How to Automatically Eliminate Dependency Hell20220317145058
How to Automatically Eliminate Dependency Hell
Last Updated: May 10, 2022circular dependencies, dependency conflicts, dependency hell, dependency management, dependency resolution, diamond dependencies, environment corruption
Wrestling with Dependency Hell? See how the ActiveState Platform can help you automatically resolve dependency conflicts....
Secure PyPI? The Problem with Trusting Open Source Repositories20220310163425
Secure PyPI? The Problem with Trusting Open Source Repositories
Last Updated: March 10, 2022dependency confusion, hosted artifact repository, identity hijacking, pypi, python packages, pytosquatting, secure build service, secure software supply chain, typosquatting
Still trusting open source language repositories that offer no security guarantees? Learn how to secure the Python packages you import. ...
Populating JFrog Artifactory with Secure Open Source Artifacts20220303164736
Populating JFrog Artifactory with Secure Open Source Artifacts
Last Updated: March 3, 2022artifact repository, binary repository, JFrog Artifactory, python packages, secure software supply chain, trusted artifacts
Start coding securely by ensuring the opens source packages in JFrog Artifactory have been built securely in the first place....
Trust, Security and the Reproducibility Crisis in Software20220224213512
Trust, Security and the Reproducibility Crisis in Software
Last Updated: February 24, 2022reproducibility crisis, scientific computing, software reproducibility, supply chain security
Reproducibility is a crisis in many scientific fields. Learn how cost-effective software reproducibility can help solve the crisis....
How to Immunize Your Software Supply Chain From End To End20220216153344
How to Immunize Your Software Supply Chain From End To End
Last Updated: February 17, 2022open source security, SBOM, shift left, SLSA, software supply chain attacks, software supply chain security, vendor management
It’s no longer a question of whether you’ll be affected by a supply chain attack, but when and how badly. Manage the risk by shifting left the right w...
How to go from untrusted open source components to trusted artifacts20220210143645
How to go from untrusted open source components to trusted artifacts
Last Updated: February 25, 2022artifactory, binary repository, JFrog Artifactory, python packages, trusted artifacts
Starting with secure, trusted open source artifacts before your developers write their first line of code is the best way to control costs and reduce ...
The Software Industry’s Supply Chain Security – Poor, Average or Excellent?20220203170138
The Software Industry’s Supply Chain Security – Poor, Average or Excellent?
Last Updated: February 3, 2022dependency confusion, software supply chain security, Supply chain attacks, supply chain best practices, typosquatting
Understand how your security implementation stacks up against your peers, and how you can decrease software supply chain security risk....
Maintain or Migrate? The Python 2 Migration Conundrum in 202220220128122651
Maintain or Migrate? The Python 2 Migration Conundrum in 2022
Last Updated: March 9, 2022python 2, python 2 eol, Python 2 migration, python 2 support, Python 2 vulnerabilities
Should you maintain your Python 2 codebase or migrate to Python 3? You might not have a choice. Here's why....
5 key open source lessons from the past year20220120132339
5 key open source lessons from the past year
Last Updated: February 7, 2022log4j, open source security, python 2, python 2 eol, SBOM, software supply chain security
Planning for 2022? Here are the key lessons we learned in open source in 2021 that you need to take into account....
Introducing Trusted Open Source Artifact Subscription for JFrog Artifactory20220112134624
Introducing Trusted Open Source Artifact Subscription for JFrog Artifactory
Last Updated: March 9, 2022artifactory, python packages, trusted artifacts
Automatically populate JFrog Artifactory with up-to-date open source Python packages, or other open source language artifacts you can trust....