The quantitative research summarized below, covering over 7,000 repositories across nearly 100 countries, highlights some of the challenges with quality at modern development velocities. By leveraging automation in your repository manager, you can improve application quality and reduce unplanned work while lowering exposure to risk. Repository managers like Nexus, Artifactory and Archiva have been serving […]
This week I woke up to find several emails from Nexus Lifecycle indicating that the products in my portfolio were potentially vulnerable due to their inclusion of Apache commons-collection. If you have no idea what I’m talking about, stop now and go read this factual and un-sensationalized account of the situation. I’ll wait.
On October 29, Sonatype hosted a discussion about the upcoming release of Nexus 3. This release will provide support for Docker images as a private Docker registry. A full recording of discussion is available on YouTube. While we covered Q&A during the webinar, there were many questions that we did not get to answer […]
Another BIG Milestone Active Nexus repository manager instances have grown to another record high. As of today, we surpassed the milestone of 60,000 active Nexus installations! And, YOU, our user community made it happen. With Nexus at the heart of software supply chains and everything continuous, we are excited about all of the great work being done […]
We, on the Nexus team, are pleased to announce the arrival of the Nexus 3 Milestone 5 release! Our focus in this milestone release was; hosting and proxying Docker registries, browsing and searching Docker images, browsing components and assets that belong to any repository format. Docker format capabilities in Nexus 3 are brand new and we are excited to have it going out into the wild so we can hear your feedback.
DevOps.com has compiled a list of companies they believe to be the most well known DevOps products in the market today. We are excited and honored to have Nexus nominated under the repository manager category. As DevOps.com put it — “To succeed in todays speed of business, app-centric world the old ways of doing business […]
You have been using Nexus repository managers for years, but did you know they offer a free reporting feature that details your component licenses, known security vulnerabilities, versions, age, and adoption rates? Your Nexus repository manager can be the first line of defense against security vulnerabilities and the perfect platform to assess your exposure to open […]
I was astonished to see that many, if not all, of the core Supply Chain Management principles have yet to be or are just starting to be applied to the software industry.
Imagine that you are designing the 2016 Range Rover line of sport utility vehicles. Like all gas powered vehicles, each one needs an exhaust muffler. Range Rover likely has narrowed in on a preferred provider of mufflers. But imagine what would happen if the designers and factory line workers could pick from any one of 27 past versions of that muffler from their preferred provider for the new model year.
“Software may be eating the world, but rework is choking software”, tweeted John Jeremiah (@j_jeremiah). To shed more light on what is choking software, new data was released last week in the 2015 State of the Software Supply Chain Report.