So, stuff happened and npm has been updated to reduce the volume of stuff happening. In a world of SBOMs, SLSA, and supply chain attacks, it's time to get serious about publishing packages. In this case, that means using the new Trusted Publisher fea...

A classic route into programming is a childhood encounter with a computer. You realize it's your passion, so you go and study computer science and head off to build the next amazing software product. That's not how it happened for me. Instead, it cam...

My first encounter with DevOps was so simple that I didn’t even realize its power. Let me share the story so you can see how it went from accidental discovery to deliberate practice, and why it was such a dramatic pivot. The backdrop to this pivotal...

In his 1956 account of the SAGE program, Herbert Benington highlighted the opportunity to use computers to reduce the cost of programming, documentation, and testing. The creation of utilities, compilers, and instrumentation accounted for about half...

The term “snake oil salesman” is often used to describe individuals who engage in deceptive marketing practices. Wild west characters like Clark Stanleyhttps://en.wikipedia.org/wiki/ClarkStanley advertised their snake oil as a wondrous cure-all remed...

You’ve settled on the key metrics to assess engineering team performance and satisfaction. Now, how do you ensure those metrics don’t become a source of stress or resentment? Any time you set a target – be it deployment frequency or mean time to rec...

Why maintaining a healthy skepticism gets you better outcomes. One of my old hobbies was writing for independent music magazines, such as Spill Magazine distributed free at music venues and DV8 distributed free at hair salons. Over the years, I saw ...

When organizations introduce AI, they often make a critical error: they create entirely new metrics to measure its impact. This approach misses the fundamental truth that AI is a tool to help achieve existing goals, not a reason to change what succes...

I zipped up to London to share the Platform Engineering Pulse reporthttps://octopus.com/publications/platform-engineering-pulse with the amazing London DevOpshttps://www.linkedin.com/company/londondevops/ group. Afterwards, we spent several hours tal...

You have probably faced the same dilemma. If you let you dependencies get out of date, the chances are you'll harbor a code vulnerability. If you update them too soon, you potentially introduce a malicious version with a supply chain attack. This ma...

An exclusive look at our research data to see how Argo CD stacks up against everything else when it comes to GitOps and software delivery. ...

You want to paint a wall. The fastest way to start is to open the paint tin and start rolling out the color. Except that’s not the quickest way to paint a wall, as expert painters know. If you give a professional this job, they won’t touch the paint ...

We all read the daily announcements about another major company launching a sweeping transformation. We’ve had waves of Agile, digital, omni-channel and cloud-native transformations, and the AI-first transformations are a hazy silhouette on the horiz...

Before You Buy Another AI Tool, Fix These 5 Things... It’s great that you want your developers to be productive. They want this, too. What I struggle to understand in many managers is the stark contrast between their directive adoption of brute-forc...

DORA has been researching software delivery for over a decade, but most people are familiar with their work through their famous four key metrics. This post will help you understand how the metrics have changed and why. I also want to encourage more ...

Our Platform Engineering Pulse reporthttps://octopus.com/publications/platform-engineering-pulse gathered a list of features organizations commonly add to their internal developer platforms. We grouped sample platforms into common feature collections...

GitOps was pitched as a transformative approach to software delivery and infrastructure management, promising better outcomes across multiple dimensions of organizational performance. But, not all GitOps implementations are created equal. Research f...

Platform Engineeringhttps://octopus.com/devops/platform-engineering/ has been around for a while. Interest recently accelerated, however, thanks to its relevance to DevOps. For some, Platform Engineering solves a common DevOps Topologies’ problem: E...

You can use the Continuous Delivery statements to assess your software delivery performance. This technique is interesting as it doesn’t need specific technical practices. Instead, it focuses on what capabilities the technical practices should bring ...