Liquid software program firm JFrog and the staff at Conan, which was acquired by JFrog again in 2016, right now introduced the discharge of Conan 2.0, offering builders with the power to mannequin superior C and C++ utility dependency graphs and software program binary packages.
This launch is meant to make it less complicated for builders to securely reproduce artifact builds in addition to speed up the supply of merchandise at scale.
Conan 2.0 presents a number of new options and capabilities, together with a brand new “signing” plugin so as to assist higher safe the software program provide chain. This permits organizations so as to add signatures to their software program packages so their purposes may be protected against malicious third-party code.
“Conan 2.0 builds on years of open supply expertise and use by hundreds of corporations and lots of of hundreds of builders worldwide and goals to assist resolve a key problem: managing software program dependencies,” mentioned Diego Rodriguez-Losada, co-founder of Conan.io and lead architect at JFrog. “For organizations designing purposes for high-performance, embedded and IoT use instances, Conan 2.0 offers visibility of dependencies throughout their complete software program provide chain to allow them to transfer ahead with confidence and peace of thoughts that their software program provide chain is safe. Conan 2.0 was constructed with and by the C/C++ group. At JFrog, we’re honored to be fueled by open supply and excited to offer again this highly effective model of bundle and binary administration.”
This launch brings a brand new enterprise-ready bundle administration framework that gives customers with new open APIs, customized instructions, and new extensions to ship improved flexibility and safety for constructing new purposes.
Conan 2.0 additionally supplies improved comprehension of the connection between numerous parts of the software program elements. In response to JFrog, this offers builders energy over their time so groups can extra effectively re-use binaries.
Lastly, customers acquire entry to raised scalability and safety with lockfiles to “pin down” the entire variations of software program dependencies, offering organizations with a framework for reproducing builds and rushing up their CI/CD pipelines with out sacrificing agility.
To be taught extra, register for the webinar or learn the weblog submit.