Sonatype Introduces Next Generation Dependency Management | Press Release

blog-logo Sonatype Blog

New in Nexus Repository 3.23: Nexus Intelligence via npm audit

By Brent Kostak on May 13, 2020 npm
Now developers can check for policy violations using the npm audit command built into the npm CLI, using the precise data of Nexus Intelligence.
Read More...

Microsoft Acquires npm: A Healthy Move for Critical Public Infrastructure

By Brian Fox on March 16, 2020 github
Today, news broke that GitHub and its parent company Microsoft, acquired npm and its public repository of open source JavaScript packages.
Read More...

Sonatype Rolls Out Enhanced JavaScript Scanning, npm Automated Pull Requests & More Free JS Developer Tools

By Kevin Miller on March 03, 2020 Nexus Lifecycle
Enhanced JavaScript support provides improved accuracy, increased policy control, and faster remediation of open source vulnerabilities across the SDLC.
Read More...

Open Source Software Is Under Attack; New Event-Stream Hack Is Latest Proof

By Brian Fox on November 27, 2018 vulnerabilities
Open source software is under attack, and the malicious attack on the popular npm event-stream 3 package, is just the latest proof.
Read More...

New JavaScript intelligence now available in the Nexus Platform

By Michelle Dufty on August 29, 2018 Nexus Lifecycle
Nexus Intelligence now includes expanded coverage for JavaScript to identify hidden JS files not found in other solutions and a new user experience to identify and remediate JS vulnerabilities faster.
Read More...

What can we learn from 200 Billion JavaScript downloads

By Derek Weeks on February 08, 2018 Javascript
JavaScript packages downloaded from the npm repository now tops 200 billion downloads annually. We dissect what that means for the open source community.
Read More...

Using Nexus IQ Server with the webpack Plugin

By Ross Pokorny on December 15, 2017 npm
We realize that these challenges are not unique to our own development. For that reason, we released the webpack plugin to our FOSS community repo.
Read More...

Mapping the JavaScript Genome for DevOps

By Derek Weeks on October 18, 2016 Software Supply Chain
High performing organizations use DevOps principles to boost productivity, streamline software supply chains, and improve quality.
Read More...

On the Web: Testing Javascript with Apache Maven

By Tim OBrien on March 18, 2010 Nexus Repo Reel
On the Web: Testing Javascript with Apache Maven
Read More...