GitLab: instant, inline, indispensable developer insights

Today we’re going to talk about letters, as in the alphabet. 

Did you ever see the Friends episode where Joey can’t afford an entire set of encyclopedias, so he just buys the one with the letter “V” and tries to steer every conversation to V words? What an awesome episode.

Or maybe, like me, your kids have been watching Sesame Street non-stop since being home during the pandemic, which might be starting to affect your work. I’m sitting here thinking “Today’s episode of Sonatype has been brought to you by the letter I …”

In any case, we’re going to focus on these six “I words” today, and how they relate to our GitLab integrations. 

Instant, inline, indispensable developer insights for improved innovation

  • Instant: Scan your code while actively developing in GitLab merge requests
  • Inline: Feedback is added directly to the merge request so you don’t have to waste time switching contexts or looking anywhere else. Exact violations are identified with the line(s) of code that introduced them.
  • Indispensable: Catch policy violations and vulnerabilities before merging your MR. Block bad components from entering production, and save time while reducing rework, and technical debt.
  • Insights: Component intelligence that you can trust, based on industry leading vulnerability data and our dedicated research team.
  • Improved: Faster, safer, more secure. Standard GitLab MR’s do not inform you when security or license issues in your code tripped an internal policy violation. Now integrated with Sonatype, they do.
  • Innovation: With automated security and license checks providing instant feedback, you can spend more time developing innovative new features or products.

Nexus Lifecycle & GitLab Integrations 

At Sonatype, we’ve continued to build integrations into tools that developers use every day. We’ve enabled Nexus Lifecycle to push complete OSS component intelligence (Read more...)

*** This is a Security Bloggers Network syndicated blog from Sonatype Blog authored by Kevin Miller. Read the original post at: