CI CD

The latest News and Information on Continuous Integration and Development, and related technologies.

The History of CI/CD

Oct 6, 2021 By VMware Tanzu In VMware Tanzu

When you’re new to an industry, you encounter a lot of new concepts. This is especially true with DevOps, a fairly young corner of tech where things move very quickly, by design. Some of the concepts we consider central to DevOps are actually pretty old, though, predating the birth of DevOps by a decade or more. Without this context for how things evolved, and for the specific ways in which software development was more difficult without the methodologies and toolsets we have today, grasping the "why" for modern abstractions can be difficult. Without understanding the "why," learning to use a new tool well isn’t as easy as it could be.

View Video

VMware Tanzu

Read more about The History of CI/CD

23andMe's Yamale Python code injection, and properly sanitizing eval()

Oct 5, 2021 By Andrey Polkovneychenko and Shachar Menashe In JFrog

JFrog security research team (formerly Vdoo) has recently disclosed a code injection issue in Yamale, a popular schema validator for YAML that’s used by over 200 repositories. The issue has been assigned to CVE-2021-38305.

Read Post

JFrog

Read more about 23andMe's Yamale Python code injection, and properly sanitizing eval()

Get Cybersmart with JFrog This October

Oct 5, 2021 By Michal Brenner In JFrog

We live in a world of increasingly connected devices – phones, digital assistants, smart watches, cars, thermostats, refrigerators, windmills, and more. More than 50% of the world’s population is now online and two-thirds own a mobile device, according to the World Economic Forum. Additionally, the codebase of today’s applications typically consists mainly of open source components – exposing them to greater risk of hacking than ever before.

Read Post

JFrog

Read more about Get Cybersmart with JFrog This October

The Vulnerability Conundrum: Improving the Disclosure Process

Oct 4, 2021 By Asaf Karas In JFrog

The vulnerability disclosure process involves reporting security flaws in software or hardware, and can be complex. Cooperation between the organization responsible for the software or hardware, and the security researcher who discovers the vulnerability can be complicated. In this blog we’ll look at the vulnerability disclosure process, the parties involved and how they can collaborate productively.

Read Post

JFrog

Read more about The Vulnerability Conundrum: Improving the Disclosure Process

Fold Your Repos Into PHP Composer v2 with Artifactory

Oct 1, 2021 By Barak Hacham and Gianni Truzzi In JFrog

If you’re among the nearly one in four professional developers using PHP (according to StackOverflow’s 2021 survey), then the maintainers of Composer would really like you to migrate from v1 of the PHP package manager to v2. On October 24 2020, Composer 2.0.0 was released with some major improvements.Since almost eight out of every ten websites on the internet use PHP in some way, that’s a change with big impact.

Read Post

JFrog

Read more about Fold Your Repos Into PHP Composer v2 with Artifactory

Using Helm with GitOps

Sep 30, 2021 By Hannah Seligson In Codefresh

This is the first of many posts highlighting GitOps topics that we’ll be exploring. Within this post, we will explore Helm, a tool used for Kubernetes package management, that also provides templating. Helm provides utilities that assist Kubernetes application deployment. In order to better understand how Helm charts are mapped to Kubernetes manifests, we’ll explain more details below and how to use Helm with and without GitOps.

Read Post

Codefresh

Read more about Using Helm with GitOps

Performing database tests on SQL databases

Sep 30, 2021 By Fikayo Adepoju In CircleCI

Testing is one of those activities that if not exhaustive will not have its complete impact on your software development process. Oftentimes developers are only concerned about testing the application layer of the system (a.k.a the codebase) and ignore testing the data layer (the database) which is also as important as testing the code itself.

Read Post

CircleCI

Read more about Performing database tests on SQL databases

The Importance of Prioritizing Product Security

Sep 30, 2021 By Sarit Tager In JFrog

Achieving comprehensive security for the products delivered and deployed by organizations is becoming more difficult, due to a variety of factors. A key one is the growing volume, variety and complexity of software and connected devices in use. Another is the overwhelming risk of inherited software supply chain exposures. The result: Companies struggle every day to provide software with optimal security and protection against malicious activities, takeovers, data theft, and commercial sabotage.

Read Post

JFrog

Read more about The Importance of Prioritizing Product Security

CircleCI Achieves Significant Business Growth as Companies Increasingly Invest in Software Development

Sep 29, 2021 By CircleCI In CircleCI

The leading CI/CD provider celebrates more than 200,000 teams using their platform at its 10 year anniversary.

Read Post

CircleCI

Read more about CircleCI Achieves Significant Business Growth as Companies Increasingly Invest in Software Development

CircleCI at 10 and a look ahead

Sep 29, 2021 By Jim Rose In CircleCI

Today is CircleCI’s 10-year anniversary. I sent the whole staff an email that captures the sentiment of this important moment and I wanted to share it with you here. It offers a glimpse into what we’ve accomplished as an organization in the last decade and how much more we’ll accomplish in the decades to come.

Read Post