Sonatype Nexus IQ Evaluation
Overview
Sonatype Nexus IQ Evaluation - Scan Open Source Repositories for known Vulnerabilities.
This Chrome Extension works with Sonatype Nexus Lifecycle to inspect an OSS package before you download it. The plugin requires a valid Sonatype Nexus Lifecycle instance. You will be prompted to connect to your Sonatype Nexus IQ Server during setup. Note: Supported by Sonatype. The extension works with the following package managers and their websites. 1. .Net – NuGet – https://www.nuget.org/ 2. Alpine – Linux – https://pkgs.alpinelinux.org/ 3. Chocolatey – Windows – https://community.chocolatey.org/ 4. Clojars – Clojure – https://clojars.org/ 5. CocoaPods – iOS – https://cocoapods.org/ 6. Conan – C/C++ – https://conan.io/center/ 7. Conda – Python – https://anaconda.org/anaconda/ 8. Debian – Linux – https://packages.debian.org/ 9. Debian – Linux – https://tracker.debian.org/pkg/ 10. GitHub – releases – https://github.com/*/releases/tag/* 11. Golang – Go – https://pkg.go.dev/ 12. Java – Maven – https://mvnrepository.com/ 13. Java – Maven – https://repo.maven.apache.org/ 14. Java – Maven – https://repo.spring.io/list/ 15. Java – Maven – https://repo1.maven.org/ 16. Java – Maven – https://search.maven.org/ 17. JavaScript/Node – npm – https://www.npmjs.com/ 18. PHP – Packagist/composer – https://packagist.org/ 19. Python – PyPI – https://pypi.org/ 20. R – CRAN – https://cran.r–project.org/ 21. Ruby – RubyGems – https://rubygems.org/ 22. Rust – Crates – https://crates.io/ 23. Nexus Proxy Repos – supported repository formats are maven2, npm, rubygems and nuget e.g. http://nexus:8081/#browse/browse:maven–central:commons–collections%2Fcommons–collections%2F3.2.1 24. Artifactory Proxy Repos – supported repository formats are maven2 and npm e.g. https://artifactory-server/webapp/#/artifacts/browse/tree/General/npmjs–cache/parseurl/–/parseurl–1.0.1.tgz 25. Artifactory Repo lists – e.g. https://repo.spring.io/list/jcenter–cache/org/cloudfoundry/cf–maven–plugin/1.1.3/
5 out of 54 ratings
Google doesn't verify reviews. Learn more about results and reviews.
Neil SchlothJul 22, 2020
A great tool for analyzing OSS components on the web for high-risk security vulnerabilities prior to downloading for use. Prevent mistakes early on in the SDLC by alerting on insecure packages before they are built in to application code.
Details
- Version1.10.0
- UpdatedJuly 14, 2023
- Size2.29MiB
- LanguagesEnglish
- DeveloperSonatype Inc.Website
8161 Maple Lawn Blvd Suite 250 Fulton, MD 20759-2624 USEmail
community-group@sonatype.comPhone
+44 7493 741902 - TraderThis developer has identified itself as a trader per the definition from the European Union.
- D-U-N-S963313098
Privacy
This developer declares that your data is
- Not being sold to third parties, outside of the approved use cases
- Not being used or transferred for purposes that are unrelated to the item's core functionality
- Not being used or transferred to determine creditworthiness or for lending purposes
Support
For help with questions, suggestions, or problems, visit the developer's support site