What We Learned from Studying 36,000 OSS Projects | Press Release

blog-logo Sonatype Blog

Repository Management: An Easy Way to Minimize Risk

By Katie McCaskey on July 05, 2019 repository manager
Mykel Alvis (@mykelalvis) of Array Consulting urges developers to use a caching, and preferably security-scanning, artifact repository. Here's why.
Read More...

New Cloud-Native CI/CD Projects OpenShift Pipelines and Tekton

By Katie McCaskey on July 01, 2019 devsecops
Siamak Sadeghianfar of RedHat explains how the open source projects Tekton and OpenShift support cloud-native CI/CD projects.
Read More...

DevOps Culture: The Neuroscience of Behavior

By Katie McCaskey on June 18, 2019 devsecops
Helen Beal of Ranger4 takes a look at how the brain works, and what that means for cultural transformation. This is your brain on DevOps.
Read More...

OSS for Enterprise: Procure Secure Components Faster & Manage Risk Better

By Carlos Schults on June 12, 2019 Nexus Lifecycle
The CI ecosystem is large and complex, especially at a company like Discover. Sheshagiri Rao shared personal insight into how to manage risk at a company where the stakes are high, using Nexus.
Read More...

Tools, Not Rules

By Sylvia Fronczak on June 12, 2019 DevOps Culture
American Express went through a DevOps identity crisis to fully understand how important culture was to making the right tools stick in their organization. Tim Klever shares their lessons learned.
Read More...

Empowering Developers: Security Self Serve and Automated Time-Based Waivers

Tyro recently empowered their developers to build more secure software by instituting time-based waivers. At the Nexus User Conference, they shared how they made it happen.
Read More...

The Path Forward for the Nexus Platform

By Katie McCaskey on June 12, 2019 Nexus Lifecycle
We’re seeing double and triple digit growth across usage, Nexus Repo instances, Nexus Repo scans, and daily apps under management. What comes next?
Read More...

Publishing Private NPM Packages to Nexus

By Erik Dietrich on June 12, 2019 How-To
From DRY principle, sharing code within an organization, and keeping code secure, there are many reasons you may want to publish private NPM packages to Nexus. Today, we show you the how.
Read More...

DevOps in the 3rd Inning, DevSecOps in the 1st, says Sonatype CEO

By Katie McCaskey on June 12, 2019 devsecops
The global software supply chain is keeping the hitter honest, to use a baseball analogy. The state of open source is moving to anticipate growing speed.
Read More...