Repository Management with Nexus


Chapter 12. Repository Health Check

Repository Health Check is a feature of Nexus that integrates data from Sonatype CLM and the related Hosted Data Services (HDS) run by Sonatype. Sonatype CLM is a suite of separate products that consists of tools to monitor and manage license, quality, and security data about artifacts used in your software development life cycle for your Component Lifecycle Management (CLM) efforts.

Repository health check provides access to a limited subset of the available data in Sonatype CLM and HDS right in your Nexus server. HDS exposes data about the artifacts in the Central Repository and other public repositories, including license information, security vulnerability data, and other statistics like relative usage popularity and age. Repository health check allows you to examine the available security and license data about components in a repository.

Repository health check analyzes all artifacts found in a proxy repository of any format. Maven 2 format repositories need to have a release policy configured.


At this time, while NuGet proxy repositories do support Repository Health Check, only identification of components is performed. No license or security data is provided at this time.