<iframe src="//www.googletagmanager.com/ns.html?id=GTM-TT8R4P" height="0" width="0" style="display:none;visibility:hidden">

Sonatype Blog

Stay updated on the latest news from the makers of Nexus

Banking on Built-in Security Checks

You’ve seen the headlines: Financial services are a top target for hackers. From breaches at Anthem to cyberattacks at JPMorgan Chase, cybercrime has repeatedly been bad news for financial services companies, affecting not just customer accounts but share prices as well.

Impressions from DevOpsDays Vancouver 2016

DevOpsDays are always a great event for a geek to attend. You get to chat to fellow hackers and coders and therefore people, who actually understand what you are talking about. The vibe that results from these conversations is always amazing. Presenting is definitely a challenge, but great if you can pull it off. Let’s see how I fared at DevOpsDays Vancouver 2016.

Sonatype Releases Nexus Repository 3.0

Today, we are very excited and happy to announce an update to one our flagship technologies: Sonatype’s Nexus Repository.  With the latest release we build on previous capabilities to provide the first, completely free, repository manager supporting the world’s most popular component formats.

Intuit’s DevSecOps: War Games, Gamification, and Culture Hacking

Wow, if you ever wanted to learn about Rugged DevOps (some call in DevSecOps), sit down for a spell with Shannon Lietz, Ian Allison, and Scott Kennedy from Intuit. We discussed a number of important topics including internal war games, culture hacking, gamification of Rugged DevOps, and starting as a small team. There are 100 gold nuggets in this conversation for novices and experts alike. Just yesterday Shannon shared her story on the first stop of the Nexus World in Dallas TX. She'll also be with us in Chicago on April 27th. To catch Shannon as a keynote on the Nexus World Tour, register here

Lessons Learned Again #npmgate

The recent events in the world of JavaScript developers and npm definitely caused a storm on twitter and the internet in general. If you want to find out more around the kik package, the trademark threats, the unpublishing of the left-pad package and the resulting breakage of packages and builds everywhere, check out this recap.

No matter what your personal opinion is about who is at fault and what should be done about this – there are definitely a few lessons to be learned. Some will be new to you and old to others, but together they constitute a valuable step forward. If we followed these ideas, npm gate might never have happened the first place:

Don’t Fall for Lawyer Threats Immediately. 

Continuous Delivery: The Atlassian Way

At the recent DEVNEXUS conference in Atlanta, Sonatype’s Mark Miller (@TSWAlliance) caught up with Ian Buchanan (@devpartisan) for our 2016 DevOps Leadership Series. Ian discussed his experiences at Atlassian, including continuous delivery, ChatOps, and use of tools like Bamboo, Nexus, Puppet, and Datadog.

Faster, Smarter DevOps

Call it DevOps or not, if you are concerned about releasing more code faster and at a higher quality, the resulting software delivery chain and process will look and smell like DevOps. But for existing development teams, no matter what the velocity objective is, getting from here to there is not something that can be done without a plan.