Featured Article

How to Easily Identify Conda Vulnerabilities Using Sonatype Jake

By Aditya Khanduri on February 20, 2020 Everything Open Source

Jake, a free tool, identifies vulnerabilities in a Conda environment. It's simple to use, saves time, and empowers you to develop Python projects faster.

Read More...

Continuoius Integration with Other Products

Continuous Integration in Pipeline as Code Environment with Jenkins, JaCoCo, Nexus and SonarQube

By Rahul Vishwakarma on January 17, 2018 github

The setup for a Continuous integration pipeline... this is for mavenized Spring boot build with JaCoCo coverage reports and Sonar metrics.

Read More...

How to Deploy the Artifacts of a Project to Nexus, with Maven.

By Eugen Paraschiv on January 03, 2018 spring

How to deploy the artifacts of a project to Nexus, with Maven. By default, Maven handles the deployment mechanism via the maven-deploy-plugin

Read More...

The 2014 Survey: Marked by an Industry Shock Wave

By Wayne Jackson on June 20, 2014 Cyber Supply Chain Management and Transparency Act

Wow! What an amazing turnout we had for our 4th annual survey: 3,353 participants this year brings us to over 11,000 participants in the four years we’ve run this survey. I would like to extend a BIG

Read More...

Sonatype Blog

How to Easily Identify Conda Vulnerabilities Using Sonatype Jake

Continuous Integration in Pipeline as Code Environment with Jenkins, JaCoCo, Nexus and SonarQube

How to Deploy the Artifacts of a Project to Nexus, with Maven.

The 2014 Survey: Marked by an Industry Shock Wave