The quantitative research summarized below, covering over 7,000 repositories across nearly 100 countries, highlights some of the challenges with quality at modern development velocities. By leveraging automation in your repository manager, you can improve application quality and reduce unplanned work while lowering exposure to risk. Repository managers like Nexus, Artifactory and Archiva have been serving […]
You have been using Nexus repository managers for years, but did you know they offer a free reporting feature that details your component licenses, known security vulnerabilities, versions, age, and adoption rates? Your Nexus repository manager can be the first line of defense against security vulnerabilities and the perfect platform to assess your exposure to open […]
There are numerous examples of reference architectures available, and each of them vary in levels of detail, tools highlighted, and processes followed. Yet, there is a constant theme among the tool sets: Jenkins, Maven, Nexus, Subversion, Git, Docker, Puppet/Chef, Rundeck, and Sonar seem to show up time and again.
TL; DR: The release of Nexus 2.11.1 includes a fix for the security vulnerability CVE-2014-9389. Whenever a new Nexus release becomes available there are a myriad of reasons to upgrade. The team always seems to manage to bring in some really useful new features or bug fixes that you have been waiting for. Luckily upgrades […]
So you’re using Nexus OSS, but you’ve heard about all the cool things you get if you moved to Nexus Professional (e.g., rich component information, managed release process, smart proxy, staging, enterprise level support, control over external artifacts, integration with enterprise security). Want to get a better idea of how to setup Nexus Pro to take advantage of these features? […]
Our promise to the community was that when we reached 1,000 members we’d publish another series of free training videos. As of today, we have reached 1,061 members with the count growing daily. We are publishing the beginning of a new series on Nexus Pro and Smart Proxy as a thank you to the community for your […]
We have done it again! Our Nexus development team has been busy this fall. With Nexus 2.9 in September, we introduced NuGet support for Nexus Open Source. In October Nexus 2.10 introduced npm support for all Nexus editions. And now with Nexus 2.11, we are adding Ruby Gem Repository support! We are happy to announce […]
The NuGet package manager has become the standard for developing software on the Microsoft platform which includes.NET and the NuGet Gallery that has emerged as a large public open source package repository. Sonatype Nexus, on the other hand, is the standard repository or component manager software running on servers from small open source projects and teams to multi-national Fortune 500 companies.
The Nexus development team at Sonatype is pleased to announce the release of the first milestone build (M1) of Nexus 3. This release is a technology preview covering the open source version, Nexus OSS, focused specifically on the new user interface. Nexus Pro will be covered in the upcoming M2 release.
Sonatype Nexus Security Advisory Date: January 14, 2014 Affected Versions: Nexus OSS/Pro versions prior to and including 2.7.0-06 Summary: A critical security vulnerability has been discovered by Sonatype in Nexus requiring immediate action. The vulnerability makes use of an execution path in an open source library that we have now (with the available patch) added […]