Share your experience using Archiva

The easiest route - we'll conduct a 15 minute phone interview and write up the review for you.

Use our online form to submit your review. It's quick and you can post anonymously.

Your review helps others learn about this solution
The PeerSpot community is built upon trust and sharing with peers.
It's good for your career
In today's digital world, your review shows you have valuable expertise.
You can influence the market
Vendors read their reviews and make improvements based on your feedback.
Examples of the 83,000+ reviews on PeerSpot:

CuneytGurses - PeerSpot reviewer
DevOps Engineer at Sonne Technology, Inc.
Real User
Top 10Leaderboard
A stable solution that provides a central platform for storing build artifacts, saving us significant maintenance and hardware costs.
Pros and Cons
  • "Primarily, the extensive support for a wide range of packages is a crucial factor. The effectiveness of new-age package managers is often determined by the breadth of packages they can handle. In this regard, Nexus Repository Manager 3 stands out for its comprehensive coverage, accommodating a vast array of packages widely utilized across the globe. This inclusivity enables easy access to a diverse range of packages, making it a pivotal aspect of its functionality."
  • "Particularly concerning OSF-type licenses, while they support a multitude of features, there's room for improvement in the single point transform, especially for grouping. It appears that currently, the grouping functionality is not robust, particularly for Docker images within a group. The support for this aspect seems to be contingent on the license type. For instance, with the Voss license type, there is a noticeable absence of support for this feature. This is an area that could benefit from enhancement in the upcoming updates."

What is our primary use case?

Our primary tool is Sonatype Nexus Repository Manager. We use it for NPM, Maven, and Docker repositories. Additionally, we utilize Nexus Firewall for repository governance. Looking ahead, I'm considering implementing Nexus Repository Manager 3 as an alternative. This would help us manage packages from Nexus IQ Server and support various package formats such as NPM, Maven, and Docker.

We rely on Sonatype Nexus Repository Manager as our main tool, employing it for NPM, Maven, and Docker repositories. In addition, Nexus Firewall plays a crucial role in our repository governance. As we plan for the future, I'm exploring the option of incorporating Nexus Repository Manager 3. This move would enhance our ability to manage packages from Nexus IQ Server and cater to different package formats like NPM, Maven, and Docker.

What is most valuable?

Primarily, the extensive support for a wide range of packages is a crucial factor. The effectiveness of new-age package managers is often determined by the breadth of packages they can handle. In this regard, Nexus Repository Manager 3 stands out for its comprehensive coverage, accommodating a vast array of packages widely utilized across the globe. This inclusivity enables easy access to a diverse range of packages, making it a pivotal aspect of its functionality.     

What needs improvement?

Particularly concerning OSF-type licenses, while they support a multitude of features, there's room for improvement in the single point transform, especially for grouping. It appears that currently, the grouping functionality is not robust, particularly for Docker images within a group. The support for this aspect seems to be contingent on the license type. For instance, with the Voss license type, there is a noticeable absence of support for this feature. This is an area that could benefit from enhancement in the upcoming updates.

For how long have I used the solution?

I have been using Sonatype Nexus Repository for five months.

What do I think about the stability of the solution?

I am, personally, quite satisfied with the stability and would rate it 8 out of 10. 

What do I think about the scalability of the solution?

I would rate the scalability of this solution a four out of ten. The reason being, it's not very scalable, and significant efforts are required to enhance scalability. There are noticeable limitations that need to be addressed for smoother scalability.Currently, there are approximately forty-eight users working with Nexus Repository in our company. As for future plans, I don't foresee a significant increase in the usage of Nexus Repository.

How are customer service and support?

While it's true that there is no explicit support for various license types, the summer type seems to be highly favored and encouraged among users. It holds a prominent position, perhaps earning a rating of seven for its effectiveness and user adoption.

How was the initial setup?

It is easy and I would rate it 8 out of 10.The entire deployment process, including installation, manual testing, and all implementation phases, typically takes around one week but only one person is usually sufficient to handle the entire deployment efficiently.

What other advice do I have?

I can confidently recommend this solution. The main reason is its stability. In comparison to other competitors, especially when I consider alternatives like Project X, Nexus stands out as a stable and reliable choice. This reliability is a key factor that makes me feel comfortable recommending it to other users. Based on its performance, I would rate it 8 out of 10. 

Disclosure: I am a real user, and this review is based on my own experience and opinions.
Flag as inappropriate
Co-Founder at Arpa
Real User
Top 20Leaderboard
Easy-to-scale product with a valuable scanning feature
Pros and Cons
  • "Sonatype Nexus Repository has a valuable internal scanner feature."
  • "They should provide automation for adding container images and artifacts in compliance with security requirements."

What is our primary use case?

We use Sonatype Nexus Repository as a proxy for external packages for internet users. It also helps us manage internal packages and works as a repository for container images.

How has it helped my organization?

The product helped our organization improve runtime efficiency. We do not have to connect third-party vendors while building external packages or storing container-approved images. It allows end-to-end life cycle accessibility.

What is most valuable?

Sonatype Nexus Repository has a valuable internal scanner feature. It automatically scans external artifacts, such as Fortify SAST, before storing them in the repository.

What needs improvement?

There could be more add-on features for the product. They should provide automation for adding container images and artifacts in compliance with security requirements.

For how long have I used the solution?

We have been using Sonatype Nexus Repository for one year.

What do I think about the stability of the solution?

I rate the product's stability a seven out of ten. Sometimes, there are challenges in mitigating intermittent incidents. There might be factors such as network issues impacting communication.

What do I think about the scalability of the solution?

We have 20,000 to 40,000 end users for the product. It is easy to scale. I rate its scalability an eight out of ten. We use it 24/7.

How are customer service and support?

The technical support team takes time to respond and depends on the nature of the request. We have to keep contacting them. However, the process to create tickets is simple.

How would you rate customer service and support?

Neutral

Which solution did I use previously and why did I switch?

I have worked on POCs for different products.

How was the initial setup?

The initial setup is simple if you have access to container images. It is a seamless process for upgrading as well. Everything is well documented on the vendor’s official site. They form regular maintenance to comply with organizational requirements. They have a good maintenance process for updating and addressing issues. We have a team of 100 executives working on the current project to maintain components.

What's my experience with pricing, setup cost, and licensing?

I use the open-source version of the product, which is free of cost.

What other advice do I have?

I rate Sonatype Nexus Repository an eight out of ten. I advise others to update the business continuity plan for components regularly, i.e., semi-annually or quarterly. Use container images for the next migration or maintenance update. They should secure the user interface. Additionally, they should ensure a good storage process and plan a retention policy for all attacks.

Which deployment model are you using for this solution?

On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Flag as inappropriate