Sonatype Introduces Next Generation Dependency Management | Press Release

blog-logo Sonatype Blog

Mike Hoskins

UNIX geek. DevOps practitioner. Security advocate. Lifetime learner. Connect at github.com/deadlysyn, gitlab.com/deadlysyn, or https://blog.devopsdreams.io/

Comparing npm Audit Versus AuditJS

By Mike Hoskins on April 03, 2020 AppSec
AuditJS is a free tool leveraging Sonatype's OSS Index. OSSI exposes a ReST API aggregating several security vulnerability feeds including CVE, CWE and NVD.
Read More...

Beyond npm Audit to Traverse an Increasingly Complex Dependency Tree

By Mike Hoskins on March 04, 2020 npm
Building good hygiene habits as part of our development practice helps the community at large. Here's how to use Nexus Repository OSS as part of it.
Read More...