From the Wires
Sonatype Secures Access to the Central Repository for Component-Based Software Development
SSL Connectivity to the Central Repository Protects All Repository Manager Users; Sonatype to Donate Proceeds to Open Source Foundations
By: Marketwired .
Nov. 27, 2012 08:45 AM
SILVER SPRING, MD -- (Marketwire) -- 11/27/12 -- Sonatype, the leader in Component Lifecycle Management (CLM), today announced the availability of Secure Socket Layer (SSL) access to the Central Repository, the industry's primary source for open source software (OSS) components. SSL connectivity to the Central Repository is now a standard feature in Nexus Professional, Sonatype's market-leading repository manager. The company has also made SSL access available to users of the open source version of Nexus and any other repository manager that connects to the Central Repository for a nominal donation of $10. Sonatype will donate all proceeds to the Apache Foundation for the first six months, then to other member-supported governing bodies such as the Eclipse Foundation thereafter.
The Central Repository houses more than 400,000 components and serves nearly 8 billion requests per year for more than 70,000 organizations worldwide. As the stewards of the Central Repository, Sonatype is committed to ensuring the repository and its access points are well protected and never compromised. Industry standard SSL support provides a secure connection that protects component downloads from man-in-the-middle attacks that could expose organizational weaknesses or inject malware into software builds and ultimately, critical applications.
"OSS components are the building blocks of modern software applications and the vast majority of these are distributed from the Central Repository," said Jason van Zyl, Founder and CTO of Sonatype. "Sonatype CLM offerings ensure the integrity of the entire software supply chain, which gives our users confidence knowing that their components are secure, trusted and properly licensed. We view SSL connectivity to Central as a natural complement to the overall security profile of OSS components and we are happy to extend these features to all open source developers, not just Nexus Professional users."
Nearly 20,000 software development organizations rely on Nexus and Nexus Professional to reduce build times, improve collaboration and increase control of OSS components. The actionable security, licensing and popularity information introduced in version 2.0 of Nexus has now been extended with the addition of SSL connectivity to Central in version 2.2. Organizations that embrace component-based development continue to benefit from a secure, stable and scalable system to manage its software components, speed builds and simplify the distribution process.
For organizations that use repository managers Artifactory or Archiva, and others interested in additional information on SSL connectivity to the Central Repository, please visit: http://www.sonatype.com/Products/Secure-Access-to-Central
Apache, Apache Maven and Maven are trademarks of the Apache Software Foundation.
Latest Cloud Developer Stories
Subscribe to the World's Most Powerful Newsletters
Subscribe to Our Rss Feeds & Get Your SYS-CON News Live!
SYS-CON Featured Whitepapers
Most Read This Week