Active Projects

These are our current active Open Source Projects.

API Clients

golang java typescript api client
Generated API Clients in Go, Java and Typescript for Sonatype Nexus Repository Manager
Works with:
Sonatype Nexus Repository Manager

API Clients

golang python typescript api client
Generated API Clients in Go, Python and Typescript for Sonatype IQ Server Manager
Works with:
Sonatype Developer Sonatype Repository Firewall Sonatype Lifecycle Sonatype Lifecycle

AuditJS

javascript nodejs
Scan JavaScript (node.js inclusive) projects for vulnerable third-party dependencies.
Works with:
Sonatype OSS Index Sonatype Lifecycle

Bach

php composer
Scan PHP and Composer projects for vulnerable third-party dependencies.
Works with:
Sonatype OSS Index

Cargo Pants

rust cargo
Cargo subcommand provides a project bill of materials and identifies vulnerabilities.
Works with:
Sonatype OSS Index Sonatype Lifecycle

Chelsea

rubygems
Scan RubyGems powered projects for vulnerable third-party dependencies.
Works with:
Sonatype OSS Index Sonatype Lifecycle

Cheque

c
Scan C projects for vulnerable third-party dependencies.
Works with:
Sonatype OSS Index

Jake

python conda pip
Scan Python and Conda environments for vulnerable third-party dependencies.
Works with:
Sonatype OSS Index Sonatype Lifecycle

Nancy

golang
Scan Golang projects for vulnerable third-party dependencies.
Works with:
Sonatype OSS Index Sonatype Lifecycle

OysterR

r cran
Scan R code for vulnerable third-party dependencies.
Works with:
Sonatype OSS Index

Sherlock Trunks

java gradle
A Gradle plugin that scans the dependencies of a Gradle project for vulnerabilities.
Works with:
Sonatype OSS Index Sonatype Lifecycle

The CLA Bot

cla
Also known as Paul Botsco - this is our CLA Bot.
Works with:
Last modified August 29, 2024: fixes to project listing pages and boiler plate content on home page (7eaa95a)