From the Frog's mouth

Customize Xray DevSecOps With Private Data

January 17, 2020

For some organizations, even the best isn’t quite enough. That’s why JFrog Xray provides a way for you to specify your own additional data, to detect even more sensitive issues in your binaries before they can reach production. JFrog Xray is a tool for DevSecOps teams to gain insight into the open source components used…

New ConanCenter Improves Search and Discovery

January 13, 2020

Note: This post can also be found on the Conan blog. We’re excited to announce the new and improved ConanCenter! Use our new center with an enhanced UI experience to discover your favorite Conan C/C++ packages. If you’re not familiar with Conan yet, it’s a decentralized package manager for C/C++ that empowers developers to share packages…

GoCenter Reveals Go Module Vulnerabilities With Xray

January 6, 2020

Golang developers care a lot about security and as Go modules become more widely used, they need more ways to assure these publicly shared files are safe. One unique feature included with Golang version 1.13 is the foresight that went into authentication and security for Go modules. When a developer creates a new module or…

You’re the Top Gopher! GoCenter Badges Honor Amazing Go Modules

December 27, 2019

In the holiday spirit, we’re bringing a little cheer to the Golang community by celebrating the achievements of some noteworthy Go module authors. We’re excited to launch a new program within JFrog GoCenter that honors select “Top Gophers.” Using key metrics of success such as number of downloads and imports, quality metrics, and usage in…

Did You Feel the Tremors? The DevOps Landscape is Shifting.

December 12, 2019

In recent weeks, some of the most recognizable companies in the DevOps space have had their foundations rattled, perhaps shaking developer confidence. The acquisition of Docker Enterprise by Mirantis, the acquisition of Sonatype (Nexus) by a capital firm and the open-sourcing of Quay by Red Hat leave many development shops wondering what will happen next…

JFrog Offerings on AWS Marketplace Cover the Full DevOps Experience

December 2, 2019

JFrog is excited to announce it has expanded its DevOps offerings on the AWS Marketplace to include the most advanced Container Registry in the market, and an advanced Universal DevSecOps solution allowing developers to invent the best code ever while leaving the overhead to us. In this blog, we will introduce our latest offerings -…

JFrog Container Registry Delivers For Business and Community

November 21, 2019

Ever since container technology hit the scene in 2013, it’s generated excitement from developers and operations teams. Using containers to deliver apps and microservices helps enable large scalable deployments with smoother rollouts, accomplishing in minutes what used to take hours, if not days. Delivering the containers themselves, however, can still be challenging to do across…

Dash to Docker for Cloud Run on Anthos Hybrid

November 25, 2019

Developing for Google Cloud Run in a hybrid system managed by Anthos isn’t a solo race, it’s a relay between cloud and on-prem. To win, you'll need an advanced Docker registry that can swiftly pass your containers for Cloud Run functions from one environment to the next. In our example hybrid architecture, you’ll see how…

Announcing JFrog Container Registry

November 20, 2019

For over a decade, JFrog has been performing heavy lifts. We pioneered artifact management, have served developers with industry-leading tools, and helped them get containers quickly and safely where they need to go. Today we’re delighted to announce JFrog Container Registry, the world’s most advanced, fully hybrid Docker registry that’s free to use on-prem, in…

Hunting for Talent on the DevOps Highway

November 17, 2019

If you happened to be in Tel Aviv, Israel last month, you probably saw the eye-catching JFrog billboards that took over the city. The JFrog logo with a solid bright green background challenged all of us to Imagine There’s No Version. The JFrog green billboards were everywhere! Decorating trains and buses and lighting up the…

JFrog CLI, Your GitHub Actions Hero

November 14, 2019

Now that GitHub Actions version 2 is out of Beta and available for general use, how can you start managing your Artifactory repositories in your automated DevOps workflows? Who will save your binaries in distress? Never fear, JFrog is here! A new Action has joined the GitHub Marketplace that enables you to use the JFrog…

We’re Honored: Bank of America Recognizes JFrog for Enterprise DevOps Innovation

November 5, 2019

Being innovative is like being handsome. It only counts when others think so. When Bank of America honors you for being innovative and improving how their 30,000 developers perform, it’s a very handsome compliment. At the 11th Bank of America Technology Innovation Summit, JFrog was recognized for industrial leadership and excellence in providing global business…

Load Up and Drive Cloud DevSecOps on Azure

November 4, 2019

At JFrog, we think enabling DevSecOps in the cloud should be as easy as ordering from a drive-up window. Getting the tools you need for digital transformation should only be a short stop on your long journey. And you should be able to get it your way, on the cloud services platforms you choose. That’s…

Recapping the First Yalla DevOps 2019

October 16, 2019

Yalla DevOps made a grand entrance! and for those of you who didn’t make it this time, or those of you who just want a recap, here are the highlights from the event. From an expert panel to a live broadcast by Alan Shimel (Founder, CEO & Editor-In-Chief of DevOps.com), there was a lot going…

Compliance Made Easy with JFrog Xray

October 10, 2019

As compliance managers, we often find ourselves in a struggle. Our responsibility is to uphold compliance standards but in order to achieve this, we need to “sell” the concept to the relevant stakeholders, inter alia the business teams and R&D. We’re put in the position of justifying required changes and processes and are thus mistakenly…

How GoCenter Connects Go Modules Authors With Consumers

October 8, 2019

There’s no longer any doubt, Go modules are an accepted part of Golang. The over 300,000 versioned Go modules in JFrog GoCenter shows how they have been embraced for package management by the Go community. With Go modules now enabled by default in Golang 1.13, the number of publicly available modules will grow even more…

Deploy Artifactory HA into AWS Using AWS Quick Starts

October 4, 2019

JFrog Artifactory As Your Repository Manager on AWS JFrog Artifactory Cloud on AWS is a hosted solution for developers and DevOps engineers that provides complete control, insight and binary management throughout the software development lifecycle. DevOps teams have transparency and control of their entire build and release process, all with the power of cloud-based development.…

Xray 2.10 Released: New Package Support, an IDE Plugin and More.

October 3, 2019

Our user community spoke and we listened. You asked for Xray to be even more universal and support more package types… in particular Go and PHP Composer. With Visual Studio Code (VSCode) now having more than 4.5 million monthly active users, we also added a new VSCode plugin for Xray. This broad adoption of multiple…

How To Use GoCenter with Golang 1.13

September 24, 2019

You may have heard that Golang version 1.13 was released this month. We’re excited for the newest features and want to make you aware of a few changes that may impact your builds. Most of all, we want to let you know some best practices for using these powerful new Golang features with GoCenter. Go…

Imagine There’s No (Software) Versions

September 18, 2019

What if you could kill the update button? Or better yet, practically eliminate the software update task all together? What if the entire update process was seamless, invisible, and required basically no human intervention? Imagine there’s no version. (...it’s easy if you try…) Yes, you probably - like us - now have John Lennon’s famous…

Listening To You: GoLang Survey Results

September 17, 2019

How are developers using Go and Go modules? We wanted to know, and not just because JFrog Artifactory supports Go registries and helps share versioned Go modules through GoCenter. At JFrog, we’re Go developers too -- both JFrog CLI and Xray are written in Go -- and busy contributors to the growing GoLang community. That’s…

Artifactory as a Caching Mechanism for Package Managers

September 12, 2019

As a developer in the JFrog Ecosystem team, I rely on many package managers to download tools for my builds. Pre-build tools such as Curl, CLI, wget, Maven, Gradle, npm and others, used to build the final deliverable, are automatically downloaded by the CI server as part of the first step of our builds. Relying…

Secure JCenter with HTTPS

September 6, 2019

Update Jan 2020: JCenter went full HTTPS! Starting Jan 13th, any non-HTTPS requests will be denied with 403 error. Please see below what you should do to avoid build failures! Are you using Bintray JCenter to find and share public OSS JVM language packages? If so, we have some important news for you to help…

Accelerate Application Release with Environment as a Service

September 10, 2019

This blog is co-posted on the Quali blog. Liquid Software flows through a pipe, and that plumbing needs to be properly sealed. Releasing your application with agility requires your environment—infrastructure, applications, and data—to be ready at every point in the pipeline, from development to test to production. The different teams in that process face their…

JFrog CLI Lets You Do Magic with One Single Command

September 5, 2019

In our recent CLI 1.27.0 release, we announced one of the most useful features in JFrog CLI allowing you to perform operations on multiple repositories, by running a single command. Working with JFrog Artifactory is now smoother than ever, as you can search, upload, download, copy, move and delete files on Artifactory via the CLI,…

Building C/C++ Packages for Conan-center Made Easier with New CI Service

September 4, 2019

This blog is co-posted on the Conan blog. the Bintray Conan-center is the main repository for curated Conan packages. Users have been able to contribute to it by uploading packages to their own Bintray repositories, then submitting them via an “Inclusion Request” process. Bintray repositories account for a large number of downloads (24 million downloads…

Charting Helm Hub Through Artifactory

August 29, 2019

https://jfrog.com/knowledge-base/what-is-helm-in-kubernetes/ A great many Helm charts dot the landscape of the internet, and it can be hard to know about them all or their whereabouts. To help solve that, Helm created Helm Hub to provide a central catalog of the growing number of public Helm chart repositories. Browsing the awesome Helm Hub UI, you can…

Artifactory 6.12 Released: Including Smart Remote Repositories on Edge Nodes

August 22, 2019

Quality is a core value at JFrog. This release of JFrog Artifactory is no exception, with heavy emphasis on releasing features and updates that are most important to you. We’re excited and proud to release Artifactory 6.12. As a precursor to the coming release of JFrog’s Unified Experience and JFrog Pipelines, Artifactory 6.12 includes: Support…

Ready, Set, GoCenter! Converting Projects for Go Modules

August 20, 2019

Ever since the introduction of Go’s new dependency management system in Go 1.11 and later, GoLang developers have embraced the package versioning solution. Those that do can use the GoCenter repository of immutable public Go modules, and gain faster Go builds with a more robust and reliable Go pipeline. But converting existing projects to use…

Kubernetes CI/CD Pipelines at Scale

August 16, 2019

This blog was originally published by Kamesh Pemmaraju on the Platform9 Blog. Kubernetes orchestrates containers reliably at scale while abstracting the underlying infrastructure. Unlike Virtual Machines, this helps developers separate the workloads from the complexities of the infrastructure. Kubernetes is ideal for CI/CD automation because it offers many built-in capabilities that makes application deployment standardized…

By 2020 Every Company will be a DevOps Company

August 15, 2019

Condensed from the keynote speech presented at swampUP 2019. I’m here to tell you that in the next year, by 2020, all companies will be DevOps companies. Now this is what you’re thinking: Here’s another cocky CEO talking on the keynote stage telling us the world is going to change in a few months. But…

4 Reasons to Automate DevOps with JFrog Pipelines

August 12, 2019

Every company is now a software company, and thus every company must become a DevOps company. While JFrog has helped thousands of companies enable DevOps, they have had to conquer one of the biggest challenges on their own: automate their entire sprawl of DevOps tools and processes. Until now. At our last swampUP user conference,…

4 Ways Xray and Artifactory Complete DevSecOps

July 30, 2019

Being universal is a huge part of what makes JFrog Artifactory so effective. Whether you use Jenkins, CircleCI, or Bitbucket to automate your CI/CD pipeline, Artifactory works with those and more. Whether you prefer to store your artifacts in an on-premises filestore or in the cloud, Artifactory will manage them. Which cloud? Artifactory is content…

5 Best Practices for GoLang CI/CD

July 24, 2019

For developers programming in long-established languages like Java, JavaScript or Python, the best way to build continuous integration and continuous delivery (CI/CD) workflows with Artifactory is pretty familiar. A mature set of dependency management systems for those languages and container solutions like Docker provide a clear roadmap. But if you’re programming your applications in GoLang,…

How to Use JFrog Artifactory and GoCenter Together to Build Go Apps

July 8, 2019

As a cloud native programming language, Go is picking up steam quite rapidly. In the latest StackOverflow Insights survey, Go was named as the third most wanted language. Go also has a vibrant community that produces a pretty stellar list of Go apps and modules and with the rise of public registries, like GoCenter, you…

Building Serverless on Kubernetes with OpenFaaS and JFrog Artifactory

June 27, 2019

Serverless (as an operational construct) and Kubernetes (as a powerful platform and enabler) are rapidly transforming how companies operate. Just looking at KubeCon + CloudNativeCon EU 2019 with close to 8000 attendees and the sold out Serverless Practitioners Summit as a pre-conference event shows how strongly developers feel the need to use them together well. …

Containing Artifactory with Red Hat UBI

July 2, 2019

Making your container smaller doesn’t always make it a good fit. It has to use and work with the components your organization requires as well. Artifactory is available for DevOps as a highly configurable, distroless image that offers many benefits, including reduced size and less potential for OS-level vulnerabilities. For some, this is not enough…

Artifactory & ElasticSearch: Analyzing your Support Bundle Logs

June 24, 2019

As an administrator, one of your daily challenges is troubleshooting ongoing events according to your own predefined parameters and filters. JFrog Artifactory logs contain different entries and events according to the activities from and to the server. Tailing these logs to search for specific entries might work in some cases, but as your environment scales,…

Automotive DevOps: Rules of the Road Ahead

June 20, 2019

Adapted from the swampUP 2019 keynote speech by Kit Merker, JFrog VP Business Development. With software powering all the devices that enable the things we do everyday, software engineers are now the mechanics that keep our modern times running. More and more, we trust the software they create with our lives. As JFrog works to…

JFrog Breaks DevOps Boundaries at swampUP 2019!

June 18, 2019

JFrog’s annual user conference has just started in San Francisco and the atmosphere is mesmerizing. This conference is for DevOps community members, supported by the major industry leaders, and dedicated to developers, to whom we listen closely every day of the year. swampUP 2019 provides four tracks to allow attendees to tailor their experiences based on…

Tallying Up: Artifactory vs GitHub Packages

June 3, 2019

GitHub recently announced a new service - GitHub Package Registry. It’s a package management service, currently in limited beta, that enables developers to publish packages next to their source code. We've heard some confusion in the community, so we wanted to set the record straight about what this announcement means to our loyal Artifactory customers.…

See Where Containers Travel with Portshift and Artifactory

June 4, 2019

Please welcome our technology partner Portshift, with this informative article that has also been posted on the Portshift company website. DevOps engineers often struggle with making their complete pipeline for Docker containers fully visible and traceable. Even after they succeed in mapping and controlling the CI/CD pipeline, there remains a gap between the pipeline and…

Shift Your IDE Left With Xray Plugins

May 28, 2019

Forewarned is forearmed,” cautions the old proverb, and that truth coined in the 16th century is even more apt for DevSecOps in the 21st. The earlier you know about vulnerabilities, the better you can avoid making them part of your software. That’s the same principle behind a “Shift Left” DevSecOps strategy. Rather than waiting for…

Steer Athens on Kubernetes with GoCenter Upstream

May 22, 2019

In a previous JFrog blog post we explored how to use Project Athens for Go modules with GoCenter as an upstream proxy. In this follow-up, we’ll examine how to install Athens into a Kubernetes cluster with GoCenter set as an upstream proxy. Athens is a Go modules repository that you can host privately on your…

Kubernetes Security: More than Meets the Eye

May 16, 2019

This blog is co-posted on the Rimas’ Mocevicius blog Evolution of Kubernetes security In the early days of Kubernetes, before Role-Based Access Control (RBAC) was introduced pods ran in the Kubernetes cluster with full admin rights when a service account was assigned. Basically, this gave users full admin rights to the cluster. Imagine how scary…

JFrog, Shippable, SwampUP and Everything in Between

May 9, 2019

You probably heard about the latest JFrog Shippable acquisition, and may have some questions. These may include, but are not limited to, “Will I have to use Shippable now?”, “Will JFrog stop supporting other CI solutions?”, “Can I still use Shippable now?”, “What’s this JFrog thing?!”, “What’s this Shippable thing?!”, “What’s up with the frog…

Protect Your Code with npm audit & JFrog Xray

May 14, 2019

One of the newest features available in the latest JFrog Artifactory version 6.10 release, is support for npm audit. What is npm audit? The npm audit command generates an audit report that provides a summary of all known security vulnerabilities in your npm packages and dependencies. It also provides npm commands and recommendations that will…

Persistence is Futile (or is it?) - How To Manage, Version and Promote Docker Volumes

May 6, 2019

In the movie Star Trek: First Contact, as the team comes across a very specific collective, they are greeted with the ever distinctive line: “We are the Borg. Lower your shields and surrender your ships. We will add your biological and technological distinctiveness to our own. Your culture will adapt to service us. Resistance is…

Leap Deep with Us into swampUP

April 23, 2019

Every year, for the past four years, JFrog has hosted the DevOps community at the annual DevOps conference. It is the premier event where you go to learn all about DevOps best practices from world-renowned companies. This year we've added a full-day training course and the possibility to get a JFrog stamp of approval with…

GoCenter’s Back to the Future Journey

April 22, 2019

Every science fiction fan knows that you can't fix the past. Try to, and it wrecks the balance of events that led to the present. That's also what we learned while making GoCenter. While trying to correct an early Go modules design choice and improve certainty, we accidentally made things harder for the Go community.…

How JFrog Makes Anthos DevOps Bloom

April 15, 2019

It must be spring, because Google has sprouted flowers, and JFrog is helping with the bouquet. At this year’s GCP Next, Google announced the rollout of Anthos (the Greek word for “flowers”), a powerful service to build and manage a modern hybrid cloud. With Anthos (formerly Cloud Services Platform), your choices in a computing platform…

Sail Athens Swiftly Upstream with GoCenter

April 12, 2019

It seems as if everyone is launching their craft into the waters of Go. Developed by Google, Go (or GoLang) has been adopted by many other major companies for developing large-scale projects. JFrog has embraced Go too, writing the JFrog CLI and JFrog Xray in Go, and making GoCenter, a public repository for Go modules,…

Two Tastes of Artifactory on Google Cloud Marketplace

April 9, 2019

When you’ve chosen Google Cloud Platform for your cloud DevOps environment, which flavor of JFrog Artifactory suits you best? Do you crave an artifact repository manager that you manage yourself and works with GKE? Or does a SaaS account managed by JFrog on GCP better satisfy your need? Two new ways to get Artifactory through…

GoCenter is Fast - How Does It Do That?

April 4, 2019

I recently wrote a blog saying “seeing is believing” (which is also your chance to score an awesome Go shirt), about the difference in speed downloading Go modules from a version control system or from GoCenter. From that blog post, we got a lot of positive comments in the Gopher community. We also got some…

Using JFrog CLI to See Your Builds Up Close

April 2, 2019

Artifactory has always helped you to know what’s in your builds. But it can still be hard to know why a build was made. An exciting feature in the JFrog CLI can help you connect the way you track issues (bugs and feature requests) directly to the builds where they’ve been addressed. So you can…

Steering Straight with Helm Charts Best Practices

March 28, 2019

Kubernetes, the popular orchestration tool for container applications, is named for the Greek word for "pilot," or the one who steers the ship. But as in any journey, the navigator can only be as successful as the available map. An application's Helm chart is that map, a collection of files that can be deployed from…

Build Times Matter - Speed is Everything

March 27, 2019

After GoCenter was first released the team at JFrog said it was faster to get modules from there than it was getting modules “the old way”. To be honest, when they said that, I did not believe them. Following the old proverb “seeing is believing”, I set out to test the speed and see whether…

Guest Blog: Deploying JFrog Artifactory with Nutanix Karbon

March 21, 2019

Anyone working with containers and Kubernetes knows the value of a rock-solid container registry. We’ll show you how to deploy JFrog Artifactory Enterprise in a highly available configuration as a Kubernetes Docker registry with Nutanix Karbon. This enterprise-grade Kubernetes Certified distribution by Nutanix simplifies the provisioning, operations and lifecycle management of Kubernetes with a native…

We’re Founding Members of the Continuous Delivery Foundation. Here’s Why.

March 14, 2019

I’m sure you know by now that JFrog is on a mission to make software liquid. We believe that software updates and new releases are constantly being pulled by an ever-hungry world, and that those updates should flow freely, like water, to the runtime endpoints across our lives. One of the most important pieces of a…

5 Special Repositories in Artifactory You Should Know About

March 7, 2019

Among the many different types of binary repositories managed within JFrog Artifactory as an artifact repository, there are 5 very useful repositories that you may have not noticed. Just like all repositories in Artifactory, these also store your binaries with all the added benefits of Artifactory, but serve a bit differently in their usage. Here’s…

JFrog Xray: Creating Jira Issues using webhooks in a breeze

March 6, 2019

JFrog Xray offers an end-to-end security scanning solution covering the full development lifecycle of your artifacts. This includes vulnerability analysis, security and license compliance, artifact flow control, distribution and more. When Xray finds a security or a licence issue, it will trigger a violation for it. One of the most common use cases during…

Pipes for JFrog, a Fitting Match for BitBucket Pipelines

February 28, 2019

Many users of Atlassian Bitbucket already choose JFrog Artifactory as their artifact repository with Xray as their DevSecOps tool to bring certainty and trust to the binaries in their software delivery pipelines. With Atlassian’s launch of Pipes for Bitbucket Pipelines, it’s easy for developers to manage their software releases from code through testing and release.…

Enterprise Cloud DevOps on Azure is Clicks Away

February 26, 2019

A deployment of Artifactory High Availability hosted in your Azure environment can help your cloud DevOps function with the scalability, performance, and security of an enterprise-grade system. But it takes the right supporting resources and configuration to be installed with it to operate effectively. Fortunately, we’ve now made the chore a lot easier, by offering…

Xray and VulnDB: Security at the Speed of DevOps Automation

February 25, 2019

JFrog Xray: A Powerful DevSecOps Solution JFrog Xray was originally announced at our annual JFrog user event, swampUP, back in 2017. So what does it do? Xray allows DevOps teams to discover, receive notification, and remediate open source vulnerabilities and software license compliance issues early in the development phase. The sooner a vulnerability is discovered…

We’ve Acquired Shippable to Complete DevOps Pipeline Automation From Code to Production

February 21, 2019

We’re extremely excited to announce our acquisition of Shippable, a leading continuous integration and DevOps automation company. Shippable’s complete portfolio of cloud-native and Kubernetes-ready CI/CD solutions will be incorporated into the JFrog platform, creating a complete, integrated DevOps CI/CD pipeline solution. Why did we do it? To move closer to our vision of Liquid Software…

Gain Visibility into Your NuGet Builds Using Build-Info in JFrog Artifactory

February 20, 2019

NuGet is an open-source package manager designed for the Microsoft development platform designed to support packaging DLL files with metadata. NuGet repositories in JFrog Artifactory support the application lifecycle from the developer's fingertips through distribution to consumers while covering application security, vulnerability analysis, and artifact flow control. After creating your NuGet repository in Artifactory, you…

Complete the Kubernetes Puzzle for IBM Cloud Private

February 14, 2019

Sometimes two things fit together so naturally, you sense they were built for each other. You might come to feel that way about IBM Cloud Private and JFrog Artifactory because, in important ways, it’s true. IBM Cloud Private (ICP) and Artifactory are both built to facilitate containerization, the growing technology that makes it easy to…

Artifactory and OpenFaaS - Containers Everywhere!

February 19, 2019

Right now, we live in a world where the Kubernetes website gets more visitors than the Seattle Seahawks website. That probably means that containers, and the orchestration platform on which they run, are one of the most important things. I mean, everything runs as a container doesn’t it? The other big ticket item for developers…

5 Steps to Hosting Your Application on Amazon Cloud Container Service

February 12, 2019

This article describes 5 steps to hosting an application on the cloud with Amazon Elastic Container Services (ECS) and Elastic Container Registries (ECR) using a multi-cloud strategy. Developers are moving towards hosting applications on the Cloud and using various cloud services provided by market leaders such as: Google (GCP), Amazon (AWS) and Microsoft (Azure). Nowadays,…

Naming is Hard: The Quest for the Right Name for "Go Module Repository"

February 11, 2019

TL;DR: There is a lot of confusion on the Go modules cache/proxy/registry/repository term. After much deliberation, we have agreed upon Go Modules Repository. Names Matter! You know the drill, naming is the single major reason for procrastination in software engineering, perhaps after expense reports. Coming up with a name for something can be extremely hard,…

Cruise Safely on IBM Cloud’s Road to DevOps

February 7, 2019

When you’ve chosen IBM Cloud for your DevOps platform, trust was certainly part of your decision. Like other public clouds, IBM Cloud offers a quick, flexible on-ramp to cloud native development. Their expertise, support, and a catalog of proven tools like IBM Cloud Kubernetes Service (IKS) gives you confidence. So trust is important to you.…

[White Paper] The JFrog Journey to Kubernetes: Best Practices for Taking Your Containers All the Way to Production

February 5, 2019

Kubernetes together with JFrog Artifactory allows you to reliably and predictably deploy your applications, scale them on the fly, seamlessly roll out new features and efficiently utilize hardware resources. This white paper reviews the complexity and the challenges facing companies wanting to adopt Kubernetes as their container orchestration tool. We hope that the lessons learned,…

Managing Binaries With JFrog CLI and GitHub Actions

February 4, 2019

Over the past few weeks, we’ve released a series of blog posts on how you can use the JFrog CLI, Artifactory, and GitHub Actions to build awesome software. Last week we created and published a Go module and recorded the Build Information and in this final post we’ll build and store the binary in Artifactory.…

Best Practices for Artifactory Backups and Disaster Recovery

February 1, 2019

Whether you have a small JFrog Artifactory instance or a complex cross-region topology, ensuring that your binaries are available at all times is vital to your DevOps pipeline. There are many different approaches to protecting your binaries from disaster, including: System backups, directly from the Artifactory UI or using a 3rd party solution such as…

Building a DevOps Path in IBM Hybrid Cloud

January 31, 2019

Sometimes you don’t want to have to choose between two great places, but combine them for the best of each. That’s the principle behind IBM’s hybrid cloud offering, where a private cloud and a public cloud work together to deliver an ideal blend of availability and security. But how can you best execute DevOps in…

Go at Full Speed with GoCenter

January 30, 2019

As Go programming accelerates, becoming one of the world’s fastest growing software languages, trying to create robust and reliable pipelines without an immutable repository is challenging. That's because Go modules (reusable OSS Go packages of code) that applications include as dependencies must be resolved from among thousands of independent source code repositories, each of which…

Publishing Go Modules To JFrog Artifactory Using The JFrog CLI

January 28, 2019

Over the coming weeks, we’ll release a series of blog posts on how you can use the JFrog CLI, Artifactory, and GitHub Actions to build awesome software. Last week we built a Go app using Artifactory, the CLI and GitHub Actions and this week we’ll continue that by publishing the Go app as a module.…

Go Modules Are Awesome, But There Is One Tiny Problem

January 27, 2019

Most programming languages and tools support the concept of packages and most of the times those packages have versions. The great thing about versions, whether they’re used by tools or not, is that they allow developers to clearly communicate what the dependencies are to build the final product. Go has struggled quite a bit with…

An Outstanding DevOps Year for JFrog China

January 22, 2019

Massive Adoption Since entering the Chinese market in 2016, JFrog’s growth there has been tremendous. By the end of 2018, we had over 120,000 users of our open source products, and thousands of enterprise users. Both domestic Chinese and foreign companies leading different industry verticals in China adopted JFrog as paying customers including Tencent, Huawei,…

Resolving Go Modules From JFrog Artifactory Using JFrog CLI

January 21, 2019

Over the coming weeks, we’ll release a series of blog posts on how you can use the JFrog CLI, Artifactory, and GitHub Actions to build awesome software. The first in the series was building a custom GitHub Action and this week we’ll continue that by building Go apps. Last year we added support for Go…

How DevOps Empowers Maslow’s Hierarchy of Needs 2.0

January 15, 2019

We're all familiar with Maslow's Hierarchy of Needs. Our most basic human requirements like food and water are at the base, and the pyramid moves upwards into ever-maturing needs like community, social interaction, self-worth and creativity. The progression inherently makes sense to all of us, and we identify with it as human beings across cultures…

Accelerate Azure DevOps or TFS with JFrog Artifactory and NuGet

January 10, 2019

Azure DevOps is the evolution of VSTS (Microsoft Visual Studio Team Services), which is also known as VSTS, support continuous integration/continuous deployment (CI/CD). Alongside support for Maven, NPM, Docker, and Generic builds, the JFrog Artifactory Extension for Azure DevOps and Team Foundation Server TFS has just been improved to support the NuGet package type. This…

Dare to Be an Artifactory Debian Devil

January 9, 2019

JFrog Artifactory supports Debian repositories covering the full lifecycle of your Debian packages to manage development, vulnerability analysis, artifact flow control and distribution. In this blog, you can review our most up-to-date features specially developed for the Debian community including the cool features that may have slipped under your radar. 9 reasons why you should…

Using the JFrog CLI with GitHub Actions

January 7, 2019

NOTE: This blog describes features and functionality that have been deprecated by JFrog and GitHub since the original publish date. This entry remains active for reference only. For more information on JFrog CLI, please visit the JFrog CLI User's Guide. Over the coming weeks, we’ll release a series of blog posts on how you…

Herd Trust Into Your Rancher Labs Multi-Cloud Strategy with Artifactory

January 2, 2019

DevOps engineers have grown so reliant on the power and scalability of Kubernetes (K8s) clusters that one server platform can seldom accommodate them all. More and more enterprises now run their containerized applications in clusters across multiple platforms at once, in public clouds and on-prem servers. That can fuel a chaotic stampede in an enterprise-class…

KubeCon US 2018 Experiences

December 31, 2018

“Kubernetes is now very, very boring” or at least that is what Janet Kuo proclaimed in her keynote. She clearly meant that Kubernetes is now a stable platform and a lot of companies are running their day-to-day operations on it. I certainly wouldn’t use “boring” to describe KubeCon + CloudNativeCon 2018 US in Seattle. As…

Security is Hard. Let’s Make It Harder.

December 27, 2018

We all know that data breaches are horribly expensive for enterprises, whether due to direct costs of remediation, or from collateral costs due to lost customers, excessive support tickets, etc. This report from McAfee estimates that the global cost resulting from cybercrime will reach $600 billion in 2018. What you might not have known is…

Looking Up: 4 Technical DevOps Predictions for 2020

December 21, 2018

Very soon, we won’t have to look to the heavens to predict our fortunes. By 2020, says a study by IDC, there will be as many bits in the world’s accumulated data and binaries as there are stars in the universe. It will be these 44 zetabytes (44 trillion gigabytes), doubling every two years, that…

Get Critical Insights About Security Vulnerabilities Directly in Visual Studio

December 17, 2018

The JFrog Visual Studio extension was created to allow the developers an easy integration with JFrog tools from within their Visual Studio environment. The extension provides you with critical insights about the licenses and security vulnerabilities JFrog Xray identifies in the NuGet packages used in your projects. With this extension, developers using Visual Studio can…

The “Function” Package - Setting a Standard for Serverless Application Packaging

December 12, 2018

Reposted from the original which was published on the CNCF blog What's in a function Creating serverless applications is a multi-step process. One of the critical steps in this process is packaging the serverless functions you want to deploy into your FaaS (Function as a Service) platform of choice. Before a function can be deployed…

JFrog KubeXray Extends Deep Scanning Security to Kubernetes Runtime

December 11, 2018

Most security measures are designed to keep gremlins from getting loose. Identifying an application’s risks early means you can prevent or limit its deployment into your system. With that knowledge, any gremlins in your containers that might do damage can be safely kept behind the fence built by your policies. But what can you do…

Java 11 Licensing: What You’re Really Asking

December 6, 2018

There’s a bit of confusion in the market around Java 11 licensing, so it seems appropriate to share some thoughts and hopefully add some value by saving you the research. Disclaimer before we get going: of course, consult your legal and compliance teams before you make any decisions around Java 11 adoption or distribution. First…

It’s a Wonderful DevOps Life

December 4, 2018

In Frank Capra’s 1947 film, “It’s a Wonderful Life,” George Bailey wishes in the depths of his despair that he had never been born. So an angel shows him what that world would have been like. I sometimes feel the need of an angel, too. Not for the same reasons, of course. Our enterprise customers…

5 Signs You Need JFrog Enterprise+

November 19, 2018

The JFrog Enterprise+ platform we launched at swampUP last May really caused a stir in the industry heralding the liquid software revolution of continuous updates. The amount of interest and inquiries it generated shows that the platform truly addresses the pains that large enterprises are having in the end-to-end management of their binaries. But with…

JFrog Gives You DevSecOps in the Cloud, for the Cloud

November 27, 2018

You may have seen that we recently released a new version of JFrog Xray, along with releases of Mission Control and Artifactory. But one thing we’re super excited about is that this release train showcases that Xray is, for the first time, available in a pure cloud, SaaS model. Now you get to enjoy all…

Fearless Updates with JFrog Enterprise+: A Step-By-Step Demo

November 14, 2018

The JFrog Enterprise+ platform gives you a complete pipeline to control the flow of your binaries from build to production. Managing your software deployment end-to-end. The following screencast demonstrates a complete workflow from managing your JFrog services all the way to creating and securely distributing release bundles to target destinations. All part of the Enterprise+…

JFrog Xray Drills Deep Down into Your Docker Images

November 7, 2018

JFrog offers an end-to-end Docker security scanning solution covering the full lifecycle of your Docker images to manage development, vulnerability analysis, license compliance, artifact flow control, and distribution. JFrog Xray has access to the wealth of metadata Artifactory stores. Combined with deep recursive scanning, it puts Xray in a unique position to analyze the relationships between the…

Raising Helm – to Enterprise Scale

November 6, 2018

Reposted from the original which was posted on the AWS Open Source Blog TL/DR: Package managers in general are awful, but Helm, the package manager of Kubernetes, is… not bad at all. Of the seven deadly sins of package managers, Helm commits only two, and these are easily fixable. We’ll be explaining how below. We aren’t…

Accelerate Azure DevOps or TFS with JFrog Artifactory and Conan

October 29, 2018

For some C/C++ developers, working within the structure of continuous integration can be an awkward transition. Running a CI server and the supporting tools to resolve dependencies, share packages, and manage binaries may be unfamiliar, and getting them to work together well can be challenging. C/C++ Continuous Integration Challenges Microsoft’s Azure DevOps (formerly known as…

JFrog & Harness - Don’t Get Bogged Down with Continuous Delivery

November 1, 2018

Harness, a company that provides a Continuous Delivery as-a-Service platform, automates CD with machine learning and security. In this guest post, Stephen Burton, VP Marketing offers a primer on how customers use Artifactory, XRay and Harness together to accelerate Continuous Delivery. This post, also published on Harness.io, has been lightly edited from the original to…

Cluster Management Made Simple with JFrog Artifactory and HashiCorp Nomad

October 23, 2018

Many new technologies are laser-focused on cloud-native applications and architectures. However, not all applications are there just yet. Someone only reading trade press, may get the idea that all applications are there. The reality is that applications continue to take many forms, and will for a long time to come. It is refreshing to learn…

Managing Security Entities with JFrog Access

October 21, 2018

The Unsung Hero of Your Binaries’ Security JFrog Access is the sentinel that manages authentication and authorization for all JFrog services. Packaged and installed together with JFrog Artifactory, Access keeps your binaries secure by making sure that only authorized users can access them. And then, those that do access your binaries, can only do what…

Five Ways to Meet Deadlines When Developing with NPM

October 15, 2018

Node.js has risen to be the most popular development technology in use today. Don’t take my word for it, you can look at Stack Overflow’s 2018 survey. And if that’s not enough for you, pop into www.modulecounts.com and see how packages in public open source npm registries outnumber those from any other technology by a…

Two Models for DevOps - Rockets and Airplanes

October 2, 2018

More and more, agile enterprises require software development to function at supersonic, even interstellar speeds, turning around changes fast, yet safely. DevOps pipelines offer the best way, but what will you really need to fulfill that promise? Having a good way to understand the impact of CI/CD processes, and the role that container technologies like…

Tips and Best Practices for Developing with Artifactory on GCP

September 27, 2018

Hosting infrastructure on cloud-based services is becoming a standard in the tech industry. This comes as no surprise as multifaceted solutions for efficiency are the driving advantages of moving to the cloud. More specifically, some of the reasons that leave cloud solutions at an advantage include flexibility, cost and easier maintenance, allowing the team to…

The Unpleasant Surprises of OSS License Changes and How to Avoid Them

September 26, 2018

Three weeks ago a popular JavaScript tool Lerna underwent dramatic turmoil. One of the original founders and maintainers of the Lerna project suggested changing the license from the ordinary MIT to “MIT with personal exceptions” in effort to prevent certain software companies, including Microsoft, Amazon, Apple, LinkedIn, Walmart, Target, Tesla, Xerox, Dell, and others, from…

Automation Using Webhooks in JFrog Artifactory

September 25, 2018

You (probably) already know that Artifactory, as your repository manager, plays a vital role in your CI/CD pipeline by bridging the gap between development and operations. Now, we’re giving you the option to use webhooks with Artifactory to automate your processes even further. Read on... First, what are webhooks? In the most simple terms, a…

Fully Automated Promotion Pipelines with SonarQube and Artifactory

September 20, 2018

This blog post is co-authored by Jonathan Roquelaure of JFrog and Fabrice Bellingard of SonarSource, and co-posted on the SonarSource blog Our previous blog post showed how to connect Artifactory and SonarQube to help make better decisions when it comes to deploying or delivering good quality software. With a pretty simple script added to your…

Cloud Is Not a Binary Decision

September 18, 2018

To cloud or not to cloud? That isn’t really the question anymore. In choosing a public cloud service, many businesses are finding that instead of just one cloud, they prefer a crowd. Enterprises face a dizzying array of choices in how to host their IT infrastructure, to find the best combination that matches business needs.…

Jenkins X: Code to Production at High-Speed

September 17, 2018

NOTE: The Artifactory Jenkins X enhancement has been deprecated and is no longer being maintained. Read more about the Jenkins Artifactory Integration >> Following another year of successful Jenkins User Conferences (JUC) in France and Tel Aviv, bringing the Jenkins community together for one packed day full of announcements, this year the big news was…

You Have Docker - But Are Your Docker Registries Highly Available?

September 12, 2018

With Docker continuing to gain traction in production systems, and widespread use in pre-production, a company’s Docker registry can be central to its operations. This post explains how a high availability Docker registry can help companies avoid the enormous expense incurred when mission-critical systems go down. The Cost of Downtime Downtime is extremely costly, and…

Discoveries and a Release Management Plugin from JFrog

September 11, 2018

This is a repost of the original that was recently published as a guest post on the Atlassian blog. My time at Atlassian’s Bitbucket Cloud Dev Week proved to be very fulfilling, and not just for the cool code we produced. I’m excited about that too, of course. Using Bitbucket Cloud’s V2 APIs, I was…

Is Your Helm 2 Secure and Scalable?

September 6, 2018

Recently Rimas Mocevicius, a Kubernaut at JFrog and co-founder of Helm, spoke at our recent JFrog Helm meetup about the security issues relating to Helm 2 and offered an elegant workaround to secure your k8s cluster. Tiller Poses a Potential Security Threat In Helm 2, a new server-side component called “Tiller” was added. Tiller is…

Get Your License Compliance Reports with a Click of a Button

September 5, 2018

When releasing software, one of the key aspects you need is ensuring that you’re compliant and safe from any legal risks. Our previous blog post on DevOps and Compliance described how compliance can be a seamless part of the DevOps workflow in your organization. This blog post will address the way your company is enforcing…

5 Reasons You Should Be Using JFrog CLI

August 30, 2018

JFrog CLI is a useful compact client, which was developed in order to enhance and simplify command line interactions with JFrog products. In this blog post, I will present 5 reasons why you should be using JFrog CLI, and the most common use cases where it comes in handy with your Artifactory repository manager. Reason…

Gain Code Insights with JFrog Artifactory and Atlassian Bitbucket

September 4, 2018

At the 2018 Atlassian European Summit in Barcelona, Atlassian introduced a new UX in Bitbucket Server that empowers developers to be more productive. Called Code Insights, it gathers information from across the DevOps toolchain into Bitbucket’s pull request experience. On the heels of this news, JFrog is announcing a new integration that brings critical data…

Reusable Cloud Infrastructure as Code with Pulumi and JFrog Artifactory

August 29, 2018

This guest post is submitted by Chris Smith of Pulumi and is co-posted on the Pulumi blog. Pulumi enables you to specify cloud infrastructure with code. This empowers you to program the cloud in your favorite language, and benefit from useful and familiar features of coding like static analysis, type checking, IDEs, and more. One…

How to Achieve Fully Traceable Builds with Drone

August 28, 2018

A build without build-info is like a black box. You don’t know what’s in it, what dependencies it uses, who created it, when it was created and with which tool. And then there are properties, tags and a host of metadata that gives the build its identity. Without build-info, your build is essentially useless. The…

Drive Your Data Flow Pipeline to Production Using Artifactory Conda Repositories

August 23, 2018

Over the past decade, there has been an immense data explosion. Most companies use analytics data collected over months, weeks, or even days for business decisions and can respond to changes minute by minute. To do this real-time analysis and data mining, data scientists, data analysts, and software developers use Conda, as their open source,…

Accelerating C/C++ in IoT with Conan and Resin.io

August 20, 2018

With Conan and resin.io you can rapidly prototype and build your IoT tool reducing your C++ management pains. Creating C/C++ apps for IoT devices is always challenging. It requires setup of the compiler and toolchain to cross-build for the embedded architecture, managing dependencies of the app, and deploying it in a wise way. Conan takes…

Top 10 Reasons Why You Need JFrog Enterprise+

August 16, 2018

More and more companies rely on software to provide value to their customers through product or service updates, websites, mobile apps and more. Whether large or small, these companies can be in any industry segment such as financial, retail, manufacturing or healthcare. To keep providing value through software, you need to continuously develop new…

Accelerating Software Delivery in the Cloud

August 14, 2018

So you’ve decided to take your development to the cloud. That’s a smart choice as cloud automation offers the speed and agility businesses need to keep pace with competition and ever-changing market demands. Cloud DevOps tools offer greater flexibility, rapid deployment, reduced IT costs, and low upfront costs with subscription pricing. Cloud-based offerings are a…

12 Reasons You Don't Need Software Artifact Management

August 9, 2018

0. You have no code. If you have a project, which has no code, you don’t need to manage any artifacts. Well, you don’t need CI, you don’t need runtime, all you need is a bug tracker. And Kelsey, thank you again for the fun! 1. You have no users. If your software has no…

You have Docker; Now are your Docker images secure?

August 8, 2018

This is the second blog in our series on Docker. In our initial blog called You have Docker; Now what?, we discussed the reasons for using a universal binary repository when implementing Docker to production with confidence. It’s great that you're using Docker, but managing security vulnerabilities is vital to ensuring your Docker environment is free…

Delivering Shift-Left Security with NeuVector and JFrog Xray

August 1, 2018

Bringing Kubernetes app security insights to developers This post is co-authored by Craig Peters of JFrog and Henrik Rosendahl of NeuVector and is also cross-posted on the NeuVector blog. Kubernetes, the container and orchestration tool favored by enterprises, provides great benefit in automating many aspects of application deployment at scale. But, like any emerging technology,…

Cloud CI/CD with Visual Studio Team Services and the All New JFrog Artifactory Extension

August 6, 2018

JFrog Artifactory is well acquainted with Visual Studio Team Services (Azure DevOps) and Team Foundation Server (TFS) and has provided integration to these Microsoft DevOps tools for quite some time. And as these technologies have moved forward, so has JFrog. Out with the Old, In with the New We’re THRILLED to announce the all new…

You have Docker; Now what?

July 26, 2018

Almost all organizations developing software today use Docker. However, there are some that still don’t have confidence to take Docker to production. Let’s take a closer look at two main challenges behind this hesitation, which are visibility into the Docker images and where/how they are managed. Challenge 1: What’s in your Docker images Docker images…

Xray Policies: Govern Your Software Supply Chain with Ease

July 25, 2018

In modern software, there are many important aspects to governing software. You no longer only care for the quality of your own code, but also care for the quality, security, integrity, legal and other aspects of the open source packages that you use. The knowledge of how to handle the risks in these quality domains…

DevOps and Compliance; A Match Made in Heaven

July 23, 2018

Like the Borg in Star Trek, compliance can strike alarm in one’s heart. And resistance is (for the most part) futile because regulations are just another component of doing business. In any organized civil society, we’re all required to comply with rules of one sort or another. Sometimes those rules and regulations really are burdensome.…

From Code to Cloud with JFrog Artifactory and Azure AKS

July 19, 2018

Our Kit Merker, VP of Business Development, recently made a guest appearance on the Azure Friday show on Microsoft's Channel 9, showing how to use JFrog Artifactory as your repository manager with Azure and the importance of a Kubernetes Registry. Kit demonstrated the seamless flow from code to cloud, that includes JFrog Artifactory and DevOps…

Twistlock and JFrog Steer the Container DevSecOps Seas

July 16, 2018

Twistlock and JFrog have partnered to provide continuous scanning and security for your builds. Twistlock directly integrates with JFrog Artifactory, which provides a fully automated Docker promotion pipeline for maintaining your Docker registries. What is Twistlock? Twistlock is a versatile security solution that works well with the Kubernetes container orchestrator and integrates smoothly with JFrog…

Smart, Metrics-Based Release Management with SonarQube and Artifactory

July 9, 2018

Some of the most important decisions a release or build manager has to make are whether to promote builds through the CI pipeline. To make these decisions smart and qualified, quality metrics are needed to point out problems in the builds. But sometimes, the problems are at the source, and to detect those problems, you…

Accelerate R Package Development with Artifactory CRAN Repositories

July 10, 2018

'R' You Ready to Take the Leap? R is the leading statistical language used for statistical computation and graphics used by data scientists and data analytics to extract meaning from data. The Comprehensive R Archive Network (CRAN) serves as the package manager for R providing easy package install, the option to store multiple versions and…

What To Think About When Thinking About Onboarding Artifactory

June 27, 2018

If you’re reading this, you have probably decided to add Artifactory into your Software Development Life Cycle (SDLC) / CI and would like to understand the key points to consider for implementing this integration. In this blog post, we’ll review the high level aspects you should address when introducing Artifactory into your environment and CI/CD…

Containerize Node Microservices Using Atlassian Bitbucket Pipeline and JFrog CLI

June 21, 2018

Did you know? Atlassian provides tools to help development teams more effectively collaborate and deliver software fast. Atlassian introduced Bitbucket Pipelines in 2016 to automate continuous integration in a seamless way with the git repository. As Bitbucket Pipelines has matured we’ve seen more of our customers taking advantage of its ability to easily integrate CI/CD…

Latest Helm Chart Enhancements from JFrog

June 20, 2018

Google introduced Kubernetes (k8s) as an open-source container-orchestration system for automating deployment, scaling, and management of containerized applications less than four years ago. Since then it has been gaining rapid popularity. Today, it is being used in a number of vendor solutions including Microsoft for its Azure Kubernetes Service (AKS), Mesosphere for its DC/OS, Pivotal for its…

From Git to Cluster with JFrog Artifactory and Azure Kubernetes Service (AKS)

June 13, 2018

Securing the Flow of Software with Azure Kubernetes Service and JFrog Artifactory Thanks to the hard work of an amazing community, Kubernetes has become the standard container orchestration system. JFrog is thrilled to be a part of this growth by enabling DevOps teams to release software faster and more efficiently; and today, we’re excited to…

Scale your Development Experience by Migrating any Container Registry to Artifactory

June 12, 2018

With the range of available package formats developers have to work with today, the complexity of managing and maintaining these tools is continuously growing. JFrog Artifactory is a universal artifact manager that supports all major package formats, that fits in with virtually any development ecosystem - including Docker environments. For an enhanced experience working with…

10+ Reasons to Use Artifactory as your Docker Registry

June 12, 2018

There are so many good reasons to use Artifactory as your Docker registry: The recently-released Package Viewer emphasizes the most relevant metadata with the look and feel of a native Docker registry JFrog CLI lets you build Docker images with exhaustive build information and upload them to Artifactory JFrog Xray will do a deep recursive…

Deploy JFrog Artifactory High Availability Using Azure Resource Manager Templates

June 7, 2018

Why Use Microsoft Azure Services? Microsoft Azure services is used by many companies and government agencies for their software development and hosting infrastructure needs. Development teams can quickly set up and dismantle development environments and IT operation teams can quickly host their production software. It helps to avoid complexity and expenses in procuring and managing…

Artifactory: Your NPM Registry for Bit

June 6, 2018

We’re always excited to see the different ways Artifactory gets used. Bit (bitsrc.io) is a platform built to increase code reuse and reduce the overhead around it. It lets you isolate “bits” of Javascript source code from existing projects, share them with your teammates and the developer community, and use them as NPM packages by…

Use JFrog Artifactory to Deliver Software with Confidence to AWS EKS

June 5, 2018

AWS is launching the Amazon Elastic Container Service for Kubernetes (Amazon EKS) and is announcing JFrog as a proud integration partner. Over the past year, it seems that even companies that weren’t in the first phase of Kubernetes adoption are now joining the party. JFrog has been a key part of the container movement, launching…

swampUP 2018, RELOADED

June 5, 2018

If I had to summarize swampUP 2018 in one word, it would be “opportunity”. It was an opportunity to hear about the latest developments in DevOps and learn what the future holds from industry leaders in the biggest companies such as Google, Amazon, Microsoft and Netflix. It was an opportunity to share knowledge and experience…

Artifactory Docker Registries Feel Like Home

May 30, 2018

As a Universal Repository Manager, Artifactory supports all major package formats in common use today. That’s 23 (!) different formats, with more on the way. Being universal is great. It means that Artifactory fits in with virtually any development ecosystem. But this also comes with a cost. Each package format is constructed differently with…

Kubernetes Registry for Azure Container Instances (ACI)

May 28, 2018

What is an Azure Container Instance? Microsoft Azure Container Instances (ACI) offers users a fast and simple way to deploy container applications in the cloud without provisioning virtual machines or having to adopt a higher-level service. Using ACI, you can scale and orchestrate operations by deploying a Docker container that pulls a Docker image from…

Manage Your Docker Builds with JFROG CLI in 5 Easy Steps!

May 24, 2018

JFrog CLI is a useful client that provides a simple interface that works smoothly with JFrog Artifactory and Jfrog Xray. The simplified CLI commands enable you to create readable automation scripts that are easy to maintain, efficient and reliable. From version 1.14.0, JFrog CLI has extended its support to manage Docker builds, in addition to its…

Leap into the Universe of Fearless Updates

May 17, 2018

Most of us work in a modern company whose survival depends, amongst other things, on how quickly we can release and update software. One might argue that this is only true for technology companies, but in reality, whether you are a financial, retail, manufacturer or healthcare company, you’re probably developing software to maintain your products,…

Set Up Your JFrog Services in No Time!

May 10, 2018

JFrog Mission Control provides an easy way for JFrog administrators to set up, manage and monitor their Artifactory & Xray services using Configuration Scripts. Additional support, including Jenkins, will be available soon. Configuration scripts are written in Groovy and can be applied to one or more service at a time to perform a variety of…

Running an In-house Go Registry with Artifactory

May 2, 2018

Updated on January 31, 2019 to reflect the current state of the technology and JFrog support for Go. The need for a Go registry Since its inception over eight years ago at Google, Go has emerged as one of the most popular languages used by developers and DevOps today, so much so that it was…

SUSE and JFrog Accelerate Cloud Native Development for the Enterprise

May 1, 2018

Oh the things you can find, if you don’t stay behind! (On Beyond Zebra!, by Dr. Seuss (1955)) It’s time to get Enterprise class Kubernetes to run your applications. SUSE enables organizations to accelerate app development by providing a platform that streamlines lifecycle operations for traditional and cloud-native technologies. SUSE enables you to deploy, manage,…

Deploy JFrog Artifactory in Canonical Distribution of Kubernetes

May 1, 2018

This blog post is co-authored by Craig Peters of JFrog and Stephan Fabel of Canonical. A free-to-use rapid way to deploy Kubernetes (k8s) is a critical building block for accelerating development team’s adoption. The Canonical Distribution of Kubernetes (CDK) delivers a pure experience across a wide variety of cloud infrastructures. This enables enterprises to rapidly…

The 3 Kubernetes Essentials: Cluster, Pipeline, and Registry

April 26, 2018

This blog post is co-authored by Kit Merker of JFrog and Raziel Tabib of Codefresh, and is co-posted on the Codefresh blog. OK, so you’re adopting Kubernetes. Good choice. There is a dizzying array of good options to get a Kubernetes cluster up and running. But once it's there, how do you actually get…

JFrog Artifactory and ElectricFlow Accelerate Time to Market

April 25, 2018

JFrog and Electric Cloud have partnered to help customers accelerate software delivery, increase release quality, reduce delivery costs, and provide higher reliability and traceability to better compete in the market. Electric Cloud has developed a plugin that integrates JFrog Artifactory’s universal artifact repository manager that supports all major package formats (20+ languages) with their DevOps…

Use Terraform to Easily Manage Your Artifactory Infrastructure

April 24, 2018

Cloud-based solutions offer an abundance of opportunity to deliver potential game-changing possibilities for businesses. Your business can now deliver software at greater speed, and at a reduced cost. Cloud Deployment Challenges The Cloud is the way to go, but a cloud solution can be challenging when considering the various options available to you such as,…

Artifactory Cloud: Your Powerful DevOps Solution on AWS Marketplace

April 23, 2018

Increase software delivery and quality Gain universal support of development languages & DevOps tools Easily make Artifactory your Kubernetes registry You now have the freedom to use JFrog Artifactory. The most popular DevOps tool that was only available directly through JFrog, but is now available on the AWS Marketplace. The new offering is called JFrog…

swampUP 2018: A Technical Titan of a Conference

April 20, 2018

Have you heard about swampUP? If you’re not familiar with swampUP, then you have come to the right blog post. I’d like to take a few minutes of your time to give you a perspective on what swampUP is, why you should go, and what you can learn. swampUP 2018: What is it? It’s…

I Just Met a DB Called Maria

April 18, 2018

Checksum-Based Storage One of the key and unique features in Artifactory is checksum-based storage in which Artifactory stores an uploaded artifact’s checksum in a database and maps that checksum to the file’s location in storage. Using checksum-based storage optimizes your interaction with packages you upload through deduplication; copy, move and delete operations that happen at…

Relax, Your Binary JFrog Xray Vision is Highly Available

April 16, 2018

JFrog Xray provides continuous security governance and auditing of your software artifacts and dependencies at any stage of the application development lifecycle – build, test, and even production. JFrog Xray 2.0 introduces high availability, bringing even more security and governance to your software packages than ever before. Based on user feedbacks gathered over time, the…

Easily Scale JFrog Artifactory with AWS CloudFormation

April 12, 2018

Many businesses from small to medium companies to large enterprises are using Amazon Web Services (AWS) to host their infrastructure. But creating, keeping track of changes, and managing your infrastructure can be challenging. Replicating your entire stack multiple times for development and testing purposes can be a tedious, error-prone, and time-consuming process. AWS CloudFormation makes…

Conan Accelerates Your C/C++ Applications in OpenShift

April 17, 2018

C/C++ applications and build system scripts are monolith in nature. Achieving binary compatibility is becoming extremely difficult as applications include source information from a variety of local and third party sources, targeting a variety of platforms. Even classically monolithic applications may include a complex dependency graph, including transitive dependencies statically or dynamically linked. Another factor…

Gain Trust in Your Software Delivery with JFrog Xray

April 4, 2018

Universal analysis of binary software components has become an integral part of modern software development. This has been triggered by the growing need to trust the software you consume, and by the capabilities that various products offer in this space. JFrog Xray Integration with Artifactory With the release of JFrog Xray 1.12, you can experience…

JFrog @ Jenkins Days

April 2, 2018

Jenkins Days are upon us and JFrog is happy to be participating by sponsoring and giving a talk in both Boston (April 10) and Washington (April 12). Bruce Nguyen, JFrog Sr Solution Engineer, will talk about how "Binary Artifact Management is Crucial for any DevOps Implementation". In this talk he will cover the following topics: Binary…

JFrog Artifactory CE: Your Conan C/C++ Package Manager Repository

March 28, 2018

JFrog Artifactory Community Edition for C/C++ This product gives all the power and flexibility of the Artifactory repository for Conan and generic binaries to the C/C++ world completely free of charge to any software team. As the preferred Conan repository manager, Artifactory Community Edition features similar functionalities as the JFrog OSS edition, while containing support…

JFrog Artifactory: Your Kubernetes Registry

March 21, 2018

Composing software artifacts into containerized Kubernetes apps Containers let you simplify and manage your applications (especially microservices applications) at a level of abstraction from the specific hardware and even the VMs. As we’re seeing, a container orchestration system like Kubernetes lets you create apps and deploy them side-by-side without being concerned about compatibility between the…

JFrog and Google Cloud Platform for Open Source: A Year in Review

March 19, 2018

Open source projects are now influencing software development more than ever before. We are seeing communities grow and innovation being created through open collaboration across company boundaries. Building a community and working across boundaries is not an easy process, so Google and JFrog are working together to ease the way forward. In late 2016 we announced…

Effective Repository Naming Conventions to Help Scale Your Business

March 15, 2018

Why do I need a repository naming convention? How many repositories do I need? What should I call my repositories? These are just some of the commonly asked questions that are asked around the topic of how to get started implementing JFrog Artifactory repository structures and naming conventions. Creating the right repository naming conventions and…

Accelerate Your Finance DevOps Experience with JFrog Artifactory

March 8, 2018

Working closely with top financial services, such as Goldman Sachs, JFrog has gained insight for developing solutions that comply with the specific requirements and regulations facing DevOps teams in financial organizations. Promote Security and Compliance in DevOps To meet the strict regulations of the financial industry, JFrog Artifactory provides an advanced audit trail log feature that…

Protect Your Containerized Microservices on OpenShift Using JFrog Xray

February 19, 2018

In our previous blog, we described how JFrog Artifactory on OpenShift benefits enterprise users when deploying containerized microservices. Now we’ll take it a step further to review the main security challenges facing container content and container registries when developing microservices. We will proceed to discuss how policies are enforced while building and deploying containers on…

Control Your Kubernetes Voyage with JFrog Artifactory

February 20, 2018

Containerized microservices encapsulate a lightweight and consistent runtime environment for your application to run from development to testing to final deployment and production. As the number of containers grow over time, you will need a tool to help launch, track, and manage them. Kubernetes allows you to quickly and predictably deploy your applications using containerized…

How to Debug Docker Registries Like a Pro

February 15, 2018

Everyone is talking about Docker registries, so let’s take a few minutes to talk about how to debug them. Here are a few tools in my toolbox that I can recommend for troubleshooting Docker registries. Docker in Docker Also referred to as “dind”, this official project from Docker offers Docker images for pretty much every…

The Most Exciting DevOps Event of the Year! Are you in?

February 12, 2018

JFrog’s annual swampUP event of the year is here! The DevOps user conference will take place on May 16-18, 2018, in the beautiful Napa Valley. This is your opportunity to network and learn how other DevOps experts leverage JFrog products along with best practices from other DevOps thought leaders who will also be there. This…

Container Optimized Workflow for Tectonic by CoreOS (Now Red Hat)

February 2, 2018

Following our recent blog on Artifactory's integration with OpenShift, you can now deploy your binaries hosted on Artifactory to Tectonic, another major enterprise-ready Kubernetes platform that specializes in running containerized microservices more securely. Artifactory integrates with Tectonic to support end-to-end binary management that overcomes the complexity of working with different software package management systems, like…

JFrog and Valiantys: Partners in DevOps

February 1, 2018

The integration between IT and development is a significant pain point for many teams as they start their DevOps journey. With the introduction of agile methodologies, the need to deploy more frequently and in shorter cycles has increased. Yet, operations struggle to maintain the pace as “new” methodologies can create a bottleneck. Often, these development…

Confessions of a DevOps Frog: Automating Artifactory deployment to Kubernetes is Actually Easy!

January 31, 2018

Last updated on January 2, 2019 In our previous blog post, we described how Artifactory can serve as a Helm repository, and listed the best practices for using your Artifactory Helm repository to store your charts and deploy them to Kubernetes. Now we’ll demonstrate how easy it is to deploy your Artifactory as a single…

GitLab CI and Artifactory: On Your Mark, Get Set, Build!

January 29, 2018

Integrating JFrog Artifactory into your GitLab CI workflow makes JFrog’s ‘Release Fast or Die’ mantra, a living reality. This blog post describes how to integrate GitLab CI with Artifactory not only to resolve and deploy binaries but also to benefit from Artifactory’s Build Integration feature. Publish and manage your packages GitLab CI supports creating multiple builds…

JFrog Artifactory on OpenShift Has Arrived

January 24, 2018

More and more DevOps practices rely on Kubernetes to deploy containerized microservices. However, as an open source project, Kubernetes may not provide all the elements required for an enterprise environment such as business-level support, testing body or guided practices by a reputed entity/company. To address these enterprise requirements, Red Hat released Openshift, which is, essentially,…

Master Your Helm Chart Repositories in Artifactory

January 18, 2018

Following our initial release of Helm Chart repository support in Artifactory a few weeks ago, it's time to leap into the fast track and get your Helm repositories up and running. Just a short recap, Helm is the package manager for Kubernetes and helps you manage Kubernetes applications using Helm Charts. Artifactory now natively supports Helm…

npm Packages with JFrog CLI

January 15, 2018

JFrog CLI is a compact and smart client that provides a simple interface and greatly simplifies working with JFrog Artifactory. The simplified commands enable you to create readable automation scripts that are easy to maintain, efficient and reliable. From version 1.13.1, JFrog CLI has extended its support to include npm packages, in addition to its…

JFrog's Profile Grows Alongside its Enterprise Business and Offerings

January 17, 2018

Analyst: Jay Lyman 21 Dec, 2017 JFrog has grown its enterprise business with its flagship artifact management software, called Artifactory, as well as additional, integrated components centered on software distribution, security and large-scale DevOps implementation. Nearing 10 years in business, the software artifact and release process automator has built an impressive stable of large…

Conan 1.0. A Commitment to Stability

January 11, 2018

Conan joined JFrog towards the end of 2016, and we immediately embarked upon a journey to empower the C/C++ community with sound DevOps practices. Conan repositories were soon introduced to Artifactory giving C/C++ developers secure, private repositories to host their Conan C/C++ packages with fine-grained access control, automatic layout and storage for all platforms configured…

Your Enterprise Grade Helm Chart Repository with JFrog Artifactory!

January 2, 2018

With the 5.8 version release, JFrog Artifactory now natively supports Helm Chart Repositories, giving you full control of your deployment process to Kubernetes - the leading open-source orchestration platform for automating deployment, scaling, and management of containerized applications. JFrog fully supports deploying Artifactory to your Kubernetes cluster to serve as a universal repository manager for all…

The Best Ways to Synchronize Binaries Between Globally Distributed Teams

January 4, 2018

Distributed software development has become commonplace, especially in large enterprises that have several sites in different locations around the globe. This presents many challenges to ensure that all the development teams work on a coherent and synchronized code base. For example: Ensuring that developers all work with the same version of remote artifacts Ensuring that…

Your HA Installation and Upgrade Process Just Got Easier!

December 28, 2017

The HA installation and setup process has been redesigned to create a simple and even more secure infrastructure for your Artifactory HA clusters. Through the use of a Master Key, Artifactory adds a new security layer that replaces the previously used Bootstrap bundle mechanism, which is now deprecated. JFrog Artifactory handles all configuration and encrypted…

A Journey Into Modern DevOps and Continuous Integration in C and C++ Projects

December 24, 2017

C and C++ continue to be used and favored by many developers in all industries. However, when compared to other languages, C/C++ developers face greater challenges that include: long build times, diverse platforms and ecosystems, different build systems, binary compatibility, code inlining and embedding, and lack of standard for OSS. This featured DevOps.com article…

[Case Study] Supporting Multiple Disparate Tools While Optimizing Storage

December 14, 2017

The Mercedes-Benz brand immediately conjures up images of luxury and quality. We’d all be happy driving one, but beyond luxuries, Mercedes Benz is at the forefront of technology blazing the way forward in the field of autonomous connected cars. At the Mercedes Benz R&D facility in Sunnyvale (MBRDNA) research is conducted to add intelligence to…

Cloud Native CI/CD Pipelines using AWS CodeStar and JFrog Artifactory

December 5, 2017

Want to streamline your DevOps toolchain for a new project on the cloud? Want to manage, store, share, and version binary artifacts? It’s time to explore the composite solution offered by AWS CodeStar and JFrog Artifactory. When deciding to kick off a new project, technology companies and enterprise solution providers often run into walls when…

JFrog Artifactory Cloud Wins the Repository Challenge

December 5, 2017

Exactly one year ago, we launched our joint initiative with Google offering JFrog Artifactory Cloud hosted on Google Cloud Platform for free for selected open source projects. Since then, dozens of projects have been approved, and with the free open source hosting provided by JFrog and Google, are now able to put their efforts towards serving…

Easy CI with JFrog CLI

November 29, 2017

Continuous Integration is one of the foundations of a modern software supply chain. Most organizations wouldn’t consider developing software without one. The problem is that these sophisticated platforms require some expertise to set up and manage and usually require a dedicated server, an administrator and other resources. And to make things more complicated, different development…

JFrog and Kubernetes. Our Cloud-Native Journey Continues

December 4, 2017

Here at JFrog, we are avid users of Kubernetes in our various development efforts and in our different environments. That’s why we’re proud and excited to join the Cloud Native Computing Foundation so we can now also contribute from our technology and know-how. Learn more about our membership in this recent press release. JFrog benefits greatly…

JFrog Mission Control 2.0

November 23, 2017

Global Teams, Scale and Visibility For any product, a version 1.0 release must promise innovation in order to fill a gap or resolve a pain that nobody has addressed yet, otherwise, there is no justification to develop the product. This is what JFrog Mission Control did when it was first released. Mission Control 1.x started…

Google and JFrog Announce Grafeas: A Unified Language for Artifact Metadata

October 12, 2017

Today, Google and JFrog announce Grafeas, a first of its kind open source API that enables comprehensive auditing and governance for your software supply chain. Grafeas standardizes how you store, query and retrieve metadata attached to software artifacts. In particular, it provides rich auditing capabilities and acts as a central source of truth for organizations,…

Your Safe Repositories Just Got Safer with SHA-256

September 26, 2017

Artifactory was uniquely designed from the ground-up to optimally manage binaries with the capability to efficiently support packages in any format. One of the key features enabling this flexibility is Checksum-Based Storage. While all artifact files are stored and managed in one of the several options for binary storage supported by Artifactory, the files’ metadata,…

[Case Study] Before and After JFrog Bintray: Automating Package Distribution

September 25, 2017

Distributing large amounts of software packages? Interested in automating your distribution process? JFrog Bintray can help you make it happen. This case study will take you through James Ward’s personal journey of developing an automated process for on-demand deployments of WebJars, that are created, distributed and available within the community. His WebJars project was made…

Use File Specs in your CI/CD To Get Full Control of Your Artifacts

September 12, 2017

Getting creative with how you manage your artifacts in JFrog Artifactory? It's time to get familiar with File Specs. File specs allow you to specify the files you want to upload and download to and from Artifactory with a simple configuration. With only 2 mandatory fields, source (referred to as pattern) and target, you can…

The ABCs of Distributing Android Libraries

September 4, 2017

Bintray’s central repositories, JCenter and Conan-Center, are binary hubs for public OSS Maven and Conan (C++) packages respectively. They offer a great channel to distribute your public OSS packages. Having been around for a while, JCenter has become one of the most comprehensive sources for public OSS Maven packages, and is the channel-of-choice for many…

Vulnerability Detection For Your CI/CD Pipeline with JFrog Xray

August 30, 2017

My previous blog post talked about discovering vulnerabilities in your dependencies directly from within your IDE. However, sometimes this approach discourages the developer from doing their work and consequently reduces their productivity. Let’s take a look at how you can continue to detect vulnerabilities, as early on in the CI/CD process as possible, without interfering…

Real-Time Security Notifications at Your Fingertips with IntelliJ IDEA

August 14, 2017

JFrog has just made it even easier to identify securities and vulnerabilities in your dependencies directly from within your IntelliJ IDEA. This initial version of the JFrog IntelliJ IDEA plugin provides you critical insights as early as in the development phase, making it even less likely for vulnerable components to ever reach production. Through this…

Leap Forward and Be Proactive with DevOps Insights

August 3, 2017

Today, companies are adopting modern DevOps tools and practices at a rapid pace to increase high-quality software throughput and reduce inefficiencies (or as we call them, leaks) in the software development and delivery process. However, in most cases, there are very few metrics to prove that these DevOps-enabled pipelines are really performing better. So how…

Managing Software Updates “the DevOps Way”

August 2, 2017

At a recent DevOps event I attended, I spoke to some members of the DevOps team in one of the largest US banks. The discussion centered around patches and software updates in a Dockerized environment with many files and microservices. It didn’t take long to pinpoint their pain. “How do you manage software updates in…

Artifactory Enterprise. First-Class Artifact Management. Globally. At Scale

July 24, 2017

An Artifactory Enterprise license opens up a variety of unique and advanced features that offer solutions to real-life problems that global enterprises encounter. We document these features, and write blog posts and white papers about them, but being a community-driven company, there’s nothing quite like seeing people actually using these features in the field as…

Embracing DevOps and CI in C/C++ with Conan and Jenkins

July 17, 2017

This featured Jenkins blog post will show you how it’s now possible to implement DevOps best practices for C/C++ using Conan the C/C++ package manager, Jenkins CI, and JFrog Artifactory. Also included are code samples demonstrating how to define your own pipeline scripts to adapt to your specific workflows, using Jenkins Pipeline, Conan and JFrog…

Content-Driven Component Analysis

July 17, 2017

JFrog Xray was first released one year ago. Our first post about it highlighted what makes Xray more than just another security scanning tool. Over the last year, we have introduced more differentiating features like download blocking, integration with more security vulnerability providers like Aqua Security, BlackDuck, and integration with your CI/CD pipeline to keep your builds…

Monitoring and Optimizing Artifactory Performance

July 6, 2017

As Artifactory usage increases, its resources can gradually become depleted, causing hiccups or hits in performance. When usage increases, so does the importance of monitoring your system and its historical data. Monitoring usage patterns is an essential first step to optimizing Artifactory and ensuring its stability. Here, we would like to share with you some…

Artifactory 5.4: There’s More to it than Meets the Eye

June 28, 2017

In our product releases, we like to make a splash with the latest new features. Usually, these are features that you access through Artifactory’s UI or its REST API. Not this time! This time, the most significant addition to Artifactory 5.4 is invisible (well, sort of). I say “invisible” because outwardly, there’s no change in…

Clean Up Your Git LFS Repositories with JFrog CLI

June 20, 2017

Git has become an industry standard for source code control. However, it is not designed to store binary files efficiently, and storing large binary files in a Git repository can quickly inflate it, making it sluggish to respond. This is where Git LFS comes into play. Git LFS is a Git extension designed to accommodate…

Track Your Resource Allocation Globally

June 8, 2017

The recent release of JFrog Mission Control v1.11 has opened up a new dimension in the management of your global artifact workflow. For the first time, Mission Control lets you track and monitor how your resources are being used with the new Storage / Artifact Usage graph. Knowing how much storage the Artifactory instances you…

Increase your package visibility, the social way!

February 2, 2014

So, your binaries are hosted on Bintray and you are watching your package download stats grow. It's time for a boost! Two great new features online today; they might be small but they are powerful in spreading the word about your packages, or packages you like. The Latest Download Image Add a Download Link badge…

Speed Up Your Gradle Builds with JFrog Artifactory

June 7, 2017

Gradle introduced a cool built-in feature that lets you cache task outputs. Why is this cool? Because it reduces build time. How? By sharing the output of Gradle tasks between machines, subsequent builds are accelerated since they can reuse those outputs instead of rebuilding them. Now, this is where it gets even cooler. This feature…

Don't Let the Maven Deploy Plugin Trip You Up

June 1, 2017

Apache Maven is a commonly used build tool. It has many cool features such as default processing steps that are included out of the box, and is particularly good for compiling and packaging Java code. But this blog post is not an introduction to Maven. There are plenty of great books that provide that, and…

Time is of the essence: Make an impact using Firehose Events

May 25, 2017

Have you ever experienced the drive you get when you act on a sudden opportunity that really makes a valuable impact on something? On the other hand, have you ever experienced the disappointment of a missed opportunity? Let’s face it, every user action can be translated into a short window of opportunity that requires our…

JFrog Bintray Adds Support for Conan C/C++ Repositories and Launches Conan-center Managed Central Repository.

May 25, 2017

We are very excited to announce support for Conan repositories on JFrog Bintray, the Universal Distribution Platform. Currently serving more than 2 Billion downloads per month, Bintray offers developers the fastest and most reliable way to publish and consume software releases. In addition, JFrog will soon launch conan-center which will become the central public repository for…

Like C/C++ Development with Visual Studio? Like it Better with Conan.

May 15, 2017

Microsoft’s announcement of a Vcpkg was the dawn of a new era in package management for millions of developers using Microsoft Visual Studio for C/C++ projects. But while it’s great for retrieving and building OSS libraries from sources, it has limitations when trying to build user projects. Limitations such as the inability to manage (building,…

Why OpenMRS Migrated from Sonatype Nexus to JFrog Artifactory and Bintray

April 30, 2017

OpenMRS, the collaborative open source project to develop software that supports the delivery of healthcare in developing countries, recently announced that they have migrated from using Sonatype Nexus and Maven Central to JFrog solutions Artifactory and Bintray. “It all worked out great and we did not hear about any single issue from developers after the…

Enterprise Level Access Control with Keys and Entitlements

June 9, 2015

“Private repositories”, “Teams and Organizations”, “Permissions”..., sounds like that’s all you need to provide secure private downloads. Well, not quite. Those are great features that fit the bill if your consumer is a Bintray user. But what if she isn’t? Well, then there are signed URLs. Those should do the trick. Just sign your file…

Love Your Logs. It Pays Off

May 9, 2017

“My Artifactory won’t start”; “I see some lag”; “My artifacts are missing”; “I get issues when Jenkins tries to pull/deploy artifacts”; “I am getting 404 / 401/ 403/ 500 /409” … These are just a few of the common issues I hear from our customers. Very basic issues; right? We can triage them in a…

[White Paper] PHP Composer: 9 Benefits Of Using A Binary Repository Manager

May 8, 2017

PHP development has become one of the most popular platforms for client and server side web development. Each framework used for PHP development has its own set of advantages, but they all use PHP Composer to manage dependencies, alongside Packagist as the central repository. PHP Composer may be able to find the right packages for…

AQL and JFrog CLI: A Match Made in Heaven

May 4, 2017

One of the big advantages of running builds using JFrog Artifactory is the exhaustive build information that is created by many sources and used within your organization. However, as your organization continues to grow, efficiently leveraging and managing this amount of data becomes critical. It is very easy to simply use up valuable storage space…

OpenShift with Artifactory: A Powerful PaaS with a JFrog Stack

April 27, 2017

If you’re containerizing, cloudifying, and doing DevOps, you want your tools to work together nicely so you don’t have the headache of managing infrastructure. We are making it even easier to make your enterprise-grade devops environment work great with JFrog Artifactory on OpenShift - Red Hat’s container platform based on Kubernetes. Because you can run…

Closing the Release Velocity Gap with Datical and Artifactory

April 25, 2017

Many companies have already made the transformation to agile development methodologies and proudly show how they’ve managed to shorten their application release cycles significantly. But there’s one place where companies often falter in the process: their databases. They can’t update their database implementations as quickly as they update their applications creating a release velocity gap.…

Fully Reproducible Builds with CircleCI and Artifactory

April 24, 2017

Most of you are probably familiar with the following scenario. You build an NPM package using CircleCI using dependencies that are fetched from the public NPM registry. Suddenly, you discover that your package contains a major bug! You need to quickly rollback to the previous version, but discover that one of the dependencies from this…

What Makes a Dashboard “Premium”?

April 16, 2017

Once you’ve uploaded a package to Bintray, the one thing you want to see, more than anything else, is downloads. Without downloads, your package is like the proverbial tree that falls down in an empty forest, the proverbial sound of one hand clapping, the ... well, you get the picture. Bintray is happy to give…

Infrastructure as Binaries with Chef and Artifactory: Five Best Practices

April 20, 2017

Infrastructure as Binaries became a reality several weeks ago when we announced that Artifactory supports infrastructure management platforms such as Chef. Both we, here at JFrog, and our infrastructure champions at Chef, believe that establishing a canonical Artifactory repository for all artifacts used in a company’s infrastructure such as Ruby Gems, NuGet packages, RPMs,…

Best Practices for Installing JFrog Xray

April 4, 2017

JFrog first released Xray in July 2016, and the response was phenomenal. Customers were very excited about the ability to hook up their Artifactory repositories and have Xray automatically do a deep recursive scan of their artifacts to weed out issues and vulnerabilities. Now, after several months, with the diverse experience and feedback from the many customers…

Collaboration is the Key to Scaling Development

March 30, 2017

When you’re building a DevOps environment, no single tool will solve all your problems. There is no magic silver bullet to streamlining your engineering team and shipping faster. There are many pieces that need to work together seamlessly to create a repeatable system for releasing high quality, high value software to customers. In fact, the…

A Cloud Platform for Defragging Devops

March 23, 2017

Many software organizations see DevOps as the silver bullet that will streamline their delivery workflow to help them produce software faster than ever before. So they start looking into the tools they will need, and then reality hits like a jab to right cheek. It starts with source control, goes on to CI/CD systems and…

The C/C++ Packaging Paradigm Quandary

March 15, 2017

Should a C/C++ package manager bundle both debug and release artifacts in the same package? Some developers think so because it’s easy to work with these packages by simply changing your configuration. But other developers frown upon this paradigm claiming it is not best practice. They claim that debug and release versions should be packaged…

Automatically detect vulnerabilities trying to creep into your builds

March 20, 2017

Security breaches, license issues, and denial of service attacks are all vulnerabilities that put your production systems at high risk every day! JFrog Xray makes your life easier by performing artifact analysis for you, enabling vulnerability detection before your code is harmed. How about automating this analysis process and integrating it into your CI/CD? This can…

Unleash the DevOps!

March 14, 2017

DevOps tools have come a long way. From virtual machines in dev and QA environments to those in production, and now Docker. The more we are charmed by the idea of hardware as a code, the crazier the things we are trying to do with it. Take the “immutable server” pattern as an example. In 2000,…

Frogs and Ducks, Your Sentinels for Open Source Security

March 13, 2017

Black Duck Software creates products to secure and manage open source in applications and containers, eliminating pain related to open source security vulnerabilities and license compliance. The Tenth Annual Future of Open Source Survey they conducted in 2016, provided the numbers to prove many things about open source that we already knew. First and…

Artifactory Pro in Docker Easy as 1-2-3

March 2, 2017

With the new Artifactory 5.x, you can spin up an instance of Artifactory Pro in Docker in an instant! 1. On Mac or Linux, run the following command $ curl -L 'https://bintray.com/api/v1/content/jfrog/run/art-compose/$latest/art-compose?bt_package=art-compose' | sudo bash 2. Point your browser to http://<server>/artifactory/ and complete the onboarding wizard. 3. Start using Artifactory! NOTE: Data volumes on the host are…

The New Artifactory Docker Distribution

February 28, 2017

The recent release of Artifactory generation 5.x introduced many new features such as cloud-native storage and cluster license management for high availability, authentication, and authorization with access tokens, easy onboarding, and much more. In addition to new features, we also revamped our Docker distribution, completely redesigning it from scratch. Now, it’s much easier to spin…

Make Your Software Flow

February 27, 2017

Why Next Gen. DevOps Requires Strategic Thinking We live in an era where in order to survive, every type of company must transform itself into a technology company. Those who have not realized this yet have already lost the game. So, you’re one of those who survived the digital transformation? Congratulations, but that’s not enough.…

Automated EULA-protected Downloads

August 9, 2016

One of the great features of a Bintray Enterprise account is the ability to present a EULA when a user downloads one of your Products. That works well for the general case when the downloading user is a real person who can go through the Bintray UI and physically accept the EULA for publicly available…

Skill Up with DevOps Training at SwampUP

January 18, 2017

Team skills are directly proportional to project success Training and team talent are often overlooked as essential pieces of a project’s success. Analysis from IDC research suggests that the skills of a team are directly proportional to the team’s ability to deliver successful projects on time and with high quality. “To maximize project success and…

Code Binaries" />

Infrastructure as Code Binaries

February 22, 2017

The advent of cloud computing has made it very easy for IT and DevOps to quickly spin up any variety of environment needed. From small individual boxes that a developer may need, to large and complex production datacenters. However, the ability to quickly and easily spin up environments, also opens up the risk of spinning…

The 5 Big DevOps Changes to Expect in 2017

February 7, 2017

Thoughts from the CEO desk 2017 started off with a DevOps bang; an enormous amount of capital was poured into DevOps technology companies by VCs, and larger-scale adoption of tools and methodologies was approved in this year’s IT budgets with the recognition that DevOps is a “must-have”. These changes follow a Gartner Report from 2016…

Visually Managing Your Container Delivery Pipeline with Nirmata and Artifactory

February 6, 2017

We’re always happy to make new friends, especially when their technology plays so well together with ours. Introducing Nirmata Nirmata is a cloud service that fully automates application management on any public or private cloud. How? Nirmata lets you visualize your container delivery pipelines and build them via easy to use, intuitive interfaces. This is…

Accelerating DevOps with a Frog in a Sandbox

January 24, 2017

Here at JFrog, we say “Release Fast or Die,” but this doesn’t apply only to us; it goes for all enterprises who are facing intense pressure to become more agile and reduce costs. One way to do this is by moving to DevOps and taking an automated “as-a-service” approach to delivering infrastructure and applications. However,…

JFrog Xray CI/CD Integration Keeping Your Builds Safe

January 18, 2017

When was the last time you closed off a sprint, happily marking all user stories as DONE and uploaded the build to your staging environment only to find out the build was riddled with security vulnerabilities. Hmm...there’s a point for discussion in your sprint retrospective, and now it’s time to redo your sprint planning for…

Securely Onboarding Colleagues through SAML Authentication

November 22, 2016

Once you’ve created your Bintray account, getting your colleagues on board with permission-based access to your organization’s content is not always so easy. You want to use the most secure authentication available, so why can’t you use your corporate SAML server to authenticate your users? The answer is, now you can. If you configure your…

Docker Registries and Container Lifecycles in Artifactory CI Pipelines

January 18, 2017

In a previous blog post we talked about the importance of a Continuous Integration (CI) process for docker images and how to set up private Docker registries in Artifactory to support a promotion pipeline. The configuration looks a little bit like this: This picture has a Jenkins CI butler in it. We often say that…

Xray and Aqua Keeping Your Containers in Safe Waters

January 5, 2017

While Docker has become all the rage, it is still a relatively new technology in the market. Many companies have introduced it into their organizations, but relatively few have taken Docker to production. One of the reasons is the security risk inherent in running a large set of containers, often based on open source code,…

Predictive Graphs and Notifications

January 5, 2017

In my last post about JFrog Mission Control, I introduced the new Graphs feature which shows how your instances and repositories have been consuming storage. Knowing your history can help you prepare for the future, but why should you have to second-guess what will happen? Mission Control now does that for you with predictive graphs.…

Whale Parts in Your Docker Registry

January 3, 2017

There are many good reasons why you would set up a private Docker registry in Artifactory to manage your Docker images. One of them is the ability to promote images, letting you easily move and copy images from one repository to another in your CI/CD pipeline while setting different access privileges. Another is Artifactory’s universal…

Keep Your Secrets Safe by Serving Encrypted Files

May 9, 2016

Once you have uploaded your content into Bintray private repositories, it’s pretty safe through Bintray’s management of users, organizations, and teams. But what happens when you need to send a private file to someone else? Signed URLs give you an easy way to do that. Just generate your URL signing key and use the URL…

IP Restriction with White CIDR and Black CIDR

September 1, 2016

Imagine this scenario. Your flagship product is doing OK; you’re getting downloads. Nevertheless, increasing sales is always a top priority, so you decide to create a free OSS version to boost usage and generate more awareness in the market. It’s also a great product, free to download, and is a great teaser for the upsell…

Geo Restriction Lets You Control Where Your Content Can Be Downloaded From

May 30, 2016

When you publish software for distribution on Bintray, you generally want to give it as wide a reach as possible and expose it to as many potential users as you can. But there are also cases in which you have to restrict access to certain countries. For example, government security or export regulations may forbid…

Developing for OpenWrt? Bintray Has an Opkg For You

July 12, 2016

OpenWrt is typically associated with network routers and similar equipment, and indeed the official OpenWrt website lists overs 1200 devices on which it runs. Network routers may sound boring (well, to some of us), but as the Internet of Things (IoT) continues its crusade around the world, many people don’t know that OpenWrt is also…

[Podcast] Artifact Repositories and Continuous Delivery Pipelines

December 14, 2016

Version control is one of the top two predictors of deployment lead time, deployment frequency and MTTR. Why is it so important for DevOps organizations? During JavaOne last September, I participated in an online panel on the subject of Artifact Repository, as part of Continuous Discussions (#c9d9), a series of community panels about Agile, Continuous…

Creating a Signed URL Using the Bintray UI

July 13, 2015

Creating a Signed URL is now available to you through the Bintray friendly User Interface, from start to end. If you are new to Signed URLs, you would rather check out this cool feature. Refer to the REST API Guide at URL Signing, and to the Sign me up! blog, discussing generating Signed URL using…

Manage your Bintray and GitHub organizations better together

November 5, 2015

Bintray's integration with GitHub is now moving to a new level with GitHub organizations! As a Bintray user who is also a GitHub user, you already know that you can import your GitHub repositories, tags, readme's, and release notes to Bintray. Now you can also import your GitHub organizations, the organization’s repositories, and even keep…

Who needs a EULA if nobody reads it?

April 25, 2016

As long as you’re distributing public open source software, you don’t need a EULA. Just choose from the over 100 open source licenses Bintray offers to get the level of protection you want. Once you move to distributing commercial software, you need a EULA. This is the contract that you make with all of your…

Publishing Your Maven Project to Bintray

September 17, 2015

Bintray gives you everything you need to share your Maven project, and much more: you will be able to monitor downloads and users with the statistics that Bintray keeps for you. You can also share your project via Bintray's JCenter repository (which is the largest public Maven repository out there), and effortlessly sync it with…

Feel secure with SSL? Think again.

August 4, 2014

Recently, we’ve heard a lot of discussion about the trust we place in public binary repositories. For example, Maven Central, a popular legacy repository maintained by Sonatype, was recently compromised by a successful MITM attack. In response, Sonatype set up an https access to central (removing the demand for a $10 donation to the Apache…

6 Reasons to Distribute Commercial NuGet Packages through Bintray

November 30, 2015

Developing on .NET? Then, most likely, you are no stranger to NuGet Gallery. It’s a great place to find public NuGet packages. But is it the best place to host and distribute your own private packages? With the recent addition of native support for NuGet, you can now point your NuGet client to Bintray and…

Catch that Millionth Download with Bintray’s New Statistics API

October 15, 2015

Want to know exactly how many times your packages have been downloaded? Bintray has always given you download statistics through its UI, but now you can also get them for professional repositories via REST API. Detailed statistics on downloads per version over any time frame give you deep insights into how your software releases are…

Is Docker Hub really the best way to distribute your images?

June 3, 2015

Docker is definitely one of the biggest things to hit the software industry in the last few years. Everyone is using Docker, and Docker Hub is growing rapidly serving over 45,000 images by now. But did you ever ask yourself if Docker Hub is really the best platform to distribute your Docker images. It stands…

Feeling secure with Bintray downloads

May 14, 2015

Remember our take on .asc files? The thing is, digital certificates alone cannot guarantee the identity of someone. To fully trust someone there needs to exist a reliable Web of Trust (WoT) that leaves little to no doubt that the signer is who he claims to be. So what’s the solution then? Use Bintray as…

Android Studio – Migration from Maven Central to JCenter

February 9, 2015

This post was originally published in Techno Talkative blog by Paresh Mayani. Feel free to comment here or there. During the android workshop, in the office and in the chat with some of the android developers, I have received some questions around build script and repository: Why earlier versions of android studio were using…

Enjoy Bintray and use it as pain-free gateway to Maven Central

February 11, 2014

What does it means when some tool or framework has literally dozens of guides, pages long each? It probably means that it is popular, or complicated to use. Usually, both. That’s the story of Maven Central (a.k.a. Central Repository, a.k.a. repo1, a.k.a. ibiblio). Of course, there is a better alternative nowadays - Bintray is already…

Sign me up!

November 6, 2014

Bintray Premium gives you cool new features such as private repositories, permission management, more storage and so much more. One of the biggest benefits of using a Premium account is the ability to create expirable, signed URLs for your repositories’ content. Signed URLs you said? What’s that? A signed URL is an obscure URL with…

Nodeclipse: 500k downloads per month and counting!

June 5, 2014

[caption id="attachment_373" align="alignright" width="140"] Paul Verest[/caption] Paul Verest, the Nodeclipse project lead posted to the Nodeclipse blog about his experiences with Bintray. He talks about how the Bintray distribution platform freed up resources to take care of the truly important things - driving Nodeclipse and Enide Studio forward! The main benefits Paul mentions are: Speed…

Hosting your Eclipse update site (P2) on Bintray.com

March 11, 2014

Did you know you can easily host your Eclipse update site on Bintray.com? After registering to Bintray (and optionally, creating or joining an organization), it's as easy as 1-2-3: Use the predefined 'generic' repo (or create a new one) if you are generating a plain P2 update site, or 'maven' repo if you are generating…

Download stats and logs - now with deep user insights

April 22, 2015

Ever wondered who exactly downloaded your software? I don’t mean just “someone from the United States.” I’m talking about getting down to the organization level in terms of “someone from Acme Corp. NY office”. Now you can get this information, from Bintray: This information is available for any package type for Bintray Premium users, but…

Bintray + GitHub = Synergistic Love Story

June 5, 2013

First things first - Bintray is not a competitor of GitHub. They complete each other, not compete. Here's how (I love vienn diagrams): [caption id="attachment_98" align="alignnone" width="300"] Click to enlarge[/caption] Bintray is an organic next step for developing software at GitHub - once your sources are built - distribute them from Bintray. Our job is…

5 Things You Should Know About Docker Registries in Artifactory

December 21, 2016

As a universal artifact repository manager, Artifactory is, among other things, a fully fledged Docker registry. In addition to storing and managing Docker images, Artifactory also offers extensive integration with your CI pipeline, supports authentication through external providers, high availability, massively scalable storage and is constantly updated to support the latest Docker client version and…

Push the Limits of Virtual Repositories

January 11, 2016

Our recent Developer and DevOps Trends 2015 survey showed that anyone using Docker also uses additional technologies. I’ll let you in on a little secret. That’s true in general, not just in relation to Docker. The vast majority of developers work with several different technologies at once. So most (if not all) of you are…

Sweet Dreams with Open Source Licensing

December 5, 2016

Has your release ever been held up due to open source licensing issues? Here’s a true story. In one of my previous jobs, the company I was working at was acquired by an industry monolith. It was a dream-come-true for this startup. There was cheering, happy smiling faces in the corridor, and much revelry. A…

JFrog CLI Offers Fully Reproducible Builds For All

November 30, 2016

One of the big advantages of running builds through Artifactory is that it stores exhaustive build information generated by the different plugins used with common build tools. This is the “Bill of Materials” that lets you fully reproduce any build even if it has already been deployed to production. It includes everything from artifact versions…

Historical Data and your Instances’ and Repositories’ Future

November 28, 2016

I never liked history in school. I was more interested in the latest technological developments and what the future had in store. What I didn’t realize at that time was age-old saying that (paraphrasing) you have to know your history to understand where you’re going. The same is true of your Artifactory instances and repositories.…

[Podcast] How to Achieve Continuous Software Delivery Using DevOps Tools and Methodologies

November 22, 2016

Listen to this podcast recorded at JenkinsWorld 2016 in which Fred Simon and Sacha Labourey talk about how to achieve continuous software delivery using DevOps tools and methodologies including Mesosphere, Kubernetes, Vagrant, Docker, and Swarm. Learn why JFrog Artifactory is the leading Universal repository manager that helps your teams automate the development processes and expedite…

JFrog Artifactory Cloud on Google Cloud Platform (GCP)

November 17, 2016

Through a special initiative to support the open source community, JFrog Artifactory Cloud hosted on GCP is available at no charge, jointly sponsored by JFrog and Google, for qualified open source projects. Register now > Last May we announced a collaboration with Google to host our JFrog Artifactory Cloud solution on Google Cloud Platform (in…

Stay in Context, See the World

July 17, 2013

New release, new features! Focus on what's important You know, Bintray supports various repository types, like Maven, YUM and Debs, and more types to come. But sometimes all those goodies are just too much. You want to see and search for only certain type of packages (e.g. focus only on Maven jars to use Bintray…

Hosting Debian Packages on Bintray Rocks!

December 16, 2014

Want to distribute your Debian packages? Bintray is the tool for you! Now it’s even better with improved support, including the current Debian repository format (a.k.a. “automatic” layout), in addition to the deprecated “trivial” layout, and signing metadata with GPG. All you need to do is upload your .deb files, and Bintray will calculate and…

Conan Joins JFrog

November 17, 2016

Conan.io, our favorite C/C++ package manager has just leaped into JFrog. This is one more great chapter in our story which began a few years ago, when JFrog products took a universal approach to provide developers the freedom of choice, using any technology they chose. With the recent addition PHP Composer, JFrog Artifactory currently supports…

No Internet? No Problem. Use Artifactory with an Air Gap

November 15, 2016

Virtually all development organizations need access to remote public resources such as JCenter, NuGet Gallery, npmjs.org, Docker Hub etc., to download dependencies needed for a build. One of the big benefits of using Artifactory is its remote repositories which proxy these remote resources and cache artifacts that are downloaded. This way, once any developer or…

Using Satis and Packagist for PHP Development? Think JFrog Artifactory!

November 1, 2016

If you’re developing server side code in PHP, there’s a pretty good chance you’re using PHP Composer to manage your dependencies and getting 3rd party components from Packagist. To host your internal private packages, you might be using Toran Proxy or your own Git repository. You might even be using open source Satis for your repositories.…

Blocking Downloads with Artifactory and Xray

September 26, 2016

Nobody wants to get sick, so we’ll wear jackets when it gets cold, take our vitamin C and avoid going out in the snow with wet hair. We all do different things to stay clear of nasty viruses and bacteria because we know that the loss in productivity and efforts we’ll have to make to…

JFrog CLI Working Files From Both Ends

October 18, 2016

Since JFrog CLI was introduced about a year ago, its popularity has skyrocketed in the CI community. When we asked our users what they liked most about JFrog CLI, the message we got back was clear: Simple, Native, Efficient. Simple: It’s simple and intuitive to use, and onboarding only takes a few minutes. Native: It’s…

JFrog, Proud Partners in DevOpsExpress

September 14, 2016

DevOps has become one of the hottest buzzwords to hit the software industry. Everybody is talking about DevOps, and everybody is supposedly doing DevOps, but there isn’t really a solid definition of DevOps that has caught. Nevertheless, if you look up a few different sources, they all talk about collaboration between developers and IT operations that…

It's Your Content, Claim The Logs For It

November 18, 2013

Improved statistics we introduced last month give you much more information about the users that download open source software you publish than any other binaries distribution platform ever. But why stop there? What if you want even more? One of the most powerful ways to slice and dice your download stats is to play with…

Introducing New and Improved Statistics

September 4, 2013

Bintray’s latest version introduces an upgraded graphic downloads statistics feature. Now you can view the statistics of all package downloads segmented by date, version and country. You can view the download stats for the last 24 hours by hour or select a wanted date range within the last 30 days. For unbounded date range download…

[White Paper] Developing Fast with CocoaPods

August 29, 2016

CocoaPods stepped into the realm of Xcode development to take dependency management from the domain of tiresome and tedious to make it simple and easy. Nevertheless, working with CocoaPods presents the challenges that are typical of working with any dependency manager that uses remote resources like Pod and Podspecs repositories, such as network or repository…

MBeans, MBeans They're Good For Your Heart

September 11, 2016

Some of you may have gotten a giggle from the title of this post, remembering that children's song about beans that many of us would gleefully sing every time one of our friends "let loose". But the truth is, MBeans really are good for your heart, especially if you have to monitor a multitude of…

IT IS TIME TO TRUST YOUR SOFTWARE!

August 3, 2016

JFrog Xray - not just another security vulnerabilities scanner. We have just officially launched JFrog Xray, and were already asked by customers why we think JFrog Xray should be used instead of $YOUR_FAVORITE_SECURITY_SCANNING_TOOL. Is Xray like Black Duck? Maybe it’s like Docker Security Scanning? Maybe it’s similar to Sonatype Nexus Component Intelligence? Before getting into…

Repository Log Analytics At Your Fingertips

July 20, 2016

Friday, late afternoon, and everything seems to be running smoothly. The weekend is just around the corner, so you lean back in your chair and start to plan all the fun you’re going to have. Suddenly, your phone screen lights up. An instant message from your boss that says, “Hey, some of the developers are…

Disaster Recovery Built Into Centralized Repository Management

July 7, 2016

Planning for Disaster Recovery is a bit like insurance. You know you need it so that when the 5#!7 hits the fan, you’re ready with a plan Artifactory sits at the heart of critical software development processes in any organization that has realized the need for advanced artifact management. Depending on who (or which CI…

Increase your Maven Package’s Exposure by Adding it to JCenter

October 8, 2015

If you already distribute your Maven packages via Bintray, your packages can gain further exposure by including them in Bintray's JCenter! (if you are not very familiar with Bintray’s support for Maven, please refer to the user guide and to my previous post). JCenter is the repository with the biggest collection of Maven artifacts in…

swampUP Announcements. Extra! Extra! Read all about it!

May 23, 2016

New announcements at swampUP JFrog Product Announcements: JFrog Xray: JFrog Xray is the first universal impact analysis product, giving organizations an unparalleled level of understanding about all of their container images, software packages and binary artifacts, even with the huge volume and variety of components that development teams share in the software build and distribution…

Empowering Azure DevOps /TFS with JFrog Artifactory

May 23, 2016

For those of you familiar with JFrog Artifactory and its integration with CI servers, you know that we have plugins for Jenkins, TeamCity and Bamboo that integrate and capture information from the CI server to provide full traceability between artifacts and their origin. We also have an integration with MsBuild which allows you to capture…

Empowering BitBucket Version Control with Promotion and Distribution

May 23, 2016

We're pleased to announce the integration of JFrog Artifactory and JFrog Bintray with Atlassian Bitbucket. This integration provides a unified dashboard that visualizes the entire release pipeline from commit, through CI, quality gates and release for distribution. The JFrog Bitbucket add-on lets you monitor a build pipeline that is flowing through Bitbucket -> Bamboo -> Artifactory -> Bintray. This…

The Benefits of Package Search in a Universal Repository

November 30, 2015

We don’t call Artifactory the Universal Repository Manager for nothing. You can now search for any package using search criteria specific to the package type. Looking for an image in your Docker registry? Specify its name, and/or its tag, or you can use its digest for a more specific search. Lost an Npm package? Search…

Migrating from Nexus to Artifactory

May 23, 2016

Migrating from Nexus to JFrog Artifactory is very simple by using nexus2art migrator. The migrator provides a user friendly wizard like interface for transferring everything in your Sonatype Nexus instance repositories, artifacts, users, and settings to an Artifactory instance. Easy setup Migrator tool requires an initial setup (i) to connect to your Nexus and JFrog…

Optimizing Repository Security and Performance with Include and Exclude Patterns

November 29, 2015

Repositories are the building blocks of Artifactory, and there are three basic types: Local repositories are where you store your in-house artifacts; remote repositories proxy remote resources and cache artifacts downloaded from them (e.g. JCenter, Nuget gallery, repositories in other Artifactory instances and others); and virtual repositories aggregate both local and remote repositories under a…

Taking Docker to Production with Confidence

April 5, 2016

Many organizations developing software today use Docker in one way or another. If you go to any software development or DevOps conference and ask a big crowd of people “Who uses Docker?”, most people in the room will raise their hands. But if you now ask the crowd, “Who uses Docker in production?”, most hands…

"Database is wrong for you" and all that FUD

November 24, 2015

Update November 2015: Sonatype introduces abstract blob storage in Nexus 3, almost completely mimicking Artifactory's checksum-based storage that they have been criticizing for years. Talk about leaders and followers. Checksum-based storage. It’s one of the key features that makes Artifactory better than the competition. Here is the typical false claim made by Sonatype (creator of…

If You're Not Using Git LFS, You're Already Behind!

April 5, 2016

The popularity of the Git version control system among developers has grown consistently over the last few years, with many Subversion users making the switch to Git's 'file system snapshot' approach, which differs from the 'file change logging' approach of classic VCS software. Git's Little Problem - Large Files However, Git was originally meant to…

JFrog Mission Control, we have lift-off!

October 29, 2015

It’s not every day we get to announce a brand new product, so we’re really excited with our first release of JFrog Mission Control. Why did we build Mission Control? Because it’s in the spirit of our long tradition of listening to our community. With more and more enterprises setting up more and more clusters…

[White Paper] JFrog Mission Control

March 28, 2016

As enterprises ramp up their use of JFrog Artifactory, and install multiple servers at globally distributed data centers, monitoring and managing the global binary workflow becomes more and more challenging. JFrog Mission Control overcomes these challenges by providing a centralized management console for global Artifactory instances.

Artifactory Vs. Nexus The Integration Matrix

February 26, 2019

This blog post was originally published by Shlomi Ben Haim, JFrog CEO, in February 2011, and has now been rewritten by Dror Bereznitsky, JFrog CPO, to reflect the current state of JFrog technology. If you’re reading this, you probably Googled “Artifactory vs Nexus”, and are trying to evaluate which product to use. Well, you’re…

Filestore Management In The Age of Petabytes

March 25, 2016

Artifactory 4.6 was released last week, and along with adding Google Cloud Storage to the already extended family of storage providers, introduces support for the most complex storage configuration needs of any company in today’s world of binaries management. This will make your filestore management much more reliable and flexible, allowing you to mix n’…

Tracking New Java Libraries Has Never Been Easier!

December 11, 2013

Want to know when a new version of $YourFavoriteJavaLibrary is released (and I mean - any Java library)? With Bintray, it's one-two-three. Go to bintray.com and search. [caption id="attachment_252" align="alignnone" width="300"] Click to enlarge[/caption] Click on the package you'd like to watch. [caption id="attachment_251" align="alignnone" width="300"] Click to Enlarge[/caption] Click "watch", (log in if needed).…

Hot on Bintray: Package Merging

October 10, 2013

We have recently introduced package merging: several packages from the same repository can now be merged into one. This is extremely useful when you have existing packages that are not aligned properly. For example, when you have many small technical packages (modules) that are logically one, single package, often using the same version scheme. Such…

Be the First to Know. Really.

June 26, 2013

So, you have an early-2000 style repository, like Maven Central: And let's say you are very, extremely interested to know when the new version of netty comes out. We understand, it's a natural addiction. How can you do it? Here are some ideas: Well, you can visit Maven Central every day. Couple of times a…

[White Paper] DevOps Without a Binary Repository? A Nightmare!

April 13, 2016

As the grease in the wheels of any software development machine, DevOps is a critical to keep development running smoothly. But to do that, DevOps engineers must efficiently manage an ever-growing matrix of binaries, environments and geographically distributed sites to ensure a smooth application workflow. Wanna wake up from the nightmare? Read/download the white paper.

Docker is Not Alone

October 15, 2015

JFrog Artifactory - The Only Universal Enterprise Repository Manager During DockerCon 2015 in SF, Solomon Hykes asked the audience: "Who is using Docker and nothing else"? No one in the audience raised their hand. Our Developer and DevOps 2015 Survey reinforces this point and adds what developers are using together with Docker. In JFrog’s Developer and…

Advanced repositories - get more out of the box!

September 8, 2015

The ability to proxy remote repositories and cache external artifacts from them is crucial whether they are Docker images, NuGet packages, npm, tar.gz files or any of the dependencies we use to create our own products. It speeds up our builds, ensures reliable access, gives control over the bill-of-materials and offers many more benefits making…

Process is Critical So Are the Systems of Record.

March 24, 2016

You probably read the awesome post in the Netflix Engineering Tools team blog about the build process that Netflix uses to continuously deploy the service that streams movies and TV shows to more than 75 million global Netflix members. And while the post concentrates on the build process - the build tool, the CI server and the…

Artifactory Command Line Interface (CLI) - Pure and Simple

October 22, 2015

Since writing this post, Artifactory CLI has evolved into JFrog CLI that works with both Artifactory and Bintray. I encourage you to read this follow-up post to learn about the power of the JFrog CLI when working with Artifactory, and then read the follow-up post to learn about the great things you can do with JFrog…

How not to care about unpublishgate

March 23, 2016

So, you all heard about #npmgate a.k.a. #unpublishgate. Azer removed left-pad from the official npm registry and all hell broke loose. Most of npm builds in the world are failing today because a tiny (17 lines of js code!), but very popular library was obliterated from a central repository (which teaches us a lesson about…

Meet the all-new Artifactory Online Dashboard

August 19, 2015

If you haven’t yet heard about our exciting new release of Artifactory 4, then you can read about it in our release notes. It comes with a whole bunch of new features, and most visibly, a brand new UI. Well, our Artifactory Online community is also reaping the benefits of this release, and, in addition…

JFrog CLI (mb)ing to New Heights

March 18, 2016

Remember Artifactory CLI? That was the tool we released several months ago to simplify your automation scripts while optimizing upload and download of files to and from Artifactory. Well, after hundreds of downloads and a lot of great feedback we got, we decided “what’s good for Artifactory, is good for Bintray too.” So please meet...…

[Case Study] Oracle Managing Artifacts at Scale

March 10, 2016

How do you manage terabytes of binaries? How do you move mountains of artifacts around the world, at peak performance, all the time? That's what Oracle does, every day. Download the case study to learn why Loreli Cadapan, Director of Development Operations at Oracle, chose Artifactory to manage the company's binary workflow at industrial scale.

Let’s prove what we all know is true

August 9, 2015

There are only a few more days for you to cast your vote for Artifactory at the DevOps Dozen hosted by DevOps.com. Artifactory has been nominated in the category of Repo Manager, and we all know that: Artifactory is the only repo manager that provides full support for Docker (and NuGet, and Npm, and virtually…

Creating a Signed URL Using the Bintray UI

July 28, 2015

How smart is your remote repository?

September 8, 2015

The ability to proxy remote repositories and cache external artifacts from them is crucial whether they are Docker images, NuGet packages, npm tar.gz files or any of the dependencies we use to create our own products. It speeds up our builds, ensures reliable access , gives control over the bill-of-materials and offers many more benefits…

swampUP 2016: JFrog User Conference

February 23, 2016

The JFrog User Conference, affectionately known as “swampUP”, is a yearly event where developers and DevOps come together to talk, network, learn from industry visionaries, and...enjoy an endless flow of fine food and wine (who said learning can’t be fun). Last year’s one-day event was so successful (here are some pictures), and generated so much…

Use the right tool for the job: Git LFS with Artifactory

July 15, 2015

In a recent conversation I had with a developer that works with my wife, who works as the QA Manager for an awesome educational games company, she shared with me a very painful issue that most game developers (probably) share: storing binary assets in Git. This is an issue for everyone in this industry - regardless…

Care for some CocoaPods?

February 16, 2016

The highlight of the latest release of Artifactory, version 4.5, is support for CocoaPods, and there are a bunch of additional updates which we thought you might like to hear about. CocoaPods - The main event Developing for iOS, watchOS, tvOS or OS X? Jumping on the Swift bandwagon now that it’s open sourced? CocoaPods means…

Improve Network Performance - Store Docker Images Locally with Artifactory

July 9, 2015

Goodbye network worries - hello remote Docker registries Docker Hub is an invaluable resource that you need on a regular basis, but as a remote resource, what do you do if Docker Hub goes down or if there is an issue with the network? JFrog Artifactory is an intermediary between developers and Docker Hub and…

JFrog Mission Control 1.0 Unleashed.

February 8, 2016

A couple of months ago we released the preview version of JFrog Mission Control. As a new product, we were eager to get it out there and start getting feedback. Since then we have been in constant contact with dozens of our customers who downloaded it learning what worked well and what was missing. So…

Goodies to Kick Off 2016

January 18, 2016

Holiday season is over. Gifts were exchanged, miles were traveled, resolutions were made, and much alcohol was consumed. Time to get back to work, renewed and energized for the new year. While we had our share of merry-making here at JFrog, we also managed to get some work done between the revelry, and released Artifactory…

Even more Vagrant love in Bintray

July 1, 2015

You, of course, know, that for nearly the last two years, you have been downloading your Vagrant software from JFrog Bintray. But recently, Bintray has taken Vagrant support to a whole new level; it is now is a fully fledged Vagrant repository allowing you to distribute your public and private Vagrant boxes from Bintray! As…

Another one bites the Maven Central dust (and saved by Bintray)

February 19, 2015

Today, I encountered another very detailed blog post on the woes of publishing on Maven Central. Jose Maria Arranz explains why he doesn't like Maven in general and publishing to Maven Central in particular (I am with him on a lot of valid points). I can't help quoting: Fortunately when searching for how-to articles and commenting…

New AsciiDoc support - our humble donation to easier documentation

December 22, 2013

Adding Release Notes and Readme's to your software can be a bit tedious. Well, not in Bintray! Thanks to the excellent Asciidoctor framework, Bintray now lets you annotate your software with online Asciidoc docs, so it's just as easy as writing code! [caption id="attachment_269" align="alignnone" width="282"] Click to Enlarge[/caption] Prefer Markdown? We've got you covered. Bintray supports…

JFrog's Developer and DevOps Trends Survey 2015

December 15, 2015

We started running these surveys in 2013 to stay in touch with our developer and DevOps communities, and to understand how they work and the challenges they address on a daily basis. This year’s survey ran from August 25th through September 3rd and received more than a thousand responses, from over 50 countries, mostly, the…

Enterprise Level Access Control with Keys and Entitlements

June 22, 2015

Advanced Cleanup Using Artifactory Query Language (AQL)

June 17, 2015

Each Artifactory administrator has his own methodology and policies for managing binaries within Artifactory, however, cleaning artifacts and freeing up storage space is a common need that every administrator has. As you probably know, Artifactory does provide a few cleanup methods out-of-the-box such as deleting complete versions, limiting the number of snapshots and deleting unused…

welcome to the frog’s blog

Latest:

Part II: Artifactory as a Caching Mechanism for Package Managers