Community Product – WindowsTechs.com

The Central Repository Stands to Support Sailors from Bintray – 3 steps to take now to protect your builds from failing

Posted on February 8, 2021 by Ilkka Turunen

The shutdown of Bintray and JCenter comes as a rough entry in the 2021 Bingo card for many developers – most Android projects as well as Gradle and many others publish their artifacts via Bintray into JCenter. The migration timelines are tight for… Continue reading The Central Repository Stands to Support Sailors from Bintray – 3 steps to take now to protect your builds from failing→

What Publishers Need to Know About Migrating from JCenter / Bintray to The Central Repository

Posted on February 8, 2021 by Ilkka Turunen

We know the news about JFrog sunsetting Bintray/JCenter has been unsettling for many. Our goal is to make the migration to The Central Repository as easy as possible – whether you’re just consuming components or if you’re publishing them as well. … Continue reading What Publishers Need to Know About Migrating from JCenter / Bintray to The Central Repository→

Dear Bintray and JCenter Users – Here’s What You Need to Know About The Central Repository

Posted on February 4, 2021 by Brian Fox

If you’re freaking out because JFrog announced it’s sunsetting Bintray and JCenter, and are concerned about moving your Java components into The Central Repository, I want to first and foremost say – don’t worry. We’re here for you and I personall… Continue reading Dear Bintray and JCenter Users – Here’s What You Need to Know About The Central Repository→

Sonatype Stops Software Supply Chain Attack Aimed at the Java Developer Community

Posted on January 13, 2021 by Sonatype Security Research Team

On January 7th, Sonatype became aware of 3 malicious brandjacking components which were published to the Maven Central Repository in the last week of 2020.
The post Sonatype Stops Software Supply Chain Attack Aimed at the Java Developer Community… Continue reading Sonatype Stops Software Supply Chain Attack Aimed at the Java Developer Community→

Beyond npm Audit to Traverse an Increasingly Complex Dependency Tree

Posted on March 4, 2020 by Mike Hoskins

If you’ve been immersed in the Node.js/JavaScript community for awhile, or even if you are just getting started, you are likely using npm audit to scan package dependencies in your projects. It’s easy to stumble upon as part of the ubiquitous npm,… Continue reading Beyond npm Audit to Traverse an Increasingly Complex Dependency Tree→

How to Easily Identify Conda Vulnerabilities Using Sonatype Jake

Posted on February 20, 2020 by Aditya Khanduri

Vulnerabilities in our Python environments are really irritating. They slow us down, are difficult to identify, and can delay the development process. What makes them more frustrating is that most of these vulnerabilities are known. Countless deve… Continue reading How to Easily Identify Conda Vulnerabilities Using Sonatype Jake→

The Central Repository is Moving to HTTPS

Posted on December 20, 2019 by Terry Yanko

As stewards of Maven Central, Sonatype is responsible for hosting and transmitting a disproportionately high volume of the Java ecosystem’s open-source components. In the month of November 2019 alone, total requests to Maven Central across N… Continue reading The Central Repository is Moving to HTTPS→

New Integration to Visual Studio Code – Nexus IQ and OSS Index

Posted on December 4, 2019 by Allen Hsieh

Since I’m a developer, I’m gonna bless you with the tl;dr right here. Jump on over to the VS Code Marketplace and check out the new Nexus IQ integration to VS Code. For those of you that want to understand how we built it, why we built… Continue reading New Integration to Visual Studio Code – Nexus IQ and OSS Index→

Removing Search Guard from the Central Repository

Posted on September 11, 2019 by Brian Fox

We at Sonatype take our responsibility as stewards of the Central Repository (Central) very seriously, and for well over a decade we have been dedicated to the ideal of immutability when it comes to serving components to the community that relies … Continue reading Removing Search Guard from the Central Repository→

How a Surf Loving Aussie Developed Sonatype’s Most Popular Extension

Posted on August 2, 2019 by Katie McCaskey

The first thing you need to know about Sonatype is this: the rumors are true.
The post How a Surf Loving Aussie Developed Sonatype’s Most Popular Extension appeared first on Security Boulevard.
Continue reading How a Surf Loving Aussie Developed Sonatype’s Most Popular Extension→