There are more than 700+ programming languages to choose from and different languages gain popularity and momentum at any time. In fact, since 2012 there has been a new “favorite” programming language each year. This highlights the dynamic nature of the development landscape and the necessity for the community to continuously adapt with it.
With that, I’m excited to announce that Sonatype has expanded our ecosystem coverage to include C/C++ Conan, PHP Composer, and RubyGems directly in Nexus Lifecycle. These additions open the door for new actions to be taken against these languages, including setting and enforcing policy, scanning for vulnerabilities, remediation, and reporting.
As you may remember, in 2017, we released Nexus Lifecycle XC, which expanded our coverage to a larger ecosystem of languages including Ruby, PHP, Swift, Cocoapods, and others. Since then, we’ve been working to bring these languages directly into Nexus Lifecycle, continuing our pursuit of powering Nexus Lifecycle with precisely accurate, comprehensive open source vulnerability and component intelligence.
What’s more important than having data? Being able to do something with it. Users can now perform policy evaluations for C/C++, PHP, and Ruby in Nexus Lifecycle, something that is not available in XC. Another bonus is the ability to remediate and report on these languages.
Developers require broad, accurate, and trustworthy component intelligence for proper application security hygiene. Bringing C/C++, Ruby, and PHP into Nexus Lifecycle means we’ve introduced a new data source in Nexus Lifecycle, ultimately increasing our breadth of coverage and providing more thorough and comprehensive intelligence. Know you are selecting the best and safest components based on real-time intelligence.
At Sonatype, we’re committed to providing a market-leading intelligence engine for open source governance. This is just one more step we’ve taken in actualizing this goal. What do we have in store for the future? Stay tuned on our plans to roll-out more ecosystems by visiting my.sonatype.com