1. Home
  2. Categories
  3. Support
  4. Migrating from Sonatype Nexus to ProGet

Welcome to the Inedo Forums! Check out the Forums Guide for help getting started.

If you are experiencing any issues with the forum software, please visit the Contact Form on our website and let us know!

Migrating from Sonatype Nexus to ProGet

  • P

    Hi there,

    I’m currently evaluating ProGet as an alternative to Sonatype Nexus, and I have to say the product looks very promising so far—great work 👍

    I have a couple of questions:

    1. Authentication exclusions

    In our previous Nexus setup, we had certain endpoints excluded from authentication due to compatibility issues with other tools. I attempted to recreate this behavior in ProGet.

    3f7f8803-8ff6-444f-be4a-f33c119726e1-image.png

    With the current configuration, accessing https://proget-test.some-company.net/nuget/internal-nuget/v3/index.json still requires authentication. Am I misunderstanding the configuration? Do these rules need to be inverted?

    My goal is to have security enabled by default, with explicit exceptions for certain paths.

    1. Vulnerability analysis updates

    On the vulnerability search page https://security.inedo.com/vulnerability/search?showOnlyInedoAnalysis=True the most recent entry appears to be from January 16, 2026. Is there a reason there haven’t been newer analyses published since then?

    1. Prometheus / OpenTelemetry integration

    The documentation mentions that “by integrating Prometheus with Inedo products, users can gain real-time visibility into metrics, detect anomalies, and address issues” (see: https://docs.inedo.com/docs/installation/logging/installation-prometheus), which I completely agree with. However, from what I can tell, ProGet itself does not currently expose any Prometheus-compatible metrics. Is that correct? Are there any plans to add native Prometheus and/or OpenTelemetry support to ProGet? From an operations and observability perspective, I think this would be an excellent fit.

    Thanks in advance for your help — I appreciate it.

    1. Roadmap

    https://inedo.com/products/roadmap looks outdated

    Best regards,
    K

    0
  • apxltd
    inedo-engineer

    Hi @pg_user_8607 ,

    Thanks! If you haven't already, please do check out our Migrating from Sonatype to ProGet guide.

    [1] This is a common configuration, and it looks like anonymous is allowed based on the screenshot. It's hard to say withtout more troubleshooting. I would try using the Test Privileges function , which allows you to select a user, feed, and then it will show you all the task attributes available.

    [2] To be honest, our users have not found those analyses to add any real value (outside of describing what the library does). So, starting in Q1 we've shifted our research efforts to align with the big changes to vulnerability management in ProGet 2026, including Category 5 Vulnerability Research. Check out the Vulnerability Management Done Right with ProGet guide to learn more about what's coming!

    [3] No plans... in retrospect, there's no value in monitoring activity outside of checking the /health endpoint periodically. In fact, we've seen the opposite -- even monitoring HTTP traffic for abnormalities creates false positives that just wastes everyone's time.

    For example, if NuGet.org is having an outage, then your NuGet feeds connect to nuget.org will run slow, as the connector times out.

    [4] I suppose so! We'll update once we get ProGet 2026 out :)

    Cheers,

    Alex

    1
  • P

    Thank you for the detailed response! I see your points. I will check the links :)

    0
  • P

    On my test instance i ran the "maven.org Full Maven Connector Index Job" manually but it seems to have crashed. Now ProGet does not start anymore because it can't reach the database. I already restarted the docker container but that didn't fix the issue.

    How to get the logs from the built in database to check what's wrong?

    c0a21f58-4881-4a16-b70a-5d8e1a150d0d-image.png

    I already checked https://docs.inedo.com/docs/installation/postgresql but the troubleshooting info did not help:

    root@dc6f66f82da3:/usr/local/proget/service# ./proget query --file=-
unexpected argument: query
unexpected argument: --file=-

Description:
  Hosts the ProGet service and performs various operations.

Usage:
  proget [command] [options]

Commands:
  run                 Runs the ProGet service.
  resetadminpassword  Switches to the built-in user directory and changes the Admin account password to "Admin".
  upgradedb           Upgrades the database schema version to this version of ProGet.
  database            Commands for performing database maintenance operations
    0
  • P

    I checked the /var/log/postgresql/postgresql-17-main.log file but it is empty.

    0 stevedennis 1 Reply
  • stevedennis
    inedo-engineer

    Hi @pg_user_8607 ,

    Can we move this issue to a new topic? I would "split" it for you, but then it won't show up on our dashboard when a reply comes through.

    Separate threads make it a lot easier to manage things on our end and keep track of things better :)

    But before you do that, just a hint - look at the container output startup logs. Basically just run without the -d and you'll be able to see the console output, and post anything related to the databse there.

    Thanks,
    Steve

    1 P 1 Reply
  • P

    This post is deleted!
    0
  • stevedennis
    inedo-engineer

    @pg_user_8607 sorry I accidently deleted that when trying to fork it into a new topic... I briefly saw the logs and wanted to review w/ team to see if we can figure them out

    Can you repost them again as a new topic? Thanks, we can then track it separately.

    0
Log in to reply
 
Inedo Website HomeSupport HomeCode of ConductForums GuideDocumentation