JFrog Forms Broad DevOps Alliance with GitHub

JFrog and GitHub today revealed a partnership through which they will work together to integrate their respective DevOps platforms, including integrations with GitHub Copilot, the generative artificial intelligence (AI) framework that is based on large language models (LLMs) developed by OpenAI.

Integrations with the JFrog Software Supply Chain Platform and GitHub services and platforms will enable native bi-directional linking between source code in GitHub repositories and the built packages stored in JFrog platforms.

JFrog CTO Yoav Landman said the goal is to provide seamless navigation and traceability between source code and binaries to make it simpler for organizations to declaratively implement best DevSecOps practices.

In the months ahead, the two companies will provide full security posture visibility from source code to production environment in a way that will make it simpler to dynamically generate software build of materials (SBOMs), he added.

Making it Simpler to Manage DevOps Workflows

In addition, DevOps teams will be able to more easily unify projects spanning multiple DevOps platforms via integrated single sign-on capabilities that should improve the security of software supply chains. The Wild West days of software development are coming to an end as organizations standardize on platforms that make it simpler to manage DevOps workflows in a way that reduces the current level of risk associated with building and maintaining applications, noted Landman.

The alliance between GitHub and JFrog comes when AI is on the cusp of fundamentally altering how software is developed and deployed. Just about every DevOps platform will soon have a range of generative AI capabilities that promise to make it simpler for DevOps teams to build, deploy and manage secure applications at an unprecedented scale.

As those capabilities become more widely available, the number of organizations that will be able to embrace DevOps to build and deploy custom applications should also substantially increase. Today, many of those organizations simply can’t afford to hire and retain the level of DevOps engineering talent currently required.

Infusing AI into DevOp Platforms

It’s not clear to what degree organizations that have already invested in customizing a DevOps platform might be willing to switch. However, if rivals can build, deploy and update software faster it’s only a matter of time before they fall behind. Modern organizations have never been more dependent on software to remain competitive. Thus far, the number of applications an organization could deploy was constrained by the size of the DevOps team in place. However, as more AI capabilities are infused into these platforms, there may be no limit to the number of applications that can be built and deployed.

Additionally, with the advent of AI, the level of skill required to build those applications will also decline, so DevOps teams should assume the overall size of the codebase they need to manage will steadily increase in the months and years ahead.

The challenge and the opportunity now is to start re-engineering workflows today to eliminate as many of the existing bottlenecks before the amount of code being generated simply overwhelms them.

Mike Vizard is a seasoned IT journalist with over 25 years of experience. He also contributed to IT Business Edge, Channel Insider, Baseline and a variety of other IT titles. Previously, Vizard was the editorial director for Ziff-Davis Enterprise as well as Editor-in-Chief for CRN and InfoWorld.

Recent Posts

Pair of Surveys Surface Primary Developer Productivity Challenges

A survey of 900 developers finds well over two-thirds (69%) said developers are losing eight or more hours of their…

7 hours ago

4 Reasons Why Tech Leaders Should Prioritize the Testing & Mocking Phase for Better Development

Automated testing and mocking need to be the most prioritized area in your SDLC to eliminate friction for your developer…

12 hours ago

Implementing Threat Modeling in a DevOps Workflow

Integrating threat modeling into the DevOps workflow is essential to identify and mitigate potential security threats.

14 hours ago

Valory Unveils AI Software Engineer for Building Multiple Types of Agents

Valory has launched an artificial intelligence (AI) agent, dubbed Propel Genie, that is specially designed to act as a software…

17 hours ago

Tricentis Acquires SeaLights to Map Code Changes to Tests

Tricentis today revealed it has acquired SeaLights, a provider of a software-as-a-service (SaaS) platform that uses machine learning algorithms to…

18 hours ago

Real-Time Monitoring of Third-Party APIs: Benefits and Implementation

Exploring the benefits of real-time API monitoring for third-party integrations and provides a guide on implementing it effectively.

2 days ago