Category Archives: Everything Open Source

Nexus 2.6: Much more than a new layer of paint


July 27, 2013 By
Manfred Moser

Generally speaking, when you talk to developers about new software releases, it can be a love or hate it kind of conversation. A new version of software can take many forms. You can find a lot has changed on the surface with new features but quickly realize it’s just new shine on the same old […]

Continue reading...

Sonatype applauds GitHub’s approach to encourage OSS license selection


July 18, 2013 By
Derek Weeks

GitHub’s move to encourage developers to select an open source license for source code published to GitHub highlights the need for organizations to properly manage license concerns. The Central Repository, sponsored by Sonatype, has long since required license information for binaries that are  added, but encouraging license selection as part of the source code process […]

Continue reading...

Join Us for Nexus Live: Profiling your Nexus installation using JMX


July 12, 2013 By
Emily Blades

Wondering what’s new in Nexus? Just ask the experts. Join Brian Fox and Richard Seddon for Nexus Live next Wednesday, July 17, 2013 from 12:00PM-1:00PM EDT (GMT-0400) to: Learn how to profile your Nexus installation using JMX Ask questions live and get answers from top community contributors and respected Nexus professionals How to join: No […]

Continue reading...

How Will you Manage the New Addition of A9 to the OWASP Top 10 List?


June 18, 2013 By
Jessica Dodson

It’s fair to say we were excited back in May when the OWASP community proposed A9 “ Using Components with Known Vulnerabilities” as a top 10 open source security risk – so now it’s official, component vulnerabilities are considered a critical web security flaw. But why has this addition warranted its own category, formerly classified […]

Continue reading...

Is it time for a Nexus Repository Health Check? Come to the Nexus Office Hours to get your Diagnosis.


May 27, 2013 By
Jessica Dodson

If your repository contained a jar file with a known vulnerability, how would you know? What would it mean to you to have that sort of visibility into your repository health? This isn’t probably something you consider often since one of the benefits of having a repository manager is enforcing component standards. But as you […]

Continue reading...

Join Us: Nexus Office Hours — This Friday!


April 23, 2013 By
Emily Blades

Wondering what’s new in Nexus? Just ask the experts. We’re hosting another Nexus Office Hours this Friday, on Google+ Hangout On Air. Our Nexus experts Brian Fox, Manfred Moser and Rich Seddon will demo the latest in Nexus and dedicate most of the hour to Q&A time with you! How to join: No registration required, […]

Continue reading...

Join Us: Nexus Office Hours – Friday, March 22, 2013 1PM-2PM EDT


March 11, 2013 By
Emily Blades

Wondering what’s new in Nexus? Wishing you had a chance to ask some of our Nexus experts about Nexus best practices? Here’s your chance. We’re pleased to announce that Sonatype will be hosting Nexus Office Hours each month starting in March! Our Nexus experts Brian Fox, Manfred Moser and Rich Seddon will demo the latest […]

Continue reading...

Your Opinion Matters: Take Our 2013 Open Source Development Survey (plus, you could win Jason’s brand new Apple Workstation)


December 12, 2012 By
Emily Blades

We want to hear about your experiences and challenges using open source software in development. Please take 10 minutes and share your thoughts. In return, you could win Jason’s brand new Apple workstation including a 15″ MacBook Pro with Retina display,  a 27″ Thunderbolt display, an Apple Magic Mouse and an Apple Wireless Keyboard. We’ve […]

Continue reading...

Nexus Bolsters Component Management Capabilities


November 15, 2012 By
Manfred Moser

When Maven Repository Managers (MRM) first appeared on developers’ radar, everyone using them immediately saw the benefits. Right off the bat, MRMs replaced cobbled together solutions like shared drives or local Maven repositories copied and exposed via http. Since its release four years ago, Sonatype Nexus has grown to support many repository formats. And most […]

Continue reading...

Now Available: SSL Connectivity to Central


October 25, 2012 By
Brian Fox

We know how components from the Central Repository have become critical to your development efforts. We also know that you need to trust those components. Part of that trust is knowing that hackers don’t have visibility into the components you download or that they compromise components using a man-in-the middle or Cross Build Injection (XBI) […]

Continue reading...