A NEW product is coming soon | Try out the NEW Develocity IntelliJ plugin | DPE Summit is a wrap | The NEW DORA report is out | Plus, NEW open DPE positions around the world!


Want to connect with Gradle? Email me at owhite@gradle.com, and have a productive month!

TECHNOLOGY NEWS

Coming soon! Meet Develocity Provenance Governor

Did you know that in just the first half of 2025, over 20,000 new software security vulnerabilities were disclosed? This is more than 3x the number compared to the previous year. 

Unfortunately, AI is being weaponized in many cases; a growingly popular attack vector these days is in exploiting the software toolchain itself—just look at the recent npm and Nx problems. You (and your employer) do NOT want to experience a production shutdown due to a vulnerability exploited from deep within your software toolchain… 

That’s why at JFrog's swampUP conference last month we announced the upcoming availability of Develocity Provenance Governor: a continuous Governance, Risk, and Compliance (GRC) platform for DevOps, along with our first integration partner JFrog and their AppTrust platform. 

This new platform enables your CISO office and DevSecOps teams to shift GRC policy enforcement to the left, meaning fewer costly and risky discoveries down the road. 

Develocity Provenance Governor allows you to evaluate every artifact in every local and CI build in your SDLC, catching various supply chain attack vectors during development and preventing unauthorized or unverifiable toolchain artifacts from ever reaching production. 


General Availability of Develocity Provenance Governor is coming soon, so for now learn more below and reach out to us through the linked form to talk to someone at Gradle.
Learn more

FEATURED UPCOMING EVENT

🌉 DPE Summit 2025 was a success thanks to you!

We have officially wrapped up DPE Summit 2025 and it was a resounding success, thanks to you! Over 500 attendees were present for two-days of all things AI, CI/CD, DPE, DX and everything in between. 


Weren’t able to make it? Or ready to relive all the action? 


You can already watch the DPE Summit keynote sessions from Gradle, Capital One, Netflix, Google and DX, and the rest are coming soon. Look for email updates from us (or visit dpe.org) for the next set of recordings. 


See you in 2026!
Watch videos

BEST PRACTICES

Our new Develocity IntelliJ plugin gives troubleshooting a boost

As developers, we often start from a working state (a "green build"), make a small change, and then iterate several times to get back to a functional, green build. The time it takes for this cycle, the “Inner Development loop”, is crucial for productivity. We know that you can't fix a problem faster than you can build the code, so our goal is two-fold: make builds faster and simplify complex troubleshooting issues.

Our fairly new Develocity IntelliJ plugin (with over 6500 downloads already!) helps achieve this by providing powerful real-time insights for every Gradle build, helping you understand where bottlenecks lie. 

It’s completely free, and doesn’t require a sign up or anything. Here’s what you get:

  • Live Build Timeline: Get immediate insights into your Gradle build performance with a detailed timeline of task execution and resource consumption, all without requiring a Develocity server, subscription, or connection to the public Build Scan service.

  • Streamlined Develocity Configuration: Effortlessly apply and configure the Develocity Gradle plugin to your projects, simplifying the adoption of build performance optimization and troubleshooting.

  • Easy Access to Build Scan®: Access your Build Scan data published to https://scans.gradle.com/ or your Develocity instance from the IDE notification or from the Timeline view.

Learn more about the use cases and detailed benefits in this blog post from the Gradle engineering team.
Learn more

EXPERT TAKES

The DORA 2025 report is out: we use AI more, but trust it less

(Image source)


One of the industry's "holy grails" of research, Google's DevOps Research and Assessment (DORA) team, has a new report out


In addition to a new "DORA AI Capabilities Model" that deserves our eyeballs (see image above), the findings show that AI has had a major impact on software development (no surprise)—adoption levels are through the roof, and trends are generally positive, but the whole picture isn’t all rosy:

  • 90% of those surveyed are using AI at work, but that about one-third of users simply don't trust AI. 

  • 80% of developers report that AI has increased their productivity in this report, and yet other data suggests that AI actually decreases productivity (see here), increases security risks (see here), and has a noticeable impact on change stability, likely due to more code being shipped faster (see here).  

The DORA report does an admirable job presenting the findings and not sugar-coating anything, but if you want a more pointed opinion you can find it here in this DevOps.com post. The author warns of "scaling the wrong work faster" in light of a lack of trust in AI, and describes the behavioral and cultural changes organizations must adopt to be successful with AI at scale. 


The bottom line: everything takes time to mature, and we simply aren't there yet with trusting AI to not make things worse than before. 


p.s. click below to see how DORA, Continuous Delivery, and Develocity all play a role in software delivery excellence!
Learn more

CAREER OPPORTUNITIES

DPE Job Openings

The industry needs you! You might find your dream role among these job openings related to DPE, developer productivity, and engineering leadership. 


NOTE: These postings are active at the time of sending but are subject to change.

Gradle Inc. | 2261 Market Street | San Francisco, CA 94114
Privacy Policy | Unsubscribe