In the Spotlight articles

Bryan Varner - Using Nexus OSS

Gitflow, Maven, and CI Done Right: Part 2 – Bitbucket Server, Jenkins, and Nexus OSS

Gitflow, Maven, and CI Done Right: Part 2 – Bitbucket Server, Jenkins, and Nexus OSS

Welcome to Part 2 of an ongoing series on the gitflow-helper-maven-plugin, and how to leverage it to simplify your CI configuration, artifact management, and deployment solution. (Part 1 can be found here.) Once again I’m going to be terse, and try to provide you with a bare-bones, step by step recipe to get going quickly

maartenfeature

Sonatype Nexus 2.x: Using the REST API to Clean-up Your Repository

Sonatype provides Nexus. An extensive artifact Repository Manager. It can hold large amounts of stored artifacts and still requests get processed quickly. Also it has an extensive easy to use API which is a definite asset. When a project has been running for a longer period (say years), the repository often gets filled with large

Struts2 Live Updates

Apache Struts Vulnerability: Live Updates

Update: Here’s the recording of Brian Fox and Shannon Lietz talking about Apache Struts 2 and the new vulnerability announcement. We’re keeping an eye on the latest news for the Apache struts2 vulnerability that was announced earlier this week. In addition a live broadcast talking to several top security experts in the industry, we’ve got

Author, Matthew Barker

When it Comes to Application Security, “Doing Your Homework”​ Matters

They say software is eating the world, very true, but it has become even more clear that OSS components are eating the software world. This amazing revolution is driving unimagined gains in innovation and efficiency in our ability to deliver software. Think Uber, here is a new leader in the transportation industry without owning a

Culture Hacking

Culture Hacking at RSAC 2017 with Shannon Lietz

On Monday, February 13, Shannon Lietz gave a quick, 20 minute overview of her investigations and implementation of Culture Hacking at Intuit. Below is the extended version of that presentation, including audio and the slide deck. Shannon will continue this discussion at her keynote presentation during AppSec EU 2017 in Belfast.     Culture Hacker:

achievingcicd featured

Achieving CI/CD with Kubernetes

Hola amigos !!(In English – Hello Friends !!) Hope you are having a jolly good day ! Continuous Integration/Delivery is best said in terms of Martin Fowler, according to him it can be defined as, “Continuous Integration is a software development practice where members of a team integrate their work frequently, usually each person integrates

nexus firewall featured

Nexus Firewall – Quality at Velocity

Repository managers like Nexus and Artifactory have been serving software components for development teams and their tooling for years now.  This November, we are introducing an innovative way to improve speed and reduce risk through the quarantine of components with known vulnerabilities.  With the integration of Nexus Firewall, you can shield your application development from

Brian Fox - CTO Sonatype - Featured Image

Java AutoModules Considered Bad for Your Health

Preface: We have sent the following information to the Jigsaw working group to help advise on some potentially significant impacts on the Java ecosystem that not many people are aware of. We are making this more public to gather more feedback from Java developers in the broader ecosystem. The final review period for the overall

DevOps Tutorial - Featured Image

DevOps Tutorial (Part 3): Artifact Management

This DevOps Tutorial is Part 3 of my series on Java Project Versioning. Check out the other articles: DevOps Tutorial (Part 1): Introduction to Project Versioning with Maven DevOps Tutorial (Part 2): Use Maven Release Plugin to Manage Versions DevOps Tutorial (Part 4): Continuous Integration DevOps Tutorial (Part 5): Parallel Deployment Now that your build pipeline consistently versions your

Jason Sholl - Featured Image

Nexus Build Extension for Team Services

We are pleased to announce the new Integrate with Sonatype Nexus extension available from the Visual Studio Marketplace for Team Services and Team Foundation Server (TFS). This extension adds a build task which makes it easy to upload your build artifacts to your Nexus Server as part of your Team Services or Team Foundation Server (TFS) build.  This is especially

Top