New Design, New Features: Maven Central Improvements for Developers

By Amanda Yeo on March 28, 2023 open source security

3 minute read time

Hosted by Sonatype, Maven Central has a refreshed interface and new features to improve the developer experience.
Read More...

ChatGPT Data Leak and Redis Race Condition Vulnerability That Remains Unfixed

By Ax Sharma on March 27, 2023 vulnerability

4 minute read time

Last week's OpenAI payment data and chat history leak involved a Race Condition vulnerability in an open source component, Redis.
Read More...

Meet an Open Source Developer - A.J. Brown

By Aaron Linskens on February 27, 2023 Open Source

5 minute read time

A.J. Brown, a Principal Engineer at Sonatype, discusses his journey and career in open source as part of our series for World Open Source Day 2023.
Read More...

Meet an Open Source Developer - Lex Vorona

By Aaron Linskens on February 17, 2023 Open Source

8 minute read time

Lex Vorona, a Software Engineer at Sonatype, discusses his journey and career in open source as part of our series for World Open Source Day 2023.
Read More...

Meet an Open Source Developer - Allie Sierra

By Aaron Linskens on February 14, 2023 Open Source

5 minute read time

Allie Sierra, Engineering Manager at Sonatype, discusses her journey and career in open source as part of our series for World Open Source Day 2023.
Read More...

Are Unnecessary Vulnerabilities Polluting Your Software Supply Chain?

8 minute read time

As malicious software supply chain attacks continue to evolve, so do the ways that bad actors exploit vulnerable libraries.
Read More...

Meet an Open Source Developer - Theresa Mammarella

By Aaron Linskens on February 03, 2023 Open Source

3 minute read time

Theresa Mammarella, Developer Advocate on the DevRel team at Sonatype, discusses her journey and career in open source for World Open Source Day 2023.
Read More...

Dependency Management: Versions Choice and the Software Supply Chain

6 minute read time

The components that software developers rely upon are moving forward, but effective software supply chain management is more than being up to date.
Read More...

Sonatype Nexus Lifecycle Boosts Open Source Security and Dependency Management

By Audra Davis-Hurst on January 13, 2023 Nexus Lifecycle

10 minute read time

Nexus Lifecycle is designed to monitor for problems at every stage of the software development life cycle (SDLC) and automatically address them.
Read More...