Heading into this year, JFrog questioned the future of the Nexus Platform following news of Sonatype being acquired by Vista - sensing “tremors” on the horizon. The “tremors” were simply fabrications from a competitor and the reality is that Nexus is stronger and more forward-thinking than ever. The continued ascent of the Nexus Platform is exemplified by our elevated investment in engineering and advanced roadmap to deliver even more customer value. But, don’t just take our word for it. The ascent is no more visible than when looking at developer adoption:
- Nexus Repository continues to be preferred 2:1 over Artifactory.
- Nexus Repository continues to be ranked as the #1 repo manager on IT Central Station
- 10 million developers trust Nexus to help them manage OSS dependencies, containers, and other build artifacts
We help developers build their best software. Another testament to the diversity of the community we serve: Nexus deployments are visible in 148 countries. It’s this community that keeps us motivated to build the best repository manager and dependency management platform in the market.
Whether it’s serving billions of open source components to developers annually, accelerating DevOps pipelines with our repository manager, enhancing dependency management, or improving security for high performance development teams - developers will continue to be at the core of our innovations, and so will the Nexus Platform.
Rapidly Rising Tides
It’s been awesome to witness the simultaneous rising tides of component-based software development, DevOps practices, software development as a differentiator, and application security investments in the wake of increasing cybercrime. The market interest in these tides continues to fuel our growth, accelerates continued consolidation in the industry, and leads companies to successful exits (whether by acquisition or IPO...we certainly applaud JFrog on their recent NASDAQ debut).
Nexus Knows Developers
Developers are using more packages and containers than ever
An increase in open source components has dramatically changed how software is developed, packaged, and deployed. In fact, 1.5 trillion OSS download requests and 90 billion container downloads are expected from this year alone.
This is why everyone from Fortune 500 enterprises to individual open source contributors use Nexus Repository to store, manage, and create binary packages from source code to production environments.
Adversaries are increasing attacks on OSS packages
This year’s State of the Software Supply Chain Report found a massive 430% surge in next generation cyber attacks aimed at actively infiltrating open source software supply chains. Understanding what’s in your software has become mission critical.
Sonatype’s unique position with the Nexus Platform integrates the most precise component intelligence on open source vulnerabilities directly into your internal DevOps pipelines with Repository Health Check. This suite integration gives Nexus Repository Pro users access to Nexus Intelligence data to identify open source risk at the earliest stages of their builds. For our free users, Nexus Repository OSS provides enhanced component intelligence using Sonatype’s OSS Index data.
Our competitors, like JFrog, have consistently been ‘one hop’ behind us when it comes to bringing frictionless security tools for developers straight into their existing DevOps workflows.
We continue to lead in providing precise open source intelligence to developers for identifying vulnerabilities, understanding risk, and keeping their software supply chains safe.
Not all DevOps practices are the same
A flexible (on-prem and cloud), universal binary repository manager enables organizations to deploy multiple types of packages while being centrally integrated across their CI/CD ecosystems. Nexus Repository offers enterprise deployment flexibility for any business with on-prem, hybrid, and multi-cloud deployments with AWS, Microsoft Azure, GCP, and Red Hat OpensShift. Focused on container deployments, Nexus users can discover and launch Kubernetes-ready apps.
Developers need choices
To keep pace with demand for component based development, millions of packages are available for download. npm alone grew to 1.3 million packages, up 63% this year. Development teams need tools that support more packages, more choices, and more development languages. Nexus Platform integrates with your favorite tools and languages throughout the SDLC.
Scalability is key
Nexus Repository has evolved into the world’s most popular binary repository manager with both free support and enterprise grade capabilities. Development teams are working hard to keep up with faster component creation rates from CI/CD and increased sizes of components from a shift in containerized deployments (e.g. each day multiple GB of new docker components are created). As open source usage increases, Nexus Repository helps organizations scale to manage the extensive amount of content within all your repositories.
Developers want free tools
Developers want more free tools at their fingertips. It doesn’t just stop at Nexus Repository OSS, but extends into our free offerings. We’ve built numerous developer-friendly tools to find and fix open source vulnerabilities. These tools can run as test scripts in source control, or at build time as part of your CI/CD pipelines.
We’re Only Climbing Higher
Approaching the final stages of 2020, Sonatype is gearing up for some exciting news as we focus on delivering innovative open source intelligence further left into the hands of developers. Sonatype pioneered the concept of software supply chain automation and introduced policy controls to enable engineering teams to automatically find and fix open source vulnerabilities.
Building on our foundation of the most popular binary repository manager and shifting security left across the DevOps pipeline, we look ahead with our partners at Vista as Sonatype becomes indispensable to developers and ascends into new terrain for dependency management security solutions.
Want to experience Nexus Repository for yourself? Start your Nexus Pro trial today.
Written by Brent Kostak
Brent is the Director of Product Marketing connecting developers and DevOps communities to Sonatype Nexus tools and technologies.
Explore All Posts by Brent Kostak