extension ExtPose

Sonatype Nexus IQ Evaluation

Description from extension meta

Sonatype Nexus IQ Evaluation - Scan Open Source Repositories for known Vulnerabilities.

Image from store Sonatype Nexus IQ Evaluation
Description from store This Chrome Extension works with Sonatype Nexus Lifecycle to inspect an OSS package before you download it. The plugin requires a valid Sonatype Nexus Lifecycle instance. You will be prompted to connect to your Sonatype Nexus IQ Server during setup. Note: Supported by Sonatype. The extension works with the following package managers and their websites. 1. .Net – NuGet – https://www.nuget.org/ 2. Alpine – Linux – https://pkgs.alpinelinux.org/ 3. Chocolatey – Windows – https://chocolatey.org/ 4. Clojars – Clojure – https://clojars.org/ 5. CocoaPods – iOS – https://cocoapods.org/ 6. Conan – C/C++ – https://conan.io/center/ 7. Conda – Python – https://anaconda.org/anaconda/ 8. Debian – Linux – https://packages.debian.org/ 9. Debian – Linux – https://tracker.debian.org/pkg/ 10. GitHub – releases – https://github.com/*/releases/tag/* 11. Golang – Go – https://search.gocenter.io/ 12. Java – Maven – https://mvnrepository.com/ 13. Java – Maven – https://repo.maven.apache.org/ 14. Java – Maven – https://repo.spring.io/list/ 15. Java – Maven – https://repo1.maven.org/ 16. Java – Maven – https://search.maven.org/ 17. JavaScript/Node – npm – https://www.npmjs.com/ 18. PHP – Packagist/composer – https://packagist.org/ 19. Python – PyPI – https://pypi.org/ 20. R – CRAN – https://cran.r–project.org/ 21. Ruby – RubyGems – https://rubygems.org/ 22. Rust – Crates – https://crates.io/ 23. Nexus Proxy Repos – supported repository formats are maven2, npm, rubygems and nuget e.g. http://nexus:8081/#browse/browse:maven–central:commons–collections%2Fcommons–collections%2F3.2.1 24. Artifactory Proxy Repos – supported repository formats are maven2 and npm e.g. https://artifactory-server/webapp/#/artifacts/browse/tree/General/npmjs–cache/parseurl/–/parseurl–1.0.1.tgz 25. Artifactory Repo lists – e.g. https://repo.spring.io/list/jcenter–cache/org/cloudfoundry/cf–maven–plugin/1.1.3/

Latest reviews

  • (2020-07-22) Neil Schloth: A great tool for analyzing OSS components on the web for high-risk security vulnerabilities prior to downloading for use. Prevent mistakes early on in the SDLC by alerting on insecure packages before they are built in to application code.

Statistics

Installs
589 history
Category
Rating
5.0 (4 votes)
Last update / version
2020-10-19 / 1.9.4
Listing languages
en

Links