Sonatype Delivers Premium Open Source Controls to GitHub | Press Release

blog-logo Sonatype Blog

Gartner: Mitigate Risk By Hardening the Software Supply Chain

By Katie McCaskey on December 12, 2019 Sonatype Nexus
As Gartner explains, key to mitigating open source risk, is a hardened software supply chain. But, where do you start?
Read More...

Nexus Repo and Datree Integration Deliver Automated Pipeline Control

By Brent Kostak on November 01, 2019 github
Nexus Repository/Datree integration applies policy control on GitHub commits to bring together developer codebase visibility and build artifact management.
Read More...

CocoaPods and Conda in Nexus Repository 3.19

By Brent Kostak on October 02, 2019 Sonatype Nexus
Nexus Repository Manager, the most widely used universal binary repository manager, now features native format support for CocoaPods and Conda.
Read More...

Announcing GoNexus

By Joseph Stephens on August 21, 2019 Nexus Repository
GoNexus helps developers run reliable and reproducible builds. It follows our tools, Nancy, Goalie, NXRM OSS, and DepShield used in the Go community.
Read More...

Nexus Repository Now Supports APT

By Sable Yemane on August 19, 2019 Docker
Nexus Repository Manager 3.17 supports Advanced Package Tool repositories. Use APT to search, install, manage packages on Debian, Ubuntu, and Linux.
Read More...

How to Use Gitlab-CI with Nexus

By Sudipt Sharma on August 14, 2019 Nexus Repository
Sudipt Sharma demonstrates how to establish a CI/CD pipeline using gitlab-ci and deploying artifacts to Nexus Repository.
Read More...

Repository Management: An Easy Way to Minimize Risk

By Katie McCaskey on July 05, 2019 repository manager
Mykel Alvis (@mykelalvis) of Array Consulting urges developers to use a caching, and preferably security-scanning, artifact repository. Here's why.
Read More...

Anonymous Access In Nexus Repository is Not A Zero-Day Vulnerability

By Brian Fox on July 02, 2019 Nexus Repository
A researcher contacted us about an issue in Nexus Repository, stemming from user access settings. This was not a zero day, but a product feature UX change, to make it easier to be more secure - we
Read More...

DevSecOps Without Compromise

By Katie McCaskey on June 26, 2019 oss
Oliver Milke of Cloudogu provides tips to strengthen your DevSecOps toolchain. He also points out two potential weaknesses that might lurk inside, too.
Read More...