Sonatype Selected by Equifax to Support OS Governance Press Release

blog-logo Sonatype Blog

Software Liability Gets Real (Global)

By Derek Weeks on February 23, 2018 open source governance

This month, France turned up the conversation on software liability for manufacturers who place known defective software components in their products. But,


Nexus Lifecycle: Using REST API to identify where newly vulnerable components reside across your application portfolio

By Ilkka Turunen on February 19, 2018 Application Security

Following the recent announcement of the npm package conventional-changelog having a malicious version uploaded (read more in Brian's blog ), I wanted to