Malicious Intent: Open Source Developers, Please Protect Your Users

By Brian Fox on February 14, 2018 software bill of materials

1 minute read time

Pay attention to your own digital security as you would if you were protecting millions of others. Malicious code found in npm package conventional-changelog.
Read More...

Part 3 – [ ________ ] is the Best Policy

By David Jones on August 18, 2014 open source survey

3 minute read time

In part 1 and part 2 of the '[ ________ ] is the Best Policy' series, we looked at how open source policies can quite often lead to the wrong type of behavior.
Read More...

3 Reasons Manual Policies Just Don’t Work

2 minute read time

Over the past four years, Sonatype has surveyed open source development organizations and year after year, we find that developers have the best intentions.
Read More...