What's New

Introducing Sonatype DepShield: Free for GitHub Developers

August 14, 2018

We just launched Sonatype DepShield, a free GitHub app that automatically identifies vulnerabilities within open source dependencies.

It's time to upgrade Nexus Repository 2 to Java 8

August 2, 2018

Are you running an instance of Nexus Repository Manager 2.x on Java 7? If so, it’s time to upgrade your JVM to Java 8.

3 steps to deal with the aftermath of the highjacked eslint-scope package

July 13, 2018

Yesterday at noon BST a new github issue was opened in the popular eslint repository on github. Someone had highjacked this package and published a version that attempts to download malicious javascript code from pastebin and then collects and sends out the user's npmrc token (a token used to authenticate with a remote repository) to the perpetrator.

From the Community

${ topic.title }

${ topic.category.name }

${ getActivityString(topic.last_posted_at, topic.last_poster_username, topic.posters.length) }