Liquid software program firm JFrog and the staff at Conan, which was acquired by JFrog again in 2016, immediately introduced the discharge of Conan 2.0, offering builders with the power to mannequin superior C and C++ software dependency graphs and software program binary packages.
This launch is meant to make it less complicated for builders to securely reproduce artifact builds in addition to speed up the supply of merchandise at scale.
Conan 2.0 gives a number of new options and capabilities, together with a brand new “signing” plugin as a way to assist higher safe the software program provide chain. This enables organizations so as to add signatures to their software program packages so their functions could be protected against malicious third-party code.
“Conan 2.0 builds on years of open supply expertise and use by 1000’s of firms and a whole lot of 1000’s of builders worldwide and goals to assist resolve a key problem: managing software program dependencies,” mentioned Diego Rodriguez-Losada, co-founder of Conan.io and lead architect at JFrog. “For organizations designing functions for high-performance, embedded and IoT use instances, Conan 2.0 provides visibility of dependencies throughout their complete software program provide chain to allow them to transfer ahead with confidence and peace of thoughts that their software program provide chain is safe. Conan 2.0 was constructed with and by the C/C++ neighborhood. At JFrog, we’re honored to be fueled by open supply and excited to provide again this highly effective model of package deal and binary administration.”
This launch brings a brand new enterprise-ready package deal administration framework that gives customers with new open APIs, customized instructions, and new extensions to ship improved flexibility and safety for constructing new functions.
Conan 2.0 additionally supplies improved comprehension of the connection between varied parts of the software program elements. In line with JFrog, this provides builders energy over their time so groups can extra effectively re-use binaries.
Lastly, customers achieve entry to higher scalability and safety with lockfiles to “pin down” all the variations of software program dependencies, offering organizations with a framework for reproducing builds and rushing up their CI/CD pipelines with out sacrificing agility.
To be taught extra, register for the webinar or learn the weblog put up.