One in Six Developers in Healthcare Report Open Source Breaches | Press Release

blog-logo Sonatype Blog

Find and Fix Vulnerabilities in Seconds using GitHub PR Reviews with Line Comments

By Kevin Miller on July 07, 2020 github
Pull Request line comments highlight code that introduces a policy violation. This gives developers the information needed to remediate security risks.
Read More...

Continuously Improve CI/CD with Nexus Lifecycle and Bitbucket Code Insights

By Kevin Miller on June 18, 2020 atlassian
Developers using the Nexus platform integrated with Code Insights know when a change introduces risk, with contextual feedback for the individual branch.
Read More...

Build Better Code Using Sonatype's Integrations with Atlassian

By Kevin Miller on June 15, 2020 atlassian
Using Atlassian's improved Bitbucket PR experience and VS Code integration, you can bring information from Jira Software right into SCM and IDE.
Read More...

Smart Teams Use Atlassian and Sonatype to Plan Development Work

By Kevin Miller on June 05, 2020 JIRA
Shift open source governance into daily ticketing workflows. Teams can quickly assess risk and plan code fixes using Nexus Lifecycle and Jira Software.
Read More...

Keep Applications Secure in Atlassian Bitbucket with Automated Pull Requests

By Kevin Miller on April 22, 2020 atlassian
The Nexus Lifecycle/Atlassian Bitbucket integration automates pull requests, fixing security vulnerabilities and maintaining the quality of dependencies.
Read More...

Developers Gain Contextual Feedback with Automated Pull Request Commenting

By Kevin Miller on March 31, 2020 github
Pull request comments provide contextual information about the individual branch a developer is working on, and changes that they may have introduced.
Read More...

Sonatype Rolls Out Enhanced JavaScript Scanning, npm Automated Pull Requests & More Free JS Developer Tools

By Kevin Miller on March 03, 2020 Nexus Lifecycle
Enhanced JavaScript support provides improved accuracy, increased policy control, and faster remediation of open source vulnerabilities across the SDLC.
Read More...