Hubbry Logo
Artifact (software development)Artifact (software development)Main
Open search
Artifact (software development)
Community hub
Artifact (software development)
logo
7 pages, 0 posts
0 subscribers
Be the first to start a discussion here.
Be the first to start a discussion here.
Artifact (software development)
Artifact (software development)
Artifact (software development)
View on Wikipedia
from Wikipedia

An artifact is one of many kinds of tangible by-products produced during the development of software. Some artifacts (e.g., use cases, class diagrams, requirements and design documents) help describe the function, architecture, and design of software. Other artifacts are concerned with the process of development itself—such as project plans, business cases, and risk assessments.

The term artifact in connection with software development is largely associated with specific development methods or processes e.g., Unified Process. This usage of the term may have originated with those methods.

Build tools often refer to source code compiled for testing as an artifact, because the executable is necessary to carrying out the testing plan. Without the executable to test, the testing plan artifact is limited to non-execution based testing. In non-execution based testing, the artifacts are the walkthroughs, inspections and correctness proofs. On the other hand, execution based testing requires at minimum two artifacts: a test suite and the executable. Artifact occasionally may refer to the released code (in the case of a code library) or released executable (in the case of a program) produced, but more commonly an artifact is the byproduct of software development rather than the product itself. Open source code libraries often contain a testing harness to allow contributors to ensure their changes do not cause regression bugs in the code library.

Much of what are considered artifacts is software documentation.

In end-user development an artifact is either an application or a complex data object that is created by an end-user without the need to know a general programming language. Artifacts describe automated behavior or control sequences, such as database requests or grammar rules,[1] or user-generated content.

Artifacts vary in their maintainability, which is primarily affected by the role the artifact fulfills. The role can be either practical or symbolic. In the earliest stages of software development, artifacts may be created by the design team to serve a symbolic role to show the project sponsor how serious the contractor is about meeting the project's needs. Symbolic artifacts often convey information poorly, but are impressive-looking. Symbolic artifacts are sometimes referred to in the information architecture industry[like whom?] as illuminated scrolls, because the decorations do nothing to enhance understanding. Generally speaking, symbolic artifacts are also considered unmaintainable due to the diligence it requires to preserve the symbolic quality. For this reason, once symbolic artifacts are shown to the project sponsor and approved, they are replaced by artifacts which serve a practical role. Practical artifacts usually need to be maintained throughout the project lifecycle, and, as such, are generally highly maintainable.

Artifacts are significant from a project management perspective as deliverables. The deliverables of a software project are likely to be the same as its artifacts with the addition of the software itself.

The sense of artifacts as byproducts is similar to the use of the term artifact in science to refer to something that arises from the process in hand rather than the issue itself, i.e., a result of interest that stems from the means rather than the end.

To collect, organize and manage artifacts, a software development folder may be utilized.

See also

[edit]

References

[edit]

Further reading

[edit]
Revisions and contributorsEdit on WikipediaRead on Wikipedia

Artifact (software development)

View on Grokipedia
from Grokipedia
In , an artifact refers to any tangible or intangible byproduct produced during the creation of software, including source code, design documents, executables, data models, prototypes, and workflow diagrams. These artifacts emerge across various stages of the development lifecycle, from requirements gathering to deployment, and serve as essential records of the system's architecture, , and functionality. They are critical for facilitating team , enabling , supporting testing and , and aiding in maintenance and scalability efforts. In modern practices like agile and , artifacts are often stored in repositories for automated pipelines, ensuring and in continuous integration and delivery processes.

Overview

Definition

A software artifact is any tangible or intangible item produced as a byproduct during the lifecycle, intended to describe, implement, or support the architecture, design, function, or deployment of software. These artifacts exhibit key characteristics such as being versioned to track changes, traceable to related elements in the development process, and evolving iteratively as the project progresses. For instance, serves as a primary artifact representing the implementation, while derived items like executables embody the functional output. In , artifacts refer to purposeful, engineered outputs integral to systematic processes, distinct from archaeological artifacts which are historical relics without such developmental intent. The term originated in structured methodologies during the late 1990s, notably with the (RUP), and was formalized in the (UML) 1.0 specification adopted in 1997.

Historical Development

The concept of software artifacts in originated in the 1970s and 1980s, amid the rise of and efforts to address the through formalized practices. As software systems grew more complex, the need for tangible by-products like requirement specifications, design documents, and test plans became evident to ensure and quality. A pivotal standard in this era was IEEE Std 829-1983, which defined a set of basic documents for , including test plans, test designs, and test reports, to support the dynamic execution of procedures and verification of software functionality. The 1990s marked key milestones in formalizing artifacts within object-oriented and lifecycle frameworks, driven by influential figures such as and . Booch's seminal book Object-Oriented Design with Applications (1991) outlined methods for object-oriented system design, emphasizing artifacts like class diagrams and module charts to model structure and behavior, thereby promoting reuse and modularity. Building on this, Booch, Jacobson, and James Rumbaugh collaborated at to develop the (UML) in 1997, a standardized notation for specifying, visualizing, and documenting software artifacts to bridge analysis and implementation. Jacobson's earlier work on use case-driven development, introduced in his 1992 book Object-Oriented Software Engineering, further shaped artifact practices by focusing on behavioral models derived from user requirements. The (RUP), formalized in 1998, integrated UML into an iterative process framework that produced and managed artifacts across disciplines like , and design. Concurrently, ISO/IEC 12207 (published 1995 and revised in 2008) provided a global standard for software lifecycle processes, defining activities that generate artifacts from acquisition through retirement to ensure consistency across development stages. In the post-2000 era, evolving methodologies shifted the role of artifacts toward efficiency and automation. The Agile Manifesto, published in 2001 by a group of software leaders including Jacobson, prioritized working software over comprehensive documentation, advocating for lightweight artifacts like user stories and backlogs to foster collaboration while minimizing overhead. This agile influence persisted into the 2010s with the emergence of , where practices emphasized binary artifacts—such as compiled executables and container images—integrated into pipelines to enable rapid, reliable deployments. Complementing these shifts, the version 1.0, released in 2000 by the , incorporated artifact management into its process areas for assessing and improving maturity, drawing on prior models to align artifacts with organizational goals.

Classification

Engineering Artifacts

Engineering artifacts in refer to the tangible technical outputs produced during the design, implementation, and deployment phases, serving as the foundational elements for constructing executable software systems. These artifacts encapsulate the core technical specifications and implementations that enable the realization of software functionality, distinguishing them from administrative or planning documents. Core types of engineering artifacts include , which forms the human-readable instructions in programming languages; UML diagrams such as class diagrams for structural modeling, sequence diagrams for interaction flows, and deployment diagrams for system distribution; executable binaries that result from compilation; configuration files that define runtime parameters; and APIs that specify interfaces for component interactions. In the design phase, engineering artifacts often manifest as use case models outlining user interactions and architectural blueprints depicting high-level system structures, providing a blueprint for subsequent implementation. During the implementation phase, these evolve into compiled libraries, such as JAR files in Java environments, and automation scripts that facilitate build and deployment processes. These artifacts are typically or model-based, meaning they can be directly interpreted by machines to produce working software components, and they are frequently generated or edited using integrated development environments (IDEs) like or . In pipelines, engineering artifacts constitute the primary "build" outputs, such as binaries and packaged deployments, which are versioned and tested iteratively to ensure system integrity. Engineering artifacts align with established standards for consistency and , particularly UML 2.5 (2015), which defines a graphical notation for specifying and documenting modeling artifacts like diagrams and deployment configurations in object-oriented systems. Additionally, they adhere to (2000), now evolved into ISO/IEC/IEEE 42010:2022, which provides a framework for architectural descriptions as concrete artifacts representing system and models.

Management Artifacts

Management artifacts in encompass the documents, templates, and outputs that facilitate , monitoring, and control of the development process, ensuring alignment with project objectives and stakeholder expectations. These artifacts support by providing a structured record of decisions, progress, and compliance, distinct from technical elements by focusing on process oversight rather than details. They are essential for coordinating teams, mitigating uncertainties, and demonstrating throughout the software lifecycle. Core types of management artifacts include requirements specifications, which outline stakeholder needs and system functionalities; project plans, which detail timelines, resources, and milestones; risk assessments, which identify potential threats and strategies; test plans, which define testing scopes and criteria; and user manuals, which provide guidance for end-users post-deployment. Requirements specifications serve as the foundational reference for development, while project plans allocate efforts across phases. Risk assessments, often in the form of registers, prioritize issues based on likelihood and impact. Test plans ensure systematic validation, and user manuals bridge the gap between delivery and operational use. Specific examples illustrate their application: the Software Requirements Specification (SRS) follows ISO/IEC/IEEE 29148:2018, recommending a structured format with sections on purpose, scope, definitions, and specific requirements to promote clarity and verifiability. Gantt charts, used in project plans for scheduling, visualize task dependencies and durations on a timeline to track progress in software projects. Traceability matrices link requirements to elements, code implementations, and tests, enabling verification that all needs are addressed and facilitating . These artifacts are primarily textual or tabular in nature, designed for ease of review, revision, and sharing among stakeholders to support compliance with regulatory or contractual obligations and to enhance communication across distributed teams. They evolve iteratively, starting from high-level overviews in early phases—such as preliminary risk assessments—and progressing to detailed versions, like comprehensive test plans, as the project advances and more information becomes available. This progression ensures adaptability while maintaining a historical for post-project reviews. Management artifacts align with established standards for quality and , including ISO 9001:2015 for systems, which, through guidelines in ISO/IEC 90003:2018, mandates documented plans and records tailored to software processes to achieve consistent outcomes and . Similarly, the PMBOK Guide (7th edition, 2021) from the categorizes them as key deliverables, such as charters and risk registers, to support effective project delivery in software contexts. These ties promote standardized practices that reduce variability and enhance project success rates.

Role in Software Processes

In Traditional Methodologies

In traditional software development methodologies, such as the , artifacts are generated sequentially across distinct phases to ensure a structured progression from requirements to maintenance. During the requirements phase, the primary artifact is the (SRS) document, which outlines functional, non-functional, and quality requirements derived from stakeholder needs. In the design phase, artifacts include detailed design documents like data flow diagrams (), which model the system's processes, data movements, and component interactions to guide architectural decisions. The implementation phase produces modules and associated configuration items, translating the design into executable software components. Testing artifacts, standardized under IEEE 829, encompass test plans, cases, procedures, logs, and reports to verify functionality through unit, integration, and system-level testing. Finally, the maintenance phase generates change logs, modification requests, and updated documentation to track enhancements, bug fixes, and impact analyses. The process flow in these methodologies emphasizes linear advancement, where artifacts are produced in sequence and subjected to formal reviews at phase gates, such as requirements reviews for validation and design inspections for . These reviews, often managed by a Configuration Control Board (CCB), ensure completeness, traceability, and compliance before transitioning to the next phase, with customer approvals serving as milestones. This approach prioritizes comprehensive documentation to establish baselines, facilitating auditability and contractual adherence in large-scale projects. One advantage of this artifact-centric process is enhanced from requirements through to deployment, promoting predictability and suitability for environments with requirements. However, it can result in outdated artifacts if requirements change mid-process, leading to inflexible rework and high costs due to late defect discovery. Historically, these practices were formalized in defense software projects under DoD-STD-2167A (1988), which mandated extensive artifact sets—including detailed SRS, design specifications, and test documentation—for mission-critical systems to enforce rigorous quality and .

In Agile and DevOps

In Agile methodologies, artifacts emphasize minimal viable documentation to support iterative development and rapid feedback, prioritizing working software as the core deliverable over exhaustive specifications. The Agile Manifesto explicitly values "working software over comprehensive documentation," positioning executable code as the primary artifact that demonstrates progress and value to stakeholders. This shift reduces reliance on traditional documents like full software requirements specifications (SRS), favoring lightweight alternatives such as user stories, which capture user needs in concise, prioritized formats to guide development without extensive elaboration. Key Agile artifacts include the product backlog and sprint backlog, which serve as dynamic, ordered lists of work items refined collaboratively by the team. The , managed by the product owner, represents an emergent plan for product evolution, while the sprint backlog outlines selected items and an actionable plan for a specific , ensuring focus on achievable goals. During sprint reviews, teams inspect the increment—a potentially shippable product version—and adapt the based on feedback, integrating artifacts into short cycles (typically 1-4 weeks) to foster continuous improvement. Burndown charts, though not official artifacts in the Scrum framework, are widely used by practitioners to visualize remaining work versus time, aiding transparency in sprint progress. In the Scrum framework, originally outlined in 1995 and updated in the 2020 guide, these artifacts promote adaptability by evolving through refinement and inspection rather than rigid upfront planning. DevOps extends Agile principles by incorporating binary artifacts into continuous integration and continuous delivery (CI/CD) pipelines, enabling automated builds, testing, and deployments for faster release cycles. Examples include Docker container images, which package applications and dependencies for consistent runtime environments, and Helm charts, which define deployments as OCI-compliant artifacts to streamline orchestration in cloud-native settings. (IaC) further treats configuration files, such as Terraform scripts, as versioned artifacts that declaratively provision and manage resources, ensuring infrastructure aligns with application needs through . Artifacts in Agile and DevOps processes are versioned within sprints or releases using tools like , which integrates with backlogs and pipelines to track changes and maintain a . This versioning supports reproducibility by enforcing deterministic builds in , where identical inputs yield consistent outputs, minimizing deployment risks and enhancing reliability across environments. The focus on deployment readiness is evident in practices like GitOps, where declarative configurations in repositories automatically reconcile desired states with live systems, automating artifact management for infrastructure and applications in production.

Management and Tools

Artifact Repositories

Artifact repositories are specialized storage systems designed to manage, version, and distribute software artifacts generated during the development lifecycle, such as compiled binaries, libraries, and packages. These repositories serve as centralized or distributed hubs that facilitate collaboration across development teams, pipelines, and deployment environments by providing reliable access to artifacts while ensuring reproducibility and consistency in builds. Unlike source code repositories, which focus on textual files, artifact repositories handle immutable binary outputs to support efficient sharing and reduce redundant builds. There are primarily two types of artifact repositories: binary-specific repositories tailored for particular formats, such as files in ecosystems or packages in environments, and universal repositories that support multiple package formats including Docker images, Python wheels, and packages. Binary repositories optimize storage and retrieval for domain-specific needs, while universal ones offer flexibility for polyglot development teams managing diverse technologies. Prominent examples include JFrog Artifactory, which provides universal support across over 30 package types, and Sonatype Nexus Repository, known for its robust handling of Maven and artifacts. Key features of modern artifact repositories include metadata tagging for tracking artifact provenance and dependencies, fine-grained access controls to enforce role-based permissions, and integrated vulnerability scanning to detect known security issues in stored components. These systems often integrate seamlessly with build tools like and , allowing automated publishing and resolution of artifacts during the build process. For instance, repositories can attach metadata such as build timestamps or scan results to artifacts, aiding in compliance and auditing. The concept of artifact repositories emerged prominently with the release of Apache Maven 1.0 in 2004, which introduced standardized dependency management and remote repository protocols to address the fragmentation in Java build environments. This evolution has since aligned with security standards from the Open Web Application Security Project (OWASP), particularly in guidelines for artifact integrity validation to mitigate supply chain risks in CI/CD pipelines. These repositories complement version control systems by focusing on built outputs rather than source files.

Version Control Integration

Version control integration enables the tracking and evolution of software artifacts, such as , binaries, and , by leveraging systems that record changes over time. , created in 2005 by to manage development, has emerged as the dominant system due to its efficiency in handling non-linear workflows. Core mechanisms include branching to create parallel development lines, merging to integrate changes from those branches, and tagging to mark significant points like releases. For binary artifacts, which are inefficient to version directly in due to their size, Git Large File Storage (LFS) extends the system by replacing large files with lightweight text pointers while storing the actual content on a remote server, maintaining the standard Git workflow. Artifacts are integrated with through direct linkages to commits, ensuring . For instance, tags—lightweight or annotated pointers to specific commits—can denote release points, embedding commit hashes into build artifacts for verification. This allows teams to associate generated binaries or packages with exact code states. Text-based artifacts, such as documentation in or , benefit from Git's delta compression, which stores only differences between versions in pack files, optimizing storage and retrieval for iterative updates. A key challenge addressed by integration is , achieved by pinning artifacts to specific versions via tags or commit references, preventing drift in dependencies or builds. Semantic Versioning (SemVer) 2.0.0, released in 2013, provides a standardized scheme for artifact releases using MAJOR.MINOR.PATCH numbering: major increments for incompatible changes, minor for backward-compatible additions, and patch for bug fixes, facilitating predictable evolution and dependency management. Platforms like and support these workflows by automatically generating and linking artifacts to commits during , with features for uploading build outputs tied to workflow runs. Similarly, Jenkins, an open-source CI tool, generates versioned build artifacts using the archiveArtifacts step, fingerprinting files to track origins and enable reproducible pipelines.

Challenges and Best Practices

Common Challenges

One major challenge in managing software artifacts is ensuring , which involves linking elements across development phases such as requirements, , , and tests. Inadequate traceability links between artifacts can hinder developers in tracking bug origins or changes, often resulting in inconsistencies like outdated requirements that no longer align with implemented . For instance, in environments, manual tracing before automation leads to disconnected tools (e.g., Scrum boards and code repositories), causing sporadic tagging and reduced visibility into artifact evolution. This issue is exacerbated in complex systems, where heterogeneity among multiperspective artifacts complicates and . Another persistent issue is artifact bloat and maintenance overhead, which varies by methodology. In traditional approaches like , the emphasis on comprehensive upfront documentation often results in overproduction of artifacts, creating excessive records that serve communication and but impose significant maintenance burdens without proportional value in dynamic projects. This documentation-heavy nature can lead to rigidity and delays, as teams must update voluminous artifacts sequentially. Conversely, in agile and iterative methods, rapid development cycles contribute to artifact drift—where artifacts degrade over time due to repeated changes and software , such as cyclic dependencies or code duplication that increase and reluctance to refactor. Handling this degradation requires ongoing effort to prevent inconsistencies, yet agile's preference for minimal artifacts can overlook long-term maintenance needs in large-scale settings. Security risks associated with software artifacts, particularly third-party components, pose substantial threats through vulnerabilities. Attacks like the 2020 SolarWinds incident, where malicious code was embedded in software updates, and the 2024 XZ Utils backdoor, in which a malicious contributor inserted code into the open-source compression library potentially compromising millions of systems, exploited trusted artifacts in the and highlighted the dangers of unverified external dependencies. As of 2025, attacks have doubled in frequency compared to early 2024. These risks extend to challenges in large repositories, where storage costs escalate from accumulating redundant binaries without effective lifecycle management, and performance bottlenecks slow pipelines due to inefficient retrieval. Managing multi-format artifacts in distributed environments further amplifies compliance issues, as unmonitored repositories become hotspots for hidden vulnerabilities. Interoperability challenges arise from format mismatches between diverse development tools, impeding seamless artifact exchange and integration. Variations in data representation—such as case sensitivity, abbreviations, punctuation, or date formats (e.g., "2024-03-17" vs. "March 17, 2024")—complicate normalization across software bills of materials (SBOMs), leading to errors in merging or analyzing artifacts from different suppliers or tools. Tooling incompatibilities between standards like SPDX and CycloneDX exacerbate this, as even within SPDX, imprecise definitions of elements result in misaligned outputs despite its role in standardizing licensing metadata and provenance. These issues are particularly acute in complex product lines with inconsistent naming conventions, requiring additional effort to achieve coherence.

Best Practices

In , best practices for artifact creation emphasize minimalism to prioritize delivering value quickly, as articulated in the Agile Manifesto's principle of valuing working software over comprehensive documentation. This approach encourages teams to produce only essential artifacts, such as lightweight user stories or minimal viable documentation, to avoid overhead while still capturing critical requirements and designs. To ensure across artifacts like requirements, designs, and tests, tools such as ReqView can be employed to link elements systematically, facilitating impact analysis and compliance verification throughout the development lifecycle. Effective management of software artifacts involves automating their generation within continuous integration and continuous delivery (CI/CD) pipelines to streamline workflows and reduce manual errors. For instance, integrating build tools in CI/CD environments ensures that artifacts like binaries or deployment packages are produced consistently on every commit, enhancing reliability. Regular audits are recommended to identify and mitigate obsolescence in artifacts, such as outdated dependencies or deprecated specifications, by reviewing their relevance and updating them periodically to maintain system integrity. In DevOps contexts, adopting immutable artifacts—where once created, they cannot be altered—promotes reproducibility by guaranteeing that the same artifact behaves identically across environments, from testing to production. Quality assurance for artifacts relies on peer reviews to catch inconsistencies or errors early, fostering knowledge sharing and adherence to coding standards among team members. Automated validation techniques, including linting for artifacts, complement this by enforcing style and rules programmatically during the build process. Artifacts should also comply with established standards like ISO/IEC 25010, which defines characteristics such as functional suitability, reliability, and to evaluate and improve software product quality systematically. For successful adoption, organizations should begin with core artifacts in small teams, focusing on essentials like and basic tests before scaling to encompass the full lifecycle, including deployment scripts and monitoring configurations. Large-scale implementations, such as Google's use of a strategy, demonstrate how centralized repositories can enforce artifact consistency across vast codebases, enabling uniform versioning and dependency management for thousands of developers.

References

  1. https://jfrog.com/learn/devops/software-artifact/
  2. https://www.techtarget.com/searchsoftwarequality/definition/artifact-software-development
  3. https://www.harness.io/harness-devops-academy/what-is-a-software-artifact
  4. https://www.leanix.net/en/wiki/trm/software-artifacts
  5. https://www.omg.org/cgi-bin/doc?formal/01-09-72.pdf
  6. https://cloudsmith.com/blog/artifact-management-a-complete-guide
  7. https://www.researchgate.net/publication/220018149_The_Rational_Unified_Process--An_Introduction
  8. https://nikthompson.com/PDF/Platt-Thompson-2014-EvolutionofUML.pdf
  9. https://ieeexplore.ieee.org/document/573169/
  10. https://books.google.com/books/about/Object_Oriented_Design_with_Applications.html?id=w5VQAAAAMAAJ
  11. https://sourcemaking.com/uml/basic-principles-and-background/history-of-uml-methods-and-notations
  12. https://pmc.ncbi.nlm.nih.gov/articles/PMC3927817/
  13. https://www.cscjournals.org/manuscript/Journals/IJSE/Volume5/Issue2/IJSE-142.pdf
  14. https://www.oocities.org/mtarrani/ISO12207WhitePaper.pdf
  15. https://www.uml-diagrams.org/artifact.html
  16. https://www.omg.org/spec/UML/2.5.1/About-UML
  17. https://www.visual-paradigm.com/guide/uml-unified-modeling-language/what-is-uml/
  18. https://www.omg.org/spec/UML/2.5/
  19. https://www.iso.org/standard/74393.html
  20. https://www.pmi.org/-/media/pmi/documents/public/pdf/pmbok-standards/models-methods-artifacts-explainer.pdf
  21. https://standards.ieee.org/ieee/29148/6279/
  22. https://www.pmi.org/learning/library/gantt-charts-keep-projects-track-6901
  23. https://www.perforce.com/resources/alm/requirements-traceability-matrix
  24. https://www.walturn.com/insights/understanding-iso-9001-and-90003-for-software-quality-management
  25. https://ieeecs-media.computer.org/media/education/swebok/swebok-v4.pdf
  26. https://apps.dtic.mil/sti/tr/pdf/ADA294481.pdf
  27. https://agilemanifesto.org/
  28. https://www.agilealliance.org/glossary/user-stories/
  29. https://scrumguides.org/scrum-guide.html
  30. https://www.atlassian.com/agile/scrum/artifacts
  31. https://docs.docker.com/docker-hub/repos/manage/hub-images/oci-artifacts/
  32. https://developer.hashicorp.com/terraform/tutorials/aws-get-started/infrastructure-as-code
  33. https://glossary.cncf.io/gitops/
  34. https://jfrog.com/learn/devops/software-artifact-repository/
  35. https://www.sonatype.com/blog/2009/04/what-is-a-repository
  36. https://www.harness.io/blog/best-artifact-repository-tools
  37. https://docs.cloud.google.com/artifact-registry/docs/analysis
  38. https://www.kusari.dev/learning-center/artifact-repository
  39. https://tomgregory.com/gradle/the-unknown-maven-repository-system-powering-java/
  40. https://maven.apache.org/docs/history.html
  41. https://owasp.org/www-project-top-10-ci-cd-security-risks/CICD-SEC-09-Improper-Artifact-Integrity-Validation
  42. https://git-scm.com/book/en/v2/Git-Basics-Tagging
  43. https://git-lfs.com/
  44. https://mlip-cmu.github.io/book/24-versioning-provenance-and-reproducibility.html
  45. https://semver.org/
  46. https://docs.github.com/en/actions/concepts/workflows-and-actions/workflow-artifacts
  47. https://www.jenkins.io/doc/pipeline/tour/tests-and-artifacts/
  48. https://dl.acm.org/doi/10.1145/3639478.3643126
  49. https://dl.acm.org/doi/fullHtml/10.1145/3593434.3593451
  50. https://dl.acm.org/doi/abs/10.1007/s00766-009-0096-6
  51. https://dl.acm.org/doi/fullHtml/10.1145/1060710.1060712
  52. https://cacm.acm.org/research/agile-project-management/
  53. https://www.researchgate.net/publication/221307555_Maintenance_and_Agile_Development_Challenges_Opportunities_and_Future_Directions
  54. https://www.fortinet.com/resources/cyberglossary/solarwinds-cyber-attack
  55. https://www.sonatype.com/blog/software-supply-chain-attacks-solarwind-how-developers-fortify-apps
  56. https://www.cisa.gov/news-events/alerts/2024/03/29/reported-supply-chain-compromise-affecting-xz-utils-data-compression-library-cve-2024-3094
  57. https://cyble.com/blog/supply-chain-attacks-double-in-2025/
  58. https://www.harness.io/harness-devops-academy/scaling-artifact-registries
  59. https://www.verbat.com/blog/the-software-development-bottleneck-no-one-talks-about-artifact-management-at-scale/
  60. https://www.mitre.org/sites/default/files/2024-10/PR-24-2647-Data-Normalization-Challenges-Mitigations-Software-Bill-Of-Materials-Processing.pdf
  61. https://www.linuxfoundation.org/press/featured/spdx-becomes-internationally-recognized-standard-for-software-bill-of-materials
Add your contribution
Related Hubs
User Avatar
No comments yet.