Find and fix vulnerabilities in seconds using GitHub PR reviews with line comments
3 minute read time
Pull Request line comments highlight code that introduces a policy violation. This gives developers the information needed to remediate security risks.
Read More...
Developers Gain Contextual Feedback with Automated Pull Request Commenting
2 minute read time
Pull request comments provide contextual information about the individual branch a developer is working on, and changes that they may have introduced.
Read More...
Sonatype has been the world’s premier provider of open source health and hygiene data. Now, it's bringing that data to GitHub with six new Nexus integrations.
Read More...
Struts2 Exploited Again. Did Anyone Bother to Tell You?
5 minute read time
This week I woke up to find several emails from Nexus Lifecycle indicating that the products in my portfolio were potentially vulnerable due to their.
Read More...
Did You Wake Up to an Alert About the Java Deserialization Vulnerability?
4 minute read time
This week I woke up to find several emails from Nexus Lifecycle indicating that the products in my portfolio were potentially vulnerable due to their.
Read More...
Open source components, a fine vintage or sour milk?
2 minute read time
The U.S. recently overtook France as the world’s largest wine market. And here at Sonatype, we can proudly say we’ve contributed to this achievement.
Read More...
An Open Discussion on Open Source Review Boards
1 minute read time
The recent FS-ISAC whitepaper, “Appropriate Software Security Control Types for Third Party Service and Product Providers”, reveals the majority of internal.
Read More...