Our Community Projects
Here are all our Open Source projects.
Ahab
ARCHIVED
Scan base OS (debian, fedora, alpine) packages for vulnerabilities.
Worked with:
API Clients (IQ)
golang
python
typescript
api
client
Generated API Clients in Go, Python and Typescript for Sonatype IQ Server Manager
Works with:
API Clients (Repo)
golang
java
typescript
api
client
Generated API Clients in Go, Java and Typescript for Sonatype Nexus Repository Manager
Works with:
AuditJS
javascript
nodejs
Scan JavaScript (node.js inclusive) projects for vulnerable third-party dependencies.
Works with:
Bach
php
composer
Scan PHP and Composer projects for vulnerable third-party dependencies.
Works with:
Cargo Pants
rust
cargo
Cargo subcommand provides a project bill of materials and identifies vulnerabilities.
Works with:
Chelsea
rubygems
Scan RubyGems powered projects for vulnerable third-party dependencies.
Works with:
Cheque
c
Scan C projects for vulnerable third-party dependencies.
Works with:
Container (IQ)
GRADUATED
arm
Container Image built for ARM for Sonatype IQ Server
Worked with:
Container (Repo)
arm
Container Image built for ARM for Sonatype Nexus Repository Manager
Works with:
GCP Blobstore
GRADUATED
blobstore
Sonatype Nexus Repository Manager Blobstore backed by Google Cloud Storage.
Worked with:
GitHub Action
GRADUATED
ci
sbom
GitHub Action for invoking Sonatype Lifecycle scans and obtaining SBOMs
Worked with:
Jake
python
conda
pip
Scan Python and Conda environments for vulnerable third-party dependencies.
Works with:
Nancy
golang
Scan Golang projects for vulnerable third-party dependencies.
Works with:
Nexus CasC Plugin
java
Nexus CasC is a configuration as code plugin for Sonatype Nexus Repository Manager 3
Works with:
OysterR
r
cran
Scan R code for vulnerable third-party dependencies.
Works with:
Sherlock Trunks
java
gradle
A Gradle plugin that scans the dependencies of a Gradle project for vulnerabilities.
Works with:
The CLA Bot
cla
Also known as Paul Botsco - this is our CLA Bot.
Works with: