This guest post is submitted by Chris Smith of Pulumi and is co-posted on the Pulumi blog. Pulumi enables you to specify cloud infrastructure with code. This empowers you to program the cloud in your favorite language, and benefit from useful and familiar features of coding like  static analysis, type checking, IDEs, and more. One…
Read More

How to Achieve Fully Traceable Builds with Drone

August 28, 2018

A build without build-info is like a black box. You don’t know what’s in it, what dependencies it uses, who created it, when it was created and with which tool. And then there are properties, tags and a host of metadata that gives the build its identity. Without build-info, your build is essentially useless. The…
Read More

Accelerating C/C++ in IoT with Conan and Resin.io

August 20, 2018

With Conan and resin.io you can rapidly prototype and build your IoT tool reducing your C++ management pains. Creating C/C++ apps for IoT devices is always challenging. It requires setup of the compiler and toolchain to cross-build for the embedded architecture, managing dependencies of the app, and deploying it in a wise way. Conan takes…
Read More

Top 10 Reasons Why You Need JFrog Enterprise+

August 16, 2018

  More and more companies rely on software to provide value to their customers through product or service updates, websites, mobile apps and more. Whether large or small, these companies can be in any industry segment such as financial, retail, manufacturing or healthcare. To keep providing value through software,  you need to continuously develop new…
Read More

Accelerating Software Delivery in the Cloud

August 14, 2018

So you’ve decided to take your development to the cloud. That’s a smart choice as cloud automation offers the speed and agility businesses need to keep pace with competition and ever-changing market demands. Cloud DevOps tools offer greater flexibility, rapid deployment, reduced IT costs, and low upfront costs with subscription pricing. Cloud-based offerings are a…
Read More

12 Reasons You Don't Need Software Artifact Management

August 9, 2018

0. You have no code. If you have a project, which has no code, you don’t need to manage any artifacts. Well, you don’t need CI, you don’t need runtime, all you need is a bug tracker. And Kelsey, thank you again for the fun! 1. You have no users. If your software has no…
Read More

You have Docker; Now are your Docker images secure?

August 8, 2018

This is the second blog in our series on Docker. In our initial blog called You have Docker; Now what?, we discussed the reasons for using a universal binary repository when implementing Docker to production with confidence. It’s great that you're using Docker, but managing security vulnerabilities is vital to ensuring your Docker environment is free…
Read More

Delivering Shift-Left Security with NeuVector and JFrog Xray

August 1, 2018

Bringing Kubernetes app security insights to developers This post is co-authored by Craig Peters of JFrog and Henrik Rosendahl of NeuVector and is also cross-posted on the NeuVector blog. Kubernetes, the container and orchestration tool favored by enterprises, provides great benefit in automating many aspects of application deployment at scale. But, like any emerging technology,…
Read More

You have Docker; Now what?

July 26, 2018

Almost all organizations developing software today use Docker. However, there are some that still don’t have confidence to take Docker to production. Let’s take a closer look at two main challenges behind this hesitation, which are visibility into the Docker images and where/how they are managed. Challenge 1: What’s in your Docker images Docker images…
Read More

Xray Policies: Govern Your Software Supply Chain with Ease

July 25, 2018

In modern software, there are many important aspects to governing software. You no longer only care for the quality of your own code, but also care for the quality, security, integrity, legal and other aspects of the open source packages that you use. The knowledge of how to handle the risks in these quality domains…
Read More

DevOps and Compliance; A Match Made in Heaven

July 23, 2018

Like the Borg in Star Trek, compliance can strike alarm in one’s heart. And resistance is (for the most part) futile because regulations are just another component of doing business. In any organized civil society, we’re all required to comply with rules of one sort or another. Sometimes those rules and regulations really are burdensome.…
Read More

From Code to Cloud with JFrog Artifactory and Azure AKS

July 19, 2018

Our Kit Merker, VP of Business Development, recently made a guest appearance on the Azure Friday show on Microsoft's Channel 9, showing how to use JFrog Artifactory as your repository manager with Azure and the importance of a Kubernetes Registry. Kit demonstrated the seamless flow from code to cloud, that includes JFrog Artifactory and DevOps…
Read More

Twistlock and JFrog Steer the Container DevSecOps Seas

July 16, 2018

Twistlock and JFrog have partnered to provide continuous scanning and security for your builds. Twistlock directly integrates with JFrog Artifactory, which provides a fully automated Docker promotion pipeline for maintaining your Docker registries. What is Twistlock? Twistlock is a versatile security solution that works well with the Kubernetes container orchestrator and integrates smoothly with JFrog…
Read More

Accelerate R Package Development with Artifactory CRAN Repositories

July 10, 2018

'R' You Ready to Take the Leap? R is the leading statistical language used for statistical computation and graphics used by data scientists and data analytics to extract meaning from data. The Comprehensive R Archive Network (CRAN) serves as the package manager for R providing easy package install, the option to store multiple versions and…
Read More

What To Think About When Thinking About Onboarding Artifactory

June 27, 2018

If you’re reading this, you have probably decided to add Artifactory into your Software Development Life Cycle (SDLC) / CI and would like to understand the key points to consider for implementing this integration. In this blog post, we’ll review the high level aspects you should address when introducing Artifactory into your environment and CI/CD…
Read More

Containerize Node Microservices Using Atlassian Bitbucket Pipeline and JFrog CLI

June 21, 2018

Did you know? Atlassian provides tools to help development teams more effectively collaborate and deliver software fast. Atlassian introduced Bitbucket Pipelines in 2016 to automate continuous integration in a seamless way with the git repository. As Bitbucket Pipelines has matured we’ve seen more of our customers taking advantage of its ability to easily integrate CI/CD…
Read More

Latest Helm Chart Enhancements from JFrog

June 20, 2018

Google introduced Kubernetes (k8s) as an open-source container-orchestration system for automating deployment, scaling, and management of containerized applications less than four years ago. Since then it has been gaining rapid popularity. Today, it is being used in a number of vendor solutions including Microsoft for its Azure Kubernetes Service (AKS), Mesosphere for its DC/OS, Pivotal for its…
Read More

10+ Reasons to Use Artifactory as your Docker Registry

June 12, 2018

There are  so many good reasons to use Artifactory as your Docker registry: The recently-released Package Viewer emphasizes the most relevant metadata with the look and feel of a native Docker registry JFrog CLI lets you build Docker images with exhaustive build information and upload them to Artifactory JFrog Xray will do a deep recursive…
Read More

Deploy JFrog Artifactory High Availability Using Azure Resource Manager Templates

June 7, 2018

Why Use Microsoft Azure Services? Microsoft Azure services is used by many companies and government agencies for their software development and hosting infrastructure needs. Development teams can quickly set up and dismantle development environments and IT operation teams can quickly host their production software. It helps to avoid complexity and expenses in procuring and managing…
Read More

Artifactory: Your NPM Registry for Bit

June 6, 2018

We’re always excited to see the different ways Artifactory gets used. Bit (bitsrc.io) is a platform built to increase code reuse and reduce the overhead around it. It lets you isolate “bits” of Javascript source code from existing projects, share them with your teammates and the developer community, and use them as NPM packages by…
Read More

Use JFrog Artifactory to Deliver Software with Confidence to AWS EKS

June 5, 2018

AWS is launching the Amazon Elastic Container Service for Kubernetes (Amazon EKS) and is announcing JFrog as a proud integration partner. Over the past year, it seems that even companies that weren’t in the first phase of Kubernetes adoption are now joining the party. JFrog has been a key part of the container movement, launching…
Read More

swampUP 2018, RELOADED

June 5, 2018

If I had to summarize swampUP 2018 in one word, it would be “opportunity”. It was an opportunity to hear about the latest developments in DevOps and learn what the future holds from industry leaders in the biggest companies such as Google, Amazon, Microsoft and Netflix. It was an opportunity to share knowledge and experience…
Read More

Artifactory Docker Registries Feel Like Home

May 30, 2018

  As a Universal Repository Manager, Artifactory supports all major package formats in common use today. That’s 23 (!) different formats, with more on the way. Being universal is great. It means that Artifactory fits in with virtually any development ecosystem. But this also comes with a cost. Each package format is constructed differently with…
Read More

Kubernetes Registry for Azure Container Instances (ACI)

May 28, 2018

What is an Azure Container Instance? Microsoft Azure Container Instances (ACI) offers users a fast and simple way to deploy container applications in the cloud without provisioning virtual machines or having to adopt a higher-level service. Using ACI, you can scale and orchestrate operations by deploying a Docker container that pulls a Docker image from…
Read More

Manage Your Docker Builds with JFROG CLI in 5 Easy Steps!

May 24, 2018

JFrog CLI is a useful client that provides a simple interface that works smoothly with JFrog Artifactory and Jfrog Xray. The simplified CLI commands enable you to create readable automation scripts that are easy to maintain, efficient and reliable. From version 1.14.0, JFrog CLI has extended its support to manage Docker builds, in addition to its…
Read More

Leap into the Universe of Fearless Updates

May 17, 2018

Most of us work in a modern company whose  survival depends, amongst other things, on how quickly we can release and update software. One might argue that this is only true for technology companies, but in reality, whether you are a financial, retail, manufacturer or healthcare company, you’re probably developing software to maintain your products,…
Read More

Set Up Your JFrog Services in No Time!

May 10, 2018

JFrog Mission Control provides an easy way for JFrog administrators to set up, manage and monitor their Artifactory & Xray services using Configuration Scripts. Additional support, including Jenkins, will be available soon. Configuration scripts are written in Groovy and can be applied to one or more service at a time to perform a variety of…
Read More

Running an In-house Go Registry with Artifactory

May 2, 2018

The need for a Go registry Since its inception over eight years ago at Google, Go has emerged as one of the most popular languages used by developers and DevOps today, so much so that it was used to design and write both Helm and Kubernetes. The project’s 2017 survey of over 6,000 respondents showed…
Read More

SUSE and JFrog Accelerate Cloud Native Development for the Enterprise

May 1, 2018

Oh the things you can find, if you don’t stay behind!  (On Beyond Zebra!, by Dr. Seuss (1955)) It’s time to get Enterprise class Kubernetes to run your applications. SUSE enables organizations to accelerate app development by providing a platform that streamlines lifecycle operations for traditional and cloud-native technologies. SUSE enables you to deploy, manage,…
Read More

Deploy JFrog Artifactory in Canonical Distribution of Kubernetes

May 1, 2018

This blog post is co-authored by Craig Peters of JFrog and Stephan Fabel of Canonical. A free-to-use rapid way to deploy Kubernetes (k8s) is a critical building block for accelerating development team’s adoption. The Canonical Distribution of Kubernetes (CDK) delivers a pure experience across a wide variety of cloud infrastructures. This enables enterprises to rapidly…
Read More

The 3 Kubernetes Essentials: Cluster, Pipeline, and Registry

April 26, 2018

  This blog post is co-authored by Kit Merker of JFrog and Raziel Tabib of Codefresh, and is co-posted on the Codefresh blog. OK, so you’re adopting Kubernetes. Good choice. There is a dizzying array of good options to get a Kubernetes cluster up and running. But once it's there, how do you actually get…
Read More

JFrog Artifactory and ElectricFlow Accelerate Time to Market

April 25, 2018

JFrog and Electric Cloud have partnered to help customers accelerate software delivery, increase release quality, reduce delivery costs, and provide higher reliability and traceability to better compete in the market. Electric Cloud has developed a plugin that integrates JFrog Artifactory’s universal artifact repository manager that supports all major package formats (20+ languages) with their DevOps…
Read More

Use Terraform to Easily Manage Your Artifactory Infrastructure

April 24, 2018

Cloud-based solutions offer an abundance of opportunity to deliver potential game-changing possibilities for businesses. Your business can now deliver software at greater speed, and at a reduced cost. Cloud Deployment Challenges The Cloud is the way to go, but a cloud solution can be challenging when considering the various options available to you such as,…
Read More

Artifactory Cloud: Your Powerful DevOps Solution on AWS Marketplace

April 23, 2018

Increase software delivery and quality Gain universal support of development languages & DevOps tools Easily make Artifactory your Kubernetes registry You now have the freedom to use JFrog Artifactory. The most popular DevOps tool that was only available directly through JFrog, but is now available on the AWS Marketplace. The new offering is called JFrog…
Read More

swampUP 2018: A Technical Titan of a Conference

April 20, 2018

Have you heard about swampUP? If you’re not familiar with swampUP, then you have come to the right blog post.  I’d like to take a few minutes of your time to give you a perspective on what swampUP is, why you should go, and what you can learn.   swampUP 2018: What is it? It’s…
Read More

I Just Met a DB Called Maria

April 18, 2018

Checksum-Based Storage One of the key and unique features in Artifactory is checksum-based storage in which Artifactory stores an uploaded artifact’s checksum in a database and maps that checksum to the file’s location in storage. Using checksum-based storage optimizes your interaction with packages you upload through deduplication; copy, move and delete operations that happen at…
Read More

Relax, Your Binary JFrog Xray Vision is Highly Available

April 16, 2018

JFrog Xray provides continuous security governance and auditing of your software artifacts and dependencies at any stage of the application development lifecycle – build, test, and even production. JFrog Xray 2.0 introduces high availability, bringing even more security and governance to your software packages than ever before. Based on user feedbacks gathered over time, the…
Read More

Easily Scale JFrog Artifactory with AWS CloudFormation

April 12, 2018

Many businesses from small to medium companies to large enterprises are using Amazon Web Services (AWS) to host their infrastructure. But creating, keeping track of changes, and managing your infrastructure can be challenging. Replicating your entire stack multiple times for development and testing purposes can be a tedious, error-prone, and time-consuming process. AWS CloudFormation makes…
Read More

Conan Accelerates Your C/C++ Applications in OpenShift

April 17, 2018

C/C++ applications and build system scripts are monolith in nature. Achieving binary compatibility is becoming extremely difficult as applications include source information from a variety of local and third party sources, targeting a variety of platforms. Even classically monolithic applications may include a complex dependency graph, including transitive dependencies statically or dynamically linked. Another factor…
Read More

Gain Trust in Your Software Delivery with JFrog Xray

April 4, 2018

Universal analysis of binary software components has become an integral part of modern software development. This has been triggered by the growing need to trust the software you consume, and by the capabilities that various products offer in this space. JFrog Xray Integration with Artifactory With the release of JFrog Xray 1.12, you can experience…
Read More

JFrog @ Jenkins Days

April 2, 2018

Jenkins Days are upon us and JFrog is happy to be participating by sponsoring and giving a talk in both Boston (April 10) and Washington (April 12). Bruce Nguyen, JFrog Sr Solution Engineer, will talk about how "Binary Artifact Management is Crucial for any DevOps Implementation". In this talk he will cover the following topics: Binary…
Read More

JFrog Artifactory CE: Your Conan C/C++ Package Manager Repository

March 28, 2018

JFrog Artifactory Community Edition for C/C++ This product gives all the power and flexibility of the Artifactory repository for Conan and generic binaries to the C/C++ world completely free of charge to any software team. As the preferred Conan repository manager, Artifactory Community Edition features similar functionalities as the JFrog OSS edition, while containing support…
Read More

JFrog Artifactory: Your Kubernetes Registry

March 21, 2018

Composing software artifacts into containerized Kubernetes apps Containers let you simplify and manage your applications (especially microservices applications) at a level of abstraction from the specific hardware and even the VMs. As we’re seeing, a container orchestration system like Kubernetes lets you create apps and deploy them side-by-side without being concerned about compatibility between the…
Read More

JFrog and Google Cloud Platform for Open Source: A Year in Review

March 19, 2018

Open source projects are now influencing software development more than ever before. We are seeing communities grow and innovation being created through open collaboration across company boundaries. Building a community and working across boundaries is not an easy process, so Google and JFrog are working together to ease the way forward. In late 2016 we announced…
Read More

Effective Repository Naming Conventions to Help Scale Your Business

March 15, 2018

Why do I need a repository naming convention? How many repositories do I need? What should I call my repositories? These are just some of the commonly asked questions that are asked around the topic of how to get started implementing JFrog Artifactory repository structures and naming conventions. Creating the right repository naming conventions and…
Read More

Accelerate Your Finance DevOps Experience with JFrog Artifactory

March 8, 2018

Working closely with top financial services, such as Goldman Sachs, JFrog has gained insight for developing solutions that comply with the specific requirements and regulations facing DevOps teams in financial organizations. Promote Security and Compliance in DevOps To meet the strict regulations of the financial industry, JFrog Artifactory provides an advanced audit trail log feature that…
Read More

Snyk Up on Vulnerabilities and Eradicate Them

March 1, 2018

About a year ago, we introduced you to Snyk, when we integrated Snyk data for npm vulnerabilities into Xray’s global database. With the recent release of version 1.11, JFrog Xray extends support for Snyk opening up analysis for open source vulnerabilities tracked from public structured databases across multiple ecosystems: npm, java, ruby, python, scala, go,…
Read More

Migrate from Nexus to Artifactory and Manage Your Binaries Better

February 22, 2018

Many businesses today are using a Binary Repository Manager to manage their binaries and artifacts as it is critical to the delivery of reliable, quality software, faster, and at a lower cost to better compete in the marketplace. However, as their business grows and matures, requirements change and they find the need for a more…
Read More

Control Your Kubernetes Voyage with JFrog Artifactory

February 20, 2018

Containerized microservices encapsulate a lightweight and consistent runtime environment for your application to run from development to testing to final deployment and production. As the number of containers grow over time, you will need a tool to help launch, track, and manage them. Kubernetes allows you to quickly and predictably deploy your applications using containerized…
Read More

Protect Your Containerized Microservices on OpenShift Using JFrog Xray

February 19, 2018

In our previous blog, we described how JFrog Artifactory on OpenShift benefits enterprise users when deploying containerized microservices. Now we’ll take it a step further to review the main security challenges facing container content and container registries when developing microservices. We will proceed to discuss how policies are enforced while building and deploying containers on…
Read More

How to Debug Docker Registries Like a Pro

February 15, 2018

Everyone is talking about Docker registries, so let’s take a few minutes to talk about how to debug them. Here are a few tools in my toolbox that I can recommend for troubleshooting Docker registries. Docker in Docker Also referred to as “dind”, this official project from Docker offers Docker images for pretty much every…
Read More

The Most Exciting DevOps Event of the Year! Are you in?

February 12, 2018

JFrog’s annual swampUP event of the year is here! The DevOps user conference will take place on May 16-18, 2018, in the beautiful Napa Valley. This is your opportunity to network and learn how other DevOps experts leverage JFrog products along with best practices from other DevOps thought leaders who will also be there. This…
Read More

Container Optimized Workflow for Tectonic by CoreOS (Now Red Hat)

February 2, 2018

Following our recent blog on Artifactory's integration with OpenShift, you can now deploy your binaries hosted on Artifactory to Tectonic, another major enterprise-ready Kubernetes platform that specializes in running containerized microservices more securely. Artifactory integrates with Tectonic to support end-to-end binary management that overcomes the complexity of working with different software package management systems, like…
Read More

JFrog and Valiantys: Partners in DevOps

February 1, 2018

The integration between IT and development is a significant pain point for many teams as they start their DevOps journey. With the introduction of agile methodologies, the need to deploy more frequently and in shorter cycles has increased.  Yet, operations struggle to maintain the pace as “new” methodologies can create a bottleneck. Often, these development…
Read More

GitLab CI and Artifactory: On Your Mark, Get Set, Build!

January 29, 2018

Integrating JFrog Artifactory into your GitLab CI workflow makes JFrog’s ‘Release Fast or Die’ mantra, a living reality. This blog post describes how to integrate GitLab CI with Artifactory not only to resolve and deploy binaries but also to benefit from Artifactory’s Build Integration feature. Publish and manage your packages GitLab CI supports creating multiple builds…
Read More

JFrog Artifactory on OpenShift Has Arrived

January 24, 2018

More and more DevOps practices rely on Kubernetes to deploy containerized microservices. However, as an open source project, Kubernetes may not provide all the elements required for an enterprise environment such as business-level support, testing body or guided practices by a reputed entity/company.  To address these enterprise requirements,  Red Hat released Openshift, which is, essentially,…
Read More

Master Your Helm Chart Repositories in Artifactory

January 18, 2018

Following our initial release of Helm Chart repository support in Artifactory a few weeks ago, it's time to leap into the fast track and get your Helm repositories up and running. Just a short recap, Helm is the package manager for Kubernetes and helps you manage Kubernetes applications using Helm Charts. Artifactory now natively supports Helm…
Read More

NPM Packages with JFrog CLI

January 15, 2018

JFrog CLI is a compact and smart client that provides a simple interface and greatly simplifies working with JFrog Artifactory. The simplified commands enable you to create readable automation scripts that are easy to maintain, efficient and reliable. From version 1.13.1, JFrog CLI has extended its support to include npm packages, in addition to its…
Read More

JFrog's Profile Grows Alongside its Enterprise Business and Offerings

January 17, 2018

  Analyst: Jay Lyman 21 Dec, 2017 JFrog has grown its enterprise business with its flagship artifact management software, called Artifactory, as well as additional, integrated components centered on software distribution, security and large-scale DevOps implementation. Nearing 10 years in business, the software artifact and release process automator has built an impressive stable of large…
Read More

Conan 1.0. A Commitment to Stability

January 11, 2018

Conan joined JFrog towards the end of 2016, and we immediately embarked upon a journey to empower the C/C++ community with sound DevOps practices. Conan repositories were soon introduced to Artifactory giving C/C++ developers secure, private repositories to host their Conan C/C++ packages with fine-grained access control, automatic layout and storage for all platforms configured…
Read More

The Best Ways to Synchronize Binaries Between Globally Distributed Teams

January 4, 2018

Distributed software development has become commonplace, especially in large enterprises that have several sites in different locations around the globe. This presents many challenges to ensure that all the development teams work on a coherent and synchronized code base. For example: Ensuring that developers all work with the same version of remote artifacts Ensuring that…
Read More

Your Enterprise Grade Helm Chart Repository with JFrog Artifactory!

January 2, 2018

With the 5.8 version release, JFrog Artifactory now natively supports Helm Chart Repositories, giving you full control of your deployment process to Kubernetes - the leading open-source orchestration platform for automating deployment, scaling, and management of containerized applications. JFrog fully supports deploying Artifactory to your Kubernetes cluster to serve as a universal repository manager for all…
Read More

Your HA Installation and Upgrade Process Just Got Easier!

December 28, 2017

The HA installation and setup process has been redesigned to create a simple and even more secure infrastructure for your Artifactory HA clusters. Through the use of a Master Key, Artifactory adds a new security layer that replaces the previously used Bootstrap bundle mechanism, which is now deprecated. JFrog Artifactory handles all configuration and encrypted…
Read More

A Journey Into Modern DevOps and Continuous Integration in C and C++ Projects

December 24, 2017

  C and C++ continue to be used and favored by many developers in all industries. However, when compared to other languages, C/C++ developers face greater challenges that include: long build times, diverse platforms and ecosystems, different build systems, binary compatibility, code inlining and embedding, and lack of standard for OSS. This featured DevOps.com article…
Read More

[Case Study] Supporting Multiple Disparate Tools While Optimizing Storage

December 14, 2017

The Mercedes-Benz brand immediately conjures up images of luxury and quality. We’d all be happy driving one, but beyond luxuries, Mercedes Benz is at the forefront of technology blazing the way forward in the field of autonomous connected cars. At the Mercedes Benz R&D facility in Sunnyvale (MBRDNA) research is conducted to add intelligence to…
Read More

Cloud Native CI/CD Pipelines using AWS CodeStar and JFrog Artifactory

December 5, 2017

Want to streamline your DevOps toolchain for a new project on the cloud? Want to manage, store, share, and version binary artifacts? It’s time to explore the composite solution offered by AWS CodeStar and JFrog Artifactory. When deciding to kick off a new project, technology companies and enterprise solution providers often run into walls when…
Read More

JFrog Artifactory SaaS Wins the Repository Challenge

December 5, 2017

Exactly one year ago, we launched our joint initiative with Google offering JFrog Artifactory SaaS hosted on Google Cloud Platform for free for selected open source projects. Since then, dozens of projects have been approved, and with the free open source hosting provided by JFrog and Google, are now able to put their efforts towards serving…
Read More

Easy CI with JFrog CLI

November 29, 2017

Continuous Integration is one of the foundations of a modern software supply chain. Most organizations wouldn’t consider developing software without one. The problem is that these sophisticated platforms require some expertise to set up and manage and usually require a dedicated server, an administrator and other resources. And to make things more complicated, different development…
Read More

JFrog and Kubernetes. Our Cloud-Native Journey Continues

December 4, 2017

Here at JFrog, we are avid users of Kubernetes in our various development efforts and in our different environments. That’s why we’re proud and excited to join the Cloud Native Computing Foundation so we can now also contribute from our technology and know-how. Learn more about our membership in this recent press release. JFrog benefits greatly…
Read More

JFrog Mission Control 2.0

November 23, 2017

Global Teams, Scale and Visibility For any product, a version 1.0 release must promise innovation in order to fill a gap or resolve a pain that nobody has addressed yet, otherwise, there is no justification to develop the product. This is what JFrog Mission Control did when it was first released. Mission Control 1.x started…
Read More

Google and JFrog Announce Grafeas: A Unified Language for Artifact Metadata

October 12, 2017

Today, Google and JFrog announce Grafeas, a first of its kind open source API that enables comprehensive auditing and governance for your software supply chain. Grafeas standardizes how you store, query and retrieve metadata attached to software artifacts. In particular, it provides rich auditing capabilities and acts as a central source of truth for organizations,…
Read More

Your Safe Repositories Just Got Safer with SHA-256

September 26, 2017

Artifactory was uniquely designed from the ground-up to optimally manage binaries with the capability to efficiently support packages in any format. One of the key features enabling this flexibility is Checksum-Based Storage. While all artifact files are stored and managed in one of the several options for binary storage supported by Artifactory, the files’ metadata,…
Read More

[Case Study] Before and After JFrog Bintray: Automating Package Distribution

September 25, 2017

Distributing large amounts of software packages? Interested in automating your distribution process? JFrog Bintray can help you make it happen. This case study will take you through James Ward’s personal journey of developing an automated process for on-demand deployments of WebJars, that are created, distributed and available within the community. His WebJars project was made…
Read More

Use File Specs in your CI/CD To Get Full Control of Your Artifacts

September 12, 2017

Getting creative with how you manage your artifacts in JFrog Artifactory? It's time to get familiar with File Specs. File specs allow you to specify the files you want to upload and download to and from Artifactory with a simple configuration. With only 2 mandatory fields, source (referred to as pattern) and target, you can…
Read More

The ABCs of Distributing Android Libraries

September 4, 2017

Bintray’s central repositories, JCenter and Conan-Center, are binary hubs for public OSS Maven and Conan (C++) packages respectively. They offer a great channel to distribute your public OSS packages. Having been around for a while, JCenter has become one of the most comprehensive sources for public OSS Maven packages, and is the channel-of-choice for many…
Read More

Vulnerability Detection For Your CI/CD Pipeline with JFrog Xray

August 30, 2017

My previous blog post talked about discovering vulnerabilities in your dependencies directly from within your IDE. However, sometimes this approach discourages the developer from doing their work and consequently reduces their productivity. Let’s take a look at how you can continue to detect vulnerabilities, as early on in the CI/CD process as possible, without interfering…
Read More

Real-Time Security Notifications at Your Fingertips with IntelliJ IDEA

August 14, 2017

JFrog has just made it even easier to identify securities and vulnerabilities in your dependencies directly from within your IntelliJ IDEA. This initial version of the JFrog IntelliJ IDEA plugin provides you critical insights as early as in the development phase, making it even less likely for vulnerable components to ever reach production. Through this…
Read More

Leap Forward and Be Proactive with DevOps Insights

August 3, 2017

Today, companies are adopting modern DevOps tools and practices at a rapid pace to increase high-quality software throughput and reduce inefficiencies (or as we call them, leaks) in the software development and delivery process. However, in most cases, there are very few metrics to prove that these DevOps-enabled pipelines are really performing better. So how…
Read More

Managing Software Updates “the DevOps Way”

August 2, 2017

At a recent DevOps event I attended, I spoke to some members of the DevOps team in one of the largest US banks. The discussion centered around patches and software updates in a Dockerized environment with many files and microservices. It didn’t take long to pinpoint their pain. “How do you manage software updates in…
Read More

Artifactory Enterprise. First-Class Artifact Management. Globally. At Scale

July 24, 2017

An Artifactory Enterprise license opens up a variety of unique and advanced features that offer solutions to real-life problems that global enterprises encounter. We document these features, and write blog posts and white papers about them, but being a community-driven company, there’s nothing quite like seeing people actually using these features in the field as…
Read More

Embracing DevOps and CI in C/C++ with Conan and Jenkins

July 17, 2017

This featured Jenkins blog post will show you how it’s now possible to implement DevOps best practices for C/C++ using Conan the C/C++ package manager, Jenkins CI, and JFrog Artifactory. Also included are code samples demonstrating how to define your own pipeline scripts to adapt to your specific workflows, using Jenkins Pipeline, Conan and JFrog…
Read More

Content-Driven Component Analysis

July 17, 2017

JFrog Xray was first released one year ago. Our first post about it highlighted what makes Xray more than just another security scanning tool. Over the last year, we have introduced more differentiating features like download blocking, integration with more security vulnerability providers like Aqua Security, Snyk, and BlackDuck, integration with your CI/CD pipeline to…
Read More

Monitoring and Optimizing Artifactory Performance

July 6, 2017

As Artifactory usage increases, its resources can gradually become depleted, causing hiccups or hits in performance. When usage increases, so does the importance of monitoring your system and its historical data. Monitoring usage patterns is an essential first step to optimizing Artifactory and ensuring its stability. Here, we would like to share with you some…
Read More

Artifactory 5.4: There’s More to it than Meets the Eye

June 28, 2017

In our product releases, we like to make a splash with the latest new features. Usually, these are features that you access through Artifactory’s UI or its REST API. Not this time! This time, the most significant addition to Artifactory 5.4 is invisible (well, sort of). I say “invisible” because outwardly, there’s no change in…
Read More

Clean Up Your Git LFS Repositories with JFrog CLI

June 20, 2017

Git has become an industry standard for source code control. However, it is not designed to store binary files efficiently, and storing large binary files in a Git repository can quickly inflate it, making it sluggish to respond. This is where Git LFS comes into play. Git LFS is a Git extension designed to accommodate…
Read More

Track Your Resource Allocation Globally

June 8, 2017

The recent release of JFrog Mission Control v1.11 has opened up a new dimension in the management of your global artifact workflow. For the first time, Mission Control lets you track and monitor how your resources are being used with the new Storage / Artifact Usage graph. Knowing how much storage the Artifactory instances you…
Read More

Increase your package visibility, the social way!

February 2, 2014

So, your binaries are hosted on Bintray and you are watching your package download stats grow. It's time for a boost! Two great new features online today; they might be small but they are powerful in spreading the word about your packages, or packages you like. The Latest Download Image Add a Download Link badge…
Read More

Speed Up Your Gradle Builds with JFrog Artifactory

June 7, 2017

Gradle introduced a cool built-in feature that lets you cache task outputs. Why is this cool? Because it reduces build time. How? By sharing the output of Gradle tasks between machines, subsequent builds are accelerated since they can reuse those outputs instead of rebuilding them. Now, this is where it gets even cooler. This feature…
Read More

Don't Let the Maven Deploy Plugin Trip You Up

June 1, 2017

Apache Maven is a commonly used build tool. It has many cool features such as default processing steps that are included out of the box, and is particularly good for compiling and packaging Java code. But this blog post is not an introduction to Maven. There are plenty of great books that provide that, and…
Read More

Time is of the essence: Make an impact using Firehose Events

May 25, 2017

Have you ever experienced the drive you get when you act on a sudden opportunity that really makes a valuable impact on something? On the other hand, have you ever experienced the disappointment of a missed opportunity? Let’s face it, every user action can be translated into a short window of opportunity that requires our…
Read More

JFrog Bintray Adds Support for Conan C/C++ Repositories and Launches Conan-center Managed Central Repository.

May 25, 2017

We are very excited to announce support for Conan repositories on JFrog Bintray, the Universal Distribution Platform. Currently serving more than 2 Billion downloads per month, Bintray offers developers the fastest and most reliable way to publish and consume software releases.  In addition, JFrog will soon launch conan-center which will become the central public repository for…
Read More

Like C/C++ Development with Visual Studio? Like it Better with Conan.

May 15, 2017

Microsoft’s announcement of a Vcpkg was the dawn of a new era in package management for millions of developers using Microsoft Visual Studio for C/C++ projects. But while it’s great for retrieving and building OSS libraries from sources, it has limitations when trying to build user projects. Limitations such as the inability to manage (building,…
Read More

Why OpenMRS Migrated from Sonatype Nexus to JFrog Artifactory and Bintray

April 30, 2017

OpenMRS, the collaborative open source project to develop software that supports the delivery of healthcare in developing countries, recently announced that they have migrated from using Sonatype Nexus and Maven Central to JFrog solutions Artifactory and Bintray. “It all worked out great and we did not hear about any single issue from developers after the…
Read More

Enterprise Level Access Control with Keys and Entitlements

June 9, 2015

“Private repositories”, “Teams and Organizations”, “Permissions”..., sounds like that’s all you need to provide secure private downloads. Well, not quite. Those are great features that fit the bill if your consumer is a Bintray user. But what if she isn’t? Well, then there are signed URLs. Those should do the trick. Just sign your file…
Read More

Love Your Logs. It Pays Off

May 9, 2017

“My Artifactory won’t start”; “I see some lag”; “My artifacts are missing”; “I get issues when Jenkins tries to pull/deploy artifacts”; “I am getting 404 / 401/ 403/ 500 /409” … These are just a few of the common issues I hear from our customers. Very basic issues; right? We can triage them in a…
Read More

AQL and JFrog CLI: A Match Made in Heaven

May 4, 2017

One of the big advantages of running builds using JFrog Artifactory is the exhaustive build information that is created by many sources and used within your organization. However, as your organization continues to grow, efficiently leveraging and managing this amount of data becomes critical. It is very easy to simply use up valuable storage space…
Read More

OpenShift with Artifactory: A Powerful PaaS with a JFrog Stack

April 27, 2017

If you’re containerizing, cloudifying, and doing DevOps, you want your tools to work together nicely so you don’t have the headache of managing infrastructure. We are making it even easier to make your enterprise-grade devops environment work great with JFrog Artifactory on OpenShift - Red Hat’s container platform based on Kubernetes. Because you can run…
Read More

Closing the Release Velocity Gap with Datical and Artifactory

April 25, 2017

Many companies have already made the transformation to agile development methodologies and proudly show how they’ve managed to shorten their application release cycles significantly. But there’s one place where companies often falter in the process: their databases. They can’t update their database implementations as quickly as they update their applications creating a release velocity gap.…
Read More

Fully Reproducible Builds with CircleCI and Artifactory

April 24, 2017

Most of you are probably familiar with the following scenario. You build an NPM package using CircleCI using dependencies that are fetched from the public NPM registry.  Suddenly, you discover that your package contains a major bug! You need to quickly rollback to the previous version, but discover that one of the dependencies from this…
Read More

Infrastructure as Binaries with Chef and Artifactory: Five Best Practices

April 20, 2017

  Infrastructure as Binaries became a reality several weeks ago when we announced that Artifactory supports infrastructure management platforms such as Chef. Both we, here at JFrog, and our infrastructure champions at Chef, believe that establishing a canonical Artifactory repository for all artifacts used in a company’s infrastructure such as Ruby Gems, NuGet packages, RPMs,…
Read More

What Makes a Dashboard “Premium”?

April 16, 2017

Once you’ve uploaded a package to Bintray, the one thing you want to see, more than anything else, is downloads. Without downloads, your package is like the proverbial tree that falls down in an empty forest, the proverbial sound of one hand clapping, the ... well, you get the picture. Bintray is happy to give…
Read More

Best Practices for Installing JFrog Xray

April 4, 2017

JFrog first released Xray in July 2016, and the response was phenomenal. Customers were very excited about the ability to hook up their Artifactory repositories and have Xray automatically do a deep recursive scan of their artifacts to weed out issues and vulnerabilities. Now, after several months, with the diverse experience and feedback from the many customers…
Read More

Collaboration is the Key to Scaling Development

March 30, 2017

When you’re building a DevOps environment, no single tool will solve all your problems. There is no magic silver bullet to streamlining your engineering team and shipping faster. There are many pieces that need to work together seamlessly to create a repeatable system for releasing high quality, high value software to customers. In fact, the…
Read More

A Cloud Platform for Defragging Devops

March 23, 2017

Many software organizations see DevOps as the silver bullet that will streamline their delivery workflow to help them produce software faster than ever before. So they start looking into the tools they will need, and then reality hits like a jab to right cheek. It starts with source control, goes on to CI/CD systems and…
Read More

The C/C++ Packaging Paradigm Quandary

March 15, 2017

Should a C/C++ package manager bundle both debug and release artifacts in the same package? Some developers think so because it’s easy to work with these packages by simply changing your configuration. But other developers frown upon this paradigm claiming it is not best practice. They claim that debug and release versions should be packaged…
Read More

Automatically detect vulnerabilities trying to creep into your builds

March 20, 2017

Security breaches, license issues, and denial of service attacks are all vulnerabilities that put your production systems at high risk every day! JFrog Xray makes your life easier by performing artifact analysis for you, enabling vulnerability detection before your code is harmed. How about automating this analysis process and integrating it into your CI/CD? This can…
Read More

Unleash the DevOps!

March 14, 2017

DevOps tools have come a long way. From virtual machines in dev and QA environments to those in production, and now Docker. The more we are charmed by the idea of hardware as a code, the crazier the things we are trying to do with it. Take the “immutable server” pattern as an example. In 2000,…
Read More

Frogs and Ducks, Your Sentinels for Open Source Security

March 13, 2017

  Black Duck Software creates products to secure and manage open source in applications and containers, eliminating pain related to open source security vulnerabilities and license compliance. The Tenth Annual Future of Open Source Survey they conducted in 2016, provided the numbers to prove many things about open source that we already knew. First and…
Read More

Artifactory Pro in Docker Easy as 1-2-3

March 2, 2017

With the new Artifactory 5.x, you can spin up an instance of Artifactory Pro in Docker in an instant! 1. On Mac or Linux, run the following command $ curl -L 'https://bintray.com/api/v1/content/jfrog/run/art-compose/$latest/art-compose?bt_package=art-compose' | sudo bash 2. Point your browser to http://<server>/artifactory/ and complete the onboarding wizard. 3. Start using Artifactory! NOTE: Data volumes on the host are…
Read More

SOS (Safe Open Source) with JFrog Xray and Snyk

February 28, 2017

Open source software is great. If you check almost every related statistic, you’ll find that usage of Open Source software continues to grow, from robust frameworks (angular.js, React) to databases (MongoDB) to simple things like string manipulations. But along with the benefits of using open source software, come the challenges. When you use an open…
Read More

The New Artifactory Docker Distribution

February 28, 2017

The recent release of Artifactory generation 5.x introduced many new features such as cloud-native storage and cluster license management for high availability, authentication, and authorization with access tokens, easy onboarding, and much more. In addition to new features, we also revamped our Docker distribution, completely redesigning it from scratch. Now, it’s much easier to spin…
Read More

Make Your Software Flow

February 27, 2017

Why Next Gen. DevOps Requires Strategic Thinking We live in an era where in order to survive, every type of company must transform itself into a technology company. Those who have not realized this yet have already lost the game. So, you’re one of those who survived the digital transformation? Congratulations, but that’s not enough.…
Read More

Automated EULA-protected Downloads

August 9, 2016

One of the great features of a Bintray Enterprise account is the ability to present a EULA when a user downloads one of your Products. That works well for the general case when the downloading user is a real person who can go through the Bintray UI and physically accept the EULA for publicly available…
Read More

Skill Up with DevOps Training at SwampUP

January 18, 2017

Team skills are directly proportional to project success Training and team talent are often overlooked as essential pieces of a project’s success.  Analysis from IDC research suggests that the skills of a team are directly proportional to the team’s ability to deliver successful projects on time and with high quality. “To maximize project success and…
Read More

Infrastructure as Code Binaries

February 22, 2017

The advent of cloud computing has made it very easy for IT and DevOps to quickly spin up any variety of environment needed. From small individual boxes that a developer may need, to large and complex production datacenters.  However, the ability to quickly and easily spin up environments, also opens up the risk of spinning…
Read More

The 5 Big DevOps Changes to Expect in 2017

February 7, 2017

Thoughts from the CEO desk 2017 started off with a DevOps bang; an enormous amount of capital was poured into DevOps technology companies by VCs, and larger-scale adoption of tools and methodologies was approved in this year’s IT budgets with the recognition that DevOps is a “must-have”. These changes follow a Gartner Report from 2016…
Read More

Accelerating DevOps with a Frog in a Sandbox

January 24, 2017

Here at JFrog, we say “Release Fast or Die,” but this doesn’t apply only to us; it goes for all enterprises who are facing intense pressure to become more agile and reduce costs. One way to do this is by moving to DevOps and taking an automated “as-a-service” approach to delivering infrastructure and applications. However,…
Read More

JFrog Xray CI/CD Integration Keeping Your Builds Safe

January 18, 2017

When was the last time you closed off a sprint, happily marking all user stories as DONE and uploaded the build to your staging environment only to find out the build was riddled with security vulnerabilities. Hmm...there’s a point for discussion in your sprint retrospective, and now it’s time to redo your sprint planning for…
Read More

Securely Onboarding Colleagues through SAML Authentication

November 22, 2016

Once you’ve created your Bintray account, getting your colleagues on board with permission-based access to your organization’s content is not always so easy. You want to use the most secure authentication available, so why can’t you use your corporate SAML server to authenticate your users? The answer is, now you can. If you configure your…
Read More

Xray and Aqua Keeping Your Containers in Safe Waters

January 5, 2017

While Docker has become all the rage, it is still a relatively new technology in the market. Many companies have introduced it into their organizations, but relatively few have taken Docker to production. One of the reasons is the security risk inherent in running a large set of containers, often based on open source code,…
Read More

Predictive Graphs and Notifications

January 5, 2017

In my last post about JFrog Mission Control, I introduced the new Graphs feature which shows how your instances and repositories have been consuming storage. Knowing your history can help you prepare for the future, but why should you have to second-guess what will happen? Mission Control now does that for you with predictive graphs.…
Read More

Whale Parts in Your Docker Registry

January 3, 2017

There are many good reasons why you would set up a private Docker registry in Artifactory to manage your Docker images. One of them is the ability to promote images, letting you easily move and copy images from one repository to another in your CI/CD pipeline while setting different access privileges. Another is Artifactory’s universal…
Read More

Keep Your Secrets Safe by Serving Encrypted Files

May 9, 2016

Once you have uploaded your content into Bintray private repositories, it’s pretty safe through Bintray’s management of users, organizations, and teams. But what happens when you need to send a private file to someone else? Signed URLs give you an easy way to do that. Just generate your URL signing key and use the URL…
Read More

IP Restriction with White CIDR and Black CIDR

September 1, 2016

Imagine this scenario. Your flagship product is doing OK; you’re getting downloads. Nevertheless, increasing sales is always a top priority, so you decide to create a free OSS version to boost usage and generate more awareness in the market. It’s also a great product, free to download, and is a great teaser for the upsell…
Read More

Developing for OpenWrt? Bintray Has an Opkg For You

July 12, 2016

OpenWrt is typically associated with network routers and similar equipment, and indeed the official OpenWrt website lists overs 1200 devices on which it runs. Network routers may sound boring (well, to some of us), but as the Internet of Things (IoT) continues its crusade around the world, many people don’t know that OpenWrt is also…
Read More

[Podcast] Artifact Repositories and Continuous Delivery Pipelines

December 14, 2016

Version control is one of the top two predictors of deployment lead time, deployment frequency and MTTR. Why is it so important for DevOps organizations? During JavaOne last September, I participated in an online panel on the subject of Artifact Repository, as part of Continuous Discussions (#c9d9), a series of community panels about Agile, Continuous…
Read More

Creating a Signed URL Using the Bintray UI

July 13, 2015

Creating a Signed URL is now available to you through the Bintray friendly User Interface, from start to end. If you are new to Signed URLs, you would rather check out this cool feature. Refer to the REST API Guide at URL Signing, and to the Sign me up! blog, discussing generating Signed URL using…
Read More

Manage your Bintray and GitHub organizations better together

November 5, 2015

Bintray's integration with GitHub is now moving to a new level with GitHub organizations! As a Bintray user who is also a GitHub user, you already know that you can import your GitHub repositories, tags, readme's, and release notes to Bintray. Now you can also import your GitHub organizations, the organization’s repositories, and even keep…
Read More

Who needs a EULA if nobody reads it?

April 25, 2016

As long as you’re distributing public open source software, you don’t need a EULA. Just choose from the over 100 open source licenses Bintray offers to get the level of protection you want. Once you move to distributing commercial software, you need a EULA. This is the contract that you make with all of your…
Read More

Publishing Your Maven Project to Bintray

September 17, 2015

Bintray gives you everything you need to share your Maven project, and much more: you will be able to monitor downloads and users with the statistics that Bintray keeps for you. You can also share your project via Bintray's JCenter repository (which is the largest public Maven repository out there), and effortlessly sync it with…
Read More

Feel secure with SSL? Think again.

August 4, 2014

Recently, we’ve heard a lot of discussion about the trust we place in public binary repositories. For example, Maven Central, a popular legacy repository maintained by Sonatype, was recently compromised by a successful MITM attack. In response, Sonatype set up an https access to central (removing the demand for a $10 donation to the Apache…
Read More

6 Reasons to Distribute Commercial NuGet Packages through Bintray

November 30, 2015

Developing on .NET? Then, most likely, you are no stranger to NuGet Gallery. It’s a great place to find public NuGet packages. But is it the best place to host and distribute your own private packages? With the recent addition of native support for NuGet, you can now point your NuGet client to Bintray and…
Read More

Catch that Millionth Download with Bintray’s New Statistics API

October 15, 2015

Want to know exactly how many times your packages have been downloaded? Bintray has always given you download statistics through its UI, but now you can also get them for professional repositories via REST API. Detailed statistics on downloads per version over any time frame give you deep insights into how your software releases are…
Read More

Is Docker Hub really the best way to distribute your images?

June 3, 2015

Docker is definitely one of the biggest things to hit the software industry in the last few years. Everyone is using Docker, and Docker Hub is growing rapidly serving over 45,000 images by now. But did you ever ask yourself if Docker Hub is really the best platform to distribute your Docker images. It stands…
Read More

Feeling secure with Bintray downloads

May 14, 2015

Remember our take on .asc files? The thing is, digital certificates alone cannot guarantee the identity of someone. To fully trust someone there needs to exist a reliable Web of Trust (WoT) that leaves little to no doubt that the signer is who he claims to be. So what’s the solution then? Use Bintray as…
Read More

Android Studio – Migration from Maven Central to JCenter

February 9, 2015

This post was originally published in Techno Talkative blog by Paresh Mayani. Feel free to comment here or there.   During the android workshop, in the office and in the chat with some of the android developers, I have received some questions around build script and repository: Why earlier versions of android studio were using…
Read More

Enjoy Bintray and use it as pain-free gateway to Maven Central

February 11, 2014

What does it means when some tool or framework has literally dozens of guides, pages long each? It probably means that it is popular, or complicated to use. Usually, both. That’s the story of Maven Central (a.k.a. Central Repository, a.k.a. repo1, a.k.a. ibiblio). Of course, there is a better alternative nowadays - Bintray is already…
Read More

Sign me up!

November 6, 2014

Bintray Premium gives you cool new features such as private repositories, permission management, more storage and so much more. One of the biggest benefits of using a Premium account is the ability to create expirable, signed URLs for your repositories’ content. Signed URLs you said? What’s that? A signed URL is an obscure URL with…
Read More

Nodeclipse: 500k downloads per month and counting!

June 5, 2014

[caption id="attachment_373" align="alignright" width="140"] Paul Verest[/caption] Paul Verest, the Nodeclipse project lead posted to the Nodeclipse blog about his experiences with Bintray. He talks about how the Bintray distribution platform freed up resources to take care of the truly important things - driving Nodeclipse and Enide Studio forward! The main benefits Paul mentions are: Speed…
Read More

Hosting your Eclipse update site (P2) on Bintray.com

March 11, 2014

Did you know you can easily host your Eclipse update site on Bintray.com? After registering to Bintray (and optionally, creating or joining an organization), it's as easy as 1-2-3: Use the predefined 'generic' repo (or create a new one) if you are generating a plain P2 update site, or 'maven' repo if you are generating…
Read More

Download stats and logs - now with deep user insights

April 22, 2015

Ever wondered who exactly downloaded your software? I don’t mean just “someone from the United States.” I’m talking about getting down to the organization level in terms of “someone from Acme Corp. NY office”. Now you can get this information, from Bintray: This information is available for any package type for Bintray Premium users, but…
Read More

Bintray + GitHub = Synergistic Love Story

June 5, 2013

First things first - Bintray is not a competitor of GitHub. They complete each other, not compete. Here's how (I love vienn diagrams): [caption id="attachment_98" align="alignnone" width="300"] Click to enlarge[/caption] Bintray is an organic next step for developing software at GitHub - once your sources are built - distribute them from Bintray. Our job is…
Read More

5 Things You Should Know About Docker Registries in Artifactory

December 21, 2016

As a universal artifact repository manager, Artifactory is, among other things, a fully fledged Docker registry. In addition to storing and managing Docker images, Artifactory also offers extensive integration with your CI pipeline, supports authentication through external providers, high availability, massively scalable storage and is constantly updated to support the latest Docker client version and…
Read More

Push the Limits of Virtual Repositories

January 11, 2016

Our recent Developer and DevOps Trends 2015 survey showed that anyone using Docker also uses additional technologies. I’ll let you in on a little secret. That’s true in general, not just in relation to Docker. The vast majority of developers work with several different technologies at once. So most (if not all) of you are…
Read More

Sweet Dreams with Open Source Licensing

December 5, 2016

Has your release ever been held up due to open source licensing issues? Here’s a true story. In one of my previous jobs, the company I was working at was acquired by an industry monolith. It was a dream-come-true for this startup. There was cheering, happy smiling faces in the corridor, and much revelry. A…
Read More

JFrog CLI Offers Fully Reproducible Builds For All

November 30, 2016

One of the big advantages of running builds through Artifactory is that it stores exhaustive build information generated by the different plugins used with common build tools. This is the “Bill of Materials” that lets you fully reproduce any build even if it has already been deployed to production. It includes everything from artifact versions…
Read More

Historical Data and your Instances’ and Repositories’ Future

November 28, 2016

I never liked history in school. I was more interested in the latest technological developments and what the future had in store. What I didn’t realize at that time was age-old saying  that (paraphrasing) you have to know your history to understand where you’re going. The same is true of your Artifactory instances and repositories.…
Read More

[Podcast] How to Achieve Continuous Software Delivery Using DevOps Tools and Methodologies

November 22, 2016

Listen to this podcast recorded at JenkinsWorld 2016 in which Fred Simon and Sacha Labourey talk about how to achieve continuous software delivery using DevOps tools and methodologies including Mesosphere, Kubernetes, Vagrant, Docker, and Swarm.  Learn why JFrog Artifactory is the leading Universal repository manager that helps your teams automate the development processes and expedite…
Read More

JFrog Artifactory SaaS on Google Cloud Platform (GCP)

November 17, 2016

Through a special initiative to support the open source community, JFrog Artifactory SaaS hosted on GCP is available at no charge, jointly sponsored by JFrog and Google, for qualified open source projects. Register now > Last May we announced a collaboration with Google to host our JFrog Artifactory SaaS solution on Google Cloud Platform (in…
Read More

Stay in Context, See the World

July 17, 2013

New release, new features! Focus on what's important You know, Bintray supports various repository types, like Maven, YUM and Debs, and more types to come. But sometimes all those goodies are just too much. You want to see and search for only certain type of packages (e.g. focus only on Maven jars to use Bintray…
Read More

Hosting Debian Packages on Bintray Rocks!

December 16, 2014

Want to distribute your Debian packages? Bintray is the tool for you! Now it’s even better with improved support, including the current Debian repository format (a.k.a. “automatic” layout), in addition to the deprecated “trivial” layout, and signing metadata with GPG. All you need to do is upload your .deb files, and Bintray will calculate and…
Read More

Conan Joins JFrog

November 17, 2016

Conan.io, our favorite C/C++ package manager has just leaped into JFrog. This is one more great chapter in our story which began a few years ago, when JFrog products took a universal approach to provide developers the freedom of choice, using any technology they chose. With the recent addition PHP Composer, JFrog Artifactory currently supports…
Read More

No Internet? No Problem. Use Artifactory with an Air Gap

November 15, 2016

Virtually all development organizations need access to remote public resources such as JCenter, NuGet Gallery, npmjs.org, Docker Hub etc., to download dependencies needed for a build. One of the big benefits of using Artifactory is its remote repositories which proxy these remote resources and cache artifacts that are downloaded. This way, once any developer or…
Read More

Using Satis and Packagist for PHP Development? Think JFrog Artifactory!

November 1, 2016

If you’re developing server side code in PHP, there’s a pretty good chance you’re using PHP Composer to manage your dependencies and getting 3rd party components from Packagist. To host your internal private packages, you might be using Toran Proxy or your own Git repository. You might even be using open source Satis for your repositories.…
Read More

Blocking Downloads with Artifactory and Xray

September 26, 2016

Nobody wants to get sick, so we’ll wear jackets when it gets cold, take our vitamin C and avoid going out in the snow with wet hair. We all do different things to stay clear of nasty viruses and bacteria because we know that the loss in productivity and efforts we’ll have to make to…
Read More

JFrog CLI Working Files From Both Ends

October 18, 2016

Since JFrog CLI was introduced about a year ago, its popularity has skyrocketed in the CI community. When we asked our users what they liked most about JFrog CLI, the message we got back was clear:   Simple, Native, Efficient. Simple: It’s simple and intuitive to use, and onboarding only takes a few minutes. Native:…
Read More

JFrog, Proud Partners in DevOpsExpress

September 14, 2016

DevOps has become one of the hottest buzzwords to hit the software industry. Everybody is talking about DevOps, and everybody is supposedly doing DevOps, but there isn’t really a solid definition of DevOps that has caught. Nevertheless, if you look up a few different sources, they all talk about collaboration between developers and IT operations…
Read More

It's Your Content, Claim The Logs For It

November 18, 2013

Improved statistics we introduced last month give you much more information about the users that download open source software you publish than any other binaries distribution platform ever. But why stop there? What if you want even more? One of the most powerful ways to slice and dice your download stats is to play with…
Read More

Introducing New and Improved Statistics

September 4, 2013

Bintray’s latest version introduces an upgraded graphic downloads statistics feature. Now you can view the statistics of all package downloads segmented by date, version and country. You can view the download stats for the last 24 hours by hour or select a wanted date range within the last 30 days. For unbounded date range download…
Read More

MBeans, MBeans They're Good For Your Heart

September 11, 2016

Some of you may have gotten a giggle from the title of this post, remembering that children's song  about beans that many of us would gleefully sing every time one of our friends "let loose". But the truth is, MBeans really are good for your heart, especially if you have to monitor a multitude of…
Read More

[White Paper] Developing Fast with CocoaPods

August 29, 2016

CocoaPods stepped into the realm of Xcode development to take dependency management from the domain of tiresome and tedious to make it simple and easy. Nevertheless, working with CocoaPods presents the challenges that are typical of working with any dependency manager that uses remote resources like Pod and Podspecs repositories, such as network or repository…
Read More

IT IS TIME TO TRUST YOUR SOFTWARE!

August 3, 2016

JFrog Xray - not just another security vulnerabilities scanner. We have just officially launched JFrog Xray, and were already asked by customers why we think JFrog Xray should be used instead of $YOUR_FAVORITE_SECURITY_SCANNING_TOOL. Is Xray like Black Duck? Maybe it’s like Docker Security Scanning? Maybe it’s similar to Sonatype Nexus Component Intelligence? Before getting into…
Read More

Repository Log Analytics At Your Fingertips

July 20, 2016

Friday, late afternoon, and everything seems to be running smoothly. The weekend is just around the corner, so you lean back in your chair and start to plan all the fun you’re going to have. Suddenly, your phone screen lights up. An instant message from your boss that says, “Hey, some of the developers are…
Read More

Disaster Recovery Built Into Centralized Repository Management

July 7, 2016

Planning for Disaster Recovery is a bit like insurance. You know you need it so that when the 5#!7 hits the fan, you’re ready with a plan Artifactory sits at the heart of critical software development processes in any organization that has realized the need for advanced artifact management. Depending on who (or which CI…
Read More

Increase your Maven Package’s Exposure by Adding it to JCenter

October 8, 2015

If you already distribute your Maven packages via Bintray, your packages can gain further exposure by including them in Bintray's JCenter! (if you are not very familiar with Bintray’s support for Maven, please refer to the user guide and to my previous post). JCenter is the repository with the biggest collection of Maven artifacts in…
Read More

swampUP Announcements. Extra! Extra! Read all about it!

May 23, 2016

      New announcements at swampUP JFrog Product Announcements: JFrog Xray:  JFrog Xray is the first universal impact analysis product, giving organizations an unparalleled level of understanding about all of their container images, software packages and binary artifacts, even with the huge volume and variety of components that development teams share in the software…
Read More

Empowering VSTS/TFS with JFrog Artifactory

May 23, 2016

For those of you familiar with JFrog Artifactory and its integration with CI servers, you know that we have plugins for Jenkins, TeamCity and Bamboo that integrate and capture information from the CI server to provide full traceability between artifacts and their origin. We also have an integration with MsBuild which allows you to capture…
Read More

Empowering BitBucket Version Control with Promotion and Distribution

May 23, 2016

We're pleased to announce the integration of JFrog Artifactory and JFrog Bintray with Atlassian Bitbucket. This integration provides a unified dashboard that visualizes the entire release pipeline from commit, through CI, quality gates and release for distribution. The JFrog Bitbucket add-on lets you monitor a build pipeline that is flowing through Bitbucket -> Bamboo -> Artifactory -> Bintray. This…
Read More

The Benefits of Package Search in a Universal Repository

November 30, 2015

We don’t call Artifactory the Universal Repository Manager for nothing. You can now search for any package using search criteria specific to the package type. Looking for an image in your Docker registry? Specify its name, and/or its tag, or you can use its digest for a more specific search. Lost an Npm package? Search…
Read More

Migrating from Nexus to Artifactory

May 23, 2016

Co-authored by Travis Foster Migrating from Nexus to JFrog Artifactory is very simple by using nexus2art migrator. The migrator provides a user friendly wizard like interface for transferring everything in your Sonatype Nexus instance repositories, artifacts, users, and settings to an Artifactory instance. Easy setup Migrator tool requires an initial setup (i) to connect to…
Read More

Optimizing Repository Security and Performance with Include and Exclude Patterns

November 29, 2015

Repositories are the building blocks of Artifactory, and there are three basic types: Local repositories are where you store your in-house artifacts; remote repositories proxy remote resources and cache artifacts downloaded from them (e.g. JCenter, Nuget gallery, repositories in other Artifactory instances and others); and virtual repositories aggregate both local and remote repositories under a…
Read More

Taking Docker to Production with Confidence

April 5, 2016

Many organizations developing software today use Docker in one way or another. If you go to any software development or DevOps conference and ask a big crowd of people “Who uses Docker?”, most people in the room will raise their hands. But if you now ask the crowd, “Who uses Docker in production?”, most hands…
Read More

"Database is wrong for you" and all that FUD

November 24, 2015

Update November 2015: Sonatype introduces abstract blob storage in Nexus 3, almost completely mimicking Artifactory's checksum-based storage that they have been criticizing for years. Talk about leaders and followers. Checksum-based storage. It’s one of the key features that makes Artifactory better than the competition. Here is the typical false claim made by Sonatype (creator of…
Read More

If You're Not Using Git LFS, You're Already Behind!

April 5, 2016

The popularity of the Git version control system among developers has grown consistently over the last few years, with many Subversion users making the switch to Git's 'file system snapshot' approach, which differs from the 'file change logging' approach of classic VCS software. Git's Little Problem - Large Files However, Git was originally meant to…
Read More

JFrog Mission Control, we have lift-off!

October 29, 2015

It’s not every day we get to announce a brand new product, so we’re really excited with our first release of JFrog Mission Control. Why did we build Mission Control? Because it’s in the spirit of our long tradition of listening to our community. With more and more enterprises setting up more and more clusters…
Read More

[White Paper] JFrog Mission Control

March 28, 2016

As enterprises ramp up their use of JFrog Artifactory, and install multiple servers at globally distributed data centers, monitoring and managing the global binary workflow becomes more and more challenging. JFrog Mission Control overcomes these challenges by providing a centralized management console for global Artifactory instances.
Read More

Filestore Management In The Age of Petabytes

March 25, 2016

Artifactory 4.6 was released last week, and along with adding Google Cloud Storage to the already extended family of storage providers, introduces support for the most complex storage configuration needs of any company in today’s world of binaries management. This will make your filestore management much more reliable and flexible, allowing you to mix n’…
Read More

Tracking New Java Libraries Has Never Been Easier!

December 11, 2013

Want to know when a new version of $YourFavoriteJavaLibrary is released (and I mean - any Java library)? With Bintray, it's one-two-three. Go to bintray.com and search. [caption id="attachment_252" align="alignnone" width="300"] Click to enlarge[/caption] Click on the package you'd like to watch. [caption id="attachment_251" align="alignnone" width="300"] Click to Enlarge[/caption] Click "watch", (log in if needed).…
Read More

Hot on Bintray: Package Merging

October 10, 2013

We have recently introduced package merging: several packages from the same repository can now be merged into one. This is extremely useful when you have existing packages that are not aligned properly. For example, when you have many small technical packages (modules) that are logically one, single package, often using the same version scheme. Such…
Read More

Be the First to Know. Really.

June 26, 2013

So, you have an early-2000 style repository, like Maven Central: And let's say you are very, extremely interested to know when the new version of netty comes out.  We understand, it's a natural addiction. How can you do it? Here are some ideas: Well, you can visit Maven Central every day. Couple of times a…
Read More

Docker is Not Alone

October 15, 2015

JFrog Artifactory - The Only Universal Enterprise Repository Manager During DockerCon 2015 in SF, Solomon Hykes asked the audience: "Who is using Docker and nothing else"? No one in the audience raised their hand. Our Developer and DevOps 2015 Survey reinforces this point and adds what developers are using together with Docker. In JFrog’s Developer and…
Read More

Advanced repositories - get more out of the box!

September 8, 2015

The ability  to proxy remote repositories and cache external artifacts from them is crucial whether they are Docker images, NuGet packages, npm, tar.gz files or any of the dependencies we use to create our own products. It speeds up our builds, ensures reliable access, gives control over the bill-of-materials and offers many more benefits making…
Read More

Process is Critical So Are the Systems of Record.

March 24, 2016

You probably read the awesome post in the Netflix Engineering Tools team blog about the build process that Netflix uses to continuously deploy the service that streams movies and TV shows to more than 75 million global Netflix members. And while the post concentrates on the build process - the build tool, the CI server and the…
Read More

How not to care about unpublishgate

March 23, 2016

So, you all heard about #npmgate a.k.a. #unpublishgate. Azer removed left-pad from the official npm registry and all hell broke loose. Most of npm builds in the world are failing today because a tiny (17 lines of js code!), but very popular library was obliterated from a central repository  (which teaches us a lesson about…
Read More

Meet the all-new Artifactory Online Dashboard

August 19, 2015

If you haven’t yet heard about our exciting new release of Artifactory 4, then you can read about it in our release notes. It comes with a whole bunch of new features, and most visibly, a brand new UI. Well, our Artifactory Online community is also reaping the benefits of this release, and, in addition…
Read More

JFrog CLI (mb)ing to New Heights

March 18, 2016

Remember Artifactory CLI? That was the tool we released several months ago to simplify your automation scripts while optimizing upload and download of files to and from Artifactory. Well, after hundreds of downloads and a lot of great feedback we got, we decided “what’s good for Artifactory, is good for Bintray too.” So please meet...…
Read More

[Case Study] Oracle Managing Artifacts at Scale

March 10, 2016

How do you manage terabytes of binaries? How do you move mountains of artifacts around the world, at peak performance, all the time? That's what Oracle does, every day. Download the case study to learn why Loreli Cadapan, Director of Development  Operations at Oracle, chose Artifactory to manage the company's binary workflow at industrial scale.  
Read More

Let’s prove what we all know is true

August 9, 2015

There are only a few more days for you to cast your vote for Artifactory at the DevOps Dozen hosted by DevOps.com. Artifactory has been nominated in the category of Repo Manager, and we all know that:   Artifactory is the only repo manager that provides full support for Docker (and NuGet, and Npm, and…
Read More

Creating a Signed URL Using the Bintray UI

July 28, 2015

Creating a Signed URL is now available to you through the Bintray friendly User Interface, from start to end. If you are new to Signed URLs, you would rather check out this cool feature. Refer to the REST API Guide at URL Signing, and to the Sign me up! blog, discussing generating Signed URL using…
Read More

swampUP 2016: JFrog User Conference

February 23, 2016

The JFrog User Conference, affectionately known as “swampUP”, is a yearly event where developers and DevOps come together to talk, network, learn from industry visionaries, and...enjoy an endless flow of fine food and wine (who said learning can’t be fun). Last year’s one-day event was so successful (here are some pictures), and generated so much…
Read More

Use the right tool for the job: Git LFS with Artifactory

July 15, 2015

In a recent conversation I had with a developer that works with my wife, who works as the QA Manager for an awesome educational games company, she shared with me a very painful issue that most game developers (probably) share: storing binary assets in Git. This is an issue for everyone in this industry - regardless…
Read More

Care for some CocoaPods?

February 16, 2016

The highlight of the latest release of Artifactory, version 4.5, is support for CocoaPods, and there are a bunch of additional updates which we thought you might like to hear about.   CocoaPods - The main event Developing for iOS, watchOS, tvOS or OS X? Jumping on the Swift bandwagon now that it’s open sourced? CocoaPods…
Read More

JFrog Mission Control 1.0 Unleashed.

February 8, 2016

A couple of months ago we released the preview version of JFrog Mission Control. As a new product, we were eager to get it out there and start getting feedback. Since then we have been in constant contact with dozens of our customers who downloaded it learning what worked well and what was missing. So…
Read More

Goodies to Kick Off 2016

January 18, 2016

Holiday season is over. Gifts were exchanged, miles were traveled, resolutions were made, and much alcohol was consumed. Time to get back to work, renewed and energized for the new year. While we had our share of merry-making here at JFrog, we also managed to get some work done between the revelry, and released Artifactory…
Read More

Even more Vagrant love in Bintray

July 1, 2015

  You, of course, know, that for nearly the last two years, you have been downloading your Vagrant software from JFrog Bintray. But recently, Bintray has taken Vagrant support to a whole new level; it is now is a fully fledged Vagrant repository allowing you to distribute your public and private Vagrant boxes from Bintray!…
Read More

Another one bites the Maven Central dust (and saved by Bintray)

February 19, 2015

Today, I encountered another very detailed blog post on the woes of publishing on Maven Central. Jose Maria Arranz (@jmarranz) explains why he doesn't like Maven in general and publishing to Maven Central in particular (I am with him on a lot of valid points). I can't help quoting: Fortunately when searching for how-to articles…
Read More

New AsciiDoc support - our humble donation to easier documentation

December 22, 2013

Adding Release Notes and Readme's to your software can be a bit tedious. Well, not in Bintray! Thanks to the excellent Asciidoctor framework, Bintray now lets you annotate your software with online Asciidoc docs, so it's just as easy as writing code! [caption id="attachment_269" align="alignnone" width="282"] Click to Enlarge[/caption] Prefer Markdown? We've got you covered. Bintray supports…
Read More

JFrog's Developer and DevOps Trends Survey 2015

December 15, 2015

We started running these surveys in 2013 to stay in touch with our developer and DevOps communities, and to understand how they work and the challenges they address on a daily basis. This year’s survey ran from August 25th through September 3rd and received more than a thousand responses, from over 50 countries, mostly, the…
Read More

Enterprise Level Access Control with Keys and Entitlements

June 22, 2015

    “Private repositories”, “Teams and Organizations”, “Permissions”..., sounds like that’s all you need to provide secure private downloads. Well, not quite. Those are great features that fit the bill if your consumer is a Bintray user. But what if she isn’t? Well, then there are signed URLs. Those should do the trick. Just sign…
Read More

Advanced Cleanup Using Artifactory Query Language (AQL)

June 17, 2015

Each Artifactory administrator has his own methodology and policies for managing binaries within Artifactory, however, cleaning artifacts and freeing up storage space is a common need that every administrator has. As you probably know, Artifactory does provide a few cleanup methods out-of-the-box such as deleting complete versions, limiting the number of snapshots and deleting unused…
Read More

6 Reasons to Distribute Commercial NuGet Packages through Bintray

December 6, 2015

Developing on .NET? Then, most likely, you are no stranger to NuGet Gallery. It’s a great place to find public NuGet packages. But is it the best place to host and distribute your own private packages? With the recent addition of native support for NuGet, you can now point your NuGet client to Bintray and…
Read More

4 best practices in repository configuration

June 9, 2015

    1. If you are using several technologies, (e.g. Nuget, Maven, NPM, PyPi etc..) define a unique repository for each of them. By doing that you are making sure that all of the build requests are directed to the right place rather than going to a repository that may not even have the necessary…
Read More

Jenkins Artifactory Plugin 2.3.0, Hot Off the Press

May 28, 2015

JFrog has recently released version 2.3.0 of the Jenkins Artifactory Plugin. In case you're not yet familiar with the Jenkins Plugin for Artifactory, here's some background. Artifactory has become the leading binary repository manager available today, and through a series of plugins, it can easily be plugged into the different components of your CI environment.…
Read More

AQL: A Comprehensive Query Language for Repositories

May 18, 2015

One of our mantras here at JFrog is that we’re community driven. At each roadmap meeting we discuss features arising from trends in the industry along with feature requests we frequently get from the Artifactory community. AQL is just such a feature. No… nobody said, “Hey guys, why don’t you build a super efficient query…
Read More

Pyramids, Antiques, Maven Central and Sonatype Nexus…

March 2, 2015

How can you compare one technology or tool to its competitors? Usually, there is no objective comparison available. So how do you know which is better? Eclipse or IntelliJ IDEA? Java EE or Spring? C# or Java? All you can usually find is a holy war and biased comparisons on vendor sites. But luckily, sometimes,…
Read More

Fronting Oracle Maven Repository with Artifactory

February 10, 2015

This post was originally published in The Buttso Blathers blog by Steve Button. Feel free to comment here or there.   The JFrog team announced this week the release of Artifactory 3.5.1, which is a minor update that now works with the Oracle Maven Repository. http://www.jfrog.com/confluence/display/RTF/Artifactory+3.5.1 I spent a little while yesterday having a look…
Read More

2014: A Year of Revolution in Continuous Integration

December 22, 2014

  This note isn’t just a recap of 2014, it is our commitment to the future! 2014 was a crucial year for the development and DevOps world – an explosive inflection point with vendors integrating tools to capture and pass information from development to operations to automate the entire application delivery process. The industry hasn’t…
Read More

Docker Has Arrived, But Has Your Ship Really Come In?

November 21, 2014

In many ways it has. Docker has emerged as the “King of Containers” with more and more enterprises adopting Docker technology to run applications in data centers, on IT infrastructure and developer laptops alike. Docker’s decoupling of applications from their environments has effectively revolutionized how software is run. However, as with any (relatively) new technology,…
Read More

Wanna Download? Get Your Signed URLs Here

November 9, 2014

The new features that  a Bintray Premium account exposes are exactly what you need for commercial software distribution. Private repositories, fine-grained permission management, storage-as-you-go and much more.  Private repositories are a great way to control who can access your artifacts, but what happens if you want to give someone limited access to a specific artifact.…
Read More

JFrog leaps ahead with US offices, new investment from VMware

October 5, 2014

  Analyst: Jay Lyman 29 Sep, 2014 Repository and binary management vendor JFrog continues to grow, thanks largely to its new US offices and continued growth of modern, agile, DevOps technologies and methodologies among more mainstream and larger enterprises. In July, JFrog announced $7m series B funding from VMware and previous investor Gemini Israel Ventures. JFrog says the funding has helped it to…
Read More

Less is More!

August 27, 2014

Less is More! A blog I wanted to read prior to Series B I decided to write this blog and share JFrog’s story with you, so if you’re doing or planning any fundraising, you'll have these silver bullets in your pocket to whip out at any decision points along the way. I used some “Getting…
Read More

Continuous Integration using TFS, NuGet, and Artifactory

June 6, 2014

This blog shows how Artifactory, a binary repository manager, can be used a) as the storage location for remotely located build references, b) as a drop site for locally built CI artifacts, c) and in a future blog how it can also function as a storage and of all these binaries. For this demo we will use the MyLogger solution.…
Read More

The Future of Open Source: Speeding Technology Innovation

June 28, 2014

As one of the contributors to Black Duck’s eighth annual Future of Open Source Survey, the industry’s leading indicator of open source software (OSS) industry trends, JFrog was pleased to be able to help show the world the true impact of open source software. This was the first year that we decided to take part in the survey.…
Read More

Using OneGet with Artifactory

June 26, 2014

Artifactory, OneGet, NuGet, Chocolatey, and Powershell Setup and Installations Recently there has been an enthusiastic buzz around OneGet, Microsoft’s new download manager for Powershell. With OneGet, Windows now has a first-class deployment manager quite similar to what the *inx folks had for years with the Apt-Get download manager. OneGet is a command line tools which…
Read More

Private npm Registry With Artifactory

April 9, 2014

The main reason for Node‘s explosive popularity is its thriving ecosystem. Likewise, it’s well understood that the main reason for that ecosystem’s growth is npm, Node’s package manager. npmjs.org usage has skyrocketed with statistics showing over 4 Million packages downloaded a day, and over 68,000 packages publicly available, and the numbers just keep going up. In fact,…
Read More

Power to the People - Customize and Extend Artifactory with User Plugins

April 3, 2014

From our experience with thousands of Artifactory users, we know one thing for sure:we don't know better. Every organization does its ALM differently: artifact approval flow, snapshot retention policies, build-to-release flow, governance, required metadata and much, much more - each organization is different. We definitely have some ideas on how the build and deploy process…
Read More

Introducing First Class RubyGems Support in Artifactory

December 5, 2013

Here's a short and down-to-business screen-cast that shows how to set up a feature-rich hosted Ruby Gems repository. You'll get the full monty - local repositories for sharing your private gems, remote repositories to stop being dependent on rubygems.org and a virtual repository that unifies and simplifies configuration. Of course, it plays awesomely with Jenkins, (by using Jenkins…
Read More

JFrog catching more enterprises as devops, legacy ops converge

December 3, 2013

Analyst: Jay Lyman   JFrog is a commercial backer of the open source Artifactory repository management software. The company, with offices in Israel and Milpitas, California, reports an increase in enterprise customers melding new, more agile application development and release practices (aka devops) with legacy systems and processes. The company's repository management software and new Bintray for distributing binaries are…
Read More

Share Your JavaScript Libraries With The World

October 29, 2013

Let's face it, developers are lazy (including myself). Philipp Lenssen agrees with this saying in his post by stating: Only lazy programmers will want to write the kind of tools that might replace them in the end. Lazy, because only a lazy programmer will avoid writing monotonous, repetitive code – thus avoiding redundancy, the enemy of…
Read More

Fight Crime with GPG

August 6, 2013

So you deliver your awesome library to hundreds of users each day, but they’re a tough bunch and they’re all like: “Hey man, we gotta see some ID” So you kneel to the whims of the rabble; you generate your GPG key pair and sign each artifact you deliver, because hell if you’re gonna let…
Read More

Google and GitHub insist - go store your binaries in a proper place!

May 30, 2013

Starting July 2nd GitHub is allowing hosting binaries again. Point about Google Code still remains valid. Plus, we believe we still do better job when it comes to binaries, comparing to GitHub, which is awesome (for your sources). Well, first GitHub, and now Google Code, both cease to host your binaries on their platforms. The…
Read More

Taking Control of App Releases

August 22, 2013

Featuring report "Release Management for Enterprises", by RebelLabs Today’s software users have rapidly evolving needs, are mobile, and expect 24/7 connectivity and reliability. So dev teams need to churn out new features and versions frequently to keep up while still making sure that service is not interrupted. Sounds like a tall order, but fail to…
Read More

Does Ruby Need a Mature Binary Repository?

August 13, 2013

At some point in time, a Ruby developer realized the need to serve gems within a private network. The main reasons why: You can't rely onRubyGems.org You need a place to host the gems is not available in RubyGems. Those can be of two flavors: Something not hosted at RubyGems. For example, Vagrant. Something internal (neither open source nor…
Read More

wOwSCON 2013

August 5, 2013

I've been a part of the swamp for over a year now and managed to learn that being a part of the community means much more than sitting in front of the computer and writing code all day long. One of the ways JFrog stays in touch with the community is attending conferences and I…
Read More

So, Your Nexus Repository Manager Claims It Supports NuGet. O RLY?

July 30, 2013

Both Sonatype Nexus Pro and Artifactory Pro claim they support NuGet format for proxying NuGet Gallery and hosting NuGet packages. But the term "support" is rather vague. Let's try to compare the features of the NuGet Support in both tools, down to business. Comparing the full solution is far beyond the scope of a single blog…
Read More

3.0.x at Full Speed

July 9, 2013

You probably already noticed, but just in case - Artifactory 3.0 awesomeness is now delivered to you more frequently than ever. For example, we just released 3.0.2. This minor release completes the databases support matrix by adding PostgreSQL to the mix. In addition to the usual load of bug fixes we introduced a special treatment for `artifactory.content-type` property. Setting it…
Read More

Artifactory User Plugins in 5 Screenshots or Less

December 19, 2012

Actually, less (only 4).Remember the blog post about user plugins? How easy and fast is it to add or change functionality in Artifactory? When you went skeptic, like "come on, it's nice in the blog post, but how useful it really is?" Here's real live example from today:This morning (~09:30 AM in Netanya, Israel) I found…
Read More

Beat the binary repository developer (a.k.a. User Plugins)

November 15, 2012

From our experience with thousands of Artifactory users we know one thing for sure: we don't know better. Every organization does its ALM differently: artifact approval flow, snapshot retention policies, build-to-release flow, governance, needed metadata and much, much more - they are all different. We definitely have some ideas on how the build and deploy…
Read More

JavaOne - Next year in Vegas?

October 25, 2012

OK, my adrenaline is back to normal, and it's time for a wrap-up about JavaOne. As the Main Event in which we participate every year, this year’s JavaOne was big for JFrog. Judge for yourself: at JavaOne 2009 we introduced the Pro and SaaS versions of Artifactory Binaries Repository Manager at JavaOne. At JavaOne 2011…
Read More

Replication! What and How.

June 15, 2012

Update Jul. 24th 2012: As of version 2.6.2  Artifactory also supports event-driven replication. Benefit from all the worlds: pull/push/event-driven!Working in distributed teams isn’t easy. There are time zone differences, language and cultural differences, and… data distribution. When the data you need is away, you are miserable. So, let’s fix it. Bring your data home Let’s take binary…
Read More

Go beyond Java with CI server and Artifactory

May 31, 2012

During the last couple of years, continuous integration (CI) and automated release management methodologies have become much stronger in non-Java builds.Number of familiar tools are used for these methodologies, like the version control system to manages your sources, your build tool to actually build your software from sources and  your build server, which builds your software continuously using…
Read More

JFrog jumps at Devops opportunity with continuous integration repository

April 12, 2012

Analyst: Jay Lyman Israel-based JFrog backs the open source Artifactoryrepository management software, where it finds audience with both application developers and IT operations teams. Its positioning between these two parties managing one of their common challenges in software artifacts and binaries places JFrog at the crux of the devops trend that is pulling development and IT operations together. While…
Read More

QCon 2012 - Perfect as Everything in London Should Be

March 15, 2012

Update 13 Jul. 2012: The video recording of my talk was published on infoq.comIt was JFrog's second QCon London, and it just gets better. Imagine: even the London weather was perfect, not to mention the sessions, booth traffic, show organization and food (what, you say, good English food? Well, great IndoPak food, at least). Due to high demand…
Read More

Dependency Management with .NET - Doing it Right

February 6, 2012

The problem of dependency management is neither new nor original, it exists in all development platforms, and .NET is no different.Let’s go through different solutions and see how they perform. I’ll list them here in no particular order.Keeping dependencies in your source controlThat’s a very popular solution, and for a reason. The benefits are obvious.…
Read More

Artifactory - Community Talks

November 1, 2011

We’d rather have our customers and users be the gauge of how well Artifactory met their Continuous Integration needs, rather than have you listen to our opinion.These are busy days for the froggers getting ready to release 2.4. The buzz is out there and proudly we can see more and more talks that cover Artifactory as…
Read More

The Frog Who Turned into a Prince

October 17, 2011

JFrog’s Artifactory Wins JavaOne 2011 Duke's Choice Award 3 years from the day it was founded, JFrog was recognized by Oracle and the Java community  for Innovation Java Tools for Developer with Duke’s Choice Award at JavaOne 2011.This is not a marketing announcement nor a techie or an executive post, this blog is about how…
Read More

The Future of CI at JAX Conf

May 29, 2011

The Future of CI at JAX Conf - San Jose June, 2011 by Fred SimonThese are exciting days for Continuous Integration users and for us - JFrog Artifactory team.Following the successful CI Summit held in LinkedIn HQ last month, we are now heading to theSan Jose JAX Conf!This year, for the first time, the great European JAX conference…
Read More

Thinking in Gradle!

May 23, 2011

Since my first encounter with Gradle and Hans Dockter (TSSJS 2009 in Las Vegas), I slowly (but surely) started to use this new build tool in many environment and projects.Today, I’m hooked and I don’t think there is a better way to build!But, the main issue I encountered is how to convince other that Gradle is the…
Read More

The First Continuous Integration Summit - Video Available!

April 20, 2011

On April 7th, we held the First Continuous Integration Summit at LinkedIn HQ in the Silicon Valley. We were overbooked a week from opening the event registration page! This enthusiastic response, in addition to the feedback we received (and still getting) from the community, illustrates the great appetite for gaining and learning more about CI technologies and…
Read More

Artifactory Vs. Nexus The Integration Matrix

February 24, 2011

Are you stuck with your vendor stack ?! The up-to-date community-driven feature comparison between Artifactory and Nexus can be found here. The evolution of Continuous Integration, build tools and build servers in the past years has been very impressive. The amount of projects (open source, or not) and tools that were launched and later adopted…
Read More

To Build or Not to Be - Seminar Videos

July 26, 2010

JFrog's Continuous Integration and Build Seminar "To Build or Not to Be", took place on July 1st, 2010 and was a big success.The sessions of Kohsuke Kawaguchi creator of Hudson and CEO of InfraDNA, and Hans Dockter creator of Gradle and CEO of Gradle Inc are now available online.Watch now the videos of "Gradle - A Better Way To Build".and "Doing More with Hudson"  …
Read More

The case study of JBoss Repository Manager

May 11, 2010

Most of the issues encountered by JBoss developers with their new build infrastructure are discussed openly here. This is an important source of information about the problems encountered with a Hudson, Maven and Sonatype-Nexus integration. Since we (JFrog) worked on Hudson, Maven, and Repository Manager environment for many years, we provided some feedbacks to JBoss.  …
Read More

Building an Enterprise Repository with Artifactory

March 3, 2010

*The content of this blog is a translation of a blog posted in Portuguese by Diego Pacheco.*I clearly recall experiencing DLL hell while working predominantly with Microsoft products. We suffered from dependency issues back then and we still suffer from them today.When I started working with Java I suffered from a similar development concern. The specifics are a little…
Read More

So you've decided to configure a remote repo and avoid headaches?!

January 14, 2010

Background There are a lot of public Maven 2 repositories out there (repo1, JBoss, SpringSource, etc.). When setting up your repository manager for your organization, configuring remote repositories can be one of the most difficult tasks. Finding the correct URL for those remote repositories, and more importantly, defining the correct include/exclude patterns for artifacts, is…
Read More

Empower Hudson with Artifactory - Track and Replay Your Build Artifacts

December 30, 2009

Overview In this blog, I will demonstrate how to integrate Hudson with JFrog's Artifactory repository manager to have full build-to-artifacts traceability. We will use Artifactory plug-in to deploy the Hudson build artifacts and track them back to their original build. Keeping the history and reproducibility of code is a must-have for any modern project. Using one of the different…
Read More

The one that talks, the one that does!

December 24, 2009

The one that talks, the one that does! In a blog "Why Putting Repositories in your POMs is a Bad Idea", Sonatype "asked" the open source community to manage their Maven2 POM file correctly.This is a good and important request, since Maven will not work correctly: Over time (due to URL changes) In a closed…
Read More

Search-based Promotion - Staging and Promotion Finally Made Simple!

November 5, 2009

Overiew One of the greatest features of Artifactory 2.1 is the support for artifacts staging and promotion. The idea behind this feature is that in many environments, before exposing a new release for public consumption, the release needs to go through a well-known life-cycle - the release is first made available in a staging environment…
Read More

Maven and JavaFX, the story of TwitterFX POM

May 11, 2009

JavaOne demo Our JavaOne 2009 technical presentation TS-4388 is a demo integrating Maven, JavaFX, Artifactory and WebStart in one smooth process for the developer and site operation manager. So, we were looking for a nice JavaFX demo with source code using external Java dependencies that will demonstrate the ease of use of Maven when using Java libraries.…
Read More

Avoiding Clear Text Passwords in Maven

January 25, 2009

On Secure LDAP Integration: Avoiding Clear Text Passwords in Maven Settings and Controlling Login FallbackFirst, Some BackgroundOne shortcoming of Maven is that it requires you to store your repository passwords in clear text inside the settings.xml file. Now, this stops being mere annoyance and starts becoming a real security hole once your repository's authentication is done…
Read More

Re: Contrasting Artifactory and Nexus

January 25, 2009

I do not care too much about product comparisons coming from product vendors since they are usually biased and written with a single mindset of "how do I make my product look better". Being labeled with an "I'm nonobjective" sticker from the start, I tend to take them with limited trust.I recently came across a blog…
Read More

Artifactory 2.0 has been released!

January 5, 2009

We are pleased to announce the availability of Artifactory 2.0. Artifactory is an advanced Maven repository manager, offering powerful enterprise features, such as LDAP/Active Directory integration and fine-grained permission control, behind an easy-to-use user interface.With this second major release of Artifactory, Artifactory is 100% configurable via an Ajax web UI and is packed with many enterprise-level…
Read More

Lists and Contextual Menus, MMI nightmare!

November 20, 2008

I'm more of a "server side" kind of developer.When I see too much HTML, CSS and Javascript, I need pills!Still, I like to challenge the MVC architecture of UI frameworks. I even wrote my own web framework for fun (but some poor developers, in India I think, are now suffering from it), and played with…
Read More

Featured Blogs

Your Enterprise Grade Helm Chart Repository with JFrog Artifactory!

Your HA Installation and Upgrade Process Just Got Easier!

A Journey Into Modern DevOps and Continuous Integration in C and C++ Projects

Popular Tags

artifactory best practices bintray build continuous delivery continuous integration Devops docker docker registry Fred Simon github gradle jcenter Jfrog Maven maven central Mission Control nuget security xray