Skip to end of metadata
Go to start of metadata

We regularly improve Nexus IQ Server products based on customer feedback. We make a lot of enhancements, and here you will find the most recent versioned release notes and summaries of the main features we've completed.

Sonatype encourages using the most current IQ Server release and not trailing behind more than six months. The latest version can be downloaded from IQ Download and Compatibility.

For past releases please see 2017 Release Notes2016 Release Notes2015 Release Notes, or 2014 Release Notes.

Recent IQ Server Releases

1.36 (September)

The IQ Server 1.36 release contains the following updates:

Security Vulnerability Presence Policy Condition Replaced with Security Vulnerability Severity Policy Condition

In an effort to reduce redundant policy conditions, the Security Vulnerability present policy condition has been replaced by the Security Vulnerability Severity greater than or equal to 0 policy condition. Additionally, the Security Vulnerability absent policy condition has been removed. If any of your policies use the Security Vulnerability absent policy condition, then please see our upgrade instructions before upgrading, and contact our customer support team or your customer success representative for assistance in changing them before upgrading to ensure a successful migration.

Success Metrics

Success Metrics has been updated to calculate aggregations daily for new installations where historical data is limited.

1.35 (August)

The IQ Server 1.35 release contains the following updates:

Lifecycle XC

Lifecycle XC (Expanded Coverage) is a new capability of Nexus Lifecycle that utilizes OWASP dependency-check to provide basic coverage for additional languages. Specifically, Nexus IQ CLI features a new option to run in normal (Lifecycle) or XC mode. When XC mode is enabled Nexus IQ CLI will be configured to scan and analyse a different set of ecosystems and formats including Ruby, Swift, CocoaPods, and PHP. For more information, please see the Lifecycle XC topic.

Success Metrics Components tile

Success Metrics has been updated with a new Components tile that breaks down which components are used across the most applications and which components have the most policy violations.

1.34 (July)

The IQ Server 1.34 release features support for Docker image evaluations natively using Nexus IQ tooling. Updates to the latest version of tools are required for Docker image evaluations. This includes:

Nexus IQ Tool

Minimum Required Version

Nexus IQ CLI1.34.0
Nexus IQ for Bamboo1.5.1
Nexus IQ for Jenkins 21.3.20170728-122322.902d97e
Nexus IQ for Hudson/Jenkins 12.19.0

An update to the Nexus IQ Server is not required. More information on performing Docker image evaluations is available in the Evaluating an Application section of the Nexus IQ CLI topic and the Docker Images section of Nexus IQ for Jenkins 2.x.

Notable IQ Server Updates

The Sonatype Integrations team is happy to announce the release of Docker image evaluations in Nexus IQ Server tooling. Docker image tars can be scanned using the latest versions of Nexus IQ tools. Please check the Release Notes to see requirements for Docker evaluations.  Older versions of Nexus IQ tools will scan Docker images but create incorrect results without notification. Additional information can be found in both CLI Evaluating an Application and IQ for Jenkins Docker Images.
We are excited to announce the availability of the Nexus IQ Server plugin for Microsoft Visual Studio users. Developers who use Visual Studio now have access to the precise component intelligence available in Nexus Lifecycle. They can easily identify which components meet corporate guidelines and which ones do not as soon as the component is selected. Having this intelligence directly within the IDE enables developers to choose components that are free from security vulnerabilities,…
The IQ Server team is pleased to announce the availability of Success Metrics charts. These charts demonstrate the value of IQ Server, showing the progress your organization is making by presenting changes in metrics over time. You can access Success Metrics through the IQ Server toolbar. For more information, see the Success Metrics topic.

  • No labels