Tag Archives: Maven

SSL Connectivity for all Central Repository users Underway


July 30, 2014 By
Brian Fox
SSL Security

We’ve had quite a bit of public scrutiny recently over how we’ve chosen to provide SSL access to Central for the last two years. At Sonatype, we have a history of investments in the Maven Central community, all of which are focused on improving the quality of the contents, increasing reliability and performance of delivery, and yes, even strengthening security which is often not popular (how many gripes can you find about why we require PGP signatures on artifacts?)

Continue reading...

A Home for the Central Repository


March 20, 2014 By
Manfred Moser
The Central Repository

Since its inception in 2002, the Central Repository has grown to be the largest component repository of Java and other JVM, Android, related components and beyond. It is the default repository for Apache Maven, sbt and Leiningen, and it can easily be used from Gradle, Apache Ivy and others. The Central Repository has become the […]

Continue reading...

Who Really Wrote Healthcare.gov?


December 23, 2013 By
Wayne Jackson
Healthcare.gov

Opening a Dialogue About Supply Chain Risk Management in a World Powered by Open Source Software. As Marc Andreessen famously observed, “software is eating the world”. The proliferation of software is, indeed, transformational – it is everywhere, in laptops, of course, but also in cars, planes, phones, pacemakers, insulin pumps, refrigerators, thermostats, you name it. […]

Continue reading...

Nexus Bolsters Component Management Capabilities


November 15, 2012 By
Manfred Moser

When Maven Repository Managers (MRM) first appeared on developers’ radar, everyone using them immediately saw the benefits. Right off the bat, MRMs replaced cobbled together solutions like shared drives or local Maven repositories copied and exposed via http. Since its release four years ago, Sonatype Nexus has grown to support many repository formats. And most […]

Continue reading...

Use Maven to Find Security Vulnerabilities and Viral Licenses in Applications


October 10, 2012 By
Bentmann Benjamin

A few months ago, we launched Insight Application Health Check. Today, I’d like to announce another way to get started tracking licensing and security issues. In this post, I’m going to show you how to scan your project with nothing more than Maven and an existing project. You can get started with Insight without having […]

Continue reading...

What Enterprise Architects and Time Travelers have in Common


September 21, 2012 By
Tim O'Brien

Note: This post was inspired by Manfred’s post “You don’t do repository driven development? Where have you been?”. It immediately made me think of Star Trek… When I roll up to a new client in desperate need of build help, there’s always a chance I’ll have a “Scotty moment” – a moment when I pick […]

Continue reading...

Don’t Do it Wrong: Put that Puppet in a Box and Use Nexus for Devops


September 20, 2012 By
Tim O'Brien

Companies all over the place are trying to convert existing deployment scripts over to automated systems like Puppet and Chef. Many of the systems I’ve seen in the past few months have very complex codebases, builds that take 40 minutes to execute, and deployments that span hundreds of VM instances on public clouds like Amazon […]

Continue reading...

Last Chance! Join Us In Philly For Breakfast & Some Hot Tech Talk


September 18, 2012 By
Emily Blades

Our Philadelphia Breakfast Meetup is next Tuesday, September 25 from 8:30AM-10:30AM and only a few seats remain. Don’t miss out! Jason van Zyl, Sonatype CTO and creator of Maven will be teaming up with Joel Confino, a Senior Consultant at Chariot Solutions and they’ll be giving informal talks to show you how you can dramatically […]

Continue reading...