Liquid software program firm JFrog and the group at Conan, which was acquired by JFrog again in 2016, right now introduced the discharge of Conan 2.0, offering builders with the power to mannequin superior C and C++ utility dependency graphs and software program binary packages.
This launch is meant to make it easier for builders to securely reproduce artifact builds in addition to speed up the supply of merchandise at scale.
Conan 2.0 gives a number of new options and capabilities, together with a brand new “signing” plugin with a view to assist higher safe the software program provide chain. This enables organizations so as to add signatures to their software program packages so their purposes might be shielded from malicious third-party code.
“Conan 2.0 builds on years of open supply expertise and use by hundreds of firms and a whole lot of hundreds of builders worldwide and goals to assist clear up a key problem: managing software program dependencies,” mentioned Diego Rodriguez-Losada, co-founder of Conan.io and lead architect at JFrog. “For organizations designing purposes for high-performance, embedded and IoT use circumstances, Conan 2.0 offers visibility of dependencies throughout their complete software program provide chain to allow them to transfer ahead with confidence and peace of thoughts that their software program provide chain is safe. Conan 2.0 was constructed with and by the C/C++ group. At JFrog, we’re honored to be fueled by open supply and excited to provide again this highly effective model of bundle and binary administration.”
This launch brings a brand new enterprise-ready bundle administration framework that gives customers with new open APIs, customized instructions, and new extensions to ship improved flexibility and safety for constructing new purposes.
Conan 2.0 additionally supplies improved comprehension of the connection between varied parts of the software program elements. Based on JFrog, this offers builders energy over their time so groups can extra effectively re-use binaries.
Lastly, customers acquire entry to higher scalability and safety with lockfiles to “pin down” the entire variations of software program dependencies, offering organizations with a framework for reproducing builds and rushing up their CI/CD pipelines with out sacrificing agility.
To study extra, register for the webinar or learn the weblog publish.