How to Access npm Packages After Securing Nexus Repository Manager

This article addresses those who are using, or having interest in using, Nexus Repository Manager as their package manager for npm packages, Docker images, etc., but also for those who are curious ...

Sladjana Jovanovic and Bill McArthur Move Silos to Communities [VIDEO]

Editor's Note: The chapter, "From Silos to Communities" is included in Epic Failures in DevSecOps, Volume 2, which is available for free download. "What Bill didn’t talk about was that this pod ...

Sonatype’s Commitment to Customers and Employees During COVID-19

As a Sonatype Nexus customer, your success has always been our relentless focus. In this moment, with the global spread of COVID-19, we add the health and well-being of you and your ...
The economics of open source by C J Silverio | JSConf EU 2019

Microsoft Acquires npm: A Healthy Move for Critical Public Infrastructure

Today, news broke that GitHub and its parent company Microsoft, acquired npm and its public repository of open source JavaScript packages. In 2018 when Microsoft acquired Github, many in the developer community ...

The Benefits of Remote Work Beyond Avoiding the Coronavirus (COVID-19)

Public health officials are advising people to working remotely, if they can, as one way to avoid contracting Coronavirus and #flattenthecurve. We hope those that can work remotely, do. Yet, for many, ...

Celebrating #IWD2020

This International Women’s Day we celebrate the theme #EqualForEqual. Here, a collection of some of our favorite pieces produced by, or featuring, women in our industry over the last year. These include ...

“Each for Equal”: 2020 International Women’s Day Theme Resonates in DevSecOps Because It Is a Business Issue

“Equality is not a women's issue, it's a business issue.” -- International Women’s Day website International Women’s Day began in America in 1911; today, millions of people around the globe mark March ...

Nexus Innovator: Ken D’Auria of The Hartford

DevSecOps is such a new and evolving practice that it is helpful to hear from someone who can articulate, “Yes. DevSecOps works in theory and in practice.” In this Innovator edition, Ken ...

Kill the Restructure, Says Dr. Cherry Vu and Rob England [VIDEO]

Editor's Note: The chapter, "Kill the Restructure" is included in Epic Failures in DevSecOps, Volume 2, which is available for free download. We see too many enterprises assuming one of the first ...

Beyond npm Audit to Traverse an Increasingly Complex Dependency Tree

If you've been immersed in the Node.js/JavaScript community for awhile, or even if you are just getting started, you are likely using npm audit to scan package dependencies in your projects. It's ...