Ohai Chefs, We’re pleased to announce that today we’ve released Chef Server 12.4.0. We have updated the version of Ruby on Rails in oc-id to fix a number of posted CVEs. Chef Server now has a Universe endpoint, which provides the same output as Supermarket or berkshelf-api universe endpoints. More details can be found here.

Manage 2.1.2 is now available from the Chef downloads site. Manage 2.1.2 is a security release to address a number of Rails CVEs. It is recommended that all users of the Chef Management Console upgrade. The full change log is availble here: https://manage.chef.

Supermarket 2.3.2* is now available. This release contains bug fixes, minor enhancements, and security updates. Supermarket version 2.3.2 is a recommended update for all users running their own instances of Supermarket. Packages are available in the stable repository.

Fully embracing the power of the Chef ecosystem has had a tremendous impact in allowing people to continuously deliver your infrastructure no matter where it lives. With Chef being cloud agnostic as to where it is deployed, it allows people to reliably build out their infrastructure on premise, or to the cloud of their choosing.

Chef Compliance 0.9.11 is now available from the Chef downloads site. This is a minor release update which is recommended for all users of Chef Compliance.

Gannett is a leading media and marketing company whose businesses include USA TODAY, 92 local media organizations in 33 states and Guam, and more than 160 local news brands online in the U.K. You may already be familiar with Gannett’s talk, delivered at re:Invent 2015, USA Today Brings Shadow IT into the Light.

Chef’s Jennifer Davis (@sigje) has published several new articles in the Skills Library. In “Examining Tools with a DevOps Lens”, she discusses how to evaluate tools in terms of how well they foster the DevOps values of collaboration and communication between team members.

We’re big proponents of bringing compliance and security into the development process early and often. As it turns out, so is the Federal Trade Commission (FTC). During the FTC’s “Start with Security” event in Seattle, our own Julian Dunn will join panelists from DocuSign and Socrata for “Integrating Security into the Development Pipeline”.

Have you ever wondered how you would deal with secrets – i.e. API keys, database passwords, and more – within a configuration management framework?