Nexus Repository Rising: Say Hello to the New Pro
Sonatype is expanding component support in Nexus Repository OSS. Nexus Repository now offers free support for seven components types.
Join the DZone community and get the full member experience.Join For Free
free birds, free coffee, and free willy
sonatype is expanding component support in nexus repository oss to include pypi and rubygems packages. nexus repository now offers free support for seven components types.
book smart, street smart
four years ago, we introduced software composition analysis within our repository. why? developers using components to build software want to know if those parts are good or bad. licenses, security vulnerabilities, versions, age, and adoption rates are all attributes of good and bad. while a basic version of component analysis is available in nexus repository oss, more advanced capabilities of repository health check (rhc) are available in nexus repository pro.
development teams don’t want to build software using bad parts. every day, sonatype analyzes millions of components across 70,000 repositories for organizations wanting to discriminate between good parts and bad parts. to achieve this, sonatype combined machine learning algorithms (book smart) with a team of world-class experts who perform non-stop research to precisely distinguish good components from bad (street smart). as you can see, from rhc’s origins in 2012, we’ve all come a long way to help development teams get smarter about the parts they are using.
nexus repository pro: application analysis
repository health check helps development teams understand if defective, known vulnerable, or poor quality components live in their nexus repositories. what rhc does not tell you is if those components have been used in an application. with the upcoming release of nexus repository 3.1, we have now integrated the ability to perform a detailed analysis of the components and applications within the repository. application health check (ahc) will enable nexus repository users to quickly evaluate components used in the applications. ahc will provide details on known security vulnerabilities, open source license types, component age, download popularity, safer alternative versions available to developers, and more.
this fall, we are introducing active-active high availability in nexus repository pro. when development efforts are non-stop, nexus repository must be non-stop. high availability is built-in to nexus repository pro and it is simple to configure, manage and maintain.
Published at DZone with permission of Derek Weeks, DZone MVB. See the original article here.
Opinions expressed by DZone contributors are their own.