%term

The latest News and Information on Continuous Integration and Development, and related technologies.

Software supply chain: What it is and how to keep it secure

Jun 30, 2022 By Jacob Schmitt In CircleCI

As shortages of consumer goods and rising prices caused by bottlenecks in international supply networks have become more common, the global supply chain and its vulnerabilities have been top of mind for many. For developers, several high-profile software security exploits have recently underscored the risks inherent in a similar type of supplier network: the software supply chain.

Read Post

CircleCI

Read more about Software supply chain: What it is and how to keep it secure

Prevent XSS attacks with browser testing

Jun 29, 2022 By Fikayo Adepoju In CircleCI

Security is a never-ending battle on the web. You can have a server up in just a few minutes, and the next minute, someone is already trying to hack into it. These attacks could be automated using malicious bots or launched manually. Websites can be targeted by a malicious user trying to compromise your web presence or data. Cross-site scripting (XSS) is just one type of attack your site may be vulnerable to.

Read Post

CircleCI

Read more about Prevent XSS attacks with browser testing

Trusted SBOMs delivered with the JFrog Platform and Azure

Jun 29, 2022 By JFrog In JFrog

SBOMs provide essential visibility into all the components that make up a piece of software and detail how it was put together. With an SBOM in hand it’s possible to determine if software contains existing security and compliance issues or is impacted by newly discovered vulnerabilities. The SBOM is imperative due to the White House’s cybersecurity executive order from May 2021 requiring them for all government software purchases and many private organizations following suit.

View Video

JFrog

CI CD
DevOps

Read more about Trusted SBOMs delivered with the JFrog Platform and Azure

Supply Chain Security Meetup June 21 2022 (Sponsored by JFrog)

Jun 24, 2022 By JFrog In JFrog

Software Supply Chain Security Virtual Meetup Open-source vulnerabilities are in many applications. While finding them is critical, even more, critical is remediating them as fast as possible. Securing your software supply chain is absolutely critical as attackers are getting more sophisticated in their ability to infect software at all stages of the development lifecycle, as seen with Log4j and Solarwinds.

View Video

JFrog

Read more about Supply Chain Security Meetup June 21 2022 (Sponsored by JFrog)

Why focus on developer productivity? ft. Gradle CTO, Justin Reock

Jun 24, 2022 By CircleCI In CircleCI

Rob sits down with Justin Reock to discuss developer productivity engineering (DPE).

View Video

CircleCI

CI CD
DevOps

Read more about Why focus on developer productivity? ft. Gradle CTO, Justin Reock

Technical Debt | The DevOps Centered Approach

Jun 24, 2022 By CircleCI In CircleCI

For more information, visit: circleci.com/blog/manage-and-measure-technical-debt/

View Video

CircleCI

CI CD
DevOps

Read more about Technical Debt | The DevOps Centered Approach

Automating deployment of a Dockerized Python app to Docker Hub

Jun 23, 2022 By Waweru Mwaura In CircleCI

CI/CD systems follow a multi-tiered environments pattern: development, testing, staging, and production release are all part of this process. Each setting in this cycle could have a variety of set ups and configurations. As a result, having to set up separate configurations for different environments could be inconvenient and burdensome. In this tutorial, we will take a look at what Docker is and how it has freed developers from set-up problems and port clashes.

Read Post

CircleCI

Read more about Automating deployment of a Dockerized Python app to Docker Hub

Part I: A Journey of a Thousand Binaries - Types of Software Dependencies

Jun 22, 2022 By Ixchel Ruiz In JFrog

As software developers, one of the things that we worry a lot about is our software dependencies. To speed up delivery time of new functionality within our code we reuse software – we don’t have time to reinvent the wheel. We stand on the shoulders of giants and leverage all the hard work and lessons learned from the software developers of our past. Sounds great right! Well mostly great because we are faced with the underlying trials intrinsec to software development.

Read Post

JFrog

Read more about Part I: A Journey of a Thousand Binaries - Types of Software Dependencies

Trunk-based vs. feature-based development

Jun 22, 2022 By Jacob Schmitt In CircleCI

When you are the only dev building a software project, you can create and modify your code according to personal preference. When you contribute code to a team-run project, you need to follow a standardized set of guidelines and coordinate precisely with other team members. Standard guidelines and coordinated work effort are vital to the success of every team-based software development project.

Read Post

CircleCI

Read more about Trunk-based vs. feature-based development

The value of blameless culture - from IC to C-Suite

Jun 16, 2022 By Tyler McGoffin In CircleCI

At CircleCI, CI has a second meaning: Continuous Improvement. We continuously seek out feedback not only to improve our code but to improve our processes and get better at our jobs along the way. This Continuous Improvement starts with one important company value: a blameless culture. Our blameless culture extends into every part of how we operate.

Read Post