CocoaPods and Conda in Nexus Repository 3.19

New Supported Languages. More Stable Builds.

We are excited to officially announce native format support for CocoaPods and Conda dependency managers in Nexus Repository Manager 3.19. Over the last few months, Sonatype product teams have accelerated development for native support of new formats. Whether it be a format originated by our community, similar to APT, or driven by popular request from developer input — we are listening.

The Challenger Build

As communities continue to grow and more developers use open source software from centralized repositories and package registries, a measure of uncertainty enters the developer environment. CocoaPods alone has over 66 thousand libraries and is used by 3 million applications. This uncertainty can lead to disappearing code and a greater chance certain packages will become inaccessible to developer projects and builds. In addition to the above, the following problems can lead to broken builds for developers:

  • Tag deletions for updating code or completely deleting tags on pods and packages
  • Repository deletions when authors are finished with code and do not realize other projects are dependent on their code
  • Renaming or changing the text case on repository names (GitHub allows developers and maintainers to easily rename or change the casing of a repository)
  • Network outages when the internet is unavailable and developers can not pull down the code (environmental situations authors and developers can not control)

All of these examples will break developer builds and progressively increase the risk of a significant impact as more developers use open source packages.

Clearly, there is a gap in consistent delivery of stable builds, but is there a solution? What can developers and organizations do to avoid these inefficiencies when using Cocoapods, Conda and other dependency and package managers with their source code repositories?

Pods, Packages & Proxies

In an ideal flow (Read more...)

*** This is a Security Bloggers Network syndicated blog from Sonatype Blog authored by Brent Kostak. Read the original post at:

Cloud Workload Resilience PulseMeter

Step 1 of 8

How do you define cloud resiliency for cloud workloads? (Select 3)(Required)