<iframe src="//www.googletagmanager.com/ns.html?id=GTM-TT8R4P" height="0" width="0" style="display:none;visibility:hidden">

Sonatype Blog

Stay updated on the latest news from the makers of Nexus

Jason van Zyl

Recent Posts by Jason van Zyl:

Up Next: Nexus Support for Yum Repositories

The an upcoming release of Nexus OSS will have full support for Yum repositories. Sebastian Herold, with gracious support from IS24, has developed and contributed his code and time to integrate his Nexus Yum Plugin into the Nexus 2.x line. We have heard from many Nexus users, who are heading down the path of continuous delivery, that Yum support in Nexus to deliver RPMs to production servers is a critical requirement. Several of our customers have been using Sebastian's plugin for quite some time and have been impressed and so we're really excited about the integration of Yum functionality into Nexus OSS!

Component Lifecycle Management with your Apache Maven Infrastructure

The way software is being developed has changed over the last ten years, it has shifted from companies developing the vast majority of their own software to a software development approach that depends on open source components that are freely available. Today, the vast majority (upwards of 90%) of Java-based applications are assembled from components. Very little of these applications consist of code that companies build internally. The extent to which open source components are being used is not widely known within companies that have thousands of applications and hundreds of thousands of downloads from the Central repository.

Webinar: Why We Need To Care About OSS Security Now

Let's talk about security. You may have seen that Sonatype released research on the security of some of the most commonly used open source components. To be honest, the results surprised me. However, now that we are aware of the realities, it's important to be practical about this.

Join me for 30 minutes at 11:00AM EDT (GMT-0400) on Thursday, April 12, when I will be sharing some of our findings and my thoughts on how we can build a more healthy open source ecosystem.

Register here

Hope you can make it,

Jason

Sonatype donates Maven 3.x integration, Eclipse Integration to Hudson

We're very excited about the proposed move of Hudson to the Eclipse foundation. To get the project off the right start in its new home, Sonatype has committed to donating all our Maven 3.x related work to the Hudson project. This includes the Maven 3.x integration for Hudson itself, our Eclipse integration, and our Maven Shell integration.

Sonatype supports Hudson's move to the Eclipse Foundation

At Sonatype, we’re very excited about the Hudson proposal that has been posted to the Eclipse Foundation website today. We believe Hudson moving to the Eclipse Foundation is the best way forward for both the Hudson and Jenkins projects. Having Hudson at a mature OSS foundation like Eclipse gives enterprise users the confidence that Hudson will remain vibrant and will continue to grow, and provides an opportunity to reconnect the Jenkins and Hudson communities back into a single focused community. Sonatype supports Eclipse as a Strategic Member because we've been impressed by the infrastructure, process, and approach to project oversight. It's an ideal place for Hudson to mature.

Hudson Plugins, Meet Dependency Injection: JSR330 Support Now Available

Two weeks ago we proposed that [Hudson plugin authors be able to use dependency injection][1] through the JSR-330 standard. This change makes it easier to write Hudson plugins without having to dig into Hudson internals, it provides greater separation between plugins and Hudson core, and it makes it much easier to test plugins without having to bring along core Hudson objects.

These changes are now [in the core of Hudson][2]. Even though JSR330 can now be used by plugin authors these changes should, in no way, affect plugin authors using the existing API. Since this question came up on the mailing list, I'll give a short description of how it works here. The JSR330 integration allows you to take advantage of JSR330, if you wish, by using an alternative plugin strategy. Our new plugin strategy interoperates with the existing, classic plugin strategy. Sonatype's Hudson Professional distribution actually ships with a mixture of JSR330 plugins and classic plugins and we find this works quite well. We tried to make it easier to use new strategies for wiring up plugin, and [Stuart McCulloch has offered this strategy on the Jenkins development list][3] and it appears to have been absorbed as part of [JENKINS-8897][4].

Hudson moves to Github! We're not forking around!

First, I'd like to address some misinformation. The use of Github itself was never an issue. It was how the original movement of the sources to Github was executed, and why, that created tension. Github is just a tool and it is a better choice for source control, at least in the short term, for several reasons: