The Continuous Delivery Foundation (CDF), the open source software foundation that seeks to improve the world’s capacity to deliver software with security and speed, today announced several updates underlying the open source foundation’s momentum. The announcements come at the start of cdCon + GitOpsCon (May 8 – 9, 2023), an in-person event in Vancouver, Canada, co-organized with The Cloud Native Computing Foundation (CNCF).
A community initiative to provide a just and transparent governance model for the Pyrsia Decentralized Package Network brings together companies like Docker, DeployHub, Oracle, and others.
Pyrsia, an open source software community initiative that uses blockchain technology to protect software packages (also known as binaries) from flaws and malicious code, has been accepted as an incubating project by the Continuous Delivery Foundation (CDF). Through the use of a centralised governance mechanism, a clear vision, and widespread participation within the larger technology and open source communities, JFrog and the CD Foundation will collaborate to guarantee Pyrsia develops its support and engagement.
The Continuous Delivery Foundation (CDF) is hosting its CD Summit at KubeCon + CloudNativeCon 2022 in Detroit, Michigan. At the event, the CDF announced a number of major milestones across its projects.
First, it announced that it welcomed the decentralized package network, Pyrsia, into the foundation as an incubating project. Pyrsia was developed by JFrog and it can be used to secure software supply chains by creating a system where there is transparency in package sources. In addition, the distribution of artifacts can be done by anyone instead of just relying on a central place.
JFrog’s Pyrsia initiative incubating under CD Foundation
The liquid software company JFrog has announced that Pyrsia, an open-source software community initiative that utilizes blockchain technology in order to secure software packages, is now an incubating project under the Continuous Delivery Foundation.
“We’re excited to join our long-time partners at the CD Foundation in creating a groundswell around Pyrsia to further its mission to better secure the software supply chain,” said Stephen Chin, VP of developer relations at JFrog and governing board member for the CD Foundation. “With the CD Foundation’s support, and that of our incredible industry partners, developers can leverage Pyrsia to have peace-of-mind in knowing their open source components have not been compromised, and confidently deliver secure software at scale.”
JFrog Ltd. (“JFrog”) (NASDAQ: FROG), the Liquid Software company and creators of the JFrog DevOps Platform, today announced Pyrsia, an open source software community initiative that utilizes blockchain technology to secure software packages (a.k.a. binaries) from vulnerabilities and malicious code, has become an incubating project under the Continuous Delivery Foundation (CDF). Working together, JFrog and the CD Foundation will ensure Pyrsia grows its backing and engagement through the use of a centralized governance model, defined roadmap, and broad representation within the wider technology and open source communities.
Open-source is everywhere, a critical element of nearly every technology in use today.
This also makes it one of the greatest threat vectors. Cyberattackers are increasingly looking to exploit weak chinks — such as critical vulnerabilities, misconfigured services or leaked secrets — across the software supply chain.Â
“The myriad tools and processes, not to mention the huge amounts of open-source libraries and binaries, all introduce opportunities for accidental and nefarious injection of risk,” said Stephen Chin, VP of developer relations at software supply chain security company JFrog.Â
JFrog Ltd. announced Pyrsia, an open source software community initiative that utilizes blockchain technology to secure software packages (a.k.a. binaries) from vulnerabilities and malicious code, has become an incubating project under the Continuous Delivery Foundation (CDF). Working together, JFrog and the CD Foundation will ensure Pyrsia grows its backing and engagement through the use of a centralized governance model, defined roadmap, and broad representation within the wider technology and open source communities.
At the KubeCon + CloudNativeCon North America conference this week, JFrog announced it contributed the Pyrsia project, which uses blockchain technologies to secure software packages, to the Continuous Delivery (CD) Foundation.
Stephen Chin, vice president of developer relations at JFrog and governing board member for the CD Foundation, said the goal is to increase the number of contributors to the project. Current contributors to the Pyrsia project include Docker, Inc., DeployHub, Futurewei and Oracle.
