Liquid software program firm JFrog and the group at Conan, which was acquired by JFrog again in 2016, at the moment introduced the discharge of Conan 2.0, offering builders with the flexibility to mannequin superior C and C++ software dependency graphs and software program binary packages.
This launch is meant to make it easier for builders to securely reproduce artifact builds in addition to speed up the supply of merchandise at scale.
Conan 2.0 affords a number of new options and capabilities, together with a brand new “signing” plugin to be able to assist higher safe the software program provide chain. This permits organizations so as to add signatures to their software program packages so their functions will be shielded from malicious third-party code.
“Conan 2.0 builds on years of open supply expertise and use by hundreds of firms and tons of of hundreds of builders worldwide and goals to assist resolve a key problem: managing software program dependencies,” stated Diego Rodriguez-Losada, co-founder of Conan.io and lead architect at JFrog. “For organizations designing functions for high-performance, embedded and IoT use instances, Conan 2.0 offers visibility of dependencies throughout their whole software program provide chain to allow them to transfer ahead with confidence and peace of thoughts that their software program provide chain is safe. Conan 2.0 was constructed with and by the C/C++ group. At JFrog, we’re honored to be fueled by open supply and excited to provide again this highly effective model of bundle and binary administration.”
This launch brings a brand new enterprise-ready bundle administration framework that gives customers with new open APIs, customized instructions, and new extensions to ship improved flexibility and safety for constructing new functions.
Conan 2.0 additionally gives improved comprehension of the connection between numerous parts of the software program elements. Based on JFrog, this offers builders energy over their time so groups can extra effectively re-use binaries.
Lastly, customers achieve entry to higher scalability and safety with lockfiles to “pin down” the entire variations of software program dependencies, offering organizations with a framework for reproducing builds and dashing up their CI/CD pipelines with out sacrificing agility.
To study extra, register for the webinar or learn the weblog submit.
