Documentation Nexus IQ Server 1.16

Our documentation site has moved. For the most current version, please see http://help.sonatype.com

4.2. Security Vulnerability and License Compliance Risks

With the huge benefits derived from using open source, as well as commercial components, comes the complexity of understanding all the implications they have to your software delivery. This includes security vulnerabilities, license compliance problems, and quality issues, all of which need to be managed through the whole life cycle. This starts at the inception of the application all the way through development, quality assurance, production deployments, and even on through decommissioning of the application.

Given the number of components, their rapid change rate, and the ease of adding new dependencies, it quickly becomes clear that the management and full understanding of all components associated with an application is a daunting task, one that can not be carried out manually. Luckily, this is simplified with the assistance of tools such as Sonatype CLM.