Sonatype Selected by Equifax to Support OS Governance Press Release

blog-logo Sonatype Blog

Malicious Intent: Open Source Developers, Please Protect Your Users

By Brian Fox on February 14, 2018 software bill of materials
Pay attention to your own digital security as you would if you were protecting millions of others. Malicious code found in npm package conventional-changelog.
Read More...

Part 3 – [ ________ ] is the Best Policy

By David Jones on August 18, 2014 open source survey

In part 1 and part 2 of the '[ ________ ] is the Best Policy' series, we looked at how open source policies can quite often lead to the wrong type of behavior in an organization. As we saw, 41% of

Read More...

3 Reasons Manual Policies Just Don’t Work

Over the past four years, Sonatype has surveyed open source development organizations and year after year, we find that developers have the best intentions. They strive to build good quality code,

Read More...