Sonatype Nexus IQ Evaluation

Sonatype Nexus IQ Evaluation - Scan Open Source Repositories for known Vulnerabilities.

What is Sonatype Nexus IQ Evaluation?

Sonatype Nexus IQ Evaluation is a Chrome extension allowing users to inspect open source packages for security vulnerabilities before downloading them. It is designed to integrate with a valid Sonatype Nexus Lifecycle instance, allowing for detailed package analysis. The plugin supports multiple package managers across diverse platforms, enabling broad-spectrum inspection of risky open source repositories.

Download

Stats

By: https://sonatype-nexus-community.github.io/nexus-iq-chrome-extension

View on Chrome Web Store

Users: 1,000+

Rating: 5.00 (5)

Version: 1.10.0 (Last updated: 2023-07-14)

Creation date: 2020-05-27

Risk impact: High risk impact

Risk likelihood: Moderate risk likelihood

Manifest version: 2

Permissions:

activeTab
declarativeContent
cookies
background
storage
https://pkgs.alpinelinux.org/
https://anaconda.org/anaconda/
https://community.chocolatey.org/
https://clojars.org/
https://cocoapods.org/

Size: 2.40M

Email: co*****@sonatype.com

URLs: Website ,Privacy policy

Stats date:

Chrome-Stats Rank

# 26591 ▼ 69

Other rankings

#3108 in Developer Tools ▲ 4 #68 in package keyword 15 ▼ 5 #170 in server keyword 57 ▲ 4 #215 in cache keyword 54 ▲ 5

Other platforms

Not available on Firefox

Not available on Edge

Want to check extension ranking and stats more quickly for other Chrome extensions? Install Chrome-Stats extension to view Chrome-Stats data as you browse the Chrome Web Store.

Summary

Analyze keywords

This Chrome Extension works with Sonatype Nexus Lifecycle to inspect an OSS package before you download it. The plugin requires a valid Sonatype Nexus Lifecycle instance. You will be prompted to connect to your Sonatype Nexus IQ Server during setup. Note: Supported by Sonatype.

The extension works with the following package managers and their websites.

.Net – NuGet – https://www.nuget.org/
Alpine – Linux – https://pkgs.alpinelinux.org/
Chocolatey – Windows – https://community.chocolatey.org/
Clojars – Clojure – https://clojars.org/
CocoaPods – iOS – https://cocoapods.org/
Conan – C/C++ – https://conan.io/center/
Conda – Python – https://anaconda.org/anaconda/
Debian – Linux – https://packages.debian.org/
Debian – Linux – https://tracker.debian.org/pkg/
GitHub – releases – https://github.com/*/releases/tag/*
Golang – Go – https://pkg.go.dev/

User reviews

A great tool for analyzing OSS components on the web for high-risk security vulnerabilities prior to downloading for use. Prevent mistakes early on in the SDLC by alerting on insecure packages before they are built in to application code.

Neil Schloth, 2020-07-22

View all user reviews

Safety

Risk impact

Sonatype Nexus IQ Evaluation is risky to use as it requires a number of sensitive permissions that can potentially harm your browser and steal your data. Exercise caution when installing this extension. Review carefully before installing. We recommend that you only install Sonatype Nexus IQ Evaluation if you trust the publisher.