Nexus Pro/CLM articles

Atlassian Pipelines - Featured Image

Sonatype Automated Deployments with Atlassian Bitbucket Pipelines

Sonatype Automated Deployments with Atlassian Bitbucket Pipelines

With the release of Atlassian’s new Bitbucket Pipelines, you can now configure your project to have continuous builds performed in the cloud easily. Powered by the knowledge of Atlassian on how to run large infrastructure for tools such as Confluence and JIRA Software, Bitbucket Pipelines brings you a simple configuration for your builds, no matter

Author, Ilkka Turunen

Using the REST API in Nexus 2.x

I’ve recently received a few questions asking how the deployment of Nexus can be automated as much as is possible by using configuration management tools such as Chef, Puppet, Saltstack, Docker, etc. This is common in a scenario where you may want to set up multiple Nexuses with defined repository structures and pre-installed license keys.

Author, Ilkka Turunen

How to Detect and Enforce Open Source Licenses

I received this question from a client today: Right now we are using Nexus OSS. We are considering upgrading to Nexus Pro for two reasons: We need to control licences of our dependencies – with Maven it’s too easy to add dependencies We need to track updates of our dependencies Nexus Repository Health Check seems

SonarQube + Nexus Lifecycle.

Integrating SonarQube with Nexus Lifecycle

Many development organizations we work with have turned to SonarQube as a dashboard to visualize and measure their code quality. Customers using Nexus Lifecycle (formerly CLM) want to surface known security vulnerabilities and license risk in the same place developers or executives already go to assess the overall quality of their application. To support this growing

Marcel de Vries

License and Vulnerability Tracking for NuGet Packages with Nexus Lifecycle

At the Microsoft MVP Summit in Seattle, Danijel Malik from SSW TV talked with Marcel de Vries on using Nexus Lifecycle (formerly CLM) to manage licensing and vulnerability tracking for NuGet packages.  (Video embedded below.) Marcel first walks through how proxy works and then demonstrates the use  of the dashboard  in Nexus Lifecycle to expose and

Author, Derek Weeks

How a Software Bill of Materials Uncovers Known Vulnerabilities

In two minutes, we can show you a full software bill of materials for your application.  We can also identify any known vulnerabilities in the open source and third-party components within your Java application.  Oh, and by the way, it’s free. That’s right, at Sonatype, we could not be more in favor of the code

Author, Derek Weeks

Sonatype and Bamboo: Improving Your Builds

Sonatype now provides native Atlassian Bamboo support to improve the quality of your build outputs. Sonatype provides instant analysis of open source components used in every Bamboo build and alerts development teams to any quality, license, or security issues identified.  By catching the issues during CI builds, development teams can quickly address open source policy

Author, Manfred Moser

Using the Oracle Maven Repository with Nexus

One of the New Year presents to all Oracle Fusion Middleware user was the creation of a Maven repository by Oracle. A big problem for many application developers using the WebLogic server was dealing with the dependencies. Typically the dependencies supplied by WebLogic would be taken out of the installation and brought onto the classpath

Lists-LiveChat-Support

Lists, Live Chat and Other Resources for Nexus

Let’s say you’ve got a problem with Nexus that you need solved quickly. What’s the best resource for you to get the answer you need? Is it Nexus documentation? Is it a quick live chat with our support or engineering team? Do you need an on-demand video walk-through of the Nexus Staging Suite? We’ve put together a page of

Top