<iframe src="//www.googletagmanager.com/ns.html?id=GTM-TT8R4P" height="0" width="0" style="display:none;visibility:hidden">

Sonatype Blog

Stay updated on the latest news from the makers of Nexus

Security by Design: The Benefits of Building Quality In

I recently sat down with Pete Erickson, founder of Modev, to discuss the recent findings from our 2016 State of the Software Supply Chain Report.  The conversation is available in the Security by Design podcast series that Pete has produced and made available on iTunes.  

Mapping the JavaScript Genome for DevOps

From artisan to automation.  High performing organizations are using DevOps principles to boost productivity, streamline software supply chains, and improve quality.  These organizations are swiftly moving away from their artisanal approaches of crafting software to the high-velocity, automated practices where applications are more manufactured than developed.

DevOps Express: How It Happened and Why We Did It

“Being able to take needless work out of the system is more important than being able to put more work into the system.” This is one of my favorite quotes from Gene Kim’s book, The Phoenix Project, and it plays directly into why we're announcing the DevOps Express initiative today.

Nexus Repository Rising: Say Hello to the New Pro

Free Birds, Free Coffee, and Free Willy.  Software development  is hard enough, so we’re making it easier.  You see, a few years ago Sonatype made a promise that Nexus Repository should provide universal component support for free.  This month, we are continuing to live up to that promise by expanding component support in Nexus Repository OSS to include PyPI and RubyGems packages. Nexus Repository now offers free support for seven components types.  For those who thought we only supported Java components, you must be thinking of the other guys.  

All Day DevOps Conference: Bringing DevOps to the World

An Audacious Plan

The global audience for DevOps is expanding faster than any one person or company can keep up with. While DevOps Days and other regional events provide invaluable support to their local communities, we want to create a global event, offering the best lineup of speakers.  We also wanted to make sure that anyone, anywhere can attend -- so we set a high bar for our organizing team...and they delivered: $0 registration.

Government Spotlight:  DevOps Accelerates Cyber Security

A Tale of Two Quakes

In 2010, a 7.0-magnitude earthquake devastated Haiti. The quake killed an estimated 230,000 people and sparked a massive global assistance response.  We all remember this tragedy.  Yet, six weeks later, a far stronger earthquake (8.8 magnitude) shook Chile. That quake killed 279 people and we saw fewer news headlines and a subdued global response.

Government Asks: What’s in Your Software?

U.S. Government pays closer attention to software components

Multiple agencies across the U.S. government are paying closer attention to the software they are buying.  More specifically, they want to know what open source and third party components were used to build the software applications.  The report notes: