The information provided below represents the updates provided with
Sonatype CLM 1.8 release. All improvements listed here, are also part of the latest release.
What’s New in Sonatype CLM 1.8
All of the features described below are part of the Sonatype CLM 1.8 release. In
addition to what is described here, all documentation has been updated and is
available by clicking the new Online Help link in the Help Menu of the CLM
Server. Additionally, you can access Sonatype CLM documentation via
the Sonatype CLM Documentation Index.
-
Continuous Policy Monitoring
-
Policy Monitoring provides a way to continuously review an application, and then
be alerted if new violations have occurred Don’t worry though, you don’t have to
do this for every policy. Meaning, you won’t need to be woken up in the middle
of the night just because one of your components is now too old. However, if one
of your components has a critical violation, you’ll have that information ready
to make a decision.
-
Simplified Application Upload and Evaluation
-
The CLI, or Stand-alone Scanner, has been providing users with a way
to quickly and effectively evaluate applications on the fly. Now, you
have that same functionality right within the CLM Server
interface. All you need to do is select a file to evaluate, pick the
application the evaluation is for, and then decide which CLM Stage it
should represent. Better yet, if you’re evaluating a really large
application, you don’t need to wait for the evaluation to complete
before returning to other tasks in CLM.
-
Generic CI Support
-
Currently Sonatype CLM integrates seamlessly with the Hudson and Jenkins CI
servers. However, we realize there are alternatives available, and have updated
the CLI/Stand-alone scanner to support integration with other continuous
integration servers. The main improvements include an update to exit codes that
provide the ability to warn or fail builds when a policy is evaluated, as well
as the ability to allow the chosen build system to ignore any exit codes. This
means you can potentially integrate any build system directly into your CLM
process without worry of significant impact to your current process.
-
General Enhancements
-
A number of improvements have been made to the way users interact with
Sonatype CLM from policies to the existing reports. This includes:
-
When using the CLI/Stand-alone Scanner, you can now customize the CLM Stage
the evaluation will apply to.
-
Applications now have a field for setting the contact.
-
A link to online help is now provided as part of the new Help menu.
-
Various bug fixes, and data updates.
