Articles


05-12-2017
AppSec EU 2017 Belfast in 10 Minutes or Less by Mark Miller
The Project Summit at AppSec EU 2017 in Belfast was a good time to catch up with the project leads to see what progress they've made in the past year and to hear about their upcoming plans. Each of these recordings is 10 minutes or less, so put some ...
05-03-2017
What changed in Repository Health Check 2.0? by Daniel Sauble
Since releasing Repository Health Check (RHC) 2.0 a few weeks ago, a number of you have asked what changed, and why. Great questions. Let’s start with the why. Why change RHC at all? Put simply, we wanted to give repo admins a straightforward...
04-26-2017
Help Us Shape the Direction of Nexus Products by Daniel Sauble
User testing allows us to partner with customers to continuously improve our products. Sonatype’s User Experience team is launching a new program designed to allow us to regularly connect with Nexus users. We would like to offer you a chance to ...
04-17-2017
The Nexus Exchange: 30 New Integrations from the Community by Mark Miller
Introducing the Nexus Exchange. Over the years, members of the Nexus Community have created interesting and useful integrations with our products.  The list of projects has grown to the point where we need a central location to manage them. Today...
03-22-2017
AppSec EU 2017, Belfast - Keynote Preview with Jaya Baloo by Mark Miller
"Why does OWASP even exist? Why do we even have this idea of understanding common issues, common problems. There are resources to help us do it better next time. I feel we are not learning at the curve where we should be, considering the resources av...
03-16-2017
Gitflow, Maven, and CI Done Right: Part 2 – Bitbucket Server, Jenkins, and Nexus OSS by Bryan Varner
Welcome to Part 2 of an ongoing series on the gitflow-helper-maven-plugin, and how to leverage it to simplify your CI configuration, artifact management, and deployment solution. (Part 1 can be found here.) Once again I’m going to be terse, and...
03-15-2017
Sonatype Nexus 2.x: Using the REST API to Clean-up Your Repository by Maarten Smeets
Sonatype provides Nexus. An extensive artifact Repository Manager. It can hold large amounts of stored artifacts and still requests get processed quickly. Also it has an extensive easy to use API which is a definite asset. When a project has been...
03-10-2017
OWASP 24/7 Podcast: Struts 2 Vulnerability Analysis by Mark Miller
Brian Fox and Shannon Lietz talk about the recent announcement of the struts 2 vulnerability: What is it, how can it affect you, what you can do about it. You can view this broadcast as video on YouTube: www.youtube.com/watch?v=EzRKOudJPtQ
03-09-2017
Apache Struts Vulnerability: Live Updates by Mark Miller
Update: Here's the recording of Brian Fox and Shannon Lietz talking about Apache Struts 2 and the new vulnerability announcement. https://youtu.be/EzRKOudJPtQ We're keeping an eye on the latest news for the Apache struts2 vulnerability that was...
03-02-2017
Setting up a Docker Private Registry with Authentication Using Nexus and Nginx by Stefan Prodan
This article shows how you can set up a Docker Private Registry with authentication and SSL using Nexus Repository OSS. Nexus Repository OSS is a universal repository manager with support for all major package formats and types. It’s a free solu...
03-01-2017
System Hardening with Ansible by Derek Weeks
The DevOps pipeline is constantly changing. Therefore relevant security controls must be applied contextually. We want to be secure, but I think all of us would rather spend our time developing and deploying software. Keeping up with server update...
02-28-2017
Setting up a Secure, Private Nexus Repository by Nicholas Badger
What an exciting first post, I'm sure. But it's what I'm working on, I suppose. A few things, first: We're using an LDAP server to identify team members. LDAP and Nexus are on different domains (though, possibly, the same machine). I'm not...
02-23-2017
Set up your own Continuous Delivery Stack by Pascal Alma
Last week I wanted to try new things with ‘pipeline as code’ with Jenkins. The best way to try new things is running it as Docker containers. This way I can keep my MacBook clean and don’t mess up existing stuff I am working on (also see th...
02-22-2017
When it Comes to Application Security, "Doing Your Homework"​ Matters by Matthew Barker
They say software is eating the world, very true, but it has become even more clear that OSS components are eating the software world. This amazing revolution is driving unimagined gains in innovation and efficiency in our ability to deliver soft...
02-21-2017
Improving Build Time of Java Builds on OpenShift by Jorge Morales
Improving Build Time of Java Builds on OpenShift Since we released OpenShift 3 back in July 2015, one of the most common questions I get from developers is how to get better build time for Java based builds. In this post, I will guide you th...
02-18-2017
AppSec EU 2017 Belfast - What to Expect by Mark Miller
In mid-May I'll be joining the organizing team of AppSec EU 2017 in Belfast for a week of security and DevOps sessions. Listen in as Gary Robinson, Michelle Simpson and Owen Pendlebury talk about what's planned for the week.
02-16-2017
Using Nexus 3 as Your Repository - Part 3: Docker Images by Rafael Eyng
This is the third and last part of a series of posts on Nexus 3 and how to use it as repository for several technologies. (Part 1. Part 2.) Installation Check out the first part of this series to see how we installed and ran Nexus 3 using a sin...
02-15-2017
Culture Hacking at RSAC 2017 with Shannon Lietz by Shannon Lietz
On Monday, February 13, Shannon Lietz gave a quick, 20 minute overview of her investigations and implementation of Culture Hacking at Intuit. Below is the extended version of that presentation, including audio and the slide deck. Shannon will continu...
02-15-2017
CI/CD with OpenShift by Siamak Sadeghianfar
Releasing software frequently to users is usually a time-consuming and painful process. Continuous Integration and Continuous Delivery (CI/CD) can help organizations to become more agile by automating and streamlining the steps involved in goin...
02-14-2017
Using Nexus 3 as Your Repository - Part 2: Npm Packages by Rafael Eyng
This is the second part of a series of posts on Nexus 3 and how to use it as repository for several technologies. Also available is "Part 1, Maven Artifacts" by Rafael Eyng. npm install can take too long sometimes, so it might be a good idea t...
02-09-2017
Full Program for DevOps Connect: DevSecOps Track at RSAC 2017 by Mark Miller
Next week, Monday, February 13, DevOps.com and Sonatype are co-hosting the DevOps Connect: DevSecOps track at RSAC 2017 in San Francisco. This is the largest security conference in the world, including DevOps sessions all day Monday, plus more pl...
02-08-2017
Using Nexus 3 as Your Repository - Part 1: Maven Artifacts by Rafael Eyng
This article is the first in a three part series by one of our community advocates, Rafael Eyng. You can follow his work at CodeHeaven.io Installation Install it with docker: docker run -d -p 8081:8081 -p 8082:8082 -p 8083:8083 --name my-nexus s...
02-07-2017
Achieving CI/CD with Kubernetes by Ramit Surana
Hola amigos !!(In English - Hello Friends !!) Hope you are having a jolly good day ! Continuous Integration/Delivery is best said in terms of Martin Fowler, according to him it can be defined as, “Continuous Integration is a software developmen...
02-02-2017
Sonatype Nexus installation using Docker by Rajesh Kumar
Sonatype Nexus installation using Docker 1. Download the Docker image using following commands.. # docker pull sonatype/nexus   2. Build an image from a Nexus Dockerfile # docker build --rm --tag sonatype/nexus oss/ # docker build --rm -...
02-01-2017
Nexus Firewall – Quality at Velocity by Mike Hansen
Repository managers like Nexus and Artifactory have been serving software components for development teams and their tooling for years now.  This November, we are introducing an innovative way to improve speed and reduce risk through the quarant...
01-31-2017
Running the Nexus 3 Docker Container with SSL by Simon Hardy
Better write this down while it's fresh. The container itself does not run with SSL, so you have to use a reverse proxy to do that for you. Here's how to do it... Create a Docker Network We'll use this to allow our Nexus container to talk to our NG...
01-26-2017
The Containers and I – Part Two by Fred Thiele
For clarification upfront: The “I” stands for Intershop and with that series of articles I want to elaborate a little bit on our recent adventures into the latest and biggest hype within the IT scene, which undoubtedly is Docker, the most suc...
01-25-2017
How To Install Latest Sonatype Nexus 3 On Linux by Bibin Wilson
Sonatype Nexus is one of the best repository managers out there. It is some tool that you cannot avoid in your CI/CD pipeline. It effectively manages deployable artifacts. Sonatype Nexus 3 On Linux Ec2 This article guides you to install and con...
01-24-2017
DevOps for Small Organizations: Lessons from Ed by Derek Weeks
Ed was demoralized. He had just heard a speaker who would change his life. He knew he needed to change, and he knew what the end goal was. He just didn’t know how to get there. He needed fresh air. He needed endorphins. What better way to do that t...
01-23-2017
Java AutoModules Considered Bad for Your Health by Brian Fox
Preface: We have sent the following information to the Jigsaw working group to help advise on some potentially significant impacts on the Java ecosystem that not many people are aware of. We are making this more public to gather more feedback from...
01-20-2017
Speakers and Schedule for DevOps Connect: DevSecOps at RSAC 2017 by Mark Miller
For the third year in a row, DevOps.com and Sonatype are co-organizers of DevOps Connect at RSAC 2017 in San Francisco, Monday, February 13. As automated security continues to gain traction as an integral part of the DevOps pipeline, we are con...
01-19-2017
DevOps Tutorial (Part 3): Artifact Management by Scott Rich
This DevOps Tutorial is Part 3 of my series on Java Project Versioning. Check out the other articles: DevOps Tutorial (Part 1): Introduction to Project Versioning with Maven DevOps Tutorial (Part 2): Use Maven Release Plugin to Manage V...
01-17-2017
Shannon Lietz - Keynote Preview for AppSec EU 2017, Belfast by Mark Miller
Shannon Lietz, DevSecOps Lead at Intuit, will be giving a keynote presentation at AppSec EU 2017, Belfast. I talked with Shannon about what she will be presenting and why she is so excited to return to Ireland.  
01-17-2017
Nexus Build Extension for Team Services by Jason Sholl
We are pleased to announce the new Integrate with Sonatype Nexus extension available from the Visual Studio Marketplace for Team Services and Team Foundation Server (TFS). This extension adds a build task which makes it easy to upload your ...
12-20-2016
Nexus Repository 3.2 Enhances Support for Backups, Docker, and Firewall by Michael Prescott
The Nexus Repository team is pleased to announce the immediate availability of Nexus Repository Pro and OSS 3.2 just in time for the holidays. New and Noteworthy Backup & Restore.  We’ve made two improvements to Nexus Repository for a better...
11-30-2016
2016 AppSec USA - An Update on the WebGoat Project by Mark Miller
WebGoat is a deliberately insecure web application maintained by OWASP designed to teach web application security lessons. It is one of the most used projects at OWASP. With the current team headed by Bruce Mayhew, Nanne Baars and Jason White, wor...
10-12-2016
AppSec USA 2016: Core Rule Set Project Update w/ Chaim Sanders [AUDIO] by Mark Miller
The OWASP ModSecurity Core Rule Set Project's goal is to provide an easily "pluggable" set of generic attack detection rules that provide a base level of protection for any web application. Chaim Sanders,Ryan Barnett, Christian Folini and Walter Hop ...
10-09-2016
The Future of DevSecOps w/ Shannon Lietz and Chris Swan, Live From IP Expo London by Mark Miller
This is a live recording from 2016 IP Expo London, with Shannon Lietz (Intuit), Chris Swan (CSC) and host Mark Miller (Sonatype) discussing the future of security as it relates to DevOps. Shannon and Chris are real world practitioners, bringing stori...
09-19-2016
2016 OWASP Board Election Interviews - Part Four of Four - Members, Projects, Conferences, Chapters by Mark Miller
Today's OWASP 24/7 Podcast is the fourth in a series of four, talking with prospective 2016 board members. Today's question is, "What is more important to you as a candidate 1) Members 2) Projects 3) Conferences 4) Chapters " The format for today'...
09-18-2016
2016 OWASP Board Election Interviews – Part Three of Four – Most Important Issues by Mark Miller
Today's OWASP 24/7 podcast is the third in a series of four, talking with prospective 2016 board members. Today's question is, "What is the single most important issue for you to tackle if elected to the board?" The format for today's Q&A with...
09-15-2016
2016 OWASP Board Election Interviews – Part Two of Four – Vendor Neutrality by Mark Miller
Today's OWASP 24/7 podcast is the first in a series of four, talking with prospective 2016 board members. Today's question is, "Do you consider vendor neutrality an issue at OWASP? If so, why?" The format for today's Q&A with potential board m...
09-14-2016
2016 OWASP Board Election Interviews - Part One of Four - Developer Participation by Mark Miller
Today's OWASP 24/7 podcast is the first in a series of four, talking with prospective 2016 board members. Today's question is, "What kind of action plan do you have in mind to help motivate the participation of Developers into OWASP community." Th...
09-14-2016
Introducing the Nexus Jenkins Plugin by Justin Young
Automated Publishing As a long time Java developer, I’ve always depended on the Maven build process to automatically publish my artifacts to a Nexus Repository Manager.  This automated process was made possible thanks to some very useful plugins ...
09-13-2016
All Day DevOps: Bringing DevOps to the World by Mark Miller
Update: Pre-conference registration is open. The global audience for DevOps is expanding faster than any one person or company can keep up with. While DevOps Days and other regional events provide invaluable support to their local communities,...
09-12-2016
Nexus Repository OSS 3.0.2 Release by Michael Prescott
The Nexus team is pleased to announce Nexus Repository OSS 3.0.2. We’re rolling out support for two popular formats: PyPI and RubyGems, in addition to a raft of bug fixes. This brings the family of freely available formats in Nexus Repositor...
09-09-2016
AppSec USA 2016 Pre-Conference Update by Mark Miller
From October 11 - 14, 2016, appsec professionals from around the world will gather in Washington DC to participate in one of this year's main OWASP events, AppSec USA 2016. In this broadcast of OWASP 24/7, I speak with three organizers of the event (...
08-18-2016
Security as Part of Continuous Delivery with Sacha Labourey by Mark Miller
Continuing the theme of integrating security in DevOps processes, I spoke with Sacha Lebourey, CEO of Cloudbees, during a stop at CD Summit in London. As one of the main players in the software supply chain for DevOps, I was interested in Sacha's per...
08-15-2016
Upgrade Nexus Repository Manager 2 to 3: Get Early Access by Jeffry Hesse
A Double Dose Of Sonatype Awesomeness: Get Early Access, Test Out Upgrade! After a bunch of fun (and midnight oil) behind the scenes, we’ve hit a point where we want to invite a limited group of users to upgrade Nexus Repository Manager 2 to 3, ...
07-28-2016
Tame The Ruby Colored Snake: Python + RubyGems + Repository Manager OSS Early Access by Jeffry Hesse
UPDATE: September 8, 2016, from Joe Tom Interested parties, for your awareness: Because Sonatype is releasing version 3.0.2 very soon (as soon as mid-September 2016) which includes PyPI and RubyGems support, we are no longer releasing early ac...
07-21-2016
Unicorns on an Aircraft Carrier: DevOps Security at Scale with Sanjeev Sharma by Mark Miller
Sanjeev Sharma is a Distinguished Engineer at IBM. His main concern is how DevOps initiatives scale in large enterprises. In this wide ranging discussion recorded during CD Summit in Stockholm, I talk with Sanjeev about DevOps adoption, how security ...
07-11-2016
2016 State of the Software Supply Chain Report Released by Mark Miller
The 2nd Annual State of the Software Supply Chain Report has been released, containing information on open source download patterns from over 3000 organizations. The report is a Sonatype research project, analyzing data from over 31 billion downl...
07-06-2016
Security as Part of DevOps and Development with Jason Schmitt by Mark Miller
Jason Schmitt's passion is to assure security is built into the development process, not just as a bolt-on add-on. His experience in various aspects of software security has led him on a path through mobile, application and cloud security. In our ...
07-05-2016
July 5, 2016: 5 DevOps Podcasts for your Morning Commute by Mark Miller
No need to hunt around for the latest in DevOps podcasts. It's the Tuesday morning refresh, July 5, 2016, highlighting 5 DevOps podcasts for your morning commute. Am I missing a podcast you think should be featured? Leave a comment below and I'll che...
07-05-2016
Brandon Holcomb - An Innovator's Journey to DevOps by Mark Miller
Brandon Holcomb, VP Technology, Global Platforms at Equifax, is worried about scaling IT projects at large enterprises. As head of infrastructure at Equifax, and previously at Home Depot, Holcomb has led large, transformational projects while co...
07-01-2016
Interviews and Insights from AppSecEU 2016 by Mark Miller
At AppSecEU 2016 in Rome, Italy, I sat down with project leads and session leaders to hear what they were working on and what they would like the community to know about their projects and plans. Interviews will be added to this list as they beco...
06-30-2016
Packaging and Shipping Rails Applications in Docker by Allan Espinosa
You’re very happy as a Rails developer for drinking the Docker kool-aid. You just need to toss a Docker image to your Ops team and you're done! However, like all software projects, your Docker containers start to decay. Deployment takes days to...
06-29-2016
Using Nexus 3 as a Private Docker Registry by Stephan Hochdörfer
For a long time I was planning to use Docker at my company bitExpert AG but realized that if we wanted to make use of Docker we needed a private registry to store (and share) the different containers needed for our projects. Unfortunately most Do...
06-29-2016
Interview with Mark Miller, Sonatype Senior Storyteller, DevOps Evangelist by Mark Miller
In this episode from the OWASP 24/7 Podcast Series, Jim Manico turns the tables on me for his 100th podcast. He digs into my past, asks about my motivations for participating in OWASP, asks how I got started at Sonatype, how marketing plays a rol...
06-28-2016
June 28, 2016: 5 DevOps Podcasts for your Morning Commute by Mark Miller
No need to hunt around for the latest in DevOps podcasts. It's the Tuesday morning refresh, highlighting 5 DevOps podcasts for your morning commute. Am I missing a podcast you think should be featured? Leave a comment below and I'll check it out. ...
06-22-2016
The Reports of Agile's Death have been Greatly Exaggerated by Mike Hansen
Twain quip aside, the posts about how agile is dead are rather frequent, with their either salacious or juicy narratives depending on your own experiences.   Have their been failures?  Of course.  Dogma and religious zealotry stemming from ...
06-21-2016
5 DevOps Podcasts for this Week's Commute by Mark Miller
It's Tuesday, the initial flood of "to do's" has passed through the inbox and now it's time to determine what's on the agenda for the rest of the week. There are some pretty great DevOps podcasts floating around, so I'm listing my top five for th...
06-13-2016
<— Shifting Security to the Left by Shannon Lietz
Software is assembled from many component parts to quickly address customer needs.  The end-to-end process of delivering value through software starts with ideation and ends with a finished product or service that significantly improves th...
06-10-2016
Managing Java Dependencies with Nexus Lifecycle by James Nicholson
A typical Java application can have hundreds of external dependencies that include proprietary libraries and others from many different sources. Tools such as Maven, make adding and managing these dependencies easy, but by themselves they aren'...
06-08-2016
An Innovator's Journey: 8 Interviews by Mark Miller
The Innovator’s Journey to DevOps, is a series of interviews profiling individual DevOps practitioners who are transforming the way developers, IT operations, and security professionals collaborate to accelerate software innovation. These are r...
06-08-2016
Integration with Nexus Repository 3 by Manfred Moser
Nexus Repository supports new repository formats such as Docker and Bower and introduces a fresh, clean user interface among other advantages. Adopting or upgrading repository manager often means that you need to update the configuration for your...
05-24-2016
Sonatype Automated Deployments with Atlassian Bitbucket Pipelines by Manfred Moser
With the release of Atlassian’s new Bitbucket Pipelines, you can now configure your project to have continuous builds performed in the cloud easily. Powered by the knowledge of Atlassian on how to run large infrastructure for tools such as Confluen...
05-19-2016
Implementing a DevOps Strategy Across Multiple Locations and Product Teams by Stephen Williams
Over the last 18 months, a change has begun within the Ticketmaster International Team. Barriers are being broken down between the engineering and operational teams, our different product delivery teams are being aligned and knowledge sharing across ...
05-11-2016
Migrating to Nexus Repository 3 - Easy Peasy by Manfred Moser
Nexus Repository Manager 3 is released and available to everyone as the free OSS distribution. With the increased support for different repository formats and numerous other advantages, we've got thousands of new users adopting it. Users of N...
05-03-2016
Nexus Lifecycle and IntelliJ IDEA by Jeff Wayman
Our roots are deeply secured to the development community at Sonatype. While Nexus products now span roles and responsibilities across an organization, we’re always looking to consider the needs of our developer tribe. We make it a point to con...
05-02-2016
Puppet-eering the Nexus Repository Manager by Manfred Moser
The popular configuration management tool Puppet is widely used to provision and manage myriads of servers. It can be used to install software initially, configure it and update it. Doing all that is easy since you can describe the configuration ...
04-25-2016
Gitflow, Maven, and CI Done Right: Part 1 – Teaching Maven New Tricks by Bryan Varner
A Note from Bryan Varner: Hi, I’m Bryan. This is my first blog post from E-gineering. I want it to be memorable. I want it to be epic. I want it to be informative. I want to convey how much time I’ve spent over the years looking for an elega...
04-20-2016
Nexus IQ Server 1.20 Now Available by Jamie Whitehouse
Today we’ve announced the release of Nexus IQ Server 1.20, the underlying technology that supports our Continuous Component Intelligence product line: Nexus Lifecycle, Nexus Firewall, and Nexus Auditor. While there are many changes, but I’...
04-19-2016
Seven Habits of Rugged DevOps - Amy DeMartine at RSAC 2016 [VIDEO] by Mark Miller
Editor’s Note: This video is from the 16 part series, “DevOps Connect: Rugged DevOps at RSA Conference 2016”. The entire series is available, on-demand to members ofTheNexus Community. https://www.youtube.com/watch?v=BDzFVFpgtcU View the vi...
04-19-2016
Impressions from DevOpsDays Vancouver 2016 by Manfred Moser
DevOpsDays are always a great event for a geek to attend. You get to chat to fellow hackers and coders and therefore people, who actually understand what you are talking about. The vibe that results from these conversations is always amazing. Pre...
04-14-2016
Uploading Artifacts into Nexus Repository via PowerShell by Mario Majčica
It may not be the most common thing, however it may happen that you need to upload an artifact to a maven repository in Nexus via PowerShell. In order to achieve that, we will use Nexus REST API which for this task requires a multipart/form-data ...
04-13-2016
A Dozen Reasons Why Nexus Repository 3.0 Kicks Ass by Manfred Moser
With the release of Nexus Repository Manager OSS 3.0, you might be wondering if it is worth checking out. In my opinion there is no reason not to, since it can be done easily. More importantly, there are lots of reasons to have a look: 01: Insta...
04-12-2016
2015 in Review: Failures in Public Safety and Privacy w/ Kim Zetter [Video] by Mark Miller
https://www.youtube.com/watch?v=6_wZefFFUCw View the video on YouTube: 2015 in Review: Failures in Public Safety and Privacy Editor's Note: This video is from the 16 part series, "DevOps Connect: Rugged DevOps at RSA Conference 2016". The entire s...
04-12-2016
Why I Chose Nexus Repository Over Artifactory When Using Docker by Asaf Mesika
A couple of days ago, I needed to setup Logz.io’s first internal Maven repository. We’re a youngish company in the field of Log Analysis and haven’t needed a Maven repository so far. We rely heavily on open source technologies but the need to...
04-06-2016
Spring Into The Future: Nexus Repository Manager 3.0 Release by Jeffry Hesse
Today, we are super stoked to deliver the culmination of quite a few awesome people’s effort, an update to the product I hold near and dear: Sonatype’s Nexus Repository. Just in time for cherry blossoms, thawing landscapes, and warmer days...
04-05-2016
Ops Happens: Improve Security Without Getting in the Way - Damon Edwards at RSAC 2016 [Video] by Mark Miller
https://www.youtube.com/watch?v=uOIqNN1sftA View on YouTube: Ops Happen: Improve Security Without Getting in the Way Editor's Note: This video is from the 16 part series, "DevOps Connect: Rugged DevOps at RSA Conference 2016". The entire series is...
04-04-2016
Use Nexus Repository Manager OSS as Nuget Server - Part 03 by Mario Majčica
.   Editor's Note: This is a three part series by Mario Majčica. In Part 01, Mario walks through the setup of Nexus as a NuGet Proxy. In Part 02, he examines other considerations (Proxy, License and Vulnerability Tracking, Maintenance,...
04-01-2016
Communication Patterns in Open Source Component Supply Chains by Mark Miller
Editor's Note: After the publication of this article, I was able to speak with Dr. Murphy about the research for her project and the future plans for her and Dr. Marc Palyart to extend the project. You can listen to the full interview below. ...
03-31-2016
Use Nexus Repository Manager OSS as Nuget Server - Part 02 by Mario Majčica
Editor's Note: This is a three part series by Mario Majčica. In Part 01, Mario walks through the setup of Nexus as a NuGet Proxy. In Part 02, he examines other considerations (Proxy, License and Vulnerability Tracking, Maintenance, Support and Do...
03-29-2016
What We Learned From Three Years of Sciencing the Crap Out of DevOps [VIDEO] by Mark Miller
  https://youtu.be/cJVUtbSmXaM Editor's Note: This video is from the 16 part series, "DevOps Connect: Rugged DevOps at RSA Conference 2016". The entire series is available, on-demand to members of TheNexus Community. Jez Humble and Nicole F...
03-29-2016
Use Nexus Repository Manager OSS as Nuget Server - Part 01 by Mario Majčica
Editor's Note: This is a three part series by Mario Majčica. In Part 01, Mario walks through the setup of Nexus Repository Manager OSS as a NuGet Server. In Part 02, he examines other considerations (Proxy, License and Vulnerability Tracking, Mai...
03-28-2016
Jenkins and Nexus for Micro-Service Deployments by Pradeep Macharia
Editor's Note:We'll be in Dallas next week, April 4 - 5, 2016, with our friends from Jenkins/Cloudbees as we continue our Rugged DevOps mission to automate the software supply chain. If you're in the Dallas/Fort Worth area, we'd love to see you t...
03-25-2016
npm gate - Lessons Learned Again by Manfred Moser
The recent events in the world of JavaScript developers and npm definitely caused a storm on twitter and the internet in general. If you want to find out more around the kik package, the trademark threats, the unpublishing of the left-pad package...
03-19-2016
April in Dallas: The Nexus 2016 World Tour Begins by Mark Miller
Coming off an extremely successful Rugged DevOps at RSA Conference 2016, the Sonatype team will be hitting the road for the Nexus World Tour, starting in April. In the first leg, you can find us in Dallas, Chicago and Boston, with stops in b...
03-11-2016
16 Sessions from Rugged DevOps at RSAC 2016 to be Released on Video by Mark Miller
Following on the heels of a very successful Rugged DevOps at RSA Conference 2016, DevOps.com and Sonatype Nexus are set to release the recorded sessions from the event. This is the complete set of presentations, each with fully synced slides and ...
03-11-2016
Continuous Integration Platform Using Docker Containers: Jenkins, SonarQube, Nexus, GitLab by Marcel Birkner
In 2016, the concepts and advantages of Continuous Integration (CI) should be well known to most software developers. There are plenty of tools, books and blog articles that cover that topic. One of the first articles was written in 2006 by Ma...
03-07-2016
The Low Cost of High Caliber Developers by Mike Hansen
There is a vast difference in individual developer productivity.  You could argue that for certain intractable problems that there is an infinite difference in productivity since some developers will just never be able to solve a certain problem...
02-29-2016
DevOps Connect: Rugged DevOps at RSA by Chris Riley
Live blog from DevOps Connect - get the slides now by emailing mmiller@sonatype.com Note: this page does not auto-refresh It is time for me to sign off. The Rugged DevOps sessions at DevOps connect were, well rugged. They brought reality to DevOps...
02-10-2016
Get a Free Pass to DevOps Connect: Rugged DevOps at RSAC by Mark Miller
DevOps combined with security is a hot topic as enterprises are implementing DevOps methodologies and tools into their developer solutions. Even Forrester, in their "Seven Habits of of Rugged DevOps", acknowledges the movement to more automation....
02-04-2016
Sonatype Closes $30 Million Financing by Wayne Jackson
From Wayne Jackson, CEO, Sonatype At Sonatype, we know two things are true: Security, quality, and speed are critical to modern software (business) success. The world’s best software starts with the world’s best components. That...
02-02-2016
Continuous Delivery: How to Transform Application Release [VIDEO] by Derek Weeks
This past November at CA World 2015, we participated in a panel discussion on transforming application development and release with Continuous Delivery and DevOps practices.  The panel included: Tim Mueting: CA's Release Automation soluti...
02-01-2016
Dance Card for DevOps Connect: Rugged DevOps at RSAC by Mark Miller
Important Update We have free passes for those who'd like to come to DevOps Connect: Rugged DevOps at RSA Conference starting on February 29, 2016. Read the article, Get a Free Pass to DevOps Connect: Rugged DevOps at RSAC, register for your pas...
02-01-2016
Easy Publishing to Central Repository - 8 Part Video Series by Manfred Moser
This morning we published the final videos in the 8 part series, Easy Publishing to Central Repository. This series, created by Manfred Moser, takes all the guess work out of publishing your project to Central. Community Members have immediate acce...
01-26-2016
First Deployments to Central Repository and Project Object Model [Videos] by Manfred Moser
We now have 6 videos completed in the 8 part series, "Easy Publishing to the Central Repository". In the most recent of the set, Manfred Moser walks through First Deployments to Central and the Project Object Model (POM). Community members have acces...
01-21-2016
Ground Control To Nexus Users: Nexus Repository Manager 3 Milestone 7 Release by Jeffry Hesse
“This is Major Tom to Ground Control. I’m stepping through the door…” This release is in remembrance of David Bowie. The final milestone is here, and we are pleased to announce Nexus Repository Manager 3 Milestone 7 has “made the gra...
01-20-2016
Easy Publishing to Central Repository - 3 New Videos by Manfred Moser
https://www.youtube.com/watch?v=DE3FVty3NgE Requirement and Signing Tips using PGP. View the entire series in the Easy Publishing to Central Repository Video Gallery, available to all community members. This week, we continue our free video tr...

Top