Sonatype Unveils Full-Spectrum Software Supply Chain Management | Press Release
Nancy is now wrapped up as a Docker image for execution in a pipeline or via an alias in a terminal.
To see how Nancy will output when finding vulnerabilities, use our intentionally vulnerable repo. Check out this build on Travis-CI or this build on CircleCI.
I demonstrate how you can use docker-nancy in the video below:
Additional details can be found at GitHub. Thank you to The Lonely Island for your late night inspiration about boats...
DJ is a DevSecOps Advocate
Sonatype Headquarters - 8161 Maple Lawn Blvd #250, Fulton, MD 20759
Tysons Office - 8281 Greensboro Drive – Suite 630, McLean, VA 22102
Australia Office - 60 Martin Place Level 1, Sydney, NSW 2000, Australia
London Office -168 Shoreditch High Street, E1 6HU London
Copyright © 2008-present, Sonatype Inc. All rights reserved. Includes the third-party code listed here. Sonatype and Sonatype Nexus are trademarks of Sonatype, Inc. Apache Maven and Maven are trademarks of the Apache Software Foundation. M2Eclipse is a trademark of the Eclipse Foundation. All other trademarks are the property of their respective owners.