Description from extension meta
通过Sonatype Platform浏览器扩展来达到“安全左移”——扫描开源仓库以检测已知漏洞。
Image from store
Description from store
Chromium浏览器的扩展与Sonatype Platform配合,赋予开发人员在软件开发生命周期的早期做出更明智的选择。
将这个扩展连接到您的公司里的Sonatype Lifecycle服务器,并在浏览公共开源注册表(如Java的Maven Central、JavaScript的NPM、Python的PyPi等等)时,即时获取风险洞察。
这个扩展取代了我们之前的扩展(Nexus IQ Chrome扩展),该扩展将在2023年底之前停用。
Latest reviews
- (2023-08-16) Neil Schloth: A great tool for analyzing OSS components on the web for high-risk security vulnerabilities prior to downloading for use. Prevent mistakes early on in the SDLC by alerting on insecure packages before they are built in to application code.
- (2023-08-10) Roy Decker: An awesome solution for researching open source components that are being considered for an application.
- (2023-07-14) Ben Hartley: The ultimate in shifting left!
- (2023-07-14) Patrick Kiessling: Nice!
- (2023-07-14) Paul Meharg: I find this very useful to get a preview of the security and legal implications of acomponent before I start to write code! Keeps me from creating technical debt from the git-go.
- (2023-07-14) Adam Such: Very useful plugin!
- (2023-07-14) Alexander Plattel: Excellent tool for looking at Open Source packages before you download them.
- (2023-07-11) Joseph Bernie: An extremely useful plugin for Sonatype customers!!