If your repository contained a jar file with a known vulnerability, how would you know? What would it mean to have that sort of visibility into your repository health? This is probably not something you consider often, since one of the benefits of having a repository manager is enforcing component standards. But as you know, organizations still struggle to ensure that developers and build systems only acquire components from the repository manager. Which is why having the ability to run a Repository Health Check is an added benefit every repository manager should be aware of.
In this week's Nexus Office Hours, we'll spend some time showing you how quick and easy it is to identify specific components with security vulnerabilities and unacceptable licenses. You can see a summary view of the artifacts analyzed in the selected repository, and the number of security and license alerts detected.
This includes:
-
A breakdown of the vulnerabilities based on severity and threat level
-
The number of licenses detected in each category, and what licenses could be causing conflicts
Spend this hour with our Nexus experts, and let them show you how to start using the Repository Health Check to see a complete breakdown of vulnerabilities and threats that span your entire development life cycle. See you there.
Do you have Nexus expertise to share? Join this month's Nexus Ninja panel. Leave us a comment on the event page, and we'll invite you to join the video conference. Space is limited, so be sure to sign up early.
Tags
Try Nexus Repository Free Today
Sonatype Nexus Repository is the world’s most trusted artifact repository manager. Experience the difference and download Community Edition for free.