Sonatype Selected by Equifax to Support OS Governance Press Release

blog-logo Sonatype Blog

Keeping third-party dependencies in check with Nexus Lifecycle

By Nikita Belokopytov on March 18, 2019 Nexus Lifecycle
Sonatype's Nexus Lifecycle (IQ Server) helps teams with big ambitions better manage their third-party dependencies. Quandoo engineer Nikita Belokopytov shares how he's using it.
Read More...

How to extract your Android project’s dependencies with a Gradle task

By Nikita Belokopytov on March 18, 2019 Nexus Lifecycle
Nikita Belokopytov explains how to extract your Android project’s dependencies with a Gradle task, for use with Nexus Lifecycle (IQ Server)
Read More...

Enhanced Support for Python in Nexus Lifecycle

By Michelle Dufty on February 06, 2019 Nexus Lifecycle
Nexus Lifecycle includes extended support for Python, bringing enhanced intelligence to Python developers and security teams across every phase of the SDLC.
Read More...

DevSecOps at Emerasoft: Sonatype Nexus Lifecycle and F5-Advanced WAF

By Ugo Ciracì on February 05, 2019 Nexus Lifecycle
Ugo Ciracì discusses Emerasoft's journey to DevSecOps, and how Nexus Lifecycle helped fully automate their CI/CD pipeline.
Read More...

Policy Governance Made Easy - Introducing the Nexus Notifier Plugin for Bitbucket

By Justin Young on September 04, 2018 Nexus Lifecycle
We’re excited to announce the Sonatype Nexus Notifier Plugin for Jenkins now has initial support for Bitbucket Code Insights.
Read More...

New Policy Grandfathering: Automating Open Source Governance at Your Own Pace

By Michelle Dufty on August 29, 2018 Nexus Lifecycle
New policy grandfathering feature lets you automate open source governance at your own pace by "grandfathering" non-critical policy violations for existing apps.
Read More...

New JavaScript intelligence now available in the Nexus Platform

By Michelle Dufty on August 29, 2018 Nexus Lifecycle
Nexus Intelligence now includes expanded coverage for JavaScript to identify hidden JS files not found in other solutions and a new user experience to identify and remediate JS vulnerabilities faster.
Read More...

How to Keep Vulnerable Versions of Struts Out of Your Nexus Repository

By Christopher Tolo on August 24, 2018 Nexus Lifecycle
Use Nexus Lifecycle Continuous Monitoring and Nexus Firewall to keep vulnerable versions of Apache Struts out of your software supply chain.
Read More...

Deja Vu All Over Again - Another New Apache Struts Vulnerability (CVE-2018-11776)

By Brian Fox on August 23, 2018 Nexus Lifecycle
Another remote code execution vulnerability in Apache’s Struts2 Framework was disclosed on August 22, 2018. Everything you need to know and how to find out if you're affected.
Read More...