Welcome to the JFrog Blog

Automate Your Deployments on Kubernetes Using GitHub Workflows and JFrog Artifactory Custom Webhooks

Automate Your Deployments on Kubernetes Using GitHub Workflows and JFrog Artifactory Custom Webhooks

Full automation makes your Continuous Deployment (CD) faster, seamless and less error prone. For example, triggering the deployment of your Helm Chart when a Docker image is pushed to production. The latest JFrog Artifactory release makes this easy! With a new Custom Webhook feature that enables a direct integration with a variety of services such…
JFrog’s Software Artifact State of the Union is Here! See What’s Actually Being Used in Software Technology Today

JFrog’s Software Artifact State of the Union is Here! See What’s Actually Being Used in Software Technology Today

As software development becomes more complex, it's important for IT and software leaders to stay up-to-date on the latest trends. Tools like Stack Overflow's Developer Survey and the Tiobe Index can be helpful, but they rely on indirect data and don't provide a full picture of what's actually being used in production. JFrog's Software Artifact…
GitHub Tried to Change the Checksum for Release Archives. You Should Start Hosting Your Own.

GitHub Tried to Change the Checksum for Release Archives. You Should Start Hosting Your Own.

Yesterday, GitHub changed how the archives they provided are made. The result of this change surprised developers, triggering pipeline failures all over the world in most ecosystems. According to this GitHub post, this is a consequence of recent changes to Git itself, released almost six months ago and just deployed within GitHub now with unforeseen…
Detecting Malicious Packages and How They Obfuscate Their Malicious Code

Detecting Malicious Packages and How They Obfuscate Their Malicious Code

Wow! We made it to the last post in our Malicious Packages series. While parting is such sweet sorrow, we hope blogs one, two, and three provide insights into the havoc malicious packages cause throughout your DevOps and DevSecOps pipelines.  In the prior posts: We explained what software supply chain attacks are and learned the…
What Is Artifactory? | JFrog

What Is Artifactory? | JFrog

The modern software supply chain is complex. JFrog internal data shows that most enterprises use 12+ package types and 90 percent of applications depend on open source software. Additionally, there is a wide array of tools to support the software development process, including Source Code Managers (SCMs), Integrated Development Environments (IDEs), CI/CD suites, and more.…
What’s in your build? Building Images in OpenShift with Artifactory and JFrog CLI

What’s in your build? Building Images in OpenShift with Artifactory and JFrog CLI

Red Hat OpenShift is an enterprise Kubernetes container platform. It lets you build Docker images and use them to deploy your applications on a cloud-like environment (even if it’s not really on the cloud, rather a simulated cloud environment). Images built in OpenShift can be easily pushed into JFrog Artifactory - JFrog’s leading universal repository…
IDC LINK: JFrog Introduces New Software Supply Chain Security Capabilities

IDC LINK: JFrog Introduces New Software Supply Chain Security Capabilities

As software becomes increasingly complex, the need to secure the software supply chain becomes more important — and more difficult.  But how can businesses address the challenges of securing their software supply chain? The International Data Corporation (IDC) offers critical insight. Following the release of JFrog Advanced Security on October 18, 2022 – the world’s…
Tour Terraform Registries in Artifactory

Tour Terraform Registries in Artifactory

Why should you keep Terraform module, provider, and backend registries in a binary repository manager like Artifactory? Because, like your builds, packages, and other artifacts, your Terraform files are a key part of your software supply chain. Terraform is a widely used open source infrastructure-as-code (IaC) software tool to manage the entire lifecycle of cloud…
Enterprise Package Management for Everyone

Enterprise Package Management for Everyone

Suppose you asked developers in the mid-2000s how they managed and compiled their binaries. You'd probably hear some anxiety-inducing answers (e.g., storing packages in git repositories or insecure file stores). Thankfully, organizations currently have various options for managing their first or third-party packages, dependencies, and containers. Different tools offer different levels of package support and…
JFrog Joins Rust Foundation as Platinum Member

JFrog Joins Rust Foundation as Platinum Member

The technology ecosystem is continually evolving but one truth remains, if there is a new and emerging coding language that captures the heart and minds of developers JFrog will be there. JFrog provides a DevOps Platform to store and secure its artifacts while engaging with the community and foundations that support developers using that language.…