The Inedo Team on May 22nd, 2026.
ProGet 2026 is now available! This major release introduces the Package Vulnerability Rating System (PVRS); a fundamentally new approach to vulnerability management, helping organizations move beyond theoretical severity scores and focus on what actually matters: whether a vulnerability poses real risk in their environment and what...
The Inedo Team on May 14th, 2026.
Modern software teams are inundated with vulnerability alerts. Although open-source dependencies make up most applications, many organizations still prioritize remediation based on worst-case severity rather than real-world risk. This leading to unnecessary upgrades, avoidable regressions, delayed releases, and wasted effort on...
The Inedo Team on April 23rd, 2026.
Modern applications rely heavily on open-source dependencies, which make up most codebases. Organizations rely on tools like repository scanning or automated dependency updating, treating vulnerabilities based on theoretical worst-case severity rather than real-world risk. This can introduce behavior changes that lead to regressions, or...
The Inedo Team on March 3rd, 2026.
Back in 2012, a feature flag at Knight Capital accidentally turned on dormant code, triggering uncontrollable trades and a $440 million loss. This kind of failure shows how risky feature flags can be when they’re misused. If teams rely on them to feel safe instead of really understanding the change, even routine deployments can go badly...
The Inedo Team on February 19th, 2026.
Last year, we sent out the Inedo Snack Box to our members, and we’ll be doing the same again in 2026! Whether you run ProGet, BuildMaster, or Otter, are exploring our products for the first time, or provided feedback during evaluation, your input has helped shape what we build. At Inedo, we describe ourselves as a user-driven company....
The Inedo Team on February 6th, 2026.
Over the past year or so, the number of malicious packages has grown beyond anyone’s wildest expectations. The rapid, 10,000%+ increase has caused scaling challenges in systems like ProGet, which are designed to detect and block these harmful packages. For ProGet, this translated to timeouts and slowness when processing data...
The Inedo Team on January 15th, 2026.
Have you ever noticed how small, everyday issues start piling up while your team is focused on delivering those “big” or “transformative” changes? Hidden dependencies, and operational pressure build into bigger problems: backlogs that never shrink, urgent requests slipping through, and teams constantly putting out fires. What begins as...
The Inedo Team on December 2nd, 2025.
Small delays, hidden dependencies, and tightly coupled systems can turn even minor updates into major headaches. Teams fall short of achieving what was intended as backlogs grow, urgent orders slip, and firefighting becomes the norm. Our latest webinar looks at these challenges through the story of LogistiCorp, a mid-sized...
The Inedo Team on November 20th, 2025.
In ProGet 2025.14, we introduced two additional compliance rules to help you vet and monitor open-source packages in your organization. These are considered ProGet 2026 preview features, and represent our general roadmap focus for next year’s release: Software Composition Analysis (SCA) and security. In this article, we’ll...
The Inedo Team on November 7th, 2025.
Although ProGet 2025.14 is a maintenance release, it has three major changes to Debian feeds. We would normally wait until ProGet 2026 for this kind of update, but we’re racing against the clock. There are some upcoming changes in Debian 13 (Trixie) that will not be compatible with ProGet. This blog post serves as a combination of...