Monthly Archives: March 2012

The Results Are In: Sonatype 2012 Open Source Development Survey

March 13, 2012 By
Charles Gold

I’m pleased to share the results of this year’s Sonatype Open Source Software Development Survey.  We were blown away by the level of participation — more than 2,550 of you took the survey. Thank you to all of you who contributed your thoughts about your tooling, the components you use, and your organizations’ open source […]

Continue reading...

Insight’s Password Security: “a trillion trillion trillion centuries”

Jamie Whitehouse

Sonatype’s writing more and more about security as a part of our launch of the Sonatype Insight service, and while not directly related to our product, I wanted to let people know about a tool I’ve found that could be useful when you are evaluating password security. Passwords are an unavoidable reality these days, not […]

Continue reading...

“There’s no analog to a repository manager in .NET. Until now.”

March 9, 2012 By
Tim O'Brien

John K. Waters from VisualStudio magazine wrote a piece about the .NET support recently released with Nexus 2.0. Read it online. Many of our existing customers have told us that development is becoming increasingly heterogeneous with Java and .NET forming the bulk of most enterprise development efforts. With Nexus you have a single place to […]

Continue reading...

The First Line of Defense: Checksums and PGP Signatures in Repositories

March 7, 2012 By
Tim O'Brien

If you are not currently paying attention to checksums in your repositories, you should, and if you are looking for an extra level of security, you should definitely start signing your releases with PGP signatures. Security issues are rarely the priority in a development effort, but in this case, if you appreciate the importance of […]

Continue reading...

Nexus Pro 2.0.1 Now Available: Minor Security and Stability Issues Fixed

March 5, 2012 By
Rich Seddon

Sonatype Nexus Professional 2.0.1 has been released. This is the first maintenance release for Nexus Professional 2, it contains the following bug fixes. Fixed a bug which prevented a P2 proxy repository from connecting to a remote repository if an HTTP proxy server was configured. (NXCM-3916) Fixed a security bug which could have locked out […]

Continue reading...