Sonatype Selected by Equifax to Support OS Governance Press Release

blog-logo Sonatype Blog

The Rise of Dependency Scanners

By Curtis Yanko on November 26, 2018 devsecops

2018 has seen a new breed of dependency scanners come onto the scene. These 'manifest' driven scanners allow for their inclusion into source code control


Sonatype DepShield Now Protects NPM Projects

By Justin Young on November 20, 2018 NPM support

I remember that when I first heard about Node.js, I couldn’t believe that developers were using a language meant for single threaded client side scripting


Introducing Sonatype DepShield: Free for GitHub Developers

By Michelle Dufty on August 14, 2018 github

I am pleased to announce that we just launched Sonatype DepShield, a free GitHub app that automatically identifies vulnerabilities within open source