DEVOPSdigest

JFrog released Conan 2.0. Available for download immediately, Conan 2.0 features the ability to model the most advanced C and C++ application dependency graphs and software binary packages, making it easier for developers to securely reproduce artifact builds and quickly deliver innovative products at scale.

“Conan 2.0 builds on years of open source experience and use by thousands of companies and hundreds of thousands of developers worldwide and aims to help solve a key challenge: managing software dependencies,” said Diego Rodriguez-Losada, co-founder of Conan.io and Lead Architect at JFrog . “For organizations designing applications for high-performance, embedded and IoT use cases, Conan 2.0 gives visibility of dependencies across their entire software supply chain so they can move forward with confidence and peace of mind that their software supply chain is secure. Conan 2.0 was built with and by the C/C++ community. At JFrog, we are honored to be fueled by open source and excited to give back this powerful version of package and binary management.”

Conan 2.0 delivers a new era of powerful C and C++ package manager capabilities, giving developers increased flexibility in creating powerful CI/CD pipelines, ultimately allowing teams to scale and accelerate development.

Key new features include:

- New “signing” plugin to help better secure the software supply chain: Conan 2.0’s flexible framework allows organizations to add signatures to their software packages to protect their applications from malicious third-party code.

- Enterprise-ready package management framework: New open APIs, custom commands, and multiple new extensions deliver next-generation flexibility and security for building new applications.

- New artifact modeling and dependency management: Advanced comprehension of the relationship between various portions of the software components – so developers spend less time needlessly recreating their work and teams can more efficiently re-use binaries with confidence.

- Revamped scalability and security: Conan 2.0 utilizes lockfiles to ‘pin down’ all versions of software dependencies, ensuring organizations have a framework for safely reproducing builds and accelerating their CI/CD pipelines without compromising the agility of their developers to choose new versions of software on-demand to further innovation.

Conan 2.0 will further improve the C++ ecosystem by giving millions of developers the necessary tools to accurately capture binary dependencies, delivering scalability and flexibility as they secure their software supply chain.