Sonatype
In the News

Open source code libraries seen as rife with vulnerabilities Network World Published on the web here. March 26, 2012 A study of how 31 popular open-source code libraries were downloaded over the past 12 months found that more than a third of the 1,261 versions of these libraries had a known vulnerability and about a quarter of the downloads were tainted. Read More »

Open Source Security Vulnerabilities Plague Large Organizations Security Week Published on the web here. March 26, 2012 An analysis of a widely-used repository for open source components revealed that Global 500 organizations collectively downloaded more than 2.8 million insecure components in one year. Read More »

Study: More than 50% of Global 500 use vulnerable open source components ZDNet Published on the web here. March 25, 2012 A joint study conducted by Sonatype and Aspect Security found that many open source components, security libraries and web frameworks contain vulnerabilities, and that many Fortune 500 companies have downloaded and built applications based on these components. Read More »

How to develop open-source software within any kind of company VentureBeat Published on the web here. March 19, 2012 For businesses and other organizations today, open-source software (OSS) is transformative in terms of its ability to allow organizations to write software very quickly and to leverage innovation very aggressively. Read More »

Mitigating the Risks of Open-source-based Development ISACA Published on the web here. March 19, 2012 Open-source components are the building blocks of the modern software supply chain, and why not? They have been shown to lower costs, improve quality, advance innovation and speed software development processes. Read More »

Sonatype Repository Now Supports the .NET Framework Visual Studio Published on the web here. March 03, 2012 Microsoft-focused developers looking for a centralized place from which to share .NET Framework components now have another choice. Read More »

Sonatype Repository Now Straddles Java and .NET Dr. Dobbs Published on the web here. February 29, 2012 Sonatype has extended the use of its Nexus repository manager to .NET developers this month. Now compliant with both Java components and Microsoft platform code blocks, the company hopes to win new appeal among programming shops operating heterogeneous development environments. Read More »

Putting the control-factor into open source components ComputerWeekly.com Published on the web here. February 24, 2012 The new Nexus Professional 2.0 may sound more like a digital camera than a developer tool, but its basic function is to provide "actionable" information about the open-source components used in any development project. Read More »

Sonatype Brings Industry-Leading Repository Manager to .NET Developers SD Times Published on the web here. February 24, 2012 Sonatype, the company that is transforming software development, today announced that software developers using the .NET Framework can now utilize the Sonatype Nexus Professional repository manager to store, access and manage .NET components. Nexus is already the industry's most widely used repository manager for Java components. By extending support to .NET, Sonatype now offers an ideal solution for Microsoft development teams, as well as heterogeneous development organizations. Read More »

Sonatype Java Repository Now Accepts .NET Components Application Development Trends Published on the web here. February 22, 2012 Sonatype today released a new version of its Maven-based component repository that supports software developers using the .NET Framework. Version 2.0 of Sonatype's Nexus Professional, a widely used repository manager for Java components, adds support for.NET developers who want to store and manage their components in a repository. Read More »

Actionable Control For Open Source Components Dr. Dobbs Published on the web here. February 22, 2012 Sonatype has released the Nexus Professional 2.0 open-source repository manager. The new iteration now includes more "actionable" information about the open-source components used in any development project. Read More »

Sonatype Nexus 2.0 brings intelligence to repository management jaxenter Published on the web here. February 16, 2012 Six years since the first version made its appearance, Sonatype has released Nexus Professional 2.0, bringing an array of new features and enhancements to the premier repository management tool. Read More »

Sonatype Nexus Professional 2.0 Released - The First Intelligent Repository Manager DZone Published on the web here. February 15, 2012 The future of repository management is here. Read More »

Nexus 2.0 Released InfoQ Published on the web here. February 15, 2012 Today, Sonatype released Nexus 2.0, a significant upgrade to their namesake repository software and the engine behind the Central. Read More »

John Backus, Wayne Jackson and CIT GAP Funds Honored as Winners of the Entrepreneur Navigator Awards NVTC Published on the web here. February 07, 2012 The Entrepreneur Center @NVTC announced the 2012 winners of the Entrepreneur Navigator Awards at a reception on Thursday, February 2, at the Tower Club in Tysons Corner, Va. The Navigator Awards recognize individuals and organizations whose commitments of time, experience, intellectual capital and personal effort have improved the quality of the entrepreneur community or have led to the success of a startup or entrepreneur. Read More »

What’s in Store for 2012: A Few Predictions RedMonk Published on the web here. January 17, 2012 The cost of delaying my 2012 predictions is that one has already come to pass. Nginx – the web server now powering all of the redmonk.com properties – passed IIS according a January 4 Netcraft release. Read more: http://redmonk.com/sogrady/2012/01/13/2012-predictions/#ixzz1jpPTXEkD Read More »

Sonatype Brings Java .Net Projects into the Central Repository Java Magazine Published on the web here. December 07, 2011 It's natural for open source projects to build upon the work done by other open source projects. Sonatype is facilitating the availability of components from Java.net's large open source project base, by bringing Java.net project artifacts into the Central Repository, a leading source for open source Java components. Read More »

Sonatype Insight: Data as the Product RedMonk Published on the web here. November 03, 2011 Sonatype Insight: Data as the Product Sonatype Insight Heatmap There is no shortage of evidence concerning the value of data, generally. From predicting the flu to the outcome of elections (PDF) to the best practices for dating websites, it’s obvious that knowledge really is power. What’s been lacking, at least according to the conventional wisdom, has been proof points of data being a direct source of revenue. Read more: http://redmonk.com/sogrady/2011/11/03/sonatype-insights/#ixzz1d8qkeoUo Read More »

Top 10 Tips for Improving Your Open Source Software Governance DevX Published on the web here. October 24, 2011 Gartner estimates that by 2013, 90 percent of Global 2000 enterprises will include open source software (OSS) as business critical elements of their IT portfolios -- and by 2016, that number will increase to 99 percent. It makes sense that open source use is on the rise. Java developers already know that open source offers unmatched flexibility, the power to control and easily modify code and optimize performance. The bottom line: Using open source components for software development improves an organization's ability to deliver higher quality software faster at lower cost. Read More »

IT inferno: The nine circles of IT hell InfoWorld Published on the web here. October 03, 2011 Spend enough time in the tech industry, and you'll eventually find yourself in IT hell -- one not unlike the underworld described by Dante in his "Divine Comedy." But here, in the data centers, conference rooms, and cubicles, the IT version of this inferno is no allegory. It is a very real test of every IT pro's sanity and soul. Read More »

Sonatype's Wayne Jackson on open source, venture capital and growing a business Washington Business Journal Published on the web here. September 23, 2011 The latest print edition of the Washington Business Journal includes a story by tech reporter Bill Flook on the latest plans for Sonatype, a software startup run by Wayne Jackson, a well-known tech entrepreneur in the D.C. region. Read More »

Sonatype Leverages Open Source Java Repository Application Development Trends Published on the web here. September 22, 2011 Sonatype this week launched a new suite of products and services designed to help companies better manage their usage of open source Java components. Called Sonatype Insight, it leverages the open-source Maven Central Repository, which the company administers, to generate actionable intelligence about open-source-software usage at any stage of the app-dev process. Read More »

Sonatype Offers Insight Into Enterprise Open Source Usage InfoQ Published on the web here. September 21, 2011 Sonatype, the main company which drives Maven development, has joined a growing list of companies which aim to help organisations understand and audit their open source software usage, with the announcement of the Sonatype Insight software suite. Read More »

Sonatype Shows Some (Component) Integrity Dr Dobbs Published on the web here. September 19, 2011 Hitting the global software tools marketplace this week is Sonatype Insight, a new suite described as a combination of both "software products and information services" for ensuring the integrity of open-source components in the software supply chain. Read More »

Open Source ROI with Less Risk Sys-Con Media Published on the web here. September 19, 2011 It's a scenario with which many Java developers are all too familiar - and one which many fear. You log on to the network or arrive at the office to discover your Chief Security or Compliance Officer, Application Manager or even a VP of Sales and Marketing in a state of panic. A commonly used open source component has a serious security vulnerability that may expose your client-facing applications to attack. Even worse, the flaw was identified a few weeks ago, but your organization has just heard about it. Read More »

Sonatype offers insight into enterprise open-source usage SD Times Published on the web here. September 19, 2011 Gartner estimates that 99% of companies will be using open-source software components in their software packages by 2015, and it is because of this that Mark Driver, research vice president for Gartner, believes enterprise organizations need to understand what risks exist and how to mitigate them. Read More »

Sonatype Introduces Open-Source Governance Solution eWeek Published on the web here. September 19, 2011 Sonatype has delivered Sonatype Insight, a new suite of software products and services to help ensure the integrity of open-source components in the software supply chain of enterprise systems. Read More »

Java Component Repository Adds JBoss Community Projects Application Development Trends Published on the web here. September 14, 2011 Another family of Java components will soon be available from the open source Maven Central Repository. Sonatype, the chief commercial supporter of Maven and administrator of the repository, has added Red Hat's JBoss Community project artifacts to the growing list of components assembled there. Read More »

Sonatype Strengthens Central Repository With JBoss Dr. Dobbs Published on the web here. September 07, 2011 Sonatype has moved to open up Java developer options by adding Red Hat's JBoss Community project components to the Central Repository open source Java components store. The company's goal is to provide developers with a route towards locating and consuming JBoss Community software components in a single, standard location. Read More »

Java.net Projects Now on Maven Central Repository Application Development Trends Published on the web here. August 23, 2011 Sonatype, the chief commercial supporter of the open-source Maven project, is working with Oracle to bring Java.net project artifacts to the Maven Central Repository, which the company administers for the Java community. Read More »

Java.net Projects Now on Sonatype's Central Repository jaxenter Published on the web here. August 22, 2011 Sonatype have announced a partnership with Oracle that brings Java.net projects to the Sonatype Central Repository. This migration was achieved through a hosted version of Sonatype Pro for Nexus, which was donated to the Java.net community by Sonatype. Java.net projects can now automate and synchronise their Java.net projects artifacts to the Central Repository, and developers can download the necessary artifacts from Java.net projects via Apache Maven. Read More »

Sonatype Adds java.net Projects to Its Central Repository Java.net Published on the web here. August 21, 2011 Last week, Sonatype announced that java.net projects are now included in the Sonatype Central Repository. Read More »

Java.Net Artefacts in Maven Central Info Q Published on the web here. August 18, 2011 Sonatype has announced the availability of Java.net open-source projects in Maven Central, in partnership with Oracle. Previously, it was either up to individual projects to move their content into Maven Central, or just host it on the Java.net repository for others to consume. Read More »

Sonatype Adds Java.net Projects to Central Repository InfoTech Published on the web here. August 18, 2011 The “Central Repository” will now include Java.net open-source projects as Sonatype enters into a relationship with Oracle (News - Alert). An announcement in this regard has been made by the company instrumental for transformation of software development, Sonatype. The “Central Repository” is the top source for open-source Java components in the industry. Over 40,000 development organizations across the globe use this repository daily. Read More »

Sonatype Adds Java.net Projects Support DZone Published on the web here. August 18, 2011 Sonatype, the company behind some of the most widely used tools in Java Development including Maven, announced a partnership with Oracle to bring Java.net projects to the "Central Repository". The move allows Java.net project owners to "easily automate and control synchronization of their Java.net project artifacts." The partnership aims to give development teams "faster builds, fewer integration problems and improved control of software component usage." Read More »

Sonatype Expands Maven Repository With Java.net Dr. Dobbs Published on the web here. August 16, 2011 Maryland-based Sonatype has formed a new bond with Oracle with the intention of bringing Java.net open-source projects to the Maven Central Repository of open-source Java components. Read More »

Eclipse Indigo arrives SD Times Published on the web here. June 22, 2011 The Eclipse Indigo release train arrived today with a renewed focus on the Java Development Tools platform. And at the top of the list of changes for Java developers is the inclusion of WindowBuilder Pro, formerly a commercial GUI builder from Instantiations and now a top-level project at the Eclipse Foundation, thanks to Google's acquisition of that company and subsequent donation of the code. Read More »

Eclipse Release Train 'Indigo' Launches 62 Projects Application Development Trends Published on the web here. June 22, 2011 The Eclipse Foundation announced its sixth annual release train today. This year's synchronized simultaneous launch of multiple Eclipse projects, code-named "Indigo," is the biggest yet, involving the work of 408 developers and 49 organizations contributing 46 million lines of code to 62 projects. Read More »

Making the Move to Maven 3 Dr. Dobbs Published on the web here. June 02, 2011 You won't lose any time in upgrading to Maven 3. Most Java programs use either Ant or Maven for the build step. While Ant is infinitely configurable, Maven employs convention instead of configuration. Read More »

Oracle Pushes Hudson Towards Eclipse Dr. Dobbs Published on the web here. May 06, 2011 Oracle has submitted a proposal to the Eclipse Foundation to create a Hudson project in Eclipse and contribute the Java-based Hudson continuous integration tool's core code to that project. Read More »

Oracle U-turns on Hudson open source control The Register Published on the web here. May 05, 2011 Oracle is relinquishing control of the Hudson project after a heavy-handed attempt to stay in charge prompted most community members to fork themselves and undermine the project's viability. Read More »

Oracle Donates Open Source Hudson To Eclipse Foundation Information Week Published on the web here. May 04, 2011 Oracle is donating the Hudson open source code that came with Sun Microsystems to the Eclipse Foundation Wednesday. Hudson stirred up controversy in late January when the project's founder declared that it should be forked to create a branch free of Oracle's control. Read More »

Oracle proposes giving Hudson to Eclipse Foundation IT World Published on the web here. May 04, 2011 In surprise move, Oracle asks Hudson community to consider Eclipse Foundation governance Read More »

Oracle Proposes Hudson Become Eclipse Foundation Project Application Development Trends Published on the web here. May 04, 2011 Oracle today announced that it has proposed moving the open-source, Java-based continuous integration (CI) server Hudson -- including all the code, the domain name and the trademark -- to the Eclipse Foundation. Read More »

Oracle Proposes Hudson Move to Eclipse Foundation InfoQ Published on the web here. May 04, 2011 Oracle proposed today that the Hudson project be transferred to the Eclipse Foundation, complete with code re-licensing under the Eclipse Public License as well as the domain and controversial trademark. Read More »

Oracle donates Hudson to Eclipse Foundation SD TImes Published on the web here. May 04, 2011 Oracle today announced it will donate the Hudson continuous integration server project and the trademarks associated with it to the Eclipse Foundation. Read More »

Oracle Donates Hudson Project to Eclipse eWeek Published on the web here. May 04, 2011 In an effort to promote stability and improve governance of the Hudson open-source java continuous integration server, Oracle has proposed to donate Hudson to the Eclipse Foundation. Read More »

How should enterprises navigate forks in the Hudson OnStrategies Perspectives Published on the web here. April 11, 2011 A South Jersey neighbor of ours — runner, educator, and open source mischief maker Bob Bickel – recently blogged a status report on what’s been going on with the Jenkins open source project ever since it split off from Hudson. Read More »

Jason van Zyl on the benefits of open source Search SOA Published on the web here. April 06, 2011 In this video interview, Jason van Zyl, the creator of Apache Maven, talks about his career in open source, the Eclipse Foundation and the benefits of open source for developers and for the enterprise. Read More »

Jason van Zyl on support for open source tools Search SOA Published on the web here. April 06, 2011 In this video interview, Jason van Zyl, the creator of Apache Maven, talks about open source tools like the Eclipse toolset and about support for open source tools within the enterprise. Read More »

EclipseCon heralds new day for Java SD Times Published on the web here. March 24, 2011 Mike Milinkovich, director of the Eclipse Foundation, said that Eclipse’s many projects and community efforts are all pushing firmly towards this summer’s Indigo release train for Eclipse version 3.7. In an interview at this week’s EclipseCon (which ends today), he said it will be the most exciting release for Java developers in about five years. Read More »

Jenkins Defends Split from Oracle's Hudson IT World Published on the web here. March 02, 2011 After my discussion with Oracle Senior Vice President and Chief Architect Ted Farrell about Oracle’s perceptions of the Hudson/Jenkins split was posted last week, it became apparent that not everyone was entirely willing to let the matter lie. Read More »

Survey Devs Adopting Open Source, But Management Lacking Visual Studio Published on the web here. February 18, 2011 Development software and services provider Sonatype earlier this month surveyed more than 1600 developers, architects and managers regarding the deployment and use of open source solutions in the development infrastructure. The survey revealed that dev organizations have widely deployed open source tools and solutions, but with little effective control and management. Read More »

Governance Issues May Bedevil Open Source Projects CTO Edge Published on the web here. February 02, 2011 There’s no doubt that open software has been a boon to IT. Without it there would be a lot fewer IT projects to go round because of not only the cost of proprietary commercial software, but also the complexity of acquiring it. Read More »

The All-in-One Package From Sonatype DZone Published on the web here. December 02, 2010 A few months ago DZone took a look at Sonatype’s Maven Studio tooling. One of the unique aspects of this open core software was the ability to "on-board" developers extremely fast for a new project. This week, Sonatype unveiled an even more all-inclusive tooling suite called Sonatype Professional. Read More »

New Tool Suite for Maven-Centric Java Development Released Application Development Trends Published http://adtmag.com/articles/2010/12/01/new-maven-tool-suite.aspx. December 01, 2010 The leading commercial supporter of the open-source Maven project today released an integrated development suite for Maven-centric Java development. The new Sonatype Professional bundles several popular open source technologies into a single environment, including Apache Maven, for build management; Nexus Professional, for enterprise repository management; Hudson, for continuous integration; and m2eclipse, for visual management of Maven. Read More »

Sonatype links Apache Maven build manager with the Eclipse IDE Info World Published on the web here. December 01, 2010 Sonatype is launching on Wednesday a suite of tools geared for Java developers who use the open source Apache Maven software build management system. Read More »

Software Company Transforms Itself to Try and Transform Its Industry dc Tech Source Published on the web here. September 14, 2010 Sonatype Inc.’s motto is "transforming software development." But first, it is transforming itself. Investors behind the startup just injected nearly $12 million in venture funding into the company, moved its headquarters from Silicon Valley to Silver Spring, Md., hired a new CEO, overhauled its sales staff and added a suite full of new top managers. Read More »

The Download - Sonatype switched coasts The Washington Post Published on the web here. September 13, 2010 So long, California. Silicon Valley start-up Sonatype has moved to Silver Spring, and brought along with it $11.6 million from investors and a new chief executive in Wayne Jackson. Read More »

Sonatype Gets Money and New CEO DZone Published on the web here. September 13, 2010 Wayne Jackson has been named the new CEO of Sonatype, a company founded on the open source Apache Maven project. Jason Van Zyl, the creator of Maven and Founder of Sonatype will remain CTO. Sonatype also received a total of $11.6 million in funding from various VCs. Read More »

Silicon Valley startup Sonatype moves to Maryland Washington Business Journal Published on the web here. September 10, 2010 Wayne Jackson — who successfully took network security company Sourcefire Inc. public three years ago — is taking the helm of Silicon Valley transplant Sonatype Inc., opening a new headquarters in Silver Spring and unveiling $11.6 million in venture funding. Read More »