Item logo image for Sonatype Nexus IQ Evaluation

Sonatype Nexus IQ Evaluation

sonatype-nexus-community.github.io/nexus-iq-chrome-extension
5.0(

4 ratings

)
ExtensionDeveloper Tools943 users
Item media 5 screenshot
Item video thumbnail
Item media 2 screenshot
Item media 3 screenshot
Item media 4 screenshot
Item media 5 screenshot
Item video thumbnail
Item video thumbnail
Item media 2 screenshot
Item media 3 screenshot
Item media 4 screenshot
Item media 5 screenshot

Overview

Sonatype Nexus IQ Evaluation - Scan Open Source Repositories for known Vulnerabilities.

This Chrome Extension works with Sonatype Nexus Lifecycle to inspect an OSS package before you download it. The plugin requires a valid Sonatype Nexus Lifecycle instance. You will be prompted to connect to your Sonatype Nexus IQ Server during setup. Note: Supported by Sonatype. The extension works with the following package managers and their websites. 1. .Net – NuGet – https://www.nuget.org/ 2. Alpine – Linux – https://pkgs.alpinelinux.org/ 3. Chocolatey – Windows – https://community.chocolatey.org/ 4. Clojars – Clojure – https://clojars.org/ 5. CocoaPods – iOS – https://cocoapods.org/ 6. Conan – C/C++ – https://conan.io/center/ 7. Conda – Python – https://anaconda.org/anaconda/ 8. Debian – Linux – https://packages.debian.org/ 9. Debian – Linux – https://tracker.debian.org/pkg/ 10. GitHub – releases – https://github.com/*/releases/tag/* 11. Golang – Go – https://pkg.go.dev/ 12. Java – Maven – https://mvnrepository.com/ 13. Java – Maven – https://repo.maven.apache.org/ 14. Java – Maven – https://repo.spring.io/list/ 15. Java – Maven – https://repo1.maven.org/ 16. Java – Maven – https://search.maven.org/ 17. JavaScript/Node – npm – https://www.npmjs.com/ 18. PHP – Packagist/composer – https://packagist.org/ 19. Python – PyPI – https://pypi.org/ 20. R – CRAN – https://cran.r–project.org/ 21. Ruby – RubyGems – https://rubygems.org/ 22. Rust – Crates – https://crates.io/ 23. Nexus Proxy Repos – supported repository formats are maven2, npm, rubygems and nuget e.g. http://nexus:8081/#browse/browse:maven–central:commons–collections%2Fcommons–collections%2F3.2.1 24. Artifactory Proxy Repos – supported repository formats are maven2 and npm e.g. https://artifactory-server/webapp/#/artifacts/browse/tree/General/npmjs–cache/parseurl/–/parseurl–1.0.1.tgz 25. Artifactory Repo lists – e.g. https://repo.spring.io/list/jcenter–cache/org/cloudfoundry/cf–maven–plugin/1.1.3/

5 out of 54 ratings

Google doesn't verify reviews. Learn more about results and reviews.

Review's profile picture

Neil SchlothJul 22, 2020

A great tool for analyzing OSS components on the web for high-risk security vulnerabilities prior to downloading for use. Prevent mistakes early on in the SDLC by alerting on insecure packages before they are built in to application code.

7 out of 7 found this helpful

Details

  • Version
    1.10.0
  • Updated
    July 14, 2023
  • Size
    2.29MiB
  • Languages
    English
  • Developer
    Sonatype Inc.
    8161 Maple Lawn Blvd Suite 250 Fulton, MD 20759-2624 US
    Website
    Email
    community-group@sonatype.com
    Phone
    +44 7493 741902
  • Trader
    This developer has identified itself as a trader per the definition from the European Union.
  • D-U-N-S
    963313098

Privacy

The developer has disclosed that it will not collect or use your data. To learn more, see the developer’s privacy policy.

This developer declares that your data is

  • Not being sold to third parties, outside of the approved use cases
  • Not being used or transferred for purposes that are unrelated to the item's core functionality
  • Not being used or transferred to determine creditworthiness or for lending purposes

Support

For help with questions, suggestions, or problems, visit the developer's support site

Google apps