Category Archives: Sonatype Says

Nexus, Continuous Delivery and DevOps: Slideshow Gallery


January 16, 2015 By
Mark Miller
nexus slides

As TheNEXUS Community Project reaches a milestone of membership with over 1600 members, we’re adding another section to the resources for the site: a slideshow gallery that pulls in presentations from around the world that best represent continuous delivery and DevOps methodology. We opened the gallery in January of 2015 with  12 decks from the past 6 […]

Continue reading...

Nexus 2.11.1 – Why It’s Time to Upgrade


December 23, 2014 By
Manfred Moser
Author-ManfredMoser-520x350

TL; DR: The release of Nexus 2.11.1 includes a fix for the security vulnerability CVE-2014-9389. Whenever a new Nexus release becomes available there are a myriad of reasons to upgrade. The team always seems to manage to bring in some really useful new features or bug fixes that you have been waiting for. Luckily upgrades […]

Continue reading...

Nexus Pro Deployment Guidelines


December 18, 2014 By
Mark Miller
nexusdeploy

So you’re using Nexus OSS, but you’ve heard about all the cool things you get if you moved to Nexus Professional (e.g., rich component information, managed release process, smart proxy, staging, enterprise level support,  control over external artifacts, integration with enterprise security). Want to get a better idea of how to setup Nexus Pro to take advantage of these features? […]

Continue reading...

[Part 3] Code, Cars, and Congress: A Time for Cyber Supply Chain Management


December 16, 2014 By
Wayne Jackson
royce

  On December 4th, 2014, U.S. Congressional Representatives Ed Royce (R-CA) and Lynn Jenkins (R-KS) introduced H.R. 5793, the “Cyber Supply Chain Management and Transparency Act of 2014.” The legislation will ensure all contractors of software, firmware or products to the federal government provide the procuring agency with a bill of materials of all third […]

Continue reading...

[Part 2] Code, Cars, and Congress: A Time for Cyber Supply Chain Management


December 8, 2014 By
Wayne Jackson
code2

On December 4th, 2014, U.S. Congressional Representatives Ed Royce (R-CA) and Lynn Jenkins (R-KS) introduced H.R. 5793, the “Cyber Supply Chain Management and Transparency Act of 2014.” The legislation will ensure all contractors of software, firmware or products to the federal government provide the procuring agency with a bill of materials of all third party and open source components […]

Continue reading...

Code, Cars, and Congress: A Time for Cyber Supply Chain Management


December 5, 2014 By
Wayne Jackson
Cyber Supply Chain Management and Transparency Act of 2014

On December 4th, 2014, U.S. Congressional Representatives Ed Royce (R-CA) and Lynn Jenkins (R-KS) introduced H.R. 5793, the “Cyber Supply Chain Management and Transparency Act of 2014.” The legislation will ensure all contractors of software, firmware or products to the federal government provide the procuring agency with a bill of materials of all third party […]

Continue reading...

Delivering on a Promise: Free Nexus Training


December 4, 2014 By
Mark Miller
Screen Shot 2014-12-02 at 9.28.40 AM

Our promise to the community was that when we reached 1,000 members we’d publish another series of free training videos. As of today, we have reached 1,061 members with the count growing daily. We are publishing the beginning of a new series on Nexus Pro and Smart Proxy as a thank you to the community for your […]

Continue reading...

Rubyists Rejoice – Nexus Supports RubyGem Repositories


December 2, 2014 By
Brian Fox
gem

We have done it again! Our Nexus development team has been busy this fall.  With Nexus 2.9 in September, we introduced NuGet support for Nexus Open Source.  In October Nexus 2.10 introduced npm support for all Nexus editions.  And now with Nexus 2.11, we are adding Ruby Gem Repository support! We are happy to announce […]

Continue reading...

Talking Turkey in Texas: Open Source Governance Lags


November 25, 2014 By
Derek Weeks
tt

Deep in the heart of Texas, I was leading a panel discussion at the Lone Star Application Security Conference (LASCON) a few weeks ago.  The panel was “talking turkey” the importance of application security and open source software development, when the conversation led to a discussion about software supply chains. One of the panelists remarked […]

Continue reading...

42,000 Nexus Repository Managers, and Growing!


November 19, 2014 By
Derek Weeks
Nexus Artifactory Archiva

[Editor's Note: An update to this article is now available.  As of February 2015, active Nexus instances have reached 50,000.  For more information, please see the new blog post at: http://blog.sonatype.com/2015/02/nexus-reaches-50000/#.VPTXZEuf96k] Over the past 15 months, active Nexus instances have grown from 21,000 to 42,000.  Wowza.   That is news worth sharing, because you made it […]

Continue reading...