Sonatype Introduces Next Generation Dependency Management | Press Release

blog-logo Sonatype Blog

How to Establish an Open Source Program Office

By Mark Henke on June 24, 2020 open source governance
Develop an open source software program office to streamline use and compliance. By aligning goals with success metrics, the value of the office is clear.
Read More...

Developers Gain Contextual Feedback with Automated Pull Request Commenting

By Kevin Miller on March 31, 2020 github
Pull request comments provide contextual information about the individual branch a developer is working on, and changes that they may have introduced.
Read More...

Keep GitHub Dependencies Secure with Nexus Lifecycle's Automated Pull Requests

By Michelle Dufty on November 12, 2019 new features
Sonatype has long been the world’s premier provider of open source health and hygiene data. Now, it's bringing that data to GitHub with six new Nexus integrations.
Read More...

Deloitte Names Sonatype in ‘Technology Fast 500’ for Fourth Consecutive Year

By Katie McCaskey on November 07, 2019 open source governance
Sonatype ranks in Deloitte's Technology Fast 500™ for a fourth year. Recognized as a top 30 company in the D.C. area, this award follows several others.
Read More...

It Pays to Discover Sonatype

By Katie McCaskey on October 03, 2019 open source governance
Karthik Loganathan and Giri Rao of Discover explain how the financial services company benefits from Sonatype's open source license management platform.
Read More...

Development Velocity Is a Surprisingly Good Thing, Says Researchers

By Katie McCaskey on August 13, 2019 open source governance
Organizations with DevOps culture produce high frequency release schedules and stronger MTTU (mean time to update) response scores, to the benefit of all.
Read More...

What Toyota Unlocked Decades Ago Drives Software Supply Chain Management Today

By Katie McCaskey on August 05, 2019 open source governance
Toyota developed a vehicle production framework, still in use today, that shapes contemporary software supply chain management, too.
Read More...

A World of Infinite Choice in Open Source Software

The 2019 Software Supply Chain Report explains the development environment we're all living in and what we can learn from exemplar dev teams.
Read More...

Three Days of DevSecOps: Lessons from Equifax

By Derek Weeks on September 25, 2018 open source governance
In 2017, one might have considered "three days" to be the new normal for lead time for changes in DevSecOps. In 2018, that window closed to "one second". The adversaries are not only smart, they are
Read More...