Developer Dashboard
Sonatype Developer Dashboard provides insights into the extent of application adoption, risk remediation timelines and the current state of application evaluations.
Click on the Developer option in the left navigation section to view the Developer Dashboard.
Overview tab
Integration Adoption Report
The integration adoption chart indicates the percentage of applications in your organization that use the Sonatype integration plug-ins for SCM and CI/CD each month.
The trend line can help decide whether the use of Sonatype integration plug-ins should be ramped up, to maintain the security posture.
Risk and Remediation Timeline
The Count (y-axis) represents the number of active waivers and the number of applications with failing violations.
The trend lines can help determine the corrective actions needed to remediate the risks.
Mean Time to Remediate
The Meant Time to Remediate represents the average age of the violations that where remediated each month your applications.
The trend line gives an insight into the priority given to remediation tasks on a monthly basis.
Applications Configuration Build Stage Summary
This section summarizes the risks to your build pipeline and displays the IQ Server scan findings for each application. It contains:
Applications that are currently configured or not configured with CI/CD plugins. Click on the Configure button to find out more on configuration details.
Applications that have or do not have automated source control feedback enabled. Click on the Configure button to find out more on configuration details.
The date of the last commit.
The date of last evaluation performed by the IQ Server
Total Risk (total no. of violations)
The Priorities column with a link to view the suggested priority of the violations that need to be remediated for the application.
Using the Filter
Use the filter to limit the scope of your focus to target applications that are configured/non-configured for CI/CD or SCM feedback.
Using the Search
To navigate to a specific application, enter the name of the application in the Search box at the top of the applications list.
Review the Application Configuration
Click on an application name to view the existing IQ Server settings for the application, including the assigned application categories, policies applied, enabled/disabled legacy violations, continuous monitoring settings, proprietary component configuration, component labels assigned, applicable license threat groups, existing source control integration, InnerSource repository configuration, and user roles and access,
Available Plugins
Click on any of the tabs to view the Sonatype IQ Server plugins currently available for integration with CI/CD pipelines, SCM, issue tracking systems and IDE integrations.
The plugins are updated on a regular basis, corresponding to every release of the Sonatype IQ Server. We suggest checking these periodically to ensure that you are using the most recent version of the plugin.