We Speak Your Language - New Ecosystems Available in Nexus Lifecycle - Security Boulevard

We Speak Your Language – New Ecosystems Available in Nexus Lifecycle

There are more than 700+ programming languages to choose from and different languages gain popularity and momentum at any time. In fact, since 2012 there has been a new “favorite” programming language each year. This highlights the dynamic nature of the development landscape and the necessity for the community to continuously adapt with it.

With that, I’m excited to announce that Sonatype has expanded our ecosystem coverage to include C/C++ Conan, PHP Composer, and Ruby RubyGems directly in Nexus Lifecycle. These additions open the door for new actions to be taken against these languages, including setting and enforcing policy, scanning for vulnerabilities, remediation, and reporting.

As you may remember, in 2017, we released Nexus Lifecycle XC, which expanded our coverage to a larger ecosystem of languages including Ruby, PHP, Swift, Cocoapods, and others. Since then, we’ve been working to bring these languages directly into Nexus Lifecycle, continuing our pursuit of powering Lifecycle with precisely accurate, comprehensive open source vulnerability and component intelligence.


While Nexus Lifecycle XC isn’t going away any time soon, the addition of these languages in Lifecycle means a few new enhancements are coming your way. Let’s review what the addition of these languages means:

Faster Time to Action with Policy Enforcement + Reporting

What’s more important than having data? Being able to do something with it. Users can now create custom security, license, and architectural policies and contextually enforce these policies across every stage of the SDLC for C/C++, PHP, and Ruby in Lifecycle, something that is not available in XC. Another bonus is the ability to remediate and report on these languages.

Unrivaled, In-Depth Component Intelligence

Developers require broad, accurate, and trustworthy component intelligence for proper application security hygiene. Bringing C/C++, Ruby, and PHP into Lifecycle means we’ve introduced a new data source in Lifecycle, (Read more...)

*** This is a Security Bloggers Network syndicated blog from Sonatype Blog authored by Alyssa Shames. Read the original post at: https://blog.sonatype.com/new-ecosystems-available-in-nexus-lifecycle