npm libraries 'colors' and 'faker' sabotaged in protest by their maintainer—What to do now?
7 minute read time
Popular npm open source libraries, colors.js, and faker.js were sabotaged by their own maintainer. What does that mean for open source sustainability?
Read More...
New Sonatype Nexus Repository Visualizer provides insights into Log4j usage
4 minute read time
Vulnerable Log4j components are still in active use. New functionality available for Sonatype's Nexus Repository monitors and helps address these issues.
Read More...
Log4j 2.17.1 fixes another code execution bug, but should you worry?
7 minute read time
News of another possible open source vulnerability connected to Log4j raised eyebrows. A look at the issue, it's disclosure, and our response.
Read More...
Nexus Innovator: Bryan Batty of Bloomberg Industry Group, Part 4
4 minute read time
Bryan Batty of Bloomberg Industry Group explains why he selected the Sonatype Platform and how it has dramatically improved open source governance.
Read More...
Nexus Innovator: Bryan Batty von der Bloomberg Industry Group, Teil 4
5 minute read time
Bryan Batty von der Bloomberg Industry Group erklärt, weshalb er sich für die Sonatype-Plattform entschieden hat und wie er damit die Open-Source-Governance.
Read More...
Is Manual Remediation with Repository Health Check as Good as it Gets?
7 minute read time
Sonatype Nexus Repository Health Check and automated remediation.
Read More...