JFrog’s Best DevOps Blogs of 2021

In 2021, JFrog provided a steady stream of insightful articles about software release trends, DevOps best practices, JFrog innovations and more. Here we’ve selected what we consider the best posts of last year, in case you missed them or want to re-read them. You’ll find primers on how our customers benefit from our trailblazing partnership …

Log4j Vulnerable Packages in Maven Central

Log4j Vulnerability Alert: 100s of Exposed Packages Uncovered in Maven Central

The high risk associated with newly discovered vulnerabilities in the highly popular Apache Log4j library – CVE-2021-44228 (also known as Log4Shell) and CVE-2021-45046 – has led to a security frenzy of unusual scale and urgency. Developers and security teams are pressed to investigate the impact of  Log4j vulnerabilities on their software, revealing multiple technical challenges …

How to set up a Private, Remote and Virtual Maven/Gradle Registry

The simplest way to manage and organize your Java dependencies is with a Maven or Gradle repository. You need reliable, secure, consistent and efficient access to your dependencies that are shared across your team, in a central location. Including a place to set up multiple registries, that work transparently with the Maven and Gradle clients. …

Simply the Best: JFrog’s Top DevOps Articles from 2020

In 2020, JFrog’s experts published a treasure trove of content — blogs, articles, infographics, and more — to share insights and advice with our customers and the DevOps community at large. In case you missed them — or want to re-read them — here’s a list of the most popular ones. They range from a …

MaveDeploy1Feature

Don’t Let the Maven Deploy Plugin Trip You Up

Apache Maven is a commonly used build tool. It has many cool features such as default processing steps that are included out of the box, and is particularly good for compiling and packaging Java code. But this blog post is not an introduction to Maven. There are plenty of great books that provide that, and …

Enterprise Level Access Control with Keys and Entitlements

“Private repositories”, “Teams and Organizations”, “Permissions”…, sounds like that’s all you need to provide secure private downloads. Well, not quite. Those are great features that fit the bill if your consumer is a Bintray user. But what if she isn’t? Well, then there are signed URLs. Those should do the trick. Just sign your file …

Bintray Blog

Publishing Your Maven Project to Bintray

UPDATE: As of May 1, 2021 Bintray services will no longer be available (ConanCenter and JCenter are not affected) for more information read the Centers Deprecation Blog   Bintray gives you everything you need to share your Maven project, and much more: you will be able to monitor downloads and users with the statistics that …

Bintray Blog

Enjoy Bintray and use it as pain-free gateway to Maven Central

UPDATE: As of May 1, 2021 Bintray services will no longer be available (ConanCenter and JCenter are not affected) for more information read the Centers Deprecation Blog   What does it means when some tool or framework has literally dozens of guides, pages long each? It probably means that it is popular, or complicated to …

Bintray Blog

Stay in Context, See the World

New release, new features! Focus on what’s important You know, Bintray supports various repository types, like Maven, YUM and Debs, and more types to come. But sometimes all those goodies are just too much. You want to see and search for only certain type of packages (e.g. focus only on Maven jars to use Bintray …

Bintray Blog

Increase your Maven Package’s Exposure by Adding it to JCenter

If you already distribute your Maven packages via Bintray, your packages can gain further exposure by including them in Bintray’s JCenter! (if you are not very familiar with Bintray’s support for Maven, please refer to the user guide and to my previous post). JCenter is the repository with the biggest collection of Maven artifacts in …