When Maven Repository Managers (MRM) first appeared on developers’ radar, everyone using them immediately saw the benefits. Right off the bat, MRMs replaced cobbled together solutions like shared drives or local Maven repositories copied and exposed via http.
Since its release four years ago, Sonatype Nexus has grown to support many repository formats. And most users of build tools including Gradle, Leiningen, SBT and Ant/Ivy have started to realize the numerous benefits of using a repository manager.
Using an MRM has become accepted best practice for Maven users.
The benefits of proxying external repositories and deploying third party artifacts are only the beginning. Things really take off when you start deploying your internal components to Nexus, making them immediately available to everyone.
Nexus: More Than Basic Repository Management
Nexus is evolving to help you manage the security and licensing aspects of your components. In order to show you how, we have made this a focus of the latest release of the book Repository Management with Nexus.
The book now shows you how to access Insight information for a particular artifact. There are concrete examples on how to inspect and fix security issues, thanks to the information available in your Nexus search results and the linked information on the public security databases.
Note: When you read this, don’t forget to configure your Routing correctly to ensure that aspect of your Component Lifecycle Management (CLM) efforts is covered and no information about internal artifacts leaks to the public.
Part of your effort to get control over your component usage is to secure your sources. Part of that effort is to start using the Central Repository via secured access.
If you are using Nexus Professional this is as easy as upgrading to 2.2 and changing the Remote Storage Location URL. It is also available now for Nexus OSS by getting a $10 token here and making the same changes. Other repository managers will be supported soon.
Nexus 2.2 Now Included in Nexus Book
We have also made improvements and general updates to cover the latest Nexus 2.2 release. Among the topics changed are settings.xml setup explanations, documentation for capabilities, updates to the plugin creation chapter and many more.
Still, with all these improvements we realize that nothing is perfect and you might have questions or ideas for enhancing the book. If that’s the case, we encourage you to file issues with your wishes or attend one of our Nexus training classes. Also, don’t forget that the book is open source and we do take fixes as pull requests.
Component Lifecycle Management is Key
These improvements to Nexus are part of a larger Component Lifecycle Management solution that is provided by Sonatype. CLM helps you ensure the integrity of component-based software by analyzing usage and providing governance and policy enforcement during development.
As demonstrated by these Nexus improvements, CLM is integrated directly into your development infrastructure – including IDE, CI and repository manager tool of choice.