JFrog has transitioned from an artifact repository to a DevOps Platform that includes CI and CD capabilities through its acquisition of Shippable in Feb 2019. Recently in March 2020, JFrog announced the launch of its DevOps platform called ‘JFrog Platform’, a pre-integrated solution with a common UI across JFrog Pipelines, JFrog X-Ray and JFrog Source Composition Analysis products. This solution is backed by a common meta data model that facilitates information integration between these separate product. In addition to three primary products JFrog Artifactory, JFrog Pipelines and JFrog Xray, JFrog also provides other products such as JFrog Distribution, JFrog Mission Control and JFrog Container Registry.
JFrog Artifactory is a tool designed to store the binary output of the build process for use in distribution and deployment. Artifactory is an industry leading product and provides support for 25 package formats (as of 14 Oct, 2020). JFrog Artifactory provides a single source of truth for build artifacts and works with JFrog Distribution to efficiently distribute large artifacts across the enterprise.
GitLab package registry supports 8 different package types.
JFrog Pipelines is a CI-CD product that works well with its Artifactory repository. JFrog pipelines works through a combination of native steps and resources. Native steps are a set of higher order steps built on bash. Resources inputs into a step or outputs from native steps. Resources can be any type such as a build, integration etc. JFrog pipelines is a functional CI-CD product, though it lacks several capabilities typically found in enterprise class products.
JFrog Xray is a security product that can be built-into various steps within a JFrog pipeline. Xray supports detecting security vulnerabilities in all dependent code and also provides license compliance capabilities. JFrog X-Ray supports 14 package formats (as of 14 Oct, 2020).
GitLab dependency scanning supports 15 package managers spanning 8 languages.