As a developer I couldn’t imagine working without one of these three things. For projects on GitHub the built-in actions should do the latter job fine in most cases. But as everything else they have limits. The more PRs, the more different tests per pull request and the longer those tests run, the longer different PRs have to wait for each other for the continuous integration to run.

When we talk about metrics in software delivery, a lot of developers think of execution metrics — things like throughput, delivery and number of deploys. But in reality, those metrics don’t motivate anyone — at least not without connecting them to a bigger picture. I’ve worked in software for 23 years. I’m a three-time founder and four-time CTO, responsible for leading a 200+ member distributed engineering organization.

You probably remember the Namespace Shadowing a.k.a. “Dependency Confusion” attack that was in the news a couple of weeks ago. I blogged back then about the Exclude Patterns feature of JFrog Artifactory which we’ve had forever and was always intended to protect you against those kinds of attacks.

Testing is vital because it helps you discover bugs before you release software, enabling you to deliver a high-quality product to your customers. Sometimes, though, tests are flaky and unreliable. Tests may be unreliable because of newly-written code or external factors. These flaky tests, also known as flappers, fail to produce accurate and consistent results. If your tests are flaky, they cannot help you find (and fix) all your bugs, which negatively impacts user experience.

Trust isn’t given, it’s earned. As the Russian proverb advises, Доверяй, но проверяй — or as U.S. President Ronald Reagan liked to repeat, “Trust, but verify.” We designed JFrog Pipelines to securely support a large number of teams, applications, users and thousands of pipelines.

Today, at our DevOps user conference swampUP, we were thrilled to announce a new groundbreaking innovation from JFrog: The industry’s first Private Distribution Network! Private Distribution Network (PDN) enables enterprises to easily set up and manage a secure, massively-scalable, hybrid distribution network for software updates.

JFrog’s annual swampUp DevOps conference always brings new, exciting features to further our vision of accelerating releases through liquid software. This year was no exception, as JFrog CTO Yoav Landman and CPO Dror Bereznitsky revealed innovations for the JFrog DevOps Platform that enable end-to-end binary lifecycle management. Enterprise DevOps and large-scale modern application delivery require robust management of binaries, which are the building blocks of applications.

With CircleCI, there are many different CI/CD flows that can be automated. One such flow is the use of Infrastructure-as-Code (IaC) to build cloud environments. For example, you can use CircleCI to automate the process of building Terraform plans and applying them, in order to create massive production setups in AWS, Azure, GCP, and other cloud environments.

Argo Rollouts, part of the Argo project, recently released their 1.0 version. You can see the changelog and more details on the Github release page. If you are not familiar with Argo Rollouts, it is a Kubernetes Controller that deploys applications on your cluster. It replaces the default rolling-update strategy of Kubernetes with more advanced deployment methods such as blue/green and canary deployments.

You’re called in. The system is misbehaving. It could be a key metric going crazy, or exceptions starting to fire. You’re troubleshooting, beating around the bush, just to realize that one of the team’s deployments was the one messing things up. Sounds familiar? If you’re practicing continuous deployment, you probably experience that several times a week, if not more. Users report that 50% of their outages are due to infrastructure and code changes, namely deployments.