Sonatype and Bamboo: Improving Your Builds
Sonatype now provides native Atlassian Bamboo support to improve the quality of your build outputs. Sonatype provides instant analysis of open source components used in every Bamboo build and alerts...
View ArticleLegal at DevOps Speed
Our general counsel, Paul Bosco, is a super nice guy. Among his many responsibilities, he helps Sonatype make the right decisions about appropriate license use of open source components within our...
View ArticleTalking the Talk – Focus on Goals, not Best Practices (Part 2)
by Mark Kilby and Jeffry Hesse In our last blog post, we discussed how it’s better to set process goals versus best practices across teams in your organization. We’d like to continue that thought by...
View ArticleNoob Notes: A New User Perspective on the CLM Eclipse IDE Plugin
After spending some time with the Sonatype CLM plugin for Eclipse, I found myself using a number of features outside the normal security and license policy tools, and instead using the features for...
View ArticleProduct Update: CLM 1.14 Released
We’d like to announce the availability of the 1.14 Nautilus release. Highlights of this release are: Notification panel to stay up-to-date on CLM announcements Optionally force authentication by tools,...
View ArticleReal World Experiences: Blackboard
As part of a new series we’re calling ‘Real World Experiences’ we’ll be highlighting how Sonatype customers are benefiting from greater development efficiency, higher productivity levels, faster time...
View ArticleHow a Software Bill of Materials Uncovers Known Vulnerabilities
In two minutes, we can show you a full software bill of materials for your application. We can also identify any known vulnerabilities in the open source and third-party components within your Java...
View ArticleLicense and Vulnerability Tracking for NuGet Packages with Nexus Lifecycle
At the Microsoft MVP Summit in Seattle, Danijel Malik from SSW TV talked with Marcel de Vries on using Nexus Lifecycle (formerly CLM) to manage licensing and vulnerability tracking for NuGet packages....
View ArticleIntegrating SonarQube with Nexus Lifecycle
Many development organizations we work with have turned to SonarQube as a dashboard to visualize and measure their code quality. Customers using Nexus Lifecycle (formerly CLM) want to surface known...
View ArticleNexus Lifecycle 1.15 Release
The Sonatype CLM 1.15 (Nexus Lifecycle) release focuses predominantly on improving security administration functionality. As part of this, you will likely notice some changes with regard to the...
View Article
More Pages to Explore .....