Today we’re sharing findings from The Total Economic Impact™ Of CircleCI, a commissioned study conducted by Forrester Consulting on behalf of CircleCI. The study revealed that CircleCI delivered a 664% return on investment (ROI) over a three-year period and highlighted that our platform increased developer productivity by 10%. This results in a greater efficiency value of more than $4.3 million, enabling organizations to increase engineering velocity that drives business success.

If you maintain a Ruby gem, you are definitely familiar with the recurring manual tasks surrounding the release of a new version. After doing this for a while, you inevitably start thinking that some of these steps could be automated. They can! With a few lines of code, you can bring the amazing world of continuous delivery to your project and increase the reliability of the whole process while freeing up some of your time. Double win!

In part 1 of our package repositories series, important terms like packages, metadata, dependencies, and upstreams were explained. In this part 2, we will take it further, diving into trends within the software landscape that have changed what developers and organizations want from a package repository. In recent years we’ve seen a push to use managed services in the cloud, automation, supply chain security.

JFrog Artifactory and JFrog Xray recently underwent a rigorous hardening process to earn accreditation for inclusion in the U.S. Department of Defense’s Iron Bank, a centralized repository of digitally-signed and hardened container images. In this blog post, we’re pulling back the curtain on the process, in order to share our insights and lessons learned with our customers and with the DevOps community at large.

With companies expecting software products to handle constantly increasing volumes of requests and network bandwidth use, apps must be primed for scale. If you need resilient, resource-conserving systems with rapid delivery, it is time to design a distributed system. To successfully architect a heterogeneous, secure, fault-tolerant, and efficient distributed system, you need conscientiousness and some level of experience.

As software applications grow in scale and complexity, the surface areas for security vulnerabilities and exploits grow with it. Modern development practices include large amounts of code reuse. First, in the form of language-specific standard libraries such as the C++ STL, the Golang standard library, and Microsoft.NET. Second, in the form of open-source libraries found on places like Github. Much of this code is built using other libraries, introducing a web of dependencies into modern software.

Today, we are excited to announce that Cloudsmith has secured $15 million of funding in our recent Series A round. This latest round will help us continue to build best-in-class technology for today’s software engineers and their organizations by evolving cloud-native package management and providing a secure, single source of truth for all software artifacts and assets.

U.S. Department of Defense (DoD) teams that manage DevSecOps software factories or that use DevSecOps factories to develop, secure and operate mission applications, need a trusted repository management system to store their local artifacts as well as artifacts pulled from Iron Bank, the DoD’s central repository of hardened container images. Artifacts that are stored include VM images, container images, binary executables, archives, documentation and many more package types.

Serving our customers in the public sector, including government agencies and contractors, is both a great honor and a major responsibility for JFrog. The applications and digital services that they release have a direct impact on the well-being of our communities, across critical areas including national defense, healthcare, public safety, education and more. Today, I’m proud to share that JFrog is further strengthening its position in the government sector with the U.S.