Our current development env is Maven + Nexus (Open Source) + MyEclipse. Now due to some re-org new support group does not want us to use Maven.
Their main argument is that maven goes to the web and downloads artifacts without control. Which is a security problem.
Our maven setup always goes to local nexus. Nexus looks for artifacts on remote repositories. Does anybody know anyway where we can restrict what nexus is allowed to download? Ideally we would like to get it authorized before artifact is downloaded.
Any thoughts, ideas ?
Their main argument is that maven goes to the web and downloads artifacts without control. Which is a security problem.
Our maven setup always goes to local nexus. Nexus looks for artifacts on remote repositories. Does anybody know anyway where we can restrict what nexus is allowed to download? Ideally we would like to get it authorized before artifact is downloaded.
Any thoughts, ideas ?