<iframe src="//www.googletagmanager.com/ns.html?id=GTM-TT8R4P" height="0" width="0" style="display:none;visibility:hidden">

Sonatype Blog

Stay updated on the latest news from the makers of Nexus

Tim OBrien

Recent Posts by Tim OBrien:

Does Nexus Pro support your Gradle builds? Yes it does.

In support of this week's release of Gradle 1.0, here's an evaluation guide for Nexus Professional using two, very simple Gradle projects. If you are evaluating Nexus Professional, or if you are just looking for some sample projects that configure a Gradle build to use a repository take a look at this guide. Take a look at this evaluation guide and download the associated sample projects. These two projects have build.gradle files that demonstrate the simplest case of configuring a Gradle build to:

Reinventing Wheels and Opportunity Cost (or Why you Need to use Nexus)

I hear two sentences.. often. It's either:

  • "We're not big enough for a repository manager."
  • Or, the increasingly popular, "We built our own repository manager. It's just a caching HTTP Proxy."

I can understand the first statement. People usually think "they are not big enough" for a repository manager when they haven't understood that running a repository manager yields benefits regardless of scale.

It's the second statement that I find problematic. (First, it's *way* more than a caching HTTP proxy... Just saying that demonstrates that this person never bothered to try one out.) If someone has implemented a custom repository manager it suggests a certain amount of self-assuredness that is going to complicate things going forward. It suggests that whoever I'm talking to hasn't yet understood the value of focus and making pragmatic decisions about technology.

The Time to Pay Attention to Application Security is Now

When we announced Insight for CI a few weeks ago, our message was simple "Get Proactive about Security with Insight". A few months ago, when we introduced the Repository Health Check in Nexus Professional, we had a similar message about licensing, "Lead or Be Led to OSS Compliance". For months we've been making the case that the time to worry about application security is now.

Nexus Professional 2.0.5 Released: It's Easier to Evaluate Awesomeness

Nexus Pro has enhanced search capabilities that make it easy to identify which components are popular versus which components you might want to avoid.

Nexus Victorious in an Objective Comparison of Repository Managers

We were happily surprised by this blog post from Rob Knight "Comparison of Maven Artifact Repositories"*. Here's his intro:

The Quickest Way to Evaluate Nexus OSS

I'm busy assembling an evaluation guide for the upcoming release of Nexus Professional, and while I was working on material for Pro it occurred to me that we could do a better job supporting new users of Nexus OSS. Here is a Nexus OSS evaluation guide that focuses on the initial steps with Nexus. If you download Nexus from http://nexus.sonatype.org this is the faster way to get up and running - you'll be proxying and publishing artifacts in a few minutes.

Get proactive about Security with Insight

There's a shift in the way organizations are thinking about security, and This article in Infoworld "IBM: Security execs move more toward active risk management" is exactly what we've been talking about. Here's the quote that stood out: