Tag Archives: nexus lifecycle

2017-10-31 Violations Detail View - Featured Image

Violations Detail View Coming to Nexus IQ Server

Violations Detail View Coming to Nexus IQ Server

In the coming months, the Nexus Lifecycle team will be implementing a new page in IQ Server, providing details on a particular policy violation. This page will be accessed from the dashboard by clicking on a result in the violations tab. What is it? The first iteration of the Violations Detail page will show metadata

Author, Brian Fox

Nexus Lifecycle 1.15 Release

The Sonatype CLM 1.15 (Nexus Lifecycle) release focuses predominantly on improving security administration functionality. As part of this, you will likely notice some changes with regard to the associated interface in these areas. Here’s a breakdown of the improvements in this release. Details follow this summary: Built-in roles and permissions visibility Custom roles creation Java

SonarQube + Nexus Lifecycle.

Integrating SonarQube with Nexus Lifecycle

Many development organizations we work with have turned to SonarQube as a dashboard to visualize and measure their code quality. Customers using Nexus Lifecycle (formerly CLM) want to surface known security vulnerabilities and license risk in the same place developers or executives already go to assess the overall quality of their application. To support this growing

Marcel de Vries

License and Vulnerability Tracking for NuGet Packages with Nexus Lifecycle

At the Microsoft MVP Summit in Seattle, Danijel Malik from SSW TV talked with Marcel de Vries on using Nexus Lifecycle (formerly CLM) to manage licensing and vulnerability tracking for NuGet packages.  (Video embedded below.) Marcel first walks through how proxy works and then demonstrates the use  of the dashboard  in Nexus Lifecycle to expose and

Author, Derek Weeks

How a Software Bill of Materials Uncovers Known Vulnerabilities

In two minutes, we can show you a full software bill of materials for your application.  We can also identify any known vulnerabilities in the open source and third-party components within your Java application.  Oh, and by the way, it’s free. That’s right, at Sonatype, we could not be more in favor of the code

Author, Derek Weeks

42,000 Nexus Repository Managers, and Growing!

[Editor’s Note: An update to this article is now available.  As of February 2015, active Nexus instances have reached 50,000.  For more information, please see the new blog post at: http://blog.sonatype.com/2015/02/nexus-reaches-50000/#.VPTXZEuf96k] Over the past 15 months, active Nexus instances have grown from 21,000 to 42,000.  Wowza.   That is news worth sharing, because you made it

Author, Brian Fox

4 Open Source Components You Need to Update Right Now

Heartbleed has put the security community on notice: it is time to take a harder look at the security status of open source components and frameworks. After doing a little industry research on downloads from the (Maven) Central Repository, I’m sitting here with my jaw hanging open. Over 46 million Java-based open source components containing

Top