Posted on

How We Handled the Log4j Security Vulnerability

"The log4j vulnerability is the most serious vulnerability I have seen in my decades-long career", Jen Easterly US Cybersecurity and Infrastructure Security Agency Director 

Log4j is a Java-based logging utility part of the Apache logging services. This is a popular logging tool used in tens of thousands of software packages. Google estimates that 8% of Maven Central Repository was affected with about 7000 artifacts directly dependent on log4j (either a version of log4j-core or log4j-api). Every major software company went into crisis mode, they were trying to figure out how their products could possibly be affected and if so how they were going to patch the vulnerability. Lattix being a Java-based application also needed to scan its codebase.

Posted on

DevOps: Architecture Monitoring

“It is not the strongest of the species that survive, nor the most intelligent, but the one most responsive to change” – Charles Darwin

Software development is constantly changing. Teams need to be responsive to survive. DevOps was created to help organizations deal with constant change by responding quickly. This movement is designed to bring development and operations closer together so that they may collaborate and communicate more effectively.

Posted on

Parallel Builds and Modularity for Faster Releases

Together, we can release faster.

Leading software development companies are now deploying software multiple times per day. In this sort of environment, even small periods of waiting can add up to significant disruptions. One of the bottlenecks we have heard from our customers lately is with their builds. If you are deploying your software multiple times per day, you are a building your software multiple times per day, the faster you build, the faster you can deploy your software. We recently reduced one of our clients build times by almost 70% using parallel builds and modularity, which allowed them to release their software faster.

You may also enjoy:  Patterns of Modular Architecture (RefCard)

How Do Parallel Builds Work?

Many popular tools support parallel builds including JFrog’s Conan, Maven, Gradle, and MSBuild. This allows you to utilize the full power of your hardware. Parallel builds analyses your project's dependencies and builds the modules in parallel based on the inter-module dependencies. According to Maven, your build performance can improve 20-50% by implementing parallel builds, but performance depends greatly on your software architecture (or how modular your software is). Below is an example representation of a software application’s dependencies. Each letter in the graph represents a module in the code.