Tag Archives: Nexus

Nexus, Continuous Delivery and DevOps: Slideshow Gallery


January 16, 2015 By
Mark Miller
nexus slides

As TheNEXUS Community Project reaches a milestone of membership with over 1600 members, we’re adding another section to the resources for the site: a slideshow gallery that pulls in presentations from around the world that best represent continuous delivery and DevOps methodology. We opened the gallery in January of 2015 with  12 decks from the past 6 […]

Continue reading...

Nexus 2.11.1 – Why It’s Time to Upgrade


December 23, 2014 By
Manfred Moser
Author-ManfredMoser-520x350

TL; DR: The release of Nexus 2.11.1 includes a fix for the security vulnerability CVE-2014-9389. Whenever a new Nexus release becomes available there are a myriad of reasons to upgrade. The team always seems to manage to bring in some really useful new features or bug fixes that you have been waiting for. Luckily upgrades […]

Continue reading...

Nexus Pro Deployment Guidelines


December 18, 2014 By
Mark Miller
nexusdeploy

So you’re using Nexus OSS, but you’ve heard about all the cool things you get if you moved to Nexus Professional (e.g., rich component information, managed release process, smart proxy, staging, enterprise level support,  control over external artifacts, integration with enterprise security). Want to get a better idea of how to setup Nexus Pro to take advantage of these features? […]

Continue reading...

Riot Games Shares its Chef Cookbook for Nexus


November 12, 2014 By
Derek Weeks
league2

  Kyle Allan is on the deployment automation team at Riot Games — maker of the most played PC game in the world: League of Legends. This multiplayer 24/7 game runs at servers all over the world, from the U.S. to Europe, and from Australia to Southeast Asia.  Riot Games was looking for a service to store […]

Continue reading...

How Big is a Billion? Open Source Growth Skyrockets


November 10, 2014 By
Derek Weeks
evil2

How Big is a Billion? We all remember 1997’s Austin Powers movie with Dr. Evil trying to express a really big number: Dr. Evil: Mr. President, after I destroy Washington D.C… I will destroy another major city every hour on the hour. That is, unless, of course, you pay me… one hundred billion dollars. The […]

Continue reading...

Nigel’s Wake-up Call: Scaling Open Source Governance


November 3, 2014 By
Derek Weeks
shock

The Wake-up Call They had downloaded over 200,000 open source components in the past year.  And their open source policy…the one established to protect against license risks and security vulnerabilities?  It covered about 3% of them. This is how Nigel Simpson, Director of Architecture at a major media and entertainment company, described his organization’s “huge” […]

Continue reading...

npm registry support for all!


October 7, 2014 By
Manfred Moser
NPM Support

Continuing our commitment to the open source community we are taking Nexus OSS to another level. After adding NuGet support in Nexus 2.9 for FREE in Nexus OSS (a long time paid feature of Nexus Professional) our engineering team is at it again. I remember when we created the issue tracker ticket to support npm in Nexus over a year ago. Node.js development and usage of npm registries was on the horizon and making its way into companies more and more. Tools like Grunt have only gotten more traction since then.

Continue reading...

Integrating with SonarQube


August 27, 2014 By
Brian Fox
sonar

Customers using CLM want to surface known security vulnerabilities and license risk in the same place developers or executives already go to assess the overall quality of their application. To support this growing interest from our customers, we are introducing our next important milestone: Sonatype CLM’s integration with SonarQube.

Continue reading...

Trusting Third-Party Code That Can’t Be Trusted


July 22, 2014 By
Derek Weeks
Code that can't be trusted

Paul Roberts (@paulfroberts) at InfoWorld recently shared his perspective on “5 big security mistakes coders make”. First on his list was trusting third-party code that can’t be trusted. Paul shares: “If you program for a living, you rarely — if ever — build an app from scratch. It’s much more likely that you’re developing an application from a pastiche of proprietary code that you or your colleagues created, partnered with open source or commercial, third-party software or services that you rely on to perform critical functions.

Continue reading...