We compared Sonatype Nexus Repository and JFrog Artifactory based on our user's reviews in several parameters.
In comparing Sonatype Nexus Repository and JFrog Artifactory, both offer reliable artifact management, seamless integration with build tools, and valuable customer support. Sonatype stands out for its robust security and customizable permissions, while JFrog is praised for its high-quality storage capabilities and ease of use. Sonatype offers cost-effective pricing and positive ROI, while JFrog is commended for its efficient efficiency and productivity gains. However, users note room for improvement in Sonatype's UI and setup process, while JFrog users seek enhancements in UI, customization, and performance.
Features: Sonatype Nexus Repository stands out for its robust security, customizable user permissions, and seamless integration with build tools. JFrog Artifactory impresses users with its efficient storage and management capabilities, reliable performance, and intuitive navigation.
Pricing and ROI: The setup cost of Sonatype Nexus Repository has been praised for being reasonable and competitive. Users have found the process straightforward with minimal costs. On the other hand, JFrog Artifactory is appreciated for its affordability and flexible pricing options, with a reasonable setup cost and straightforward licensing terms., Sonatype Nexus Repository has shown positive outcomes in terms of ROI with cost-effectiveness, streamlined development process, improved security, and reduced troubleshooting time. Users appreciate its value and utility. On the other hand, JFrog Artifactory provides enhanced efficiency, improved software development processes, increased productivity, time savings, reduced errors, and a centralized artifact repository. It proves to be a valuable investment, benefiting organizations substantially.
Room for Improvement: Sonatype Nexus Repository users have called for improvements in the user interface, setup process, and documentation. JFrog Artifactory users have suggested enhancements in usability, customization options, performance, and documentation.
Deployment and customer support: Users' reviews indicate that both Sonatype Nexus Repository and JFrog Artifactory require a significant amount of time for deployment and setup. However, the reviews highlight a difference in interpretations, as one Sonatype user suggests the terms refer to separate timeframes, while JFrog users imply they likely represent the same period., Users have praised both Sonatype Nexus Repository and JFrog Artifactory for their customer service and support. Sonatype is known for its knowledgeable and efficient assistance, while JFrog is praised for its prompt and helpful assistance and responsiveness.
The summary above is based on 14 interviews we conducted recently with Sonatype Nexus Repository and JFrog Artifactory users. To access the review's full transcripts, download our report.
"The most valuable feature right now is that the tool is invisible. I've set it up so that it works in my build process and my release processes, and it just works. I hardly ever need to go into the UI to check up on things or correct anything. By far, the biggest feature for me is that after setup, it just keeps on working."
"The core functionality is most valuable for indexing and metadata of all the artifacts, but within the last year or two, we've been using the Projects feature, which has been very helpful. We can now assign individual admins for different projects and repos so that they can self-manage their own user permissions for their data. My IT DevOps team doesn't have to be the facilitators of that. It's now more of a self-service capability for them."
"HPE was using it for a lot of things, and they certainly had a massive implementation."
"The feature that I like is Permission Targets. If I want to give permission to only deploy the cache, I can give that permission to a set of users. Similarly, if I want to overwrite an artifact with the same name from the same pipeline, I can give permission for that as well to particular users."
"The most valuable feature I have found is the JFrog CLI."
"The package registries have been helpful. GitLab, our previous solution, wasn't managing that well."
"The most valuable feature is that it is a centralized repository and that you can open multiple repositories for different types of artifacts."
"If there are any issues in build security, it can pick them up straight away."
"One of the most valuable features is the variety of permissions you can use on the repository. That helps us protect access to the information inside of the repository."
"Primarily, the extensive support for a wide range of packages is a crucial factor. The effectiveness of new-age package managers is often determined by the breadth of packages they can handle. In this regard, Nexus Repository Manager 3 stands out for its comprehensive coverage, accommodating a vast array of packages widely utilized across the globe. This inclusivity enables easy access to a diverse range of packages, making it a pivotal aspect of its functionality."
"The searching capability is good... and we are managing multiple central repositories."
"I have found managing the artifact features very useful."
"The most valuables features of the Sonatype Nexus Repository are you can block any uploads that you do not want. For example, from Maven. Even though someone will try to create a pump file with a package not currently in our repository, they can go and get it, but it won't store it into the Sonatype Nexus Repository and therefore won't be propagated across the enterprise."
"The key benefit we get from it is speed to delivery. It has improved our overall time to get new applications out with new code. That's true whether from a platform perspective, where we are quickly deploying up-to-date docker containers, or whether we are looking to deploy new code out to deliver a new application."
"The most important feature of Nexus Repository Manager is the storing and sharing of components. For Nexus IQ, it's the scanning of projects and the rating of vulnerabilities and license violations that we may have in our products."
"In some of the latest versions of JFrog's SaaS solution, they changed the user interface, the SSO settings, how you interact with them over API, and how you generate tokens. It was very confusing for me. The overall user management is very complicated."
"I would like to see written technical support instead of having to contact them directly."
"We're looking for something that has additional reporting capabilities on data growth and data aging. This goes back to storage lifecycle management so that the actual Artifactory itself can provide these reports to either the administrators or the users. I don't know if it has those capabilities. That's something we have to look into regarding the self-service dashboard, but the tool itself having those capabilities would be great rather than trying to do it at the underlying storage hardware layer."
"The latest version that I am using is 7.41. It has been upgraded graphics-wise, but there is a bit of slowness. They can improve the graphical interface for the admin jobs and make it faster."
"The documentation is a bit sparse. That's our only complaint."
"Jira integration is something that I would like to see improved. I have already talked with their support, and there is a development ticket open for that. If there is any Xray-related information that should be shared within the development pipeline for security remediation or license or whatever, then I would like to see a ticket to be created automatically in the right project. That's something that's not working with Jira Cloud at the moment. Hopefully, they will be able to address that."
"It's an enterprise product that acts like an enterprise product. In other words, it's not a product where they focus on user experience. I wasn't an administrator, so I primarily worked with the command line tool to upload and download parts of the product. I was not impressed with that because it wasn't well documented. It was challenging to figure out how to get things to work."
"Lacks an end-to-end solution for developers to sign and store an image."
"We've had some challenges around the database they use. We've had some big outages and it's due to the fact that we haven't found the database they use is all that stable... We've had some really positive conversations with Sonatype around that and they've provided us with the support and special services to help us migrate off of that, on to another type of database platform which we have more control over."
"They should have the ability to support multiple data centers. That is actual scalability and, in effect, high-availability."
"Sonatype Nexus Repository could improve by making the experience working with CI/CD pipelines, such as GitHub Action or GitLab better."
"When it comes to uploading NPM libraries, JavaScript dependencies libraries, it is a little bit of a convoluted process. They need to improve uploading libraries for NPM-type repositories."
"We had some issues with the container platform, but we raised a support ticket and it was sorted out for us."
"They could improve the user interface and REST APIs."
"[A] main feature that is missing in Nexus IQ is the ability to explore the history of the different reports that have been generated for a given product. For the time being, in the Nexus IQ UI, we are only able to browse the latest reports that have been generated for a given product. It would be really useful for us to be able to go back in time by browsing through the reports and to have a tool that would give us the evolution of the metrics."
JFrog Artifactory is ranked 2nd in Repository Managers with 7 reviews while Sonatype Nexus Repository is ranked 1st in Repository Managers with 15 reviews. JFrog Artifactory is rated 7.8, while Sonatype Nexus Repository is rated 8.2. The top reviewer of JFrog Artifactory writes "Stores all our artifacts, allows users to manage permissions for their data, and is very stable". On the other hand, the top reviewer of Sonatype Nexus Repository writes "Vastly improved our whole release cycle; automated processes help to deliver code". JFrog Artifactory is most compared with Archiva, Bitbucket Data Center, Inedo ProGet and Cloudsmith, whereas Sonatype Nexus Repository is most compared with Archiva, Bitbucket Data Center, Inedo ProGet, EMCO MSI Package Builder and EMCO Remote Installer. See our JFrog Artifactory vs. Sonatype Nexus Repository report.
See our list of best Repository Managers vendors.
We monitor all Repository Managers reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.