Today, we’re announcing that one of our most popular feature requests, IP ranges, is now generally available for CircleCI Cloud customers. This feature enables teams to meet compliance requirements by limiting the connections that communicate with their infrastructure. No company wants to give the entire internet access to their artifact repositories or other sensitive environments. With IP ranges, teams are able to open up their IP-based firewalls to only CircleCI.

At Cloudsmith, our core mission is to be THE universal package repository. That is why we support so many different packages, artifacts, and image formats and constantly improve the functionality and support we provide. With this in mind, we are happy to announce the latest improvements to our support for Dart packages.

Continuous integration (CI) has become the mainstream approach to software development as it enables organizations to iterate quickly while minimizing the risk of releasing faulty code. To implement CI, many organizations rely on Jenkins—one of the most mature and widely used automation servers on the market. Jenkins comes with hundreds of community-backed plugins to help you easily integrate it with other tools in your development workflow.

Modern software projects are mostly composed of open source code. The question of who really controls this code, and is responsible for detecting and fixing software supply chain security issues, became a significant source of concern after the discovery of the Log4Shell vulnerability.

Security is a vital part of application development, yet it may be neglected until an attacker takes advantage of a vulnerability in the system. The consequences of a security breach can damage an application’s integrity as well as a company’s reputation and revenue. Software architects and engineers need to pay special attention to securing the systems they work on.

In my prior blog, Continuous Service Virtualization, Part 1: Introduction and Best Practices, we offered an introduction to continuous service virtualization (SV) and discussed some key best practices. In this, the second and final post in the series, we will discuss the continuous SV lifecycle and how it helps to optimize DevOps and the continuous integration/continuous delivery (CI/CD) pipeline.

There is huge scope required when building video games. They are not just computer programs; they’re audio-visual artistic works. It’s a collaborative effort between software engineers, animators, scriptwriters, graphic designers, photographers and sound engineers. Working with these collaborators and assets leads to a different software pipeline than the average software project.

Performance testing measures how well systems perform when subjected to various workloads. The key qualities being tested are stability and responsiveness. Performance testing shows the robustness and reliability of systems in general, along with the specific potential breaking points. In this tutorial, you will use k6 to do load testing on a simple API hosted on the Heroku platform. Then you will learn how to interpret the results obtained from the tests.

With software supply chain attacks on the rise, implementing DevSecOps best practices in an air gapped environment is a must. In an effort to secure an organization’s internal network, there is an increasing trend of separating the internal network from the external one. Essentially creating an enclosed and disconnected environment from the public internet. An air gapped solution provides stricter security requirements, but that’s not enough.

Many development teams start their CI/CD journey with a local build box (or six) that run their tests. In several mobile teams I worked on, for example, we had a few Mac Mini boxes with physical devices plugged in that we used for running local UI and unit tests. Eventually we migrated to a cloud-based solution, which brought us much greater stability and many new features. But moving to the cloud also meant our local hardware was obsolete.