Tag Archives: Nexus

Nexus 2.11.1 – Why It’s Time to Upgrade

December 23, 2014 By
Manfred Moser

TL; DR: The release of Nexus 2.11.1 includes a fix for the security vulnerability CVE-2014-9389. Whenever a new Nexus release becomes available there are a myriad of reasons to upgrade. The team always seems to manage to bring in some really useful new features or bug fixes that you have been waiting for. Luckily upgrades […]

Continue reading...

Nexus Pro Deployment Guidelines

December 18, 2014 By
Mark Miller

So you’re using Nexus OSS, but you’ve heard about all the cool things you get if you moved to Nexus Professional (e.g., rich component information, managed release process, smart proxy, staging, enterprise level support,  control over external artifacts, integration with enterprise security). Want to get a better idea of how to setup Nexus Pro to take advantage of these features? […]

Continue reading...

Riot Games Shares its Chef Cookbook for Nexus

November 12, 2014 By
Derek Weeks

  Kyle Allan is on the deployment automation team at Riot Games — maker of the most played PC game in the world: League of Legends. This multiplayer 24/7 game runs at servers all over the world, from the U.S. to Europe, and from Australia to Southeast Asia.  Riot Games was looking for a service to store […]

Continue reading...

How Big is a Billion? Open Source Growth Skyrockets

November 10, 2014 By
Derek Weeks

How Big is a Billion? We all remember 1997’s Austin Powers movie with Dr. Evil trying to express a really big number: Dr. Evil: Mr. President, after I destroy Washington D.C… I will destroy another major city every hour on the hour. That is, unless, of course, you pay me… one hundred billion dollars. The […]

Continue reading...

Nigel’s Wake-up Call: Scaling Open Source Governance

November 3, 2014 By
Derek Weeks
Portrait of a surprised young man wearing eyeglasses

The Wake-up Call They had downloaded over 200,000 open source components in the past year.  And their open source policy…the one established to protect against license risks and security vulnerabilities?  It covered about 3% of them. This is how Nigel Simpson, Director of Architecture at a major media and entertainment company, described his organization’s “huge” […]

Continue reading...

npm registry support for all!

October 7, 2014 By
Manfred Moser
NPM Support

Continuing our commitment to the open source community we are taking Nexus OSS to another level. After adding NuGet support in Nexus 2.9 for FREE in Nexus OSS (a long time paid feature of Nexus Professional) our engineering team is at it again. I remember when we created the issue tracker ticket to support npm in Nexus over a year ago. Node.js development and usage of npm registries was on the horizon and making its way into companies more and more. Tools like Grunt have only gotten more traction since then.

Continue reading...

Integrating with SonarQube

August 27, 2014 By
Brian Fox

Customers using CLM want to surface known security vulnerabilities and license risk in the same place developers or executives already go to assess the overall quality of their application. To support this growing interest from our customers, we are introducing our next important milestone: Sonatype CLM’s integration with SonarQube.

Continue reading...

Trusting Third-Party Code That Can’t Be Trusted

July 22, 2014 By
Derek Weeks
Code that can't be trusted

Paul Roberts (@paulfroberts) at InfoWorld recently shared his perspective on “5 big security mistakes coders make”. First on his list was trusting third-party code that can’t be trusted. Paul shares: “If you program for a living, you rarely — if ever — build an app from scratch. It’s much more likely that you’re developing an application from a pastiche of proprietary code that you or your colleagues created, partnered with open source or commercial, third-party software or services that you rely on to perform critical functions.

Continue reading...

Are You Choosing the “Right” Component?

July 17, 2014 By
Manfred Moser
Component Choices

In our recent open source developer survey we asked, what are the TOP FOUR characteristics considered when selecting a component? And since components are the building blocks used when creating an application, selecting the right one is an important choice. Not surprisingly, the most important characteristic for the selection are the features and capabilities provided by the component. After all, if the component doesn’t fulfill your requirements then why use it?

Continue reading...