InfoQ Homepage Continuous Integration Content on InfoQ
-
Git 2.37 Brings Built-in File Monitor, Improved Pruning, and More
Git 2.37 brings many new and improved features, including a built-in file system monitor on Windows and macOS, better unreachable objects management, improved external diff, faster git add, and more.
-
JFrog Artifactory Supports Binary Dependencies for Swift
JFrog has announced its Artifactory repository can be used as a binary package registry for Swift dependencies using the Swift Package Manager.
-
GitHub Extends Its Supply Chain Security to Rust
GitHub has brought Rust support to its supply chain security feature. Aimed to ensure your project and its dependencies are free of vulnerabilities, GitHub supply chain security includes a database of advisories, a dependency graph analyzer, and Dependabot alerts and security updates.
-
GitHub Enterprise Server 3.5 Improves Security, Updates GitHub Actions, and More
The latest release of GitHub Enterprise Server brings many new features with a special emphasis on security and compliance, says GitHub, including Dependabot integration, improved security features, updates to GitHub Actions, and more.
-
Veracode Report Shows Signs of Progress in Securing Software Supply Chain
Veracode's recently released State of Software Security report found a general decline in the number of known security vulnerabilities found in third-party libraries along with a trend towards smaller applications being scanned more regularly for issues. It also finds that the industry still has a long way to go.
-
BBC New Serverless Platform Improves Scalability and Performance
One year into the transition to their new WebCore serverless platform, the BBC has started to reap the benefits of an architecture that removes the burden on engineers to solve performance and operational challenges and allows them to focus on the value they deliver to customers.
-
CircleCI Report Finds Successful Software Teams are Larger and Test Extensively
CircleCI - a continuous integration and continuous delivery platform - has released the findings from their 2022 State of Software Delivery Report. The report reveals that the most successful software delivery teams are larger, use extensive testing, and prioritise being ready to deploy.
-
Managing Complex Dependencies with Distributed Architecture at eBay
The eBay engineering team recently outlined how they came up with a scalable release system. The release solution leverages distributed architecture to release more than 3,000 dependent libraries in about two hours. The team is using Jenkins to perform the release in combination with Groovy scripts.
-
Apache NetBeans 13 Delivers Improved Developer Experience
The Apache Software Foundation has released Apache NetBeans 13, their integrated development environment (IDE), claiming a simpler and smoother startup experience along with the partial upgrade of Maven, Gradle, and PHP. Written in Java and originally designed for the Java community, NetBeans is a cross-platform, polyglot IDE that includes language support for HTML5, PHP, and C/C++.
-
Dockerfile Linter Hadolint Brings Fixes and Improvements, and Support for ARM64 Binaries
After a long wait, recent Hadolint releases have brought a number of fixes, improvements, and support for ARM64 binaries.
-
HashiCorp Moves HCP Packer into GA with New Security Workflows
HashiCorp has moved HCP Packer into full general availability. HCP Packer is their cloud hosted offering of Packer, a machine-image building tool. The release adds a number of new features including improved security workflows, custom metadata, and integration of compliance checks with Terraform Cloud workflows.
-
Docker Desktop Best Practices for Code Sharing
In a recent article, Docker engineer Stephen Turner shared a few best practices to help developers understand file sharing between a Docker container and its local host and how its performance varies across OSes.
-
Google and GitHub Announce OpenSSF Scorecards v4 with New GitHub Actions Workflow
GitHub and Google have announced the version 4 release of the Open Source Security Foundation (OpenSSF)'s Scorecards project. Scorecards is an automated security tool that identifies risky supply chain practices in open source projects. This release includes a new Scorecards GitHub Action, new security checks, and a large increase in the repositories included in the foundations weekly scans.
-
Aqua Security Reports Large Increase in Supply Chain Attacks
Aqua Security's recent report highlights the increasing threat of supply chain attacks. According to the report, supply chain attacks grew by 300% from 2020 to 2021 while the level of security across software development environments remained low. Google and the CNCF have recently released papers detailing approaches to improving the security of the supply chain.
-
HashiCorp Waypoint Adds Triggers and External Data Fetching
HashiCorp has released version 0.7 of Waypoint, their open-source application deployment tool. This release presents a number of redesigns to the user interface, the introduction of scripting and continuous integration lifecycle operations via triggers, external data fetching, and scoping of configurations to specific workspaces.