Repositories have long served as the backbone of software infrastructure, sitting between developers, CI/CD pipelines, public registries, and production releases. Today, the most sophisticated attackers have set their sights on developers ...

If you are responsible for keeping software delivery moving, more ecosystems usually mean more overhead ...

If you're running Sonatype Nexus Repository or Sonatype Nexus Repository Community Edition (formerly known as Nexus Repository OSS) on OrientDB, you're operating on a legacy database architecture that is no longer aligned ...

Most software teams don't start out planning to adopt an enterprise artifact repository ...

From its beginnings as a language for Apple platforms, Swift Package Manager has expanded its reach considerably. It now powers a wide range of mobile, desktop, and server-side applications, as well as ...

Terraform has become the de facto standard for infrastructure as code (IaC). From cloud-native startups to global enterprises, teams rely on Terraform to define, provision, and manage infrastructure with speed and consistency ...

When I first wrote about the tragedy of the commons and Maven Central, I called attention to a startling reality: a small percentage of users — mostly large enterprises — were unknowingly ...

On June 11, a cyber security analyst published a blog post alleging that he had discovered a vulnerability in Nexus Repository OSS 3.37.3-02 ...

Sonatype's focus on developers brings more insights into software dependencies, clearer policy exceptions, and support for PHP users. This Nexus platform update will help developers more easily remediate vulnerable open source usage ...

Approx read time: 3.5 mins ...