Scale Up Your Enterprise With Docker Subdomain Routing

By Chris Good on July 13, 2022 Nexus Repository

2 minute read time

A new feature in Nexus Repository Pro gives unique host names to Docker instances without having to create and maintain a port listing. 
Read More...

CVE-2022-31289: Neither Bug nor Vulnerability

By Michael Prescott on June 16, 2022 vulnerability

3 minute read time

A recent report of a Nexus Repository vulnerability is not a security concern and no software update is required. A look at issue and similar concerns.
Read More...

How to Manage Your Open Source Licenses in 2022

By Luke Mcbride on June 02, 2022 licenses

6 minute read time

Development teams are using openly licensed software in their process, and lots of it. To comply with the requirements, you need license management tools.
Read More...

Take Control of Your InnerSource Components with InnerSource Insight

By Chris Good on May 11, 2022 Nexus Lifecycle

7 minute read time

InnerSource Insight, an industry-first capability, makes it easier and safer for developers to use components developed by others in their organization.
Read More...

Maven Central and Sigstore

By Jason Swank on March 03, 2022 Product Strategy

2 minute read time

Sonatype has been investing heavily in Maven Central, modernizing the platform & providing a developer experience of contemporary software registries.
Read More...

Scale Developer Security With Expanded Nexus Platform Features

By Chris Good on February 17, 2022 Product Release

5 minute read time

New Nexus platform features make it even easier for developers to scale security and block open source vulnerabilities from entering the software supply chain.
Read More...

PyPI Flooded With 1,275 Dependency Confusion Packages

By Ax Sharma on January 24, 2022 vulnerabilities

5 minute read time

Popular Python open source software repository, PyPI has been flooded with over 1,200 dependency confusion packages by the same actor.
Read More...

How Large Organizations Can Easily Scan for Log4j Vulnerabilities

By Rishav Mishra on December 31, 2021 Nexus Lifecycle

7 minute read time

Large orgs looking for the Log4j vulnerability in 1000s of apps, can be more effective and efficient with Nexus Lifecycle and Easy SCM Onboarding.
Read More...

New Nexus Repository Visualizer Provides Insights into Log4j Usage

By Chris Good on December 30, 2021 Nexus Repository

4 minute read time

Vulnerable Log4j components are still in active use. New functionality available for Sonatype's Nexus Repository monitors and helps address these issues.
Read More...