Golang developers care a lot about security and as Go modules become more widely used, they need more ways to assure these publicly shared files are safe. One unique feature included with Golang version 1.13 is the foresight that went into authentication and security for Go modules. When a developer creates a new module or a new version of an existing module, a go.sum file included there creates a list of SHA-256 hashes that are unique to that module version.

In the holiday spirit, we’re bringing a little cheer to the Golang community by celebrating the achievements of some noteworthy Go module authors. We’re excited to launch a new program within JFrog GoCenter that honors select “Top Gophers.” Using key metrics of success such as number of downloads and imports, quality metrics, and usage in GoCenter, we aim to highlight projects that we think are really helping improve software development for the Go developer community.

Open source components have become a basic building block in today’s software development process. It’s no surprise that 60%-80% of the codebase in 92% of modern applications is open source — they provide us with tried-and-true code that allows us to save time and focus on creating the secret sauce that will make our products the next great tech innovation.

In recent weeks, some of the most recognizable companies in the DevOps space have had their foundations rattled, perhaps shaking developer confidence. The acquisition of Docker Enterprise by Mirantis, the acquisition of Sonatype (Nexus) by a capital firm and the open-sourcing of Quay by Red Hat leave many development shops wondering what will happen next with their strategic tool choices.

If you have selected Gitlab as your git provider, you may automatically think about selecting GitlabCI as your CI/CD solution as well. Using the same vendor for source control and CI/CD might seem natural, but is not always the best combination. In fact, choosing a “good-enough” option just because it is part of the same solution is unwise in the long run if it doesn’t cover your needs.

JFrog is excited to announce it has expanded its DevOps offerings on the AWS Marketplace to include the most advanced Container Registry in the market, and an advanced Universal DevSecOps solution allowing developers to invent the best code ever while leaving the overhead to us. In this blog, we will introduce our latest offerings – JFrog Container Registry and Cloud Pro X.

Developing for Google Cloud Run in a hybrid system managed by Anthos isn’t a solo race, it’s a relay between cloud and on-prem. To win, you’ll need an advanced Docker registry that can swiftly pass your containers for Cloud Run functions from one environment to the next. In our example hybrid architecture, you’ll see how JFrog Container Registry can be that reliable relay partner.

Ever since container technology hit the scene in 2013, it’s generated excitement from developers and operations teams. Using containers to deliver apps and microservices helps enable large scalable deployments with smoother rollouts, accomplishing in minutes what used to take hours, if not days. Delivering the containers themselves, however, can still be challenging to do across all types of modern infrastructure.

Sensu Summit 2019 featured talks from the Sensu Community, including Harvard University SRE Molly Duggan, who shared how the Harvard FAS Research Computing Department uses CI/CD pipelines and the Sensu Go API to automate monitoring for their highly complex infrastructure.

For over a decade, JFrog has been performing heavy lifts. We pioneered artifact management, have served developers with industry-leading tools, and helped them get containers quickly and safely where they need to go. Today we’re delighted to announce JFrog Container Registry, the world’s most advanced, fully hybrid Docker registry that’s free to use on-prem, in the cloud, or both.