Sonatype Introduces Next Generation Dependency Management for Software Developers

0 Comments

Advanced Development Pack harnesses first-of-its-kind intelligence to help teams improve code quality, minimize breaking changes, and integrate next-gen security

Making Developer’s Lives Easier as We Enter The New Frontier of Dependency Management
Making Developer’s Lives Easier as We Enter The New Frontier of Dependency Management
Making Developer’s Lives Easier as We Enter The New Frontier of Dependency Management

Fulton, Md., Oct. 07, 2020 (GLOBE NEWSWIRE) — Sonatype, the company that scales DevOps through open source governance and software supply chain automation, today unveils its breakthrough Advanced Development Pack that fundamentally changes how teams manage code dependencies. Designed after studying development and cybersecurity hygiene practices across 30,000 software teams, this new offering available to Nexus Lifecycle customers, ensures developers select the highest quality OSS components that are used to build 90% of a modern application.

The Advanced Development Pack’s pioneering dependency management enables developers to choose components based on project quality, ease-of-upgrade, and advanced knowledge of abnormal committer behavior, giving them confidence they’ve chosen the highest quality component available. It helps developers understand:

  • the cost of migrating to a newer or safer version and whether it is possible to do so without breaking their code

  • the performance of OSS projects they are choosing when it comes to release frequency, cadence of dependency updates, development team size, and popularity – helping guide choices to a higher quality pool of components

  • the frequency in which dependencies have become vulnerable and are remediated – helping them better grasp the cost and threat of relying on such packages

  • when suspicious behavior has been observed in project code commits – providing an early warning to malicious injection attacks from adversaries

With more than 67% of developers regularly impacted when dependency upgrades break the functionality of their application, Sonatype’s Advanced Development Pack removes the guesswork, and tells developers exactly which dependencies provide the least costly upgrade path in terms of