A coalition of heavyweight open source foundations issued a joint statement via the foundation on Tuesday, declaring that "open infrastructure is not free" and warning that the critical machinery behind modern software development is being stretched to breaking point. Package registries like Maven Central, PyPI, crates.io, npm, and Packagist handle billions of downloads every month, yet the organizations running them are often scraping by on donations, grants, and the goodwill of a few sponsors.
One of the highlights Levi pointed to was AppTrust, JFrog's initiative to establish end-to-end trust across the software supply chain. By unifying governance, risk, and compliance capabilities into a single framework, AppTrust is designed to give enterprises more confidence that applications are secure and reliable from development through deployment. The goal is to tie disparate security and verification processes into one cohesive approach that simplifies how organizations enforce trust at scale.
JFrog has introduced JFrog Fly, an offering the company describes as a zero-config, "agentic repository" for accelerating AI-driven software development. Introduced September 9, JFrog Fly is intended to support agentic workflows for development teams. AI agents orchestrate artifacts across the software life cycle, enabling developers to focus on delivering software to production with speed and scale, according to JFrog. Developers can join a beta waitlist for JFrog Fly.
JFrog and NVIDIA have expanded integrations to include the Enterprise AI Factory, enabling the management of AI applications through JFrog's Software Supply Chain Platform.
.jpg?height=635&t=1757344641&width=1200)
