The features discussed in this section require IQ Server and Nexus Repository Manager with the Repository license plus either the Firewall or Lifecycle license. |
As a native capability, Repository Manager provides robust search capability for returning components that exist in your repositories. When components are returned in your search results (see below), an option to see all versions is displayed. Clicking this link will display additional information in the search panel, as well as expand information available for each selected component.
To get results that are not in the local Repository Manager cache, you will want to make sure the Download Remote Index option is enabled for the proxy repository. For guidance on this, check out section 6.2.4 (specifically Fig 6.9): Configuring Repositories in the Nexus Repository Manager book. |
Once you’ve configured the IQ Server connection, additional component information, as well as any applicable policy violation information, for each component will be provided.
Repository Manager search is only available for open source Java components. |
To access this, click on the Component Info tab. It is located just below the displayed search results, to the right of the directory tree for the selected component.
Only users that are logged in will be able to see the Component Info tab. |
Clicking on the Component Info tab will display a drop down list of applications associated with your IQ Server installation. Once you have selected an application, the Component Information Panel (CIP), similar to what is provided via the Application Composition Report, will be displayed.
Information on the Component Info tab requires a license for IQ Server. Customers that have only purchased a license for Repository Manager will only have access to security vulnerabilities and license issues information. Those using Nexus OSS will not have access to the Component Info tab. |
As mentioned above, when the CIP is first displayed, you will need to select an IQ Server Application. This application will not change until you select a new one.
The Component Information Panel is divided into two areas. On the left side is component data, which includes information related to the component itself. To the right of the component information, a graphical display of any security or license issues, as well as popularity data for each version of the component is displayed. By default the current version of the component is selected. If there are more versions than can be displayed, arrows on the right and left allow for scrolling to newer or older versions. In addition, you can click on any of these versions (if available), which will change the information that is displayed on the left of the CIP.
In the screenshot above, we have sized the panels in Repository Manager to make all CIP information visible. By default the view will allow you to vertically scroll to view all information. |
The textual information on the left includes:
The graph itself is laid out like a grid, with each vertical piece representing a particular version. The selected version being identified by a vertical line. The information displayed in the graph includes:
In addition to the security vulnerability and license issue details provided, any particular policy violations for a component will be displayed as well. This can be helpful in determining if a component will meet the standards for component lifecycle management your company has established.
To view these details, click on the View Details button located below the Component Information.
This is only available to users with a configured connection and license for IQ Server. |
This will create a new tab in the main Repository Manager panel with the label Component Details.
In order to see the details for additional components, select another component from the search results, or select a different version in the CIP, and then click the View Details button. |
Terms of Service Privacy Policy
Copyright ©
2008-present, Sonatype Inc. All rights reserved. Includes the
third-party code listed here. Sonatype and Sonatype Nexus are trademarks
of Sonatype, Inc. Apache Maven and Maven are trademarks of the Apache
Software Foundation. M2Eclipse is a trademark of the Eclipse Foundation.
All other trademarks are the property of their respective owners.
Sonatype Headquarters - 8161
Maple Lawn Blvd #250, Fulton, MD 20759
Tysons Office - 8251 Greensboro Drive #610, McLean, VA
22102
Australia Office - 5 Martin Place, Level 14, Sydney 2000, NSW, Australia