Expanded Coverage and Reduction in False Negatives
We also expanded our intelligence coverage to include JS components found within other ecosystems like Java, Ruby, and PyPI. Our customers can now quickly and reliably identify an even larger set of JS components, eliminating false negatives that could expose them to potential risk.
Simplified User Experience
We also simplified the way users view JS components that violate open source policies within Nexus Lifecycle, making it easier for developers to find and fix problems found within their applications.
For example, Nexus Lifecycle used to identify 5,030 JS components that were in violation of policy in the Juice-shop-7 project and included multiple file names for each component -- making it difficult for users to understand why a component was listed many times.
With the new release, Nexus Lifecycle identifies only 1082 components, removing the filename column and including only the component name at the modular level.
The additional files linked to the components can still be seen in the Occurrences tab.
Take a look at the new user experience in this video from Ilkka Turunen, Solutions Consultant, and learn how the new improvements may affect your existing installations.
We look forward to hearing what you think of the new improvements and welcome any feedback at my.sonatype.com.