Skip to main content

2025 Release Notes

This page contains a list of 2025 IQ Server releases, links to each release's release notes, and a brief list of major changes per release.

Summary of Major Changes in 2025

The following table lists major changes in 2025 that should be considered when upgrading to a new version. Select a release for more information. Also be sure to see our release-specific upgrade instructions.

Release

Release Date

Major Changes

187

February 4, 2025

Upgrade Impact

After upgrading a Lifecycle instance using a PostgreSQL database from IQ 182 or earlier to IQ 183 or later, you may temporarily see an internal error when accessing the violations dashboard and find a NullPointerException (NPE) in the logs. This is due to an internal job running in the background; the dashboard will load as expected after the job completes. We will improve this experience in a future release.

  • Hugging Face declared and observed license detection

  • View Latest Evaluations option in Lifecycle

  • Improvements to Security Risk Analysis dashboard

  • Specify SBOM application version during import

  • Easily view SBOM release status

  • Support for Python pipfile.lock

186

January 8, 2025

Upgrade Impact

After upgrading a Lifecycle instance using a PostgreSQL database from IQ 182 or earlier to IQ 183 or later, you may temporarily see an internal error when accessing the violations dashboard and find a NullPointerException (NPE) in the logs. This is due to an internal job running in the background; the dashboard will load as expected after the job completes. We will improve this experience in a future release.

  • Lifecycle Changes

    • Violation dashboard performance improvements

    • Easier onboarding with automatic role assignment

    • Waiver reasons in API responses for the Applicable Waivers, Similar Waivers, Component Waivers, and Stale Waivers REST APIs as well as the UI

    • Dependency tree visualization for Cargo

    • Improved matching process for SBOM scans (impacts Lifecycle and SBOM Manager)

    • New AI Model Usage Data Insight

  • Sonatype Developer Changes

    • Auto-waivers for policy violations on components with no path forward

    • All integrations now listed on homepage tabs

    • Avoid recommending milestone versions

  • SBOM Manager Changes

    • Sort components by name on BOM page

    • Leverage Sonatype Container Security for SBOM Manager container scans

    • Policy violations visible in UI

    • Skip validation support for CycloneDX and SPDX

    • Search by license

    • Original binary filename visible in BOM page

    • Improved matching process for SBOM scans (impacts Lifecycle and SBOM Manager)

  • Repository Firewall Changes

    • Access Firewall via Solution Switcher

  • Notable Integrations Changes

    • IQ CLI is now a standalone solution (i.e., IQ CLI 2.0), which means it is a separate download and is no longer included in the bundled IQ download

    • IQ CLI 2.0 supports Python pipfile.lock

    • IQ CLI 2.0 dependency tree visualization for Cargo

  • This release fixes an issue in release 185 that could cause deadlocking to occur under heavy usage causing the application to become unresponsive.