Sonatype Brings NuGet Component Management to .NET Developer Community


Nexus OSS to improve build performance and application security for millions of developers

Fulton, MD – October 1, 2014 – Sonatype, a software company that enables developers to easily build software applications while significantly reducing security, compliance, and licensing risks, today announced free NuGet package support through its open source component manager – Nexus OSS. As developers are consuming an ever-increasing number of open source components -- now approaching 250 million downloads annually – the .NET community is seeking to improve build performance and stability through the use of component managers. This trend mirrors the evolution in the Java development environments where there are 13 billion open source component download requests managed annually. More than 40,000 organizations and teams seeking to improve their open source development performance and security have turned to Sonatype’s Nexus component managers -- all of which can now leverage available NuGet support.

Development organizations using Nexus component managers benefit from:

  • Faster and more reliable builds
  • Improved control over component use
  • Unprecedented visibility to security and license risks

“Helping development teams realize efficiencies, while mitigating licensing and security risks, is a key goal for VSIP Program partners like Sonatype,” said Mitra Azizirad, General Manager, Developer Platform & Sales at Microsoft Corp. “Providing developers the right component management tools, like the Nexus OSS, introduces beneficial agile improvements that persist throughout the development lifecycle.”

In addition to expanding NuGet support from the paid version of Nexus Professional to also include Nexus OSS, Sonatype is also the first to deliver critical security vulnerability and license risk data for NuGet packages to the .NET development community. Visibility to known risks will enable developers to make better, more informed decisions about the components they select when building applications. Through Nexus, Sonatype provides ongoing updates to organizations of potential risks entering their software development lifecycle.

Sonatype’s Nexus OSS software and more information about open source component managers can be found here:

  • Nexus OSS version 2.9 can be downloaded here.
  • Learn why leading development organizations are turning component managers.
  • To start proxying the NuGet gallery, developers can follow these how-to instructions.
  • Learn more about NuGet component management with Nexus OSS here.

About Sonatype:

Every day, developers rely on millions of third party and open source building blocks — known as components -- to build the software that runs our world. Sonatype ensures that only the best components are used throughout the software development lifecycle so that organizations don't have to make the tradeoff between going fast and being secure. Policy automation, ongoing monitoring and proactive alerts makes it easy to have full visibility and control of components throughout the software supply chain so that applications start secure and remain that way over time. Sonatype is privately held with investments from New Enterprise Associates (NEA), Accel Partners, Bay Partners, Hummer Winblad Venture Partners and Morgenthaler Ventures. Visit:

Tony Keller
The Walker Group