Several months ago, Darcy Clarke, a former Staff Engineering Manager at GitHub, discovered the โManifest Confusionโ bug in the npm ecosystem. The bug was caused by the npm registry not validating whether the manifest file contained in the tarball (package.json) matches the manifest data published to the npm server. Clarke claims this to be a โฆ
In todayโs digitally-driven world, organizations rely heavily on software applications to streamline services, provide operations, engage customers, and drive innovation through digital transformation. Software has also become the lynchpin for securing an entire businessโ services and keeping them up and running. Yet, this omnipresent force comes with its own set of challenges. The importance of โฆ
At JFrog, we believe in practicing what we preach by โdrinking our own champagne.โ This means that we not only develop and deliver market-leading products but also utilize our own solutions in our development processes. When it comes to managing development environments, we aim to implement the best-in-class approaches. By adopting these top-tier practices, we โฆ
The simplest way to manage and organize your Docker images is with a Docker registry. You need reliable, secure, consistent and efficient access to your Docker images thatโs shared across your team in a central location, including a place to set up multiple registries that work transparently with the Docker client. There are three different โฆ
Modern AI applications are having a dramatic impact on our industry, but there are still certain hurdles when it comes to bringing ML models to production. The process of building ML models is so complex and time-intensive that many data scientists still struggle to turn concepts into production-ready models. Bridging the gap between MLOps and โฆ
With Gartner estimating that over 90% of newly created business software applications will contain ML models or services by 2027, it is evident that the open source ML revolution is well underway. By adopting the right MLOps processes and leveraging the lessons learned from the DevOps revolution, organizations can navigate the open source and proprietary โฆ
In the realm of AI collaboration, Hugging Face reigns supreme. But could it be the target of model-based attacks? Recent JFrog findings suggest a concerning possibility, prompting a closer look at the platformโs security and signaling a new era of caution in AI research. The discussion on AI Machine Language (ML) models security is still โฆ
Modern software development requires a seamless connection between multiple software development tools โ particularly those used for code management and storing your software artifacts. Connecting between these tools often involves managing a variety of tokens, permissions, passwords, and keys, which if not handled correctly can expose organizations to potential security threats. The best solution is โฆ
At swampUP 2023, JFrogโs annual user conference, Gerard McMahon, Head of Application Lifecycle Management (ALM) Tools and Platforms at Fidelity Investments, shared Fidelityโs cloud migration story and how it supports the overall company philosophy. He explored the companyโs focus on ensuring employee satisfaction while delivering great software and value to customers. He talked about the โฆ
MyJFrog is a central management portal for managing your JFrog cloud subscriptions. It provides a single, centralized view to manage and monitor users, subscriptions, resources, and usage. This gives you the control, visibility, and predictability you need to make informed decisions about your environment. MyJFrog Portal If you have multiple JFrog Cloud subscriptions, MyJFrog lets โฆ
