Sonatype Unveils Full-Spectrum Software Supply Chain Management | Press Release

New Language? No Problem. New Ecosystems in Nexus Lifecycle and Nexus Firewall

May 13, 2020 By Alyssa Shames

A few months ago we announced some exciting ecosystem updates to Nexus Lifecycle. Today, I’m happy to expand upon that with the news of even more ecosystem coverage added to Nexus Lifecycle, as well as some new additions to Nexus Firewall.

These new ecosystems bring Nexus Lifecycle and Nexus Firewall coverage to more than 35 programming languages and package formats:

Ecosystem Nexus Lifecycle Nexus Firewall



New New
BowerBower X New


New New


New New
Conda New New


New New


New New

New X
rpm New  Already Included
Composer Already Included New


Already Included New

This is especially exciting to customers for a few reasons:

Shifting Security Even Farther Left

Nexus Firewall already shifts open source governance to the earliest point in software development, effectively shutting the door on compromised components before they can enter the DevOps pipeline. Now, we’ve more than doubled the number of ecosystems that we can proactively protect against.

Comprehensive Component Intelligence + Policy Enforcement

We know that not all organizations use the same languages and package managers, which is why ecosystem breadth and depth is so important. By doubling the ecosystem coverage in Nexus Lifecycle, you have even more visibility into open source risk across the entire software development lifecycle (SDLC), as well as a wider range of coverage when creating and contextually enforcing policy, reporting, and remediating.

From the beginning, Sonatype has been committed to developing the most universally applicable, polyglot software supply chain automation tools for both development and security teams. The addition of these new ecosystems moves us one step closer to achieving that goal as we continue to refine the data and research supporting these ecosystems.

See it in action here:

Learn more about Nexus Lifecycle and Nexus Firewall ecosystems on For a full list of languages and package managers that Sonatype supports, click here.

Tags: Nexus Lifecycle, Nexus Firewall, featured, Product

Written by Alyssa Shames

Alyssa is Sonatype's product marketing manager for Nexus Lifecycle, Nexus Firewall, and Nexus Auditor. She is passionate about bringing the right tools to the open source community to shift security left and reduce open source risk.