What software package types are actually leveraged in production-ready builds? That’s one of the questions JFrog’s new “Software Artifact State of the Union” answers. While there are many reports and indexes that look at programming language and tool popularity, JFrog’s new report is the first of its kind to examine what types of packages and binaries are leveraged in creating and delivering consumer-ready software. The report highlights the technologies you should consider leveraging in your software supply chain in 2023 and highlights the driving forces behind these technology adoption trends.
Join JFrog Senior Solution Engineering Manager, Bill Manning, and host, Sean Pratt, for a LinkedIn Live session detailing what the results of this new report indicate about the future of software development, based on first-hand experience assisting 100s of organizations transform their DevOps approach. Bill Manning will discuss:
- Key findings from the report
- Industry trends that have shaped development over recent years
- What to expect in 2023 and beyond
- Your questions about the report
Register here to see this resource
Transcript:
Sean Pratt:
Welcome to our first ever JFrog LinkedIn live event. I’m Sean Pratt, your friendly marketing manager. I’m here with Bill Manning. Say, “Hi,” Bill.
Bill Manning:
Hey, guys, how you doing?
Sean Pratt:
Awesome and we’re here to talk about our recently announced Software Artifact State of the Union Report. If you haven’t checked it out, I think it might flash on the screen or a link to it, at least. Go look at it real quick while we banter and warm ourselves up a little bit.
Bill Manning:
In this nice, Between Two Ferns, almost looking kind of set here.
Sean Pratt:
Between three palms if you will.
Bill Manning:
Yes, we’ll go with that instead.
Sean Pratt:
Awesome. So if you haven’t checked out the report, please do so. It will be helpful so you understand what the heck we’re talking about here.
Bill Manning:
Oh, here we go. Little flash.
Sean Pratt:
It’s free, it’s online, it’s not gated. Go to the link and check it out but before we get started, let’s get to know Bill a little bit better, because he is really the star of the show. I’m just a talking head. He’s the person with a brain. Bill, is it fair to say that you’re a technologist?
Bill Manning:
I guess we’ll go as far to say that. I’ve been called worse, so I mean, absolutely. I’ve been doing this for a long time, obviously, with this little light on my face.
Sean Pratt:
Are you a coder at heart?
Bill Manning:
I am completely a coder at heart. I started that way. I still do it to this day. I’m fortunate enough to actually have it as part of the things that I do here at JFrog, which is, besides educating, I need to learn myself. So being a technologist is constant learning and that’s what I love to do.
Sean Pratt:
Awesome. So Bill is definitely qualified to talk about this report, share his insights, which is going to be helpful because I don’t know anything but another fun fact about Bill is that Bill and I are actually both from Long Island originally.
Bill Manning:
Yes, we are.
Sean Pratt:
So Bill, a very important question to know for any Long Islanders who might be watching, what’s your go-to bagel order?
Bill Manning:
See, for me, it’s in my hometown, Oceanside, New York and it’s the 24-hour Bagel Deli. Any place that you can get a bagel at 2:30 in the morning and have the best bagel, yeah, it’s all good for me.
Sean Pratt:
Awesome.
Bill Manning:
Now we won’t get into the pizza debate, because that’s a highly contested thing.
Sean Pratt:
We might come to blows if we get into pizza.
Bill Manning:
We’re both from Long Island, and that’s the only time it ever comes out is when I say the word Long Island.
Sean Pratt:
There you go.
Bill Manning:
All right, let’s kick this bad boy off.
Sean Pratt:
Let’s go. First…
Bill Manning:
Let’s talk about packages.
Sean Pratt:
Let’s talk about packages. For those that are watching, if you have questions, please throw them in to the chat or however it works with LinkedIn Live. Again, this is our first time doing it, so ask questions, we’ll get to them. I have a bunch of questions for Bill, but we’ll also take your questions and we’ll have some time at the end for that.
So let’s get started with the first question here, Bill. So it’s about Polyglot development. We saw that there was an average around seven technology types that people use in their SDLC, but that goes up to 20 plus technologies. Do you expect organizations to consolidate around technology types over time or is it going to continue to be super flexible?
Bill Manning:
Flexibility is actually the key aspect behind this. The thing is when corporations, and especially when you have coders and architects who work on software, you always want to make sure you use the appropriate stuff for what you’re trying to build. You’re not going to use one technology over another that say, we’ll give an example, we’ll talk about it later on in more detail but say you’re doing things like IoT devices when we get into this a little later on, you might use CNC++ because of its global level abilities. In the past with a lot of these IoT devices, it used to be things like Java, you use framework called OSGI and now that’s kind of evolved in stuff like Rust, because Rust has some stuff, and we’ll talk about how Rust has increased over time, but you pick the technology that best suits the actual problem you’re trying to solve.
So web-based technologies use things like Docker images with Kubernetes for scale and use things like MPM maybe with React JS or something else or if you’re going with more of a backend type of system, you might use something like Java or you’re doing something like Machine Learning ML, you might go towards Condor or Python. So the thing is, is that the package types really are dictated by the problems that the companies are trying to solve. So most companies are Polygon because they want to use the appropriate technology for the appropriate problems they’re trying to actually solve.
Sean Pratt:
Awesome. That makes total sense. So do you think that the flexibility and the breadth of technology types leveraged by given companies, is that what’s driving the large volume of artifacts-
Bill Manning:
Absolutely.
Sean Pratt:
That organizations have to manage?
Bill Manning:
Well, it’s a combination of that and also too the fact that we’ve all known how DevOps has taken over since 2006 when the CTO of Amazon came out and said, “You build it, you run it,” and the thing is, is that when we start looking at the increases, because the number of builds are increasing, it’s better to release smaller features more rapidly, as quickly as possible as opposed to the days when I started back in the 18 days when we used to do quarterly releases, two weeks of planning through two and a month and a half or so of coding, then we go in and we do testing. Now it’s all become this automated world where you check in your code, it auto builds, it tests, it does the functionality behind the scenes and it releases.
Faster releases mean are better for companies because it means they can get the features to their customers faster and what’s really nice about that is, is that with these frequency of releases, that does mean increase in the number of things being used, the number of builds being built but it also means that companies, like I said, are able to attribute to their users to provide them with the best solutions, best fixes, best performance increasements, whatever, more rapidly. So yes, the frequency does increase and it will increase over time and that will constantly be that way.
Sean Pratt:
So what I’m hearing you say is that exponential growth in artifacts to manage is going to happen-
Bill Manning:
It’s going to happen.
Sean Pratt:
It’s going to be the norm. You’re going to have to have more stuff that you’re just kind of managing in your system.
Bill Manning:
Right. Exactly. Now later on we’ll talk about some of the other things where the methodologies are changing, where things are getting simplified, but in terms of the number of builds, the number of packages, things like that over time that will still stay relatively the same or will actually start to increase. We’ve actually already exponentially soon it grow just because like I said, the frequency of releases but at the same time, I think that’s going to stay steadfast over time.
Sean Pratt:
Awesome. So I want to shift gears a little bit, talk about a topic that’s very buzzy, Cloud Native, everyone loves Cloud Native, I love Cloud Native. So we saw massive usage of Docker. I mean it’s blown up. I mean, I think it’s fair to say that it’s mainstream adoption is being used everywhere.
Bill Manning:
Oh it’s already mainstream and that’s actually gone way above and beyond that.
Sean Pratt:
And when we see things like Helm usage going up, we just launched Terraform support last year and that has had some of the fastest adoption of a package usage in our factory that we’ve ever seen. Why are folks going this route? Why is Cloud Native so popular?
Bill Manning:
Oh absolutely. I mean if we go back to some of the core tenants of the reason why, first of all why Docker became into prominence. Docker allowed virtualization, allowed control of the environment for the deployment of software. That got adopted by things like 12 Factor, which is one of my favorite development methodologies, which is the idea is that you remove that factors of it works on my machine and by doing that, the 12 factor adopted the methodologies of actually using Docker images to do coding. So the same OS that you’re building on is the same OS you’ll be deploying into production and so the thing is that the next part of this was of course orchestrated issue, which is how there was Docker Swarm first, how do you attribute to scale and then Helm came about, right and we’re very steeped into Cloud Native.
The idea is virtualization orchestration of environments allows for attribution for things like rapid demands, scaling up, scaling down, being able to deploy new services because DACA allows you to build smaller services so they’re more manageable and then Terraform came in and allowed for more rapid ability to go ahead and change the infrastructure right, on the fly. So this way you can change attributes and values in the way things are executed on runtime. This is very attractive to a lot of corporations because in the past you’d have to go buy a lot of servers. I remember the days of actually having to go and purchase servers so we can have increased back in the dot com era and then over time now it’s like now you can have the virtualized stuff and you have of course cloud.
When cloud came into being with with AWS, Azure, GCP, Kubernetes came in and now you have virtualized infrastructure. Now virtualized infrastructure allows companies to have a lot more flexibility over time and thus making it easier to maintain even though it’s highly complex. We’ll talk about that too of some of the frustrations that’ll come out with DevOps because DevOps is great. DevSecOps with security on top is a necessity well, with software supply chain but at the same time, coders got a lot more than they anticipated. Coders want to code and now they have to do things around infrastructure and they also have to do things around scaling. These need to be mental facets that they need to keep in mind when they’re actually building their software.
Sean Pratt:
All right, Bill, I want to ask you a curve ball question.
Bill Manning:
Absolutely.
Sean Pratt:
It wasn’t planned.
Bill Manning:
I like curve balls.
Sean Pratt:
Why would someone not go Cloud Native?
Bill Manning:
Here’s the thing is that there are situations where they may not go Cloud Native where they might need to have a hardware based infrastructure to support it. There are a lot of legacy technologies out there that cannot be ported over just yet. We do see this. We have a lot of companies that have more legacy based stuff where they’re like, “Look, we want to get there. It’s just operationally we can’t,” or in some cases there might be some use cases like we have a lot of government customers. We’re in Platform One, we’re in Iron Bank and part of that is yes, that there are virtualizations that they do have, but there are some that rely on things like hardware based encryption for maybe high scale items, for more safety and precautionary methods and then in other cases it might be more hardware based too, where it might be a device-based solution or things like that where you need to have a hardware based as opposed to an orchestrator or virtualization around it.
Sean Pratt:
That makes total sense. Moving on to the actual next question that I was supposed to ask you. So one of the things that really jumped out to me was when we looked at the top of the top most leveraged packages, Docker, Maven, millions of peoples, just like tons of usage, right?
Bill Manning:
That’s correct.
Sean Pratt:
So do we ever see these kind of younger or newer languages catching up in terms of adoption to the likes of Java? We’ve heard, is Rust the new Java, we’ve seen Cargo get a lot of adoption.
Bill Manning:
Well Cargo is Rust, right?
Sean Pratt:
Yes.
Bill Manning:
So yeah, we have those together and absolutely. You know what’s funny is, is that you mentioned that because like I said, we got an old guy like me who’s been doing this for a long time. I mean I’ve been doing this since the late ’90s and the thing is, even back then, my company, we had the first web-based CRM products. So we were playing around with a lot of very infantile JavaScript because it allowed us to do a lot of browser-based stuff but the thing is that towards the end of the 2008, 2009 when we started getting into these eras, and towards 2010, MPM came about. MPM, its usage went through the roof and the reason why is because you could do as a developer, and this is one of the things I actually built two companies based on this technology.
The thing is, I was the founder of these companies that we built using MPM, using Node because we could do front end and back end together. That was just eye-opening and the adoption went up. So almost every website of this Web 2.0 era that came about and then going into things like Facebook and Twitter and all these application, all these apps that were out there on the web were all built in this, right and the reason why is because it was perfect for the usage. It allowed backend manipulation of data, front end presentation with active… The ability, now we’re using Ajax, when Ajax was new and all this stuff and then what came about was being able to actively update these websites.
Now we see this movement towards Rust and why are we seeing a movement towards Rust is the thing is, that it’s got the power of CNC++ because actually CNC++ is operationally extremely fast but Java, when Java came about, the reason why Java because Java got rid of some of the problems of CNC++ with memory management and garbage collection.
Well, Rust has actually inherited that. So Rust has garbage collection. Part of the compilation, cause you compile it to run faster is we don’t need to run time. That’s the reason why when we talk about IoT devices, why it’s becoming so popular but on top of that, it’s thread safe. The tools actually go ahead and unless if you’re coding something incorrectly, think about that. You used to have to do this manually yourself, test it, make sure that memory allocation and things like that were being handled. Rust does this for you. So the adoption of it is because it’s easy to use, it compiles fast, lack of runtime, it can do everything from web development to device management to actually operational things that you might run on the surface. It’s actually… I’ve become a real Rust devotee-
Sean Pratt:
I can tell a bit.
Bill Manning:
It’s amazing. We actually just… This is the thing at Rust Nation, we actually… One of our guys, Stephen Chen here is actually the chair of Rust Nation and of the Rust Committee of the Rust Board and the thing is that I think it’s really interesting, it’s a dichotomy that everybody has. It’s like you can’t discount the fact that CNC++ to this day, 50 plus year old language of C is still powerful but the thing is, it has problems and Rust went in to attribute to those problems and make it easier for people to move two things at the scale and speed at which Rust offers with Cargo and it’s also package based. I mean, don’t get me wrong, CNC++ has Conan now, which we brought to the world but on top of that, Rust has the same idea, package management, which means that you can leverage other people’s code to do your code better.
Sean Pratt:
I want to ask a follow up question to this before we transition into our next question. So when exactly do you think that usage of a language like Rust or Swift or one of these newer languages, when will they be at the same level as [inaudible 00:14:28]?
Bill Manning:
When does it hit the event horizon?
Sean Pratt:
Yeah.
Bill Manning:
So I think that’s the thing, I don’t think that there is a point. I think that one of the key.. I mean look at this. I mean, like I said, I just mentioned C, right? C has been around for 50 years-
Sean Pratt:
And people still Python C.
Bill Manning:
Right. I mean, think about this, the Python code that SpaceX uses to launch into space are Python and the algorithms behind it are the same algorithms that were used for the Apollo program but the thing is that they evolve, they change, the adoption is still there and sometimes they attribute to trying to go ahead and become the next thing. But a lot of times these languages I think are just constantly evolving, they adopt. Something new will come out soon, in the next couple of years. I think Rust will find its place. I think there’s other ones too. I think there’s still a lot of room for movement. I still think that there’s a place out there for somebody, I mean, we have R and stuff for doing ML and stuff like that, but I think there might be something better. I’m sure that there’s people out there right now working on something better to accomplish the same task. They’ll release it. There’ll be a slow adoption. Somebody will find something that it fixes a problem on and the adoption will go up.
This is what happens. I mean, Rust is a very young language. It’s five years old, it’s just a little over five years old and the thing is, if you think about it, for the first couple of years, it kind of had a little bit of stumbling and then it ramped up and then suddenly people looked at it and went, “Oh my God, these are all the things I can do with it. Wow, this is pretty amazing,” and then people talk, right? Nerds like to talk about this stuff.
Sean Pratt:
Totally.
Bill Manning:
I do all the time, obviously.
Sean Pratt:
Yes, you do. We wheel bill out a lot from the marketing perspective and we love him.
Bill Manning:
They pull me out of the dark DG room where they keep me and feed me where I produce stuff.
Sean Pratt:
Yeah. So you mentioned Conan before, and I think that’s a good segue into the next question and first of all, shout out to the Conan team. Conan 2.0 just dropped last week.
Bill Manning:
Diego and Luis, two of my favorite people and their team are amazing. By the way, they are two people. We always refer to them as Diego Luis, but they are two people.
Sean Pratt:
Separate. If you haven’t seen the news or checked that out, yeah, please read about Conan2.0.
Bill Manning:
It really changes the game, by the way, in terms of, CNC++ development. A lot of the problems that Conan, just CNC++ faced, some of the things that we recognize as being false have been fixed. So definitely check it out, read the docs, it’ll make your life 10 times easier, especially if you’re doing C.
Sean Pratt:
Absolutely. So on that CNC++, Edge IoT, right? They’ve traditionally gone hand in hand.
Bill Manning:
Correct.
Sean Pratt:
You know, can’t hardly get a dumb device anymore. We’ve got a smart toaster downstairs in our office, which scares me. So what are you expecting to see in the world of IoT development? You touched on Rust a little bit, but let’s double click on this area. What are you expecting?
Bill Manning:
So I’ve got a lot of background in this, right? So I mean, I had a company back in 2006, 2007 when we started called For Home. We were actually Iot before Iot. Won a bunch of CES awards. We actually had to write our own platform to do this. A lot of the technology in IoT devices are actually, that were patented, and when we sold the company, the company that acquired us just wanted our patents because we had a lot of these but the thing is, like you said, IoT devices have really come to prominence. It’s become such a blanketed term. Sometimes, it really hits me weird to think that Iot is now just all encapsulating basically any device that could be a smart device or a connected device.
Like I said, we called ourselves The Connected Home before IoT was a name and the thing is that, that has evolved over time. If we go back to really the catalyst for a lot of this stuff, everybody talks about Crestron and all these things, the home of the future really was the kickoff for it, but it’s much more than that. It’s industrial, it’s automotive, it’s anything that it could be, but the thing is that there are certain constructs that are utilized throughout all of it that are still constant like C and C++ are still low level device things that you’ve used to program on PCBs and PCU boards and things like that for these devices. Rust is taking over but some other ones like Gateways, like Home Gateways, back 10 years ago, 12 years ago, OSGI was the big thing, the Open Source Gateway Initiative, it was Java based, you created jars with service functions, you would push them down to a device that had this device framework and they would run and then things, certain devices, and then they switch over to Docker actually.
A lot of these device gateways and stuff like that use Docker, right, because you can have small little busy box images that are very tiny in their nature and you could deploy services and whatnot. C has always, like I said, been the device portion of this, but that’s actually being also overtaken by Rust because of its threat safe nature and all those kind of things that really fix what CNC++ did, but also too, the lack of a run time.
That’s a huge thing for devices. That means it frees up space on those devices where certain ones like Java, you need a Java run time. You need to have a Java run time to operate Java. So CNC++ can operate natively inside. Same thing with Rust, right, it’s a compilation, you compile it’s small size, it has all the things you need in it and the thing is as these number of devices increases, and we can actually go back to the idea of package types and the number of deliveries going up, because [inaudible 00:20:15], I mean, what is it? I think it’s going to be 74 trillion something devices or something insanely-
Sean Pratt:
It’s unfathomable.
Bill Manning:
Like bazillion devices in the world and the thing is that each one, like you said, almost every device now is a smart device. I mean, God, think about the Apple Pencil or it’s in your hand, or I mean with me, I’m wearing devices, I’ve got your Apple Watch, I’ve got my Loop Band. These are things that I utilize. So the thing is that when you’re a developer, you want to use once again tool sets that are really the best and when it comes to IoT, CNC++ and now REST are really the key components and Conan 2.0 really actually helps a lot, especially when it comes to the device management and stuff like that because of some extra components that were learned that were brought in for Conan2.0 and then, like I said, I’ve seen a lot of companies that I work with in terms of education on how to use our platform really, I see a lot more, like I said, Rust to me is insane.
I just cannot believe the quick adoption of this. It reminds me, like I said, of MPM, it reminds me of Java, it reminds me of the hot language that’s now and yeah, IoT though managing those devices, managing those software updates is really essential and we are a key factor in that as a platform with the ability to go from developer to device and being able to actually travel through the entire SDLC, software development lifecycle, the entire journey.
So it’s pretty amazing. I’m actually… I love the industry I chose to get into early on in my career because it’s constantly evolving, it’s constantly changing. You always have to learn something new. If I was doing a standard desk job, I would probably go out in my freaking tree, but at the same time, it’s like I love the fact that we’re in an industry, as you said, coders are artists and I love being surrounded in a world of Da Vinci’s. These people that are just… Build stuff and create and it’s all about creating art with the form and function that you need and then using the proper tools to do it. If I’m going to sculpt a statue, I’m not going to use paint. So like I said, it’s always the appropriate technology for the thing you’re trying to do and then trying to build that is exciting.
Sean Pratt:
Totally. All right, Bill, before we get into my next question, I just want to remind everyone out there watching us if you have other questions, we’ve had some come in that I’ve been able to pepper in here for Bill, keep him on his toes. If you have any other questions, now is your time. We’re getting close to the end of our stream here.
Bill Manning:
Bob and weave.
Sean Pratt:
But Bill, one thing that recently came up in recent news, I have an article link here. I don’t know why I dropped the article link as if I’m going to show it to anyone or spell it out. There’s an article link here.
Bill Manning:
He’s just going to give it to me, put it in my head for that browser built into my skull.
Sean Pratt:
But essentially-
Bill Manning:
Neuralink.
Sean Pratt:
Yes. US officials, a lot of people are asking organizations to look at how their practices and using memory safe languages and that sort of thing. Obviously we had SBOM recently, it seems like more and more we’re getting government agencies, these official bodies being like, look, software industry developers, technology companies, we need you to help step up and deliver more secure software.
Bill Manning:
Absolutely. It’s the biggest threats to software right now is the software supply chain. I mean, 2021, there’s a 650% increase in software supply chain attacks. Last year there was a 40% increase on top of that. Think about that and the reason why you brought up SBOM, right and that was actually part of the May, 2020 initiative by the actual government to say, let’s go ahead and fix the nation’s cybersecurity security. Actually it was section four of sad, I know that, but section four defined securing the software supply chain. Remember 85 to 90% of the stuff that software developers use to build what they’re doing is someone else’s. My favorite quote is that every time you do a PIP install, you do an MPM install, whatever it’s the equivalent of finding a USB key on the street and plugging into your production server.
Now, the thing is that actually this goes back even farther than that. This goes back to 2018 with the Food and Drug Administration because think about it, let’s go back to IoT devices, pacemakers, ventilators, these are all devices that run on software and the thing is, is that the reason why it was put in place initially before the Biden Administration jumped onto it was the fact that devices can kill. These are things that keep people alive and if the software that you’re building has stuff in it that is potentially nefarious or malicious, I mean, you literally can kill somebody and the thing is that, or launch missiles, let’s think about all the deadly things that software is used for. There’s the altruistic, there’s that, but of course there’s also the defense industry. There’s also other things like that.
Let’s look at something like SolarWinds, that was a fourth level transit of dependency attack. It came in associated to other pieces of software, other dependencies, dependencies and dependencies of dependencies. It was an indirect transit dependency, not implicit, that caused 18,000 companies globally to be affected. I mean, think about that. That’s insane. It was a $100 billion worth of remediation globally. It affected governments and the thing is, is that was really the wake up call to say, yeah, this could be very serious. So the thing is making sure that you do things like shift left, give your developers the ability to still do the creativity that they do, but still ensure some level of security by making sure that those dependencies that they use are safe and I mean compliant, they’re not typo squatting.
Typo squatting is where somebody out there has created a nefarious package with an E before I, instead of an I before E in the name, right, things like that. Making sure that not only is it just up front and shift left at the developer, we’re actually, by the way, just so that you know, it’s actually where you get the maximum ROI, it’s a hundred times more expensive to fix in production than it is to actually do it at shift left but also maintaining that entire security structure through the entire process while you’re doing it, is also essential and even after the fact and the software Bill of Materials, all that does is provide a list of ingredients to your customers or to the government to say, these are the things that I use and some companies have exclude lists that when they go through, they’ll go it and say, oh, by the way, we don’t accept this license type, or we don’t accept this software type because it’s been reported that it blows up the world.
Sean Pratt:
World. So then it seems like with all of these security focused initiatives, is that going to impact the technologies that certain companies might use in their software supply chain, like we’re only going to code in this or…
Bill Manning:
It shouldn’t, but it does. So the thing is, is that sometimes the people who make these decisions might not have the full picture and might be very knee jerk. They read an article and they say, “Oh my God, we need to stop using this because of a potential threat,” without analyzing or understanding that potential threat completely and the thing is that making sure that you have all the pieces attributed to and putting in software tooling that allows you to go through and make sure that those components are safe and secure should alleviate that. One of the things that we’re trying to do here at JFrog is of course that. We have our product that goes end to end, provides that level of security to make sure those binaries that you’re using to build your software, those transitive dependencies are compliant, they’re safe, they’re secure. So this way it allows you to have a little bit more ease, allows you to do more time on innovation and less time on remediation. The more time you remediate, it costs you more money because you’re not able to get those features out faster.
Sean Pratt:
So I’m hearing you say that you can still have the flexibility and you can still deliver secure software if you have you have the right [inaudible 00:28:57].
Bill Manning:
Just make sure you have the right technology to back you in that respect, make sure that you’re evaluating all the things that you’re using before you give it to your customers or deploy it into your production or whatever.
Sean Pratt:
Cool. All right. We’re just about at time for our stream. So that means it’s the final question and Bill-
Bill Manning:
Five seconds on the clock. Oh, sorry. No, that’s a different thing.
Sean Pratt:
This is one of your favorite, let’s look into Bill’s crystal ball and where do you see software development going over the next year so that when you and I sit down again next year, what are you going to be talking about then?
Bill Manning:
I’ve been talking about it a lot and I see you smiling because I’ve been yelling about it for a while. Platform engineering companies are… DevOps is still king, so DevOps will still be there but the idea of consolidations of tool sets basically giving developers more time to develop, removing a lot of the things that they had to do around infrastructure and whatnot, consolidating the tools into more simplistic tools. So instead of the sheer vast number of tools that came about during this growth period of DevSecOps and DevOps, we’re going to see a retraction of tools more multipurpose, I think more simplification of tool sets and tool chains and standardization across companies as opposed to before giving each team the ability to use whatever technology they want, it became a little unmanageable for ops teams and whatnot, more responsibility on developers.
I think you’re going to see retraction of that. I think you’re going to see it become more automated. I think you’re going to see less tools, more base fundamental tools like our Jfrog platform, its end to end. It’s a great base foundation for all of that and you can use other tools that you want to use to do this, but I think we’re going to see more platform engineering take purpose where developers can do more developing as opposed to more less operational. So they want to pull back more operational stuff and do more development.
Sean Pratt:
So maybe it’s flexible standardization.
Bill Manning:
Exactly. I think that’s what we’re going to see more of a push towards, especially with the recession coming up, it’s going to be more of a retraction of tool sets, simplification and expedite it and also more automation, more things that take it out of the developer’s hands and have it do it behind the scenes, like use metadata to create things as opposed to having to do any sort of manual process.
Sean Pratt:
Awesome. I mean, I think that’d be great for everyone. I’m sure everyone will be thrilled if that happens.
Bill Manning:
I guess we’ll know.
Sean Pratt:
Put your, remind me for this time next year and we’ll see if Bill’s prediction came true.
Bill Manning:
See you in 2024.
Sean Pratt:
Oh my gosh. That’s weird to you even think that.
Bill Manning:
Yeah.
Sean Pratt:
Cool, with that, we are over time. Bill, thanks so much for sitting with me for having this conversation. Are we going to fist bump?
Bill Manning:
Oh we’ll fist bump and go…
Sean Pratt:
Thanks everyone for joining us. We hope to see you again. If you like this stream, let us know. If you have feedback on the report itself, we’re going to be running this report annually. We’re looking to improve it. You can drop us some comments. Your thoughts at pr@jfrogg.com. Yes, that’ll go to our comms team, but they love to hear from you and they will feed all of us the feedback on that. Thanks everyone for joining us. Bill, thanks again. Always appreciate your time. We’ll see you guys next time. Bye, everyone. Thanks for joining us.
Bill Manning:
Cheers, everybody. Be safe, be wonderful, be well.