Sonatype Delivers Premium Open Source Controls to GitHub Users


Sonatype, the company that scales DevOps through open source governance and software supply chain automation, today announced new integrations that strengthen GitHub with premium open source governance and dependency management controls.

Nexus Lifecycle customers can now automatically enforce their policies and view expert remediation guidance directly in GitHub Actions. Sonatypes unparalleled open source data enables developers to know with extreme confidence, if a component is vulnerable without leaving their environment. Nexus now supports 42 programming languages and package formats.