Sonatype, a software company that enables developers to easily build software applications while significantly reducing security, compliance, and licensing risks, today announced free NuGet package support through its open source component manager – Nexus OSS. As developers are consuming an ever-increasing number of open source components — now approaching 250 million downloads annually – the .NET community is seeking to improve build performance and stability through the use of component managers. This trend mirrors the evolution in the Java development environments where there are 13 billion open source component download requests managed annually. More than 40,000 organizations and teams seeking to improve their open source development performance and security have turned to Sonatype’s Nexus component managers — all of which can now leverage available NuGet support.
Development organizations using Nexus component managers benefit from:
- Faster and more reliable builds
- Improved control over component use
- Unprecedented visibility to security and license risks
“Helping development teams realize efficiencies, while mitigating licensing and security risks, is a key goal for VSIP Program partners like Sonatype,” said Mitra Azizirad, General Manager, Developer Platform & Sales at Microsoft Corp. “Providing developers the right component management tools, like the Nexus OSS, introduces beneficial agile improvements that persist throughout the development lifecycle.”
In addition to expanding NuGet support from the paid version of Nexus Professional to also include Nexus OSS, Sonatype is also the first to deliver critical security vulnerability and license risk data for NuGet packages to the .NET development community. Visibility to known risks will enable developers to make better, more informed decisions about the components they select when building applications. Through Nexus, Sonatype provides ongoing updates to organizations of potential risks entering their software development lifecycle.
Sonatype’s Nexus OSS software and more information about open source component managers can be found here: