Case Study: The EDF Group achieves rapid open-source visibility and license/security compliance with Sonatype Nexus Lifecycle

Helping Consumers Manage Energy Resources and Consumption

Electricité de France (EDF), a global electricity generator serving hundreds of millions of customers, needed to scale its DevOps efforts for the CAP 2030 initiative but faced a major challenge: no scalable way to track open‑source component usage, licenses and security across dozens of applications. Manual reporting to the security team created approval bottlenecks, limited visibility into libraries (including transitive dependencies), and slowed releases.

EDF integrated Sonatype Nexus Lifecycle into its toolchain (Eclipse, SonarQube, Jenkins, Ansible, OpenShift and Nexus Repository) to automate component analysis and enforce policies early in the build pipeline. The result: developers and security now have immediate, accurate visibility into library risks, teams can rapidly choose safe component versions, release bottlenecks were reduced, and Nexus adoption is expanding beyond initial DevOps projects.

The EDF Group

Olivier Router

Head of CI DevOps Engineering Team