Home / Companies / JFrog / Blog / August 2018

August 2018 Summaries

7 posts from JFrog

Filter
Month: Year:
Post Summaries Back to Blog
JFrog CLI is a compact client designed to streamline command line interactions with JFrog products, enhancing functionality and efficiency when managing Artifactory repositories. It offers key advantages such as enabling smart and efficient file-system backups with symlink support, managing storage in Git LFS repositories by removing unreferenced files, and providing customized cleanup options through File Spec patterns and Artifactory Query Language (AQL). Additionally, JFrog CLI extends build integration capabilities to any development ecosystem beyond Artifactory's native build integration feature, facilitating seamless CI/CD pipeline integration. It also enhances REST API automation with advanced features like wildcards, multi-threading, and dry-runs, making it a versatile tool for scripting and automation. As an open-source project, JFrog CLI invites community contributions on its GitHub repository.
Aug 30, 2018 639 words in the original blog post.
Pulumi enables developers to specify cloud infrastructure using familiar programming languages, allowing them to benefit from features like static analysis and type checking while creating and reusing cloud infrastructure components through package managers such as npm. An example Pulumi application demonstrates its capabilities by allowing video uploads to the cloud, using AI services for object recognition, and extracting thumbnails, with all cloud interactions abstracted into reusable packages to streamline development. This approach not only enhances productivity by letting developers focus on specific tasks but also promotes security best practices through centralized package updates. However, it introduces the challenge of managing package versioning and distribution, for which JFrog Artifactory provides a solution by handling code dependencies and build artifacts, ensuring reliable versioning and secure distribution. Pulumi's integration with Artifactory simplifies managing cloud infrastructure, making it accessible and efficient for developers.
Aug 29, 2018 670 words in the original blog post.
Over the past decade, the surge in data has driven companies to rely on real-time analytics for quick decision-making, with data scientists and developers frequently utilizing Conda for package management. JFrog has integrated Conda repositories into its Artifactory platform from version 6.3, offering Python, R, and other language developers enhanced scalability, security, and visibility. This integration provides users with full control over package deployment and resolution, addressing key DevOps challenges by ensuring secure data artifacts, version management, and independence from network dependencies through local and remote repositories. Users benefit from collaborative features, an intuitive UI for dependency resolution, and direct access to Conda package metadata within the Artifactory interface, making it a comprehensive solution for managing data science artifacts.
Aug 23, 2018 466 words in the original blog post.
JFrog Mission Control and Insight will no longer be supported after the EoQ2 '25 release, prompting the introduction of the JFrog Enterprise+ platform as a comprehensive solution for secure, efficient software release in multi-site development environments. This platform integrates JFrog's best offerings, including Artifactory, Xray, Access Federation, Distribution, Artifactory Edge, and Mission Control with Insight projects, to enhance the software development and deployment process. Enterprise+ aims to accelerate release cycles through zero-downtime processes, artifact auditing and tracking, and vulnerability detection, while also providing multisite replication and federated access management. The platform ensures continuous scanning for security vulnerabilities and license compliance issues, offers deep dependency analysis with an impact graph, and facilitates the distribution of immutable software releases to remote locations. JFrog Mission Control provides insights into the DevOps ecosystem, allowing for improved time-to-market and return on investment by offering a single dashboard for metrics and analytics across the software release flow.
Aug 16, 2018 939 words in the original blog post.
Managing security vulnerabilities is crucial when using Docker, especially when downloading binaries from third-party vendors, and JFrog Artifactory offers key solutions for mitigating these risks. Artifactory acts as a binary repository and helps address four main security challenges: controlling the content of Docker images by storing binaries in a centralized Docker registry, providing secure access through access tokens with flexible authentication options, enabling fine-grained access control to repositories, and detecting potential security risks with an integrated UI that shows vulnerability metadata via JFrog Xray. These capabilities ensure that only tested, QA’d, and secure binaries are included in Docker images, while also offering advanced access management and early vulnerability detection, thus enhancing the security of Docker environments in various organizational sizes.
Aug 08, 2018 1,062 words in the original blog post.
JFrog Artifactory has launched a new extension for integration with Azure DevOps and Team Foundation Server (TFS), moving beyond its deprecated plugin to offer advanced repository management for CI/CD pipelines, whether on-premise or in the cloud. This new extension enhances build processes by providing consistent access to build dependencies through a Generic Download Task, allowing builds to continue despite network issues or remote repository downtime. The extension also supports fully traceable builds by collecting detailed build information, making it easier to reproduce builds and manage the artifact lifecycle with build promotion capabilities. Compatible with Linux, MacOS, and Windows, the extension aims to streamline automated release pipelines, and upcoming enhancements will include support for various build tools like Maven and Docker. The extension is currently available on the Azure DevOps Marketplace.
Aug 06, 2018 582 words in the original blog post.
Kubernetes, a popular container orchestration tool among enterprises, offers significant automation benefits for application deployment but also introduces security vulnerabilities common in cloud-native technologies, similar to non-containerized environments. As the attack surfaces of such technologies expand, integrating security into the development process—known as "shifting left"—is crucial. NeuVector and JFrog have collaborated to enhance container security by integrating NeuVector’s real-time network protection and anomaly detection capabilities with JFrog Xray’s artifact analysis. This integration provides developers with proactive security insights and customizable response actions throughout the CI/CD pipeline. The NeuVector platform offers Layer 7 deep network inspection and integrates scanning results from JFrog Xray, enabling developers to better understand container vulnerabilities and behavior before deployment. This collaborative approach ensures comprehensive security coverage across the build, ship, and run phases, reducing the risk associated with Kubernetes deployments while maintaining operational efficiency.
Aug 01, 2018 798 words in the original blog post.