Gradle Inc. Partners with GitHub to Improve Software Supply Chain Security
Gradle will collaborate with GitHub on integrations and today released the first, a feature to help developers detect and manage project vulnerabilities
SAN FRANCISCO, April 18, 2024 (GLOBE NEWSWIRE) -- Gradle Inc., the company behind Gradle Build Tool, the popular open-source Java build automation system, today announced a technical partnership with GitHub, the world’s leading AI-powered developer platform. Through the partnership, Gradle will integrate with GitHub to improve developer experience and promote best security practices among Gradle users. With this news, Gradle is also announcing its first integration from the new partnership, the Dependency Submission Action for Gradle, a feature to help users detect and manage vulnerabilities in project dependencies.
Over the past year, 91% of enterprises faced attacks to their software supply chains. Specifically, vulnerabilities in project dependencies are a major challenge, and it’s critical that developers are able to quickly detect potential security risks. Available for all Gradle projects on GitHub, the new Dependency Submission Action is an official, open-source GitHub action that generates complete and accurate information about dependencies. This allows developers using Gradle Build Tool to view their project dependencies in GitHub and receive GitHub Dependabot alerts when vulnerabilities are detected.
“Gradle is one of the most used build tools among GitHub users, and we're excited to continue to collaborate with them to improve supply chain security for the Gradle community. These updates to the Gradle Build Action will help millions of GitHub users improve the security of their apps by giving them better insights into their dependencies,” said Jon Janego, Senior Product Manager at GitHub.
Now, the many developers using Gradle Build Tool via GitHub can integrate Gradle Build Tool and GitHub vulnerability alerts and management tools to more easily ensure their software supply chains are secure.
“At Gradle, we’re focused on minimizing process bottlenecks and maximizing developer productivity,” said Piotr Jagielski, VP of Engineering at Gradle, Inc. “We’re excited to now officially partner with GitHub, one of the world's largest open-source ecosystems, to help developers streamline their workflows and protect their supply chain—all while bettering their developer experience.”
To learn more, visit the Gradle blog.
About GradleGradle Inc. is the company behind the popular open-source Gradle Build Tool, which is downloaded over 40 million times a month, and the provider of the leading software solution for improving developer productivity and happiness called Develocity. Gradle is also pioneering the emerging practice of Developer Productivity Engineering. Elite development teams from companies like Netflix, LinkedIn, ASML, Airbnb, Microsoft, Nasdaq, SAP, and others, practice DPE to deliver quality software more rapidly at scale. They achieve this by leveraging Develocity’s innovative build and test performance acceleration technologies and analytics to proactively improve the reliability of the developer toolchain and make failure troubleshooting more efficient.
ContactLaunchSquad for Gradle, [email protected]
Source: Gradle
Serious News for Serious Traders! Try StreetInsider.com Premium Free!
You May Also Be Interested In
- Talisker Announces $11 Million Equipment Financing Facility to Fund Ore Sorting and Processing Equipment for the Bralorne Gold Project
- Roundtable Secures Enterprise Technology Platform Partnership with Mario Nawfal, the World’s #1 Most-Viewed Journalist
- UPDATE - Award-Winning Feature Film Our Crossroads to Premiere on the Angel Streaming Platform
Create E-mail Alert Related Categories
Globe Newswire, Press ReleasesSign up for StreetInsider Free!
Receive full access to all new and archived articles, unlimited portfolio tracking, e-mail alerts, custom newswires and RSS feeds - and more!



Tweet
Share