In April of this year, I embarked on a six-week journey diving deep into an analysis of the world’s software supply chains. I evaluated the practices of 106,000 organizations, the 100,000+ suppliers they relied on, and the billions of software components that fueled their agile, continuous delivery and DevOps practices.
There are those of us that like to stay on the cutting edge of technology, fiddling with the latest and greatest, even if it means the experience might be a little rough around the edges. Yes, that might mean suffering through a bunch of issues despite a warning not to install Mavericks on our main […]
Our promise to the community was that when we reached 1,000 members we’d publish another series of free training videos. As of today, we have reached 1,061 members with the count growing daily. We are publishing the beginning of a new series on Nexus Pro and Smart Proxy as a thank you to the community for your […]
[Editor’s Note: An update to this article is now available. As of February 2015, active Nexus instances have reached 50,000. For more information, please see the new blog post at: http://blog.sonatype.com/2015/02/nexus-reaches-50000/#.VPTXZEuf96k] Over the past 15 months, active Nexus instances have grown from 21,000 to 42,000. Wowza. That is news worth sharing, because you made it […]
How Big is a Billion? We all remember 1997’s Austin Powers movie with Dr. Evil trying to express a really big number: Dr. Evil: Mr. President, after I destroy Washington D.C… I will destroy another major city every hour on the hour. That is, unless, of course, you pay me… one hundred billion dollars. The […]
Customers using CLM want to surface known security vulnerabilities and license risk in the same place developers or executives already go to assess the overall quality of their application. To support this growing interest from our customers, we are introducing our next important milestone: Sonatype CLM’s integration with SonarQube.
It is live! Within an extremely short turnaround time the Sonatype Operations team has coordinated certificates and other setup with our excellent CDN provider Fastly and you can now all enjoy the content of the Central Repository via HTTPS/SSL.
We’ve had quite a bit of public scrutiny recently over how we’ve chosen to provide SSL access to Central for the last two years. At Sonatype, we have a history of investments in the Maven Central community, all of which are focused on improving the quality of the contents, increasing reliability and performance of delivery, and yes, even strengthening security which is often not popular (how many gripes can you find about why we require PGP signatures on artifacts?)
Since its inception in 2002, the Central Repository has grown to be the largest component repository of Java and other JVM, Android, related components and beyond. It is the default repository for Apache Maven, sbt and Leiningen, and it can easily be used from Gradle, Apache Ivy and others. The Central Repository has become the […]
Opening a Dialogue About Supply Chain Risk Management in a World Powered by Open Source Software. As Marc Andreessen famously observed, “software is eating the world”. The proliferation of software is, indeed, transformational – it is everywhere, in laptops, of course, but also in cars, planes, phones, pacemakers, insulin pumps, refrigerators, thermostats, you name it. […]