Author Archives: Wayne Jackson

Part 2: The Internet of Everything: Code, Cars, and More


July 24, 2014 By
Wayne Jackson
Bill of Materials

In part one of my blog, It’s Just the Way Software is Made, I discussed the realities of how software is made, the birth of agile development, and the advent of component-based software development. Today, we will drive down the software supply chain to understand where your software has really coming from. I’ll also discuss why it’s important for us to instill high quality standards and governance policies in our “parts” ecosystem.

Continue reading...

Part 3: The Internet of Everything: Code, Cars, and More


July 21, 2014 By
Wayne Jackson
Component Complexity

In part two of my blog ‘A Closer Look at Today’s Software Supply Chain’, I discussed why human-speed supply chain management can’t keep pace with today’s agile software development practices and why high quality software components are not simply a given. In this final segment, I will share a real world story on how thousands of organizations sourced one “bad part” named Bouncy Castle in 2013.

Continue reading...

Part 1: The Internet of Everything: Code, Cars, and More


July 17, 2014 By
Wayne Jackson
Automobile Supply Chain

Just like automobile manufacturers, software “manufacturers” need to apply supply chain management principles for both efficiency and quality. They need to be prepared to conduct a rapid and comprehensive “recall” when a defect is found. And today’s modern development practices make this, well, challenging to say the least.

Continue reading...

The 2014 Survey: Marked by an Industry Shock Wave


June 20, 2014 By
Wayne Jackson
2014 Open Source Survey

Wow! What an amazing turnout we had for our 4th annual survey: 3,353 participants this year brings us to over 11,000 participants in the four years we’ve run this survey. I would like to extend a BIG THANK YOU to all who participated! The survey started with a bang and was quickly followed by a shock wave. Just a week after our 2014 survey kicked off this year, the tech world was thrown off by the announcement of the Open SSL bug dubbed Heartbleed.

Continue reading...

Are we doing enough to prevent future “bleeding hearts”?


April 11, 2014 By
Wayne Jackson
Heartbleed Bug

As the HeartBleed bug wreaked havoc on the internet over the past few days, we at Sonatype began thinking about the lessons learned from this recent scare and how, collectively, we can develop a process for mitigating the next major exposure.

Continue reading...

Who Really Wrote Healthcare.gov?


December 23, 2013 By
Wayne Jackson
Healthcare.gov

Opening a Dialogue About Supply Chain Risk Management in a World Powered by Open Source Software. As Marc Andreessen famously observed, “software is eating the world”. The proliferation of software is, indeed, transformational – it is everywhere, in laptops, of course, but also in cars, planes, phones, pacemakers, insulin pumps, refrigerators, thermostats, you name it. […]

Continue reading...

The Next Step in Transforming Software Development


September 19, 2011 By
Wayne Jackson

Today we announced Sonatype Insight™, a new product line designed to help application development organizations gain better visibility and control over their use of open source components. This is an exciting step in the evolution of Sonatype. From our early beginnings with the Apache Maven project, to our leadership on such key projects as Nexus, […]

Continue reading...

Our Focus on Advancing Hudson and Making Great Software


February 1, 2011 By
Wayne Jackson

Sonatype’s perspective regarding the Hudson Project is pretty simple: we have been and will continue to be committed to advancing Hudson and making better software available to the community of Hudson users. Very recently, Sonatype completed significant development in the evolution of Hudson’s core architecture. The benefits of these changes include better leveraging of industry […]

Continue reading...

Why Nexus Moved to the Affero General Public License


January 4, 2011 By
Wayne Jackson

When Sonatype originally chose the GPL license for Nexus, our goal was to provide an innovative OSS repository management technology to the community while also allowing Sonatype to grow a commercial product (Nexus Professional) by adding enterprise features on top of an open source core. At that time, Sonatype decided to use the GPL license […]

Continue reading...