The most significant improvement in the Sonatype CLM 1.11 release focuses on the development of the new CLM Dashboard. With this, the Dashboard becomes a critical part of your Sonatype CLM Server experience. We’ll talk more about that in just a moment, as well as these additional features, all part of the latest Sonatype CLM update.
The majority of features in this update focus on the Sonatype CLM Server, and will require an upgrade. If you are using any of the following components, you should be sure to upgrade them as well.
This minor update provides a fix for a related security vulnerability, which was identified and fixed.
This minor update includes enhancements for:
After upgrading to Sonatype CLM 1.11, when logging into the Sonatype CLM Server, you will now be taken to the new Sonatype CLM Dashboard (previously the Reports Area was loaded).
![[Note]](images/icons/note.png){kind=icon}
|
|
|
Users of Sonatype CLM - Nexus Edition will not have access to the new dashboard. |
Based on your permissions (assigned roles), you will see aggregated results corresponding to the applications you have evaluated. In addition to a variety of visual information that includes a View Summary and a Violation Summary, you will also find details related to the newest and highest risk violations a component and an application have incurred.
This data is spread across three main views:
Each of these views can be filtered and sorted as you desire. This lets you dive even deeper into the data with new features like the Component Detail Page which provides up-to-the-moment analysis of your component risk. To learn more about the Dashboard, check out our latest documentation for this area.
![[Tip]](images/icons/tip.png){kind=icon}
|
|
|
The dashboard introduces a new concept, called risk, which involves a calculation of threat levels for unique policy violations. Be sure to review the guide for a more thorough explanation. |
A long awaited feature that has been requested many times, is the ability to create and edit application information via API calls. The latest release of Sonatype CLM now supports this ability.
Among the various features of this new public REST API, the most notable are:
For detailed instruction on the use of this feature, check out another of our new guides, The API User Guide.
One of the most common actions in Sonatype CLM is the creation of new items. This could be applications or organizations, as well as policies, labels, tags, and license threat groups.
No matter the need, the new Global Create functionality allows you to perform these actions from nearly anywhere in Sonatype CLM. Better yet, if you are already in a particular location, the Global Create button will take this into consideration.
For example, if you were looking to create a new application, and were trying to do so from the organization you wish to use, Sonatype CLM will automatically pre-populate this for you.
Two enhancements to component identification have been made:
Various updates to maintain consistency in the UI, as well as modification to address any reported bug have been added to this release. In addition two these general updates, two other features have been removed.
|
|
|
|
Existing clear tags will be changed to white. |
