Nexus Open Source or Professional: Which One is Right for You?


January 19, 2010 By Tim O'Brien

We’re frequently getting questions from users about the differences between Nexus Open Source and Nexus Professional, and the standard response we give is:

“If you work for an organization that needs support or which needs staging and procurement, you’ll want to use Nexus Professional. If you are new to repository management, and you just want to evaluate the technology, download Nexus Open Source. If you find that you need support or enterprise features, it is easy enough to upgrade from OSS to Pro.”

I wanted to take this post as an opportunity to expand on that general answer and provide more specific use cases that would affect this decision

Use Nexus Open Source…

…if you are new to Repository Management.
If you are new to repository management, the easiest way to introduce yourself to the benefits is to download Nexus Open Source, and experiment with Hosted and Proxy repositories. You should get a sense of how Maven Settings are configured to retrieve artifacts from a single Repository Group, and you should download a copy of the free Nexus book – Repository Management with Nexus. Once you’ve familiarized yourself with Nexus Open Source, you can easily upgrade to Nexus Professional by downloading and installing Nexus Professional. Nexus stores all of your repository data and configuration in a directory named sonatype-work which is separate from the Nexus application directory.

…if you are looking for more stability and control.
If you depend directly on public repositories such as the Central Maven repository or the various repositories maintained by organizations like Codehaus or the Apache Software Foundation, you rely on these servers to be available to your developers 100% of the time. If a public repository goes down for maintenance, so does your development process. With a local proxy of Maven artifacts, you buy yourself a stable, isolated build. Even if a public repositories becomes unavailable, you will still be able to build your software against artifacts cached in your own Nexus installation.

…if you need to manage internal software distribution.
If your organization needs to support collaboration between internal teams, you can use Nexus to support the distribution of internal software. With Nexus, sharing components between internal groups is as easy as adding a dependency from Maven Central. Just publish a JAR to Nexus, configure the appropriate repositories groups and inform others in our organization of the Maven coordinates. Using a repository management doesn’t just make it easier to proxy external software artifacts, it makes it easier to share internal artifacts.

…if you need an intelligent local proxy.
Many developers run Nexus on a local workstation as a way to gain more control over the repositories used by Nexus. This is also a great way to start evaluating Nexus. Download and install Nexus on your local workstation and point your Maven settings at http://localhost:8081/nexus. When you need to add a new repository, all you need to do is change the configuration of your local Nexus installation.

Use Nexus Professional…

…if you are looking for Professional Support.
When you purchase Nexus Professional, you are purchasing one year of support from the team that created the industry-standard in repository management. With Nexus Professional, you not only get a capable repository manager, you get the peace of mind that help is just a phone call away. Sonatype also offers an array of implementation and migration services for organizations looking for an extra level of assistance.

…if you need a repository manager that can support release and quality assurance decisions.
Nexus Professional’s Staging Suite can track the status of a software release and make sure that different decision makers are notified and supported during a software release. If you are looking for a repository manager that can automate and support software releases, download Nexus Professional and start learning about Staged repositories and Staging Rulesets. When you start using Nexus Professional, your operations, quality assurance, and development teams can use the repository manager as a central point of collaboration.

…if you need more control over external artifacts.
If you need more control over which external artifacts can be referenced and used in internal projects, you will need to use the Nexus Procurement Suite which is a part of Nexus Professional. While repositories like Maven Central are a great convenience, allowing your developers carte blanche access to any external library is often unacceptable in today’s legal and regulatory environment. Nexus Professional’s Procurement Suite allows you to enforce standards for external libraries. If you want to ensure that every dependency is evalautated for security or license compliance, download Nexus Professional.

…if you develop software for an Open Source project.
Are you developing an open source project? If so, most open source projects qualify for a free Nexus Professional license. Open source projects can qualify for a free Professional license, or they can take advantage of free Nexus Professional hosting on http://oss.sonatype.org. Sonatype is very committed to supporting the development of quality open source and this is our way of giving back to the community.

…if you are developing and deploying to OSGi platforms.
If you are developing OSGi components using OBR repositories, or if you are developing OSGi components using the P2 repository format, you will need to use the OSGi support available in the Nexus Professional distribution. Nexus Professional supports a wider array of repository formats than Nexus Open Source. As the industry moves toward OSGi as a standard, you should be using a product which supports these emerging standards as well as the existing repository formats used by millions of developers.

…if you need to integrate with Enterprise Security.
If you need to integrate Nexus with an Atlassian Crowd server or an enterprise LDAP server, download Nexus Professional. While Nexus Open Source provides extension points for writing custom security realms, Nexus Professional provides documented integration with popular LDAP servers such as OpenLDAP, Microsoft’s Active Directory Server, and any other directory product which implements the LDAP standard.

Comparing Nexus Open Source and Nexus Professional Features

The following table summarizes the differences between Nexus Open Source and Nexus Professional:

Sonatype Nexus Feature Matrix