Repository Management with Nexus
As discussed in Chapter 2, Component Lifecycle and Repository Management, Component Lifecycle Management (CLM) and Repository Management are closely related activities. The Sonatype CLM suite of tools provides a server application for administrating your component usage policies and other features that integrate with other tools of the suite. It has access to extensive security vulnerability and license information data from the Sonatype CLM backend, that can be used as input for your policies. For example you could establish a policy is logged as violated if any components in your software has a known security vulnerability or uses a license that is incompatible with your business model.
Nexus is an important component that can take advantage of the CLM server. This chapter goes into the details of configuring and using the integration of the CLM server and Nexus.