Using Integrity Ratings to Detect Risky OSS Components What would these phenomenal, nay, super powers be without a trust sidekick with whom to enjoy them? Rest easy. While you’re out there doing your thing, Release Integrity, another … Read more NOW “Using Integrity Ratings to Detect Risky OSS Components”
Holistic vs Micro View Lesson 3 Overview Since the beginning, Sonatype has been working towards being able to offer perspectives from different teams into a holistic view across your organization. IQ Server also provides … Read more NOW “Holistic vs Micro View”
The Application View Also worth mentioning are the different types of views that are available if you need to dig a little deeper after you’ve applied your filters. Violations viewComponents viewApplications … Read more NOW “The Application View”
Project Owner Perspective As a Product Owner/Product Manager, I probably care about all of these items. But I may be particularly interested in the highest risk or the whole aggregate amount of risk. … Read more NOW “Project Owner Perspective”
Security Perspective From a security perspective, we can get what is most important to you – policy violations that are due to security issues. This time use the Policy Type –> … Read more NOW “Security Perspective”
Developer Perspective For something completely different, we offer you a macro level view where you can quickly identify which of your dependencies are direct and which are transitive (the dependencies of those … Read more NOW “Developer Perspective”
Remediation Assistance Filtering the Component List If you have multiple projects loaded into your IDE and need to view a specific subset of results — the plugin has a Filter option that … Read more NOW “Remediation Assistance”
Summary – Lesson 3 You have completed Lesson 3. You are now able to: Using the Component Info tab to view vulnerabilitiesViewing policy detailsAnalyzing license types and risks Analyzing security risksTaking … Read more NOW “Summary – Lesson 3”
Evaluating a Project Assigning Your IDE Project and Triggering an Evaluation Once the IDE plugin has been successfully installed and configured the next step will be to associate your local IDE project with … Read more NOW “Evaluating a Project”
IDE Integration Getting Started Sonatype’s IDE Integrations provides you with direct access to Sonatype’s comprehensive component intelligence right within your IDE. It measures your components against your organization’s open source governance policy. … Read more NOW “IDE Integration”
