Forrester Recognizes Sonatype as a Market Leader in Software Composition Analysis
This week, independent analyst firm Forrester released it’s The Forrester Wave™: Software Composition Analysis (SCA), Q3 2021, following an in-depth evaluation of 10 SCA solutions. We’re extremely happy to announce that Sonatype’s Nexus platform was recognized as a market leader and strong performer, with the largest market presence amongst all ... Read More
Update to CVE-2019-7238 in Nexus Repository Manager 3
Today, an article was brought to our attention that suggests a new attack tactic was targeting an old vulnerability in Nexus Repository Manager 3 (NXRM) - CVE-2019-7238. ... Read More
New in Nexus Repository 3.30: Microsoft Azure Blob Storage Support for Expanded Cloud Platform Deployments
We are excited to announce Azure Blob Storage support with Nexus Repository Pro available in 3.30 release! Nexus Repository Pro users can now manage and deploy their critical infrastructure on Microsoft’s Azure Cloud Platform. As cloud-native architecture continues to impact DevOps teams with container orchestration and management, immutable infrastructure, and faster ... Read More
Sonatype Releases New Nexus Firewall Policy to Secure Software Supply Chains from “Dependency Confusion” Attacks
As news continues to cascade on a recent dependency hijacking software supply chain attack, detection of dependency confusion, a.k.a. namespace confusion, copycat packages are on the rise. These counterfeit packages, presenting the same attack method which compromised over 35 major companies’ internal systems including Microsoft, Apple, Tesla, and Netflix, are ... Read More
Nexus Repository & Microsoft NuGet Gallery: OData Changes for NuGet V2
Microsoft has officially announced changes to the NuGet Gallery. The NuGet V2 protocol makes use of a query mechanism called OData. Microsoft is planning to deprecate certain OData queries, which began with a limited test schedule in November, before permanent deprecation in early 2021.. ... Read More
Nexus Repository Helps Developers Overcome New Docker Hub Rate Limits
Development teams building applications use Nexus Repository (Nexus) to store and manage all of their components, build artifacts, and containers. It provides an efficient way to locally cache myriad types of software packages, and enables users to proxy public registries such as Maven Central, npm, and Docker Hub to reduce ... Read More
Nexus on the Ascent
Heading into this year, JFrog questioned the future of the Nexus Platform following news of Sonatype being acquired by Vista - sensing “tremors” on the horizon. The “tremors” were simply fabrications from a competitor and the reality is that Nexus is stronger and more forward-thinking than ever. The continued ascent ... Read More
Nexus as a Container Registry
Over the last decade, developers have experienced a shift in the way applications and the underlying operating system are packaged and deployed. The rise in usage of Docker containers and Kubernetes (K8s), the most popular open source container-orchestration system, has transformed the software supply chain. On one side, development, testing ... Read More
Storage Management Best Practices: Part 1 – Components In Motion
New in Nexus Repository 3.26, users now have an effective way to migrate components between two or more Nexus Repository instances with the Import/Export feature. This latest release delivers Nexus Repository Import and Export tasks with full support of all eight formats (Raw, Maven, NuGet, npm, Rubygems, Yum, Docker, and ... Read More
New in Nexus Repository 3.25: How Do I Switch to NuGet V3?
We are excited to announce the official release of Nexus Repository 3.25. Delivering on much anticipation from the Nexus community, this release completes full support for NuGet V3 repositories, including new NuGet V3 Group repositories, and gives both Nexus Repository Pro and OSS users access to the up-to-date V3 API ... Read More
