<iframe src="//www.googletagmanager.com/ns.html?id=GTM-TT8R4P" height="0" width="0" style="display:none;visibility:hidden">

Sonatype Blog

Stay updated on the latest news from the makers of Nexus

What's Happening in the Land of Open Source Components

It's certainly a busy time for open source component usage. Many of you are familiar with research that we have done that shows the average application now consists of 90% open source components. And we continue to see exponential growth in requests from the Central Repository. In fact, there were 8 Billion requests in 2012 - and it is looking like this year will total up to 13 Billion requests.

Component-Capable Release Management is Key to DevOps

Part 3 — Part 4 Component-Capable Release Management is Key to DevOps – Part 5 Up Next

Taking Advantage of the New and Improved Nexus 2.7

One of the approaches to software that I strongly believe is in taking advantage of the latest product innovations in all new releases. I think it's important to
upgrade to the latest versions of build tools and
components as soon as you can. The benefits of these product improvements
always outweigh the drawbacks of regular
updates that you need to adapt too. And just like in the devops
world, where releasing often makes development easier, upgrading your tools
often will make it easier as well. Deciding to stay with the "stable and
trusted" components and tools can cause you to fall more and more
behind making the pain of upgrading
bigger and bigger. And believe me - the need to upgrade will
arise! Just try using Internet Explorer 6 or Windows 95 on a modern
computer and you'll instantly see what I mean. There's always a cost tradeoff to waiting and we know that cost well in application security. Listen to this great discussion
about the Real
Cost of Waiting to Secure Your Applications

PCI 3.0 - Secure Payment Requires Secure Components

Well there is nothing like an updated specification that drives action or interest in a topic. We're seeing that with the introduction of PCI 3.0. While there are several key updates to the specification, the one I find most interesting reflects the reality of how applications are constructed today - from components. It's great to see this baked into the latest PCI specification and related specifications like OWASP.

Sonatype Nexus Open Source Community Projects

Sonatype Nexus can easily be integrated with external systems due to the fact that all functionality is available via various REST API calls. On the other hand Nexus can be expanded by writing plugins for Nexus that customize it and add further functionality.

DevOps Requires an Optimized Application Delivery Tool Chain

Part 2 -- Part 3 of Component Management Strategy and DevOps -- Part 4 Up Next