Skip to end of metadata
Go to start of metadata

We regularly improve Nexus IQ Server products based on customer feedback. We make a lot of enhancements, and here you will find the most recent versioned release notes and summaries of the main features we've completed.

Sonatype encourages using the most current IQ Server release and not trailing behind more than six months. The latest version can be downloaded from IQ Download and Compatibility.

For past releases please see 2018 Release Notes2017 Release Notes2016 Release Notes2015 Release Notes, or 2014 Release Notes.

Recent IQ Server Releases

1.43 (January 2018)

Configuration Changes due to Upgraded Server Infrastructure

The Nexus IQ Server infrastructure has been upgraded, bringing with it many benefits including a more powerful configuration format for its networking and logging.

(warning) If you wish to use a configuration file from a prior version, then you must update it. Please refer to our configuration update guide for more information.

Product License Page Improvements

The Product License page has been enhanced to display additional important information including company name, primary contact name and e-mail address, license type(s), licensed users, expiration date, and days remaining. Additionally, we have provided more guidance for license installations.

Sandbox Organization and Application for Fresh Installs

Fresh installations starting with this version will, by default, create a "Sandbox Organization" with a child "Sandbox Application". This is to help facilitate the training of new users by providing a premade and safe sandbox for them to learn within. Please refer to the sample data configuration for more information.

1.42 (December 2017)

Java 8 is now required for Nexus IQ Server and Nexus IQ CLI

Oracle Java 8 is now required in order to run Nexus IQ Server and Nexus IQ CLI (previously Java 7 was supported). Using prior versions of Java will fail with an UnsupportedClassVersionError on startup.

Organization REST API now supports creating organizations

The Organization REST API has been enhanced to allow creating new organizations via POST operations. The Organization REST API documentation provides more details on usage.

Nexus IQ CLI now displays scan fingerprinting performance information

The Nexus IQ CLI now displays the number of archives and files fingerprinted and the duration (in seconds) required to fingerprint them.

Nexus IQ Server forceBaseUrl option now works correctly with reverse proxies that change the web application context path

Nexus IQ Server 1.41 failed to load fonts and icons when running behind a reverse proxy that changed the web application context path. The forceBaseUrl option now works as intended in such circumstances.

1.41 (November 2017)

Force baseUrl for user-facing URLs

Sonatype encourages the use of the  X-Forwarded-Proto  and  X-Forwarded-Host  headers set by proxies to match a user-facing URL. If you are not able to use these headers then please contact our customer support team for assistance on how to force the use of the baseUrl.

(warning) The ability to force the baseUrl will be removed in 6 months.

Support for evaluating Java 9 applications and components

The application and component evaluation have been updated to support Java 9 bytecode.

Support for the new Twistlock Console 2.2 in Nexus IQ CLI

We added support for the new Twistlock CLI tool. The new integration requires at least Twistlock 2.2.100. The old twistlock-scanner Twistlock CLI tool is not supported anymore. If you cannot update to at least Twistlock 2.2.100, you can still use previous versions of Nexus IQ CLI.

Notable IQ Server Updates

The Sonatype Integrations team is happy to announce the release of Docker image evaluations in Nexus IQ Server tooling. Docker image tars can be scanned using the latest versions of Nexus IQ tools. Please check the Release Notes to see requirements for Docker evaluations.  Older versions of Nexus IQ tools will scan Docker images but create incorrect results without notification. Additional information can be found in both CLI Evaluating an Application and IQ for Jenkins Docker Images.
We are excited to announce the availability of the Nexus IQ Server plugin for Microsoft Visual Studio users. Developers who use Visual Studio now have access to the precise component intelligence available in Nexus Lifecycle. They can easily identify which components meet corporate guidelines and which ones do not as soon as the component is selected. Having this intelligence directly within the IDE enables developers to choose components that are free from security vulnerabilities,…
The IQ Server team is pleased to announce the availability of Success Metrics charts. These charts demonstrate the value of IQ Server, showing the progress your organization is making by presenting changes in metrics over time. You can access Success Metrics through the IQ Server toolbar. For more information, see the Success Metrics topic.

  • No labels