JFrog and GitHub today revealed a partnership through which they will work together to integrate their respective DevOps platforms, including integrations with GitHub Copilot, the generative artificial intelligence (AI) framework that is based on large language models (LLMs) developed by OpenAI.

Integrations with the JFrog Software Supply Chain Platform and GitHub services and platforms will enable native bi-directional linking between source code in GitHub repositories and the built packages stored in JFrog platforms.

JFrog CTO Yoav Landman said the goal is to provide seamless navigation and traceability between source code and binaries to make it simpler for organizations to declaratively implement best DevSecOps practices.

In the months ahead, the two companies will provide full security posture visibility from source code to production environment in a way that will make it simpler to dynamically generate software build of materials (SBOMs), he added.

Making it Simpler to Manage DevOps Workflows

In addition, DevOps teams will be able to more easily unify projects spanning multiple DevOps platforms via integrated single sign-on capabilities that should improve the security of software supply chains. The Wild West days of software development are coming to an end as organizations standardize on platforms that make it simpler to manage DevOps workflows in a way that reduces the current level of risk associated with building and maintaining applications, noted Landman.

The alliance between GitHub and JFrog comes when AI is on the cusp of fundamentally altering how software is developed and deployed. Just about every DevOps platform will soon have a range of generative AI capabilities that promise to make it simpler for DevOps teams to build, deploy and manage secure applications at an unprecedented scale.

As those capabilities become more widely available, the number of organizations that will be able to embrace DevOps to build and deploy custom applications should also substantially increase. Today, many of those organizations simply can’t afford to hire and retain the level of DevOps engineering talent currently required.

Infusing AI into DevOp Platforms

It’s not clear to what degree organizations that have already invested in customizing a DevOps platform might be willing to switch. However, if rivals can build, deploy and update software faster it’s only a matter of time before they fall behind. Modern organizations have never been more dependent on software to remain competitive. Thus far, the number of applications an organization could deploy was constrained by the size of the DevOps team in place. However, as more AI capabilities are infused into these platforms, there may be no limit to the number of applications that can be built and deployed.

Additionally, with the advent of AI, the level of skill required to build those applications will also decline, so DevOps teams should assume the overall size of the codebase they need to manage will steadily increase in the months and years ahead.

The challenge and the opportunity now is to start re-engineering workflows today to eliminate as many of the existing bottlenecks before the amount of code being generated simply overwhelms them.