Sonatype Selected by Equifax to Support OS Governance Press Release

blog-logo Sonatype Blog

Corrupting the Software Supply Chain: Lessons from the Bootstrap-sass Hack

By Elisa Velarde on April 09, 2019 vulnerability
The boldness of bad actors is escalating in the world of open source software. From the event-stream / NPM incident in November of 2018, to the recent bootstrap-sass / Ruby Gems hack, bad actors are
Read More...

Nexus Intelligence Insights: CVE-2014-3483 - SQL Injection in PostgreSQL adapter for Active Record against 'range' data type

By Elisa Velarde on March 29, 2019 vulnerability
In this month's Nexus Intelligence Insights we discuss an older component that is used by millions of developers. Say hello to CVE-2014-3483, a SQL injection vulnerability.
Read More...

Nexus Repository Rising: Say Hello to the New Pro

By Derek Weeks on September 13, 2016 software bill of materials
Upgrade to Nexus Repository Pro 3, now with active-active high availability. Build the best software using precise component intelligence.
Read More...

Nexus Reaches 50,000

By Derek Weeks on February 27, 2015 repository manager

Active Nexus instances have grown 100% within the past 18 months. Just awesome. And, YOU, our user community made it happen. As of today, we surpassed the milestone of 50,000 active Nexus installs!

Read More...

Delivering on a Promise: Free Nexus Training

By Mark Miller on December 04, 2014 nexus pro
Delivering on a Promise: Free Nexus Training
Read More...

Rubyists Rejoice - Nexus Supports RubyGem Repositories

By Brian Fox on December 01, 2014 nexus pro
Rubyists Rejoice - Nexus Supports RubyGem Repositories
Read More...