Today Sonatype is announcing our official Sonatype Go proxy - GoNexus.dev
The Sonatype product team attended GopherCon 2019 and it was clear to us that the excitement around the Go programming language is palpable. It was also clear that the ecosystem has reached that point in its maturity where developers want more reliable builds and therefore need Go packages to be immutable, predictable and always available.
Successfully running the Central Repository for Java (Maven Central) since 2002, our team at Sonatype understands this problem better than any other company. This year more than 3.7M unique Java open source software components were released into the Central Repository. We’re now turning our attention to Go. So far this year we’ve contributed Nancy, Goalie, Nexus Repository OSS, and DepShield to the Go community. The open source Nexus CLI is currently being developed in the Nexus community on GitHub, too. GopherCon made us want to do more. GoNexus is the next step to help developers run reliable and reproducible builds.
If you are interested in immutable, re-usable Go modules and using a proxy run by the leading organisation in this space, then I encourage you to set your GOPROXY environment variable to https://gonexus.dev (“export GOPROXY=https://gonexus.dev”)
Nexus Repository Manager
The Go community announced a great proxy tool called Project Athens, which is currently in beta, and has been instrumental in helping developers transition to Go Mod. Sonatype has a similar product, Nexus Repository Manager, which is the most used universal repository manager and includes support for Go. I encourage you to download Nexus Repository Manager OSS for free and make use of GoNexus by creating a proxy repository with remote URL https://gonexus.dev.
Why Use Nexus Repository Manager?
- Implements the module API
- It’s open source!
- Reduces network traffic as packages are cached locally
- Easier to find packages because of the extensive search capabilities
- Hosted repositories allow you to share internal packages with other developers and teams
- Packages are always available even when your connection is offline
Nexus Repository Manager Pro
Sonatype also provides an enterprise ready edition; Nexus Repository Manager PRO that includes:
- Staging functionality - allows you to define a workflow for your builds to control what does and does not make it to production.
- Dynamic storage and high availability
- World-class professional support
If you are worried about vulnerable components entering your pipeline / binary repository then Nexus Firewall is your solution:
- Enable a continuous audit, or take unwanted components out of distribution with quarantine
- Automatically stop risky components from entering your application
- Receive notifications when unwanted components are quarantined
- Block packages that do not meet your licensing requirements