Level: Introductory to Intermediate
Open source can be a blessing and a curse. We probably all remember incidents like the "heart bleed" vulnerability in a popular open source implementation of SSL. So, if open source becomes more and more prevalent, how can we cope with the challenges that lay at hand? You will be challenged with all sorts of questions in the enterprise like:
- What are the license implications when I take a dependency on a library with a viral type of license?
- What version of open source libraries are we using and are they the choice of the generic public or did we select one we now need to maintain ourselves?
- Are there known vulnerabilities in the libraries we use, and if so, are we affected by that?
This session will take a practical approach and show you how an artefact repository system can help you to answer a lot of these tough questions. You'll learn how to integrate a very popular artefact repository system called Nexus into your continuous deployment strategy and ensure a frictionless experience for your developers by enabling NuGet as their entry point.
You will learn:
- Primary distinctions in Open Source License Types
- What the reason for an artifact repository is in a continuous delivery strategy
- How this enables you to answer questions about your exposure to open source, its license type and known vulnerabilities