Sonatype Introduces Next Generation Dependency Management | Press Release

blog-logo Sonatype Blog

CVE-2020-17479: The return of Validation Bypass (CVE-2019-19507) in `jpv`

While updating our data for CVE-2020-17479 in JPV, an open-source JSON schema validator, we discovered that the vulnerability could still be exploited with the existing fix in place, creating
Read More...

New Language? No Problem. New Ecosystems in Nexus Lifecycle and Nexus Firewall

By Alyssa Shames on May 13, 2020 Nexus Lifecycle
New ecosystems added to Nexus Lifecycle and Nexus Firewall: Alpine, Bower, Cargo, CocoaPods, Conda, Conan, Composer, CRAN, Debian, Drupal and rpm.
Read More...

Nexus Platform - 2019 Year in Review

By Michelle Dufty on December 30, 2019 Sonatype Nexus
We look back at features introduced in 2019 across Nexus Repository Manager and Nexus IQ Server (Lifecycle, Lifecycle Foundation, Firewall, and Auditor).
Read More...

Gartner: Mitigate Risk By Hardening the Software Supply Chain

By Katie McCaskey on December 12, 2019 Sonatype Nexus
As Gartner explains, key to mitigating open source risk, is a hardened software supply chain. But, where do you start?
Read More...

Developers, Rejoice: Auto-Remediation Now Available in Eclipse, IntelliJ, and Visual Studio

By Sonal Thawani on July 08, 2019 Nexus Lifecycle
Auto-remediation makes it even easier to choose the best component right within an IDE. The CIP now automatically suggests the compliant version.
Read More...

OSS for Enterprise: Procure Secure Components Faster & Manage Risk Better

By Carlos Schults on June 12, 2019 Nexus Lifecycle
The CI ecosystem is large and complex, especially at a company like Discover. Sheshagiri Rao shared personal insight into how to manage risk at a company where the stakes are high, using Nexus.
Read More...

The Path Forward for the Nexus Platform

By Katie McCaskey on June 12, 2019 Nexus Lifecycle
We’re seeing double and triple digit growth across usage, Nexus Repo instances, Nexus Repo scans, and daily apps under management. What comes next?
Read More...

OSS Endgame: Nexus Firewall as Your Shield Against Open Source Invasions

By Erik Dietrich on June 12, 2019 Nexus Firewall
Put simply, Nexus Firewall enables the heroes. Mike Van Doren walked through how to get started using it at the 2019 Nexus User Conference.
Read More...

Nexus Firewall Now Supports JFrog Artifactory Customers

By Michelle Dufty on February 28, 2019 artifact repository
Artifactory customers can now protect their perimeter from risky open source with Nexus Firewall.
Read More...