Our promise to the community was that when we reached 1,000 members we’d publish another series of free training videos. As of today, we have reached 1,061 members with the count growing daily. We are publishing the beginning of a new series on Nexus Pro and Smart Proxy as a thank you to the community for your […]
[Editor's Note: By year-end 2014, we had accounted for 47,000 Nexus instances in place -- up from 30,000 in December 2013. Thank you!!! We will publish an updated chart of the growth later in Q1'15.] Over the past 15 months, active Nexus instances have grown from 21,000 to 42,000. Wowza. That is news worth […]
How Big is a Billion? We all remember 1997’s Austin Powers movie with Dr. Evil trying to express a really big number: Dr. Evil: Mr. President, after I destroy Washington D.C… I will destroy another major city every hour on the hour. That is, unless, of course, you pay me… one hundred billion dollars. The […]
Customers using CLM want to surface known security vulnerabilities and license risk in the same place developers or executives already go to assess the overall quality of their application. To support this growing interest from our customers, we are introducing our next important milestone: Sonatype CLM’s integration with SonarQube.
It is live! Within an extremely short turnaround time the Sonatype Operations team has coordinated certificates and other setup with our excellent CDN provider Fastly and you can now all enjoy the content of the Central Repository via HTTPS/SSL.
We’ve had quite a bit of public scrutiny recently over how we’ve chosen to provide SSL access to Central for the last two years. At Sonatype, we have a history of investments in the Maven Central community, all of which are focused on improving the quality of the contents, increasing reliability and performance of delivery, and yes, even strengthening security which is often not popular (how many gripes can you find about why we require PGP signatures on artifacts?)
Since its inception in 2002, the Central Repository has grown to be the largest component repository of Java and other JVM, Android, related components and beyond. It is the default repository for Apache Maven, sbt and Leiningen, and it can easily be used from Gradle, Apache Ivy and others. The Central Repository has become the […]
Opening a Dialogue About Supply Chain Risk Management in a World Powered by Open Source Software. As Marc Andreessen famously observed, “software is eating the world”. The proliferation of software is, indeed, transformational – it is everywhere, in laptops, of course, but also in cars, planes, phones, pacemakers, insulin pumps, refrigerators, thermostats, you name it. […]
When Maven Repository Managers (MRM) first appeared on developers’ radar, everyone using them immediately saw the benefits. Right off the bat, MRMs replaced cobbled together solutions like shared drives or local Maven repositories copied and exposed via http. Since its release four years ago, Sonatype Nexus has grown to support many repository formats. And most […]
A few months ago, we launched Insight Application Health Check. Today, I’d like to announce another way to get started tracking licensing and security issues. In this post, I’m going to show you how to scan your project with nothing more than Maven and an existing project. You can get started with Insight without having […]