JFrog Press Room

Resource center for analyst and press inquiries,
company information, and community media.

JFrog Proves FORTUNE 100 Companies are Getting IoT-Ready and Increasing their Focus on Securing the Software Supply Chain

PRESS RELEASE, February 6, 2023

First Annual Software Artifact State of the Union Report Shows 1.3M Container Repos, 67 Percent Increase in Rust (Cargo) Usage, and 37 Percent Rise in Conan Adoption

Sunnyvale, Calif. – February 6, 2023JFrog Ltd. (“JFrog”) (NASDAQ: FROG), the Liquid Software company and creators of the JFrog DevOps Platform, today released the results of its JFrog Software Artifact State of the Union report, which exposes the packages and binaries most in use by enterprise developers today to deliver software from design to production. Key findings indicate an intense and growing interest in emerging memory-safe programming languages for securing the software supply chain; a rise in designing for the edge; plus exponential artifact size and container usage hinting at development of applications such as cryptocurrency, metaverse, and blockchain.

“Developers are the transformers of our time – taking innovative approaches to the many ways software can be utilized to propel businesses and society to the next frontier,” said Stephen Chin, VP of Developer Relations for JFrog. “Our report doesn’t aim to parrot stated developer preferences. Rather, it spotlights the programming languages and package ecosystems in which technology and business leaders should invest from an application, talent, and security standpoint, to ensure their companies can compete and scale in 2023 and beyond.”

Key Findings

The universal support provided by the JFrog Platform provides a unique and reliable snapshot of the packages and binaries being used by developers to create software consumed by end users today. Drawing from a wide sample of 7K+ companies – of varying sizes and cross-industry – JFrog’s Software Package State of the Union report indicates the following enterprise software trends:

  • Preparing for IoT and the Edge: Rust (Cargo), C and C++ – the primary languages used when designing software to run on edge and IoT devices – grew exponentially between January 2020 and October 2022, along with Conan – the decentralized package manager for C/C++ – which grew 5.2X over the same period.
  • Containers are King: Use of Docker plus OCI containers and Helm Charts has dramatically increased over the last two years, indicating more organizations are taking a cloud-native approach and designing larger, more sophisticated artifacts for use by applications such as the Metaverse, Blockchain, or cryptocurrency.
  • The Old Guard Stands Strong: Over 90 percent of organizations are maintaining a Maven repo, which is most used for indexing software artifacts composed of Java, JavaScript, Python, and C and C++.
  • Increasing focus on Memory Safety for Securing the Software Supply Chain: Modern languages, such as Apple Swift, Go, and Rust (Cargo) are designed with built-in safety mechanisms to make the developer aware of any potential issues when coding so they can avoid future detrimental software supply chain attacks. To that end, use of Rust (and its package manager, Cargo) grew 98X since April 2021.
  • Terraform: The infrastructure-as-code (IaC) standard: Terraform repositories showed the highest growth trajectory of any package type since May 2022, indicating companies see the benefit of moving IaC files to a full-featured, binary-based, secure management solution.
  • Growing Variety and Size of Software Artifacts: Companies typically support an average of seven package types and manage more than 100,000 artifacts, with the size of those artifacts steadily increasing alongside the widespread use of containerization technologies like Docker and Kubernetes.

About the JFrog Software Artifact State of the Union Report

Packages and binaries are the true components used by enterprises to deliver software from design to production.  With the widest support of programming languages in the industry, millions of developers, and 7K+ customers worldwide – from single users to the largest FORTUNE 100 enterprises – the JFrog Platform and JFrog’s Software Artifact State of the Union report is among the industry’s most reliable snapshots of the latest development trends and programming design preferences to consider when launching new development initiatives, hiring, or upskilling yourself or your team.

For deeper insights from the JFrog Software Artifact State of the Union report visit https://jfrog.com/artifact-state-of-union/, read this blog, or join us on Tuesday, February 28 at 9:00 a.m. PT for a virtual Coffee Talk via LinkedIn Live, “Software Artifact Trends in 2023,” with Sr. JFrog Solution Engineer, Bill Manning, and Sr. JFrog Product Marketing Manager, Sean Pratt.


Like this story? Tweet this: @jfrog shares insights on security, containers, memory-safe languages, and IaC trends in its 2023 #software Artifact State of the Union report. Learn more: https://bit.ly/3Y7OdBs    #SoftwareSupplyChain #DevOps #DevSecOps #cybersecurity #containers #rust #IoT

About JFrog

JFrog Ltd. (NASDAQ: FROG) is on a mission to power all the world’s software updates, driven by a “Liquid Software” vision to allow the seamless, secure flow of binaries from developers to the edge and connected devices. The JFrog Platform enables software creators to power their entire software supply chain throughout the full binary lifecycle, so they can build, secure, distribute, and connect any source with any production environment. JFrog’s hybrid, universal, multi-cloud DevOps platform is available as both self-managed and SaaS services across major cloud service providers. Millions of users and thousands of customers worldwide, including a majority of the Fortune 100, depend on JFrog solutions to securely manage their mission-critical software supply chain. Once you leap forward, you won’t go back. Learn more at jfrog.com and follow us on Twitter: @jfrog.

Cautionary Note About Forward-Looking Statements
This press release contains “forward-looking” statements, as that term is defined under the U.S. federal securities laws, including but not limited to statements regarding trending technologies to inform software planning, the software artifact state of the union report or other information regarding software packages maintained by developers.

These forward-looking statements are based on our current assumptions, expectations and beliefs and are subject to substantial risks, uncertainties, assumptions and changes in circumstances that may cause JFrog’s actual results, performance or achievements to differ materially from those expressed or implied in any forward-looking statement. There are a significant number of factors that could cause actual results, performance or achievements, to differ materially from statements made in this press release, including but not limited to risks detailed in our filings with the Securities and Exchange Commission, including in our annual report on Form 10-K for the year ended December 31, 2021, our quarterly reports on Form 10-Q, and other filings and reports that we may file from time to time with the Securities and Exchange Commission. Forward-looking statements represent our beliefs and assumptions only as of the date of this press release. We disclaim any obligation to update forward-looking statements.

Media Contact:

Siobhan Lyons, Sr. MarComm Manager, JFrog, siobhanL@jfrog.com

Investor Contact:

Jeff Schreiner, VP of Investor Relations, jeffS@jfrog.com