Contextual Analysis for Python, Java, and JavaScript with JFrog Frogbot

Contextual Analysis for Python, Java, and JavaScript Projects with JFrog Frogbot

When scanning packages, CVE (Common Vulnerabilities and Exposures) scanners can find thousands of vulnerabilities. This leaves developers with the painstaking task of sifting through long lists of vulnerabilities to identify the relevance of each, only to find that many vulnerabilities don’t affect their artifacts at all. Vulnerability Contextual Analysis uses the artifact context to eliminate …

Check Out JFrog’s New Community Site for Developers

JFrog has been hard at work behind the scenes restructuring how we share information with the developer community. We wanted to create a one-stop resource for developers who code in a variety of languages, with a focus on DevOps, DevSecOps, and cloud native technologies. So without further ado … let me introduce you to our …

Log4shell Vulnerability Explained

Log4j Log4Shell 0-Day Vulnerability: All You Need To Know

On Thursday, Dec 9th 2021, a researcher from the Alibaba Cloud Security Team dropped a zero-day remote code execution exploit on Twitter, targeting the extremely popular log4j logging framework for Java (specifically, the 2.x branch called Log4j2). The vulnerability was originally discovered and reported to Apache by the Alibaba cloud security team on November 24th. …

Transformers ‘21: Melissa McKay, Developer Advocate, JFrog

As we continue our series on JFrog “transformers” in honor of International Programmers Day, today we meet Melissa McKay, a Developer Advocate on the JFrog Developer Relations team. Melissa’s career has taken her from writing code to presenting her tips and techniques to other developers all over the world. A true transformer, she wears many hats …

Java 16 Commits to Git and GitHub: A Personal Reflection

A Stroll Down Memory Lane I was introduced to Git and GitHub in May of 2014 – just shy of 10 years since Git was created in 2005. That same day I was also handed a MacBook Pro laptop and an IntelliJ license, the main tools with which I was to begin my new role …

Java Artifacts Just Got Better: jpackage is Production Ready in Java 16

TL;DR JDK (Java Development Kit) 14 added an incubating feature to the Java toolkit – the ability to pack a self-contained Java application. The newly released Java 16 takes it to production, and you are going to learn all about it. If you shudder thinking about compilation for different platforms, I know the feeling. One …

Bintray Blog

Enjoy Bintray and use it as pain-free gateway to Maven Central

UPDATE: As of May 1, 2021 Bintray services will no longer be available (ConanCenter and JCenter are not affected) for more information read the Centers Deprecation Blog   What does it means when some tool or framework has literally dozens of guides, pages long each? It probably means that it is popular, or complicated to …

Bintray Blog

Nodeclipse: 500k downloads per month and counting!

UPDATE: As of May 1, 2021 Bintray services will no longer be available (ConanCenter and JCenter are not affected) for more information read the Centers Deprecation Blog Paul Verest, the Nodeclipse project lead posted to the Nodeclipse blog about his experiences with Bintray. He talks about how the Bintray distribution platform freed up resources to …

Bintray Blog

Stay in Context, See the World

New release, new features! Focus on what’s important You know, Bintray supports various repository types, like Maven, YUM and Debs, and more types to come. But sometimes all those goodies are just too much. You want to see and search for only certain type of packages (e.g. focus only on Maven jars to use Bintray …

Bintray Blog

Tracking New Java Libraries Has Never Been Easier!

Want to know when a new version of $YourFavoriteJavaLibrary is released (and I mean – any Java library)? With Bintray, it’s one-two-three. Go to bintray.com and search. Click on the package you’d like to watch. Click “watch”, (log in if needed). Done. Watch your mailbox, you’ll get an email. It can’t be simpler than this, …