Operations | Monitoring | ITSM | DevOps | Cloud

Every technical team in the software industry is familiar with technical debt. That is because every software team incurs technical debt along the way. This article answers some critical questions about technical debt. It reviews what technical debt is and what its causes are, why it is essential to address technical debt, and how this debt accumulates.

With multiple teams working on many projects, having a single pipeline for your software is just not enough. These projects need to be built and integrated before they can be tested and released. So how do dev teams handle this situation? Many teams approach the problem by breaking down software into smaller parts that do less, and are easier to maintain and build. This approach has resulted in the microservices architectures that are increasingly common in our industry.

React, a front-end framework for building user interfaces, uses component-based architecture and non-opinionated design principles, making it a developer favorite. React has been widely adopted and has a large community of developers behind it. Netlify is a popular framework for hosting React applications, but it does not provide your team with the highest level of control over the deployment process. As a result, you are not able to perform important tasks like running automated tests.

In cloud native computing (Kubernetes in our case), there is a requirement to automatically scale the compute resources used for performing a task. The autoscaling cloud computer strategy allows to dynamically adjust the active number of application servers and allocated resources instead of responding manually in real-time to traffic surges that necessitate more resources and instances.

The simplest way to manage and organize your Go dependencies is with a Go Repository. You need reliable, secure, consistent and efficient access to your dependencies that are shared across your team, in a central location. Including a place to set up multiple registries, that work transparently with the Go client. With the JFrog free cloud subscription, including JFrog Artifactory, Xray and Pipelines, you can set up a free local, remote and virtual Go Registry in minutes.

A CI/CD pipeline is the most fundamental component of automated software development. While the term has been used to describe many different aspects of computer science, at CircleCI, and within much of the DevOps industry, we use “pipeline” to illustrate the broad applications of behaviors and processes involved in continuous integration (CI).

The JFrog Security research team continuously monitors popular open source software (OSS) repositories with our automated tooling to avert potential software supply chain security threats, and reports any vulnerabilities or malicious packages discovered to repository maintainers and the wider community. Most recently we disclosed 25 malicious packages in the npm repository that were picked up by our automated scanning tools.

Many enterprises still struggle to get security right. To protect their business, it is critical they focus on security during the entire infrastructure and application lifecycle, including continuous integration (CI). Developers are becoming more autonomous as they transition to a DevOps way of working, with more people requiring access to production systems.

Who would have thought software could rattle the White House? But a vulnerability in Log4J, a popular open source software project, exposed critical digital infrastructure to remote code execution attacks. This prompted the US Government to engage big tech, infosec professionals, and open source organizations to come together to help secure open source software.