Sonatype CLM provides the critical piece to guiding your business to complete and efficient Open Source Governance. That means being able to identify risk associated with components used in your applications, and make better choices or correct issues as they are highlighted.

At each stage (enforcement point), and in conjunction with policy, you have the opportunity to take specific actions. These can range from providing a warning, creating a failure, or sending out email communication. Of course, all of these are based on a component, or components, violating your policies.

This guide will walk you through installation, configuration, and basic usage for the Sonatype CLM for IDE enforcement point. It is important to remember that policy is still managed via the Sonatype CLM Server, which is covered in the first six steps.

To get there though, first you need to get the Sonatype CLM Server installed and configured, have a basic introduction to concepts like orgs, apps, policies, scanning and reports. Plus, depending on what you have purchased it’s like you’ll want to get you additional enforcement points (e.g. Sonatype CLM for CI, IDE, and Nexus Pro - CLM Edition) setup as well.

To ensure success, we’ve put together Nine Steps for Open Source Governance. At each step, we’ve provided a guide that offers essential elements you need to reach a point of familiarity with Sonatype CLM. While there are still even more advanced concepts that we can help you through, this self-guided approach will give you everything you need right now. This includes taking through initial download, on through to installation of Nexus Pro - CLM Edition.

So, go ahead and get started with and then follow along below.

If you encounter difficulty along the way, please let us know. Our support team is available at support@sonatype.com.

Thanks,

The Sonatype CLM Team