Need advice about which tool to choose?Ask the StackShare community!

GitHub

284.4K
248.4K
+ 1
10.3K
Sonatype Nexus

532
366
+ 1
0
Add tool

GitHub vs Sonatype Nexus: What are the differences?

GitHub and Sonatype Nexus are two commonly used tools in the field of software development and version control. While GitHub is primarily focused on hosting and sharing code repositories, Sonatype Nexus serves as a repository manager for storing and distributing various types of dependencies. Here are the key differences between these two platforms.

  1. Hosting Code Repositories: One of the key differences between GitHub and Sonatype Nexus is their primary purpose. GitHub is primarily designed as a code hosting platform, allowing developers to store, share, and collaborate on software projects using Git version control. On the other hand, Sonatype Nexus is a repository manager that focuses on managing and distributing reusable software components and dependencies.

  2. Support for Different Package Types: While GitHub focuses on hosting code repositories, it primarily supports source code and related files. In contrast, Sonatype Nexus has the capability to host and manage different types of packages or artifacts, including binaries, Docker images, and build artifacts in addition to code repositories. This makes Nexus a more versatile tool for managing a wide range of dependencies in a software development lifecycle.

  3. Access Control and Permissions: GitHub provides robust access control features to enable granular permissions and collaboration within a repository. It supports role-based access control, allowing administrators to define fine-grained access rights for different users or teams. Sonatype Nexus, on the other hand, provides more sophisticated access control mechanisms, allowing administrators to set up a hierarchy of repositories with different access privileges and roles for users. This makes Nexus more suitable for enterprise-level software development teams with complex access control requirements.

  4. Dependency Management: Sonatype Nexus has built-in dependency management capabilities, allowing developers to manage and track dependencies between components. It provides a comprehensive view of dependencies, including transitive dependencies, and offers tools for identifying and resolving conflicts or vulnerabilities in the dependencies. GitHub does not have built-in dependency management features, although it can integrate with external dependency management tools like Maven or Gradle.

  5. Public vs. Private Repositories: GitHub offers both public and private repositories. Public repositories allow anyone to view and clone the code, while private repositories require permission to access. Sonatype Nexus, however, is designed for private repositories. It allows organizations to store and distribute their dependencies securely within their own infrastructure, ensuring greater control and confidentiality.

  6. Integration with Continuous Integration/Delivery: Both GitHub and Sonatype Nexus can integrate with popular continuous integration and delivery (CI/CD) tools to enable automation in the software development process. However, the level of integration and support may vary between the two platforms. GitHub has native integration with tools like GitHub Actions, making it easy to set up and automate workflows. Sonatype Nexus also supports CI/CD integration but may require additional configuration and setup to integrate with specific tools.

In summary, GitHub is primarily a code hosting platform, focused on hosting code repositories and facilitating collaboration, while Sonatype Nexus serves as a repository manager for managing and distributing various types of dependencies. Nexus is more versatile in terms of supporting different package types, providing more sophisticated access control mechanisms, and offering built-in dependency management capabilities. On the other hand, GitHub provides a user-friendly interface, supports public and private repositories, and has seamless integration with CI/CD tools.

Decisions about GitHub and Sonatype Nexus
Weverton Timoteo

Do you review your Pull/Merge Request before assigning Reviewers?

If you work in a team opening a Pull Request (or Merge Request) looks appropriate. However, have you ever thought about opening a Pull/Merge Request when working by yourself? Here's a checklist of things you can review in your own:

  • Pick the correct target branch
  • Make Drafts explicit
  • Name things properly
  • Ask help for tools
  • Remove the noise
  • Fetch necessary data
  • Understand Mergeability
  • Pass the message
  • Add screenshots
  • Be found in the future
  • Comment inline in your changes

Read the blog post for more detailed explanation for each item :D

What else do you review before asking for code review?

See more
Weverton Timoteo

Using an inclusive language is crucial for fostering a diverse culture. Git has changed the naming conventions to be more language-inclusive, and so you should change. Our development tools, like GitHub and GitLab, already supports the change.

SourceLevel deals very nicely with repositories that changed the master branch to a more appropriate word. Besides, you can use the grep linter the look for exclusive terms contained in the source code.

As the inclusive language gap may happen in other aspects of our lives, have you already thought about them?

See more
Weverton Timoteo

One of the magic tricks git performs is the ability to rewrite log history. You can do it in many ways, but git rebase -i is the one I most use. With this command, It’s possible to switch commits order, remove a commit, squash two or more commits, or edit, for instance.

It’s particularly useful to run it before opening a pull request. It allows developers to “clean up” the mess and organize commits before submitting to review. If you follow the practice 3 and 4, then the list of commits should look very similar to a task list. It should reveal the rationale you had, telling the story of how you end up with that final code.

See more
Kamaleshwar BN
Senior Software Engineer at Pulley · | 8 upvotes · 694.3K views

Out of most of the VCS solutions out there, we found Gitlab was the most feature complete with a free community edition. Their DevSecops offering is also a very robust solution. Gitlab CI/CD was quite easy to setup and the direct integration with your VCS + CI/CD is also a bonus. Out of the box integration with major cloud providers, alerting through instant messages etc. are all extremely convenient. We push our CI/CD updates to MS Teams.

See more

Gitlab as A LOT of features that GitHub and Azure DevOps are missing. Even if both GH and Azure are backed by Microsoft, GitLab being open source has a faster upgrade rate and the hosted by gitlab.com solution seems more appealing than anything else! Quick win: the UI is way better and the Pipeline is way easier to setup on GitLab!

See more
Nazar Atamaniuk
Shared insights
on
DeployPlaceDeployPlaceGitHubGitHubGitLabGitLab

At DeployPlace we use self-hosted GitLab, we have chosen GitLab as most of us are familiar with it. We are happy with all features GitLab provides, I can’t imagine our life without integrated GitLab CI. Another important feature for us is integrated code review tool, we use it every day, we use merge requests, code reviews, branching. To be honest, most of us have GitHub accounts as well, we like to contribute in open source, and we want to be a part of the tech community, but lack of solutions from GitHub in the area of CI doesn’t let us chose it for our projects.

See more
Manage your open source components, licenses, and vulnerabilities
Learn More
Pros of GitHub
Pros of Sonatype Nexus
  • 1.8K
    Open source friendly
  • 1.5K
    Easy source control
  • 1.3K
    Nice UI
  • 1.1K
    Great for team collaboration
  • 867
    Easy setup
  • 504
    Issue tracker
  • 487
    Great community
  • 483
    Remote team collaboration
  • 449
    Great way to share
  • 442
    Pull request and features planning
  • 147
    Just works
  • 132
    Integrated in many tools
  • 122
    Free Public Repos
  • 116
    Github Gists
  • 113
    Github pages
  • 83
    Easy to find repos
  • 62
    Open source
  • 60
    Easy to find projects
  • 60
    It's free
  • 56
    Network effect
  • 49
    Extensive API
  • 43
    Organizations
  • 42
    Branching
  • 34
    Developer Profiles
  • 32
    Git Powered Wikis
  • 30
    Great for collaboration
  • 24
    It's fun
  • 23
    Clean interface and good integrations
  • 22
    Community SDK involvement
  • 20
    Learn from others source code
  • 16
    Because: Git
  • 14
    It integrates directly with Azure
  • 10
    Standard in Open Source collab
  • 10
    Newsfeed
  • 8
    Fast
  • 8
    Beautiful user experience
  • 8
    It integrates directly with Hipchat
  • 7
    Easy to discover new code libraries
  • 6
    Smooth integration
  • 6
    Integrations
  • 6
    Graphs
  • 6
    Nice API
  • 6
    It's awesome
  • 6
    Cloud SCM
  • 5
    Quick Onboarding
  • 5
    Remarkable uptime
  • 5
    CI Integration
  • 5
    Reliable
  • 5
    Hands down best online Git service available
  • 4
    Version Control
  • 4
    Unlimited Public Repos at no cost
  • 4
    Simple but powerful
  • 4
    Loved by developers
  • 4
    Free HTML hosting
  • 4
    Uses GIT
  • 4
    Security options
  • 4
    Easy to use and collaborate with others
  • 3
    Easy deployment via SSH
  • 3
    Ci
  • 3
    IAM
  • 3
    Nice to use
  • 2
    Easy and efficient maintainance of the projects
  • 2
    Beautiful
  • 2
    Self Hosted
  • 2
    Issues tracker
  • 2
    Easy source control and everything is backed up
  • 2
    Never dethroned
  • 2
    All in one development service
  • 2
    Good tools support
  • 2
    Free HTML hostings
  • 2
    IAM integration
  • 2
    Very Easy to Use
  • 2
    Easy to use
  • 2
    Leads the copycats
  • 2
    Free private repos
  • 1
    Profound
  • 1
    Dasf
    Be the first to leave a pro

    Sign up to add or upvote prosMake informed product decisions

    Cons of GitHub
    Cons of Sonatype Nexus
    • 54
      Owned by micrcosoft
    • 38
      Expensive for lone developers that want private repos
    • 15
      Relatively slow product/feature release cadence
    • 10
      API scoping could be better
    • 9
      Only 3 collaborators for private repos
    • 4
      Limited featureset for issue management
    • 3
      Does not have a graph for showing history like git lens
    • 2
      GitHub Packages does not support SNAPSHOT versions
    • 1
      No multilingual interface
    • 1
      Takes a long time to commit
    • 1
      Expensive
      Be the first to leave a con

      Sign up to add or upvote consMake informed product decisions

      - No public GitHub repository available -

      What is GitHub?

      GitHub is the best place to share code with friends, co-workers, classmates, and complete strangers. Over three million people use GitHub to build amazing things together.

      What is Sonatype Nexus?

      It is an open source repository that supports many artifact formats, including Docker, Java™ and npm. With the Nexus tool integration, pipelines in your toolchain can publish and retrieve versioned apps and their dependencies

      Need advice about which tool to choose?Ask the StackShare community!

      What companies use GitHub?
      What companies use Sonatype Nexus?
      Manage your open source components, licenses, and vulnerabilities
      Learn More

      Sign up to get full access to all the companiesMake informed product decisions

      What tools integrate with GitHub?
      What tools integrate with Sonatype Nexus?

      Sign up to get full access to all the tool integrationsMake informed product decisions

      Blog Posts

      Dec 8 2020 at 5:50PM

      DigitalOcean

      GitHubMySQLPostgreSQL+11
      2
      2424
      GitHubOptimizelySegment+3
      2
      1191
      Mar 18 2020 at 9:12AM

      LaunchDarkly

      GitHubLaunchDarkly+2
      7
      1131
      JavaScriptGitHubReact+12
      5
      4181
      GitHubDockerReact+17
      41
      37101
      What are some alternatives to GitHub and Sonatype Nexus?
      GitLab
      GitLab offers git repository management, code reviews, issue tracking, activity feeds and wikis. Enterprises install GitLab on-premise and connect it with LDAP and Active Directory servers for secure authentication and authorization. A single GitLab server can handle more than 25,000 users but it is also possible to create a high availability setup with multiple active servers.
      Bitbucket
      Bitbucket gives teams one place to plan projects, collaborate on code, test and deploy, all with free private Git repositories. Teams choose Bitbucket because it has a superior Jira integration, built-in CI/CD, & is free for up to 5 users.
      AWS CodeCommit
      CodeCommit eliminates the need to operate your own source control system or worry about scaling its infrastructure. You can use CodeCommit to securely store anything from source code to binaries, and it works seamlessly with your existing Git tools.
      Git
      Git is a free and open source distributed version control system designed to handle everything from small to very large projects with speed and efficiency.
      SVN (Subversion)
      Subversion exists to be universally recognized and adopted as an open-source, centralized version control system characterized by its reliability as a safe haven for valuable data; the simplicity of its model and usage; and its ability to support the needs of a wide variety of users and projects, from individuals to large-scale enterprise operations.
      See all alternatives