#ossindex — Public Fediverse posts
Live and recent posts from across the Fediverse tagged #ossindex, aggregated by home.social.
-
#Sonatype is at it again: after rendering their supposedly "OSS" Nexus repository server useless for anything but tiny installations, they now want to put the "OSS Index" behind a paywall.
If you run any kind of sensible CI/CD, you've probably come across this index before, as it helps you identify vulnerable software artifacts that are part of your #SDLC.Not sure yet how to replace it.
https://www.sonatype.com/products/sonatype-guide/oss-index-users