Engineering Team: Thoughts articles

Author, Matthew Barker

When it Comes to Application Security, “Doing Your Homework”​ Matters

When it Comes to Application Security, “Doing Your Homework”​ Matters

They say software is eating the world, very true, but it has become even more clear that OSS components are eating the software world. This amazing revolution is driving unimagined gains in innovation and efficiency in our ability to deliver software. Think Uber, here is a new leader in the transportation industry without owning a

nexus firewall featured

Nexus Firewall – Quality at Velocity

Repository managers like Nexus and Artifactory have been serving software components for development teams and their tooling for years now.  This November, we are introducing an innovative way to improve speed and reduce risk through the quarantine of components with known vulnerabilities.  With the integration of Nexus Firewall, you can shield your application development from

The Reports of Agile’s Death have been Greatly Exaggerated

The Reports of Agile’s Death have been Greatly Exaggerated

Twain quip aside, the posts about how agile is dead are rather frequent, with their either salacious or juicy narratives depending on your own experiences.   Have their been failures?  Of course.  Dogma and religious zealotry stemming from a lack of understanding of the fundamental principles are the root of these.  With the frequent blind thrusts into agile

Nexus and IntelliJ - Featured Image

Nexus Lifecycle and IntelliJ IDEA

Our roots are deeply secured to the development community at Sonatype. While Nexus products now span roles and responsibilities across an organization, we’re always looking to consider the needs of our developer tribe. We make it a point to continually add developer-focused features to our suite of products as part of this commitment. We also

Author, Mike Hansen

The Low Cost of High Caliber Developers

There is a vast difference in individual developer productivity.  You could argue that for certain intractable problems that there is an infinite difference in productivity since some developers will just never be able to solve a certain problem in any period of time.  Also, one of the hardest things in software is keeping everything as

Nexus Engineering Team

Ground Control To Nexus Users: Nexus Repository Manager 3 Milestone 7 Release

“This is Major Tom to Ground Control. I’m stepping through the door…” This release is in remembrance of David Bowie. The final milestone is here, and we are pleased to announce Nexus Repository Manager 3 Milestone 7 has “made the grade” and it’s ready to release! It’s time to engage your engines and blast off

Nexus Firewall

The Nexus Firewall – Perimeter Defense for Software Development

The quantitative research summarized below, covering over 7,000 repositories across nearly 100 countries, highlights some of the challenges with quality at modern development velocities. You can respond by leveraging automation in your repository manager to improve application quality and reduce rework while lowering exposure to risk. (Download pdf version of this article for offline reading.)

Author, Brian Fox

Nexus Lifecycle 1.15 Release

The Sonatype CLM 1.15 (Nexus Lifecycle) release focuses predominantly on improving security administration functionality. As part of this, you will likely notice some changes with regard to the associated interface in these areas. Here’s a breakdown of the improvements in this release. Details follow this summary: Built-in roles and permissions visibility Custom roles creation Java

Author, Mike Hansen

Software Supply Chain Automation

  “Software supply chain automation will unleash the next level of application development and operational efficiency, driving extraordinary increases in innovation, productivity and cost savings while enabling far greater control of risk.” — Mike Hansen Sometimes intentionally and other times not, software development has borrowed much from the learnings of Toyota.  However, we still have

Mark Kilby and Jeffry Hesse

Talking the Talk – Focus on Goals, not Best Practices (Part 2)

by Mark Kilby and Jeffry Hesse In our last blog post, we discussed how it’s better to set process goals versus best practices across teams in your organization.  We’d like to continue that thought by discussing another goal we set for our distributed teams: Talking Daily.  This goal definitely aligns with principles of the Agile