Featured Article

Devs flood npm with 15,000 packages to reward themselves with Tea 'tokens'

By Ax Sharma on April 16, 2024 vulnerabilities

The Sonatype Security Research team has identified over 15,000 npm packages that flood npm registry in a new trend where devs involved in the blockchain and cryptocurrency communities are leveraging

Read More

SHARE:

Sonatype_Blog_Logo_White
READ MORE

Build better code using Sonatype's integrations with Atlassian

By Kevin Miller on June 15, 2020 atlassian

2 minute read time

Using Atlassian's improved Bitbucket PR experience and VS Code integration, you can bring information from Jira Software right into SCM and IDE.
Read More...
READ MORE

How to Use Nancy to Improve Your Go Application Security

By Jonathan Hall on April 17, 2020 AppSec

9 minute read time

Nancy, as you may know by reputation, is a detective. She uses Sonatype's OSS Index to check for vulnerabilities in your Go dependencies.
Read More...
aaron-sebastian-bfgEYpS0Znk-unsplash-1
READ MORE

New in Nexus Repository 3.20: R Format Support & More

By Brent Kostak on December 19, 2019 visual studio

2 minute read time

The release of Nexus Repository 3.20 offers native support for R repositories. R is a language used for statistical analysis and machine learning.
Read More...
GettyImages-1037984544
READ MORE

New Integration to Visual Studio Code - Nexus IQ and OSS Index

By Allen Hsieh on December 04, 2019 Nexus Lifecycle

4 minute read time

Introducing the new Nexus IQ integration for VS Code. If you want to understand how we built it, why we built it, and the problems it solves, read on.
Read More...
bark-branches-environment-1632790
READ MORE

Nexus Repo and Datree Integration Deliver Automated Pipeline Control

By Brent Kostak on November 01, 2019 github

2 minute read time

Nexus Repository/Datree integration applies policy control on GitHub commits to bring together developer codebase visibility and build artifact management.
Read More...