Repository Management with Nexus


Chapter 12. Repository Health Check

Repository Health Check is a feature of Nexus that integrates data from Nexus Lifecycle and the related Hosted Data Services (HDS) run by Sonatype. Nexus Lifecycle is a suite of separate products that consists of tools to monitor and manage license, quality, and security data about components used in your software development life cycle.

Repository health check provides access to a limited subset of the available data in Nexus Lifecycle and HDS right in your Nexus server. HDS exposes data about the components in the Central Repository and other public repositories, including license information, security vulnerability data, and other statistics like relative usage popularity and age. Repository health check allows you to examine the available security and license data about components in a repository.

Repository health check analyzes all components found in a proxy repository of any format. Maven 2 format repositories need to have a release policy configured. Availability of component meta data varies depending on the format and is constantly improved via updates to the Sonatype Data Services.

NuGet proxy repositories support Repository Health Check and identification of components is performed. Some license or security data is provided as well. Support for NPM repositories has similar restrictions.