Sonatype Introduces Next Generation Dependency Management | Press Release

blog-logo Sonatype Blog

Microsoft Acquires npm: A Healthy Move for Critical Public Infrastructure

By Brian Fox on March 16, 2020 github
Today, news broke that GitHub and its parent company Microsoft, acquired npm and its public repository of open source JavaScript packages.
Read More...

Helm & Nexus: Steering Towards Faster Deployments in Nexus 3.21

By Brent Kostak on February 19, 2020 The Central Repository
Nexus Repository 3.21 now supports Helm, P2, and NuGet V3 proxy repositories to enhance container automation and provide faster deployments.
Read More...

The Central Repository is Moving to HTTPS

By Terry Yanko on December 20, 2019 central maven repository
Beginning January 15, 2020 The Central Repository will no longer support communication over HTTP. We are moving to HTTPS to ensure greater security.
Read More...

Removing Search Guard from the Central Repository

By Brian Fox on September 11, 2019 The Central Repository
Due to an intellectual property dispute between two third parties, Sonatype is legally required to remove disputed artifacts related to Search Guard from the Central Repository and OSSRH until
Read More...

Making sure our users don't zip-slip and fall

By Brian Fox on June 05, 2018 The Central Repository
Sonatype has provided The Central Repository for over a decade and we take security of the users very seriously. Once we became aware of the zip-slip vulnerability, we wanted to to ensure Central
Read More...

How Will you Manage the New Addition of A9 to the OWASP Top 10 List?

How Will you Manage the New Addition of A9 to the OWASP Top 10 List?
Read More...

Today's Security Brief: Application security is widely neglected (by some surprising companies)

By Tim OBrien on March 26, 2012 Nexus Repo Reel
Today's Security Brief: Application security is widely neglected (by some surprising companies)
Read More...

Ken Rimple Interviews Brian Fox: Maven 3, Running Central, and Nexus

By Tim OBrien on March 22, 2012 Nexus Repo Reel
Ken Rimple Interviews Brian Fox: Maven 3, Running Central, and Nexus
Read More...