Repository Management with Nexus
5.4. Searching for Artifacts
In the left-hand navigation area, there is an Artifact Search text field next to a magnifying glass. To search for an artifact by groupId or artifactId, type in some text and click the magnifying glass. Typing in the search term "junit" and clicking the magnifying glass should yield a search result similar to Figure 5.13, “Results of an Artifact Search for "junit"”.
The groupId in the Group column and the artifactId in the Artifact column identify each row in the search results table. Each row represents an aggregration of all artifacts in this Group and Artifact coordinate.
The Version column displays the lastest version number available as well as a links to Show All Versions.
The Most Popluar Version column displays the version that has the most downloads by all users accessing the Central Repository. This data can help with the selection of an appropriate version to use for a particular artifact.
The Download column displays direct links to all the artifacts available for the latest version of this artifacts. A typical list of downloadable artifacts would include the Java archive (jar), the Maven pom.xml file (pom), a Javadoc archive (javadoc.jar) and a Sourcecode archive (sources.jar), but other download options are also added if more artifacts are available. Click on the link to download an artifact.
Each of the columns in the search results table can be used to sort the table in Ascending or Descending order. In addition you can choose to add and remove colums with the sort and column drop down options visible in Figure 5.14, “Sort and Column Options in the Search Results Table”.
The repository browser interface below the search results table will displays the artifact selected in the list in the repository structure with the same information panels available documented in Section 5.2, “Browsing Repositories”. An artifact could be present in more than one repository. If this is the case, click on the value next to "Viewing Repository" to switch between multiple matching repositories.
Let me guess? You installed Nexus, ran to the search box, typed in the name of a group or an artifact, pressed search, and saw absolutely nothing. No results. Nexus isn’t going to retrieve the remote repository indexes by default, you need to activate downloading of remote indexes for the three proxy repositories that Nexus ships with. Without these indexes, Nexus has nothing to search. Fifnd instructions for activating index downloads in Section 6.2, “Managing Repositories”.
Clicking on the (Show All Versions) link in the Version column visible in Figure 5.13, “Results of an Artifact Search for "junit"” will kick of an Advanced Search by the groupId and artifactId of the row and result in a view similar to Figure 5.15, “Advanced Search Results for a GAV Search Activated by the Show All Versions Link”.
The header for the Advanced Search contains a selector for the type of search and one or more text input fields to define a search and a button to run a new search with the specified parameters.
The search results table contains one row per Group (groupId), Artifact (artifactId) and Version(version).
In addition the Age column displays the age of the artifacts being available on the Central Repository. Since most artifacts are published to the Central Repository when released, this age gives you a good indication of the actual time since the release of the artifact.
The Popularity column shows a relative popularity as compared to the other results in the search table. This can give you a good idea on the take up of a new release. For example if a newer version has a high Age value, but a low Popularity compared to an older version, you might want to check the upstream project and see if there is any issues stopping other users from upgrading that might affect you as well. Another reason could be that the new version does not provide signifcant improvements to warrant an upgrade for most users.
The Security Issues column shows the number of known security issues for the specific artifact. The License Threat column shows a colored square with blue indicating no license threat and yellow, orange and red indicating increased license threats. More information about both indicators can be seen in the Insight panel below the list of artifacts for the specific artifact.
The Download column provides download links for all the available artifacts.
The following advanced searches are available:
- Keyword Search
- Identical to the Artifact Search in the left hand navigation, this search will look for the specified strings in the groupId and artifactId.
- Classname Search
- Rather than looking at the coordinates of an artifact in the repository, the Classname Search will look at the contents of the artifacts and look for Java classes with the specified name. For example try a search for a classname of "Pair" to see how many library authors saw a need to implement such a class, saving you from potentially implementing yet another version.
- GAV Search
- The GAV search allows a search using the Maven coordinatess of an artifact. These are Group (groupId), Artifact (artifactId), Version (version), Packaging (packaging) and Classifier (classifier). At a minimum you need to specify a Group, Artifact or Version in your search. An example search would be with an Artifact guice and a Classifier no_aop or a Group of org.glassfish.main.admingui and a Packaging war. The default packaging is jar, with other values as used in the Maven packaging like ear, war, maven-plugin, pom, ejb and many others being possible choices.
- Checksum Search
- Sometimes it is necessary to determine the version of a jar artifact in order to migrate to a qualified version. When attempting this and neither the filename nor the contents of the manfiest file in the jar contain any useful information about the exact version of the jar you can use Checksum Search to identify the artifact. Create a sha1 checksum, e.g. with the sha1sum command available on Linux, and use the created string in a Checksum search. This will return one result, which will provide you with the GAV coordinates to replace the jar file with a dependency declaration.
The Checksum Search can be a huge timesaver when migrating a legacy build system, where the used libraries are checked into the version control system as binary artifacts with no version information available.
OpenSearch a standard which facilitates searching directly from your browser’s search box. If you are using Internet Explorer 7+ or Firefox 2+ you can add any Nexus instance as an OpenSearch provider. Then you can just type in a search term into your browser’s search field and quickly search for Maven artifacts. To configure OpenSearch, load Nexus in a browser and then click on the drop-down next to the search tool that is embedded in your browser. Figure 5.16, “Configuring Nexus as an OpenSearch Provider” shows the Add Nexus option that is present in Firefox’s OpenSearch provider drop-down.
Once you have added Nexus to the list of OpenSearch providers, click on the drop-down next to the search term and select Nexus (localhost) from the list of OpenSearch providers. Type in a groupId, artifactId, or portion of a Maven identifier and press enter. Your opensearch-friendly web browser will then take you to the search results page of Nexus displaying all the artifacts that match your search term.
Once you have configured your browser to use Nexus as an OpenSearch provider, searching for a Maven artifact is as simple as typing in a groupId or artifactId, selecting Nexus from the drop-down shown in Figure 5.18, “Nexus Available as an Option in the Firefox OpenSearch Provider List”, and performing a search.