2014 Release Notes

Sonatype encourages using the most current IQ Server release and not trailing behind more than six months. Release notes for the most current versions can be viewed here .

1.12

The team has been listening to your feedback, and working to improve how you interact with the Sonatype CLM Server, and the 1.12 release reflects that. We’ve tweaked and polished, organized and decluttered, added color and changed fonts.

While the UI improvements are the most noticeable, don’t let those distract you from a number of additional enhancements to the Sonatype CLM Server as well. Here are the areas that have had improvements in this release:

  • Sonatype CLM Dashboard

    • Filter
    • Policy Violations Summary
    • Navigation
    • Overall Performance


  • New Policy Violations API

  • Application Composition Report

    • License Analysis
    • Security Vulnerability Scoring


  • Various Bugs

Affected CLM Tools

The majority of features in this update focus on the Sonatype CLM Server, and will require an upgrade. If you are using any of the following components, you should be sure to upgrade them as well.

  • Sonatype CLM CI Plugin
  • Sonatype CLM IDE Plugin (Eclipse)
  • Sonatype Stand-alone (Command Line) CLM Scanner

What’s New in Sonatype CLM 1.12

Sonatype CLM Dashboard

Outside of the changes to colors and fonts, which improve readability and use, several areas of the dashboard have also been enhanced.

Updated Filter

The filter has been been moved into an expandable and collapsible drawer on the left side of the Dashboard. The filter will also now display which filters are in use, and how many selections have been made. You can read more about using the filter in the Filters section of the Dashboard User Guide.

Policy Violations Summary

A new category, Waivers, has been added. In addition, average age value and the 90th percentile value for age have been added to indicate how long a component has been in a particular category.

Navigation and Overall Performance

The breadcrumb navigation for the Dashboard has been improved such that when clicking on the Dashboard breadcrumb will return you to the correct tab within the Dashboard.

In addition to the above, efforts have been made to improve the overall performance of the Dashboard.

New Policy Violations API

We’ve updated the Sonatype CLM REST APIs to include the ability to retrieve Policy Violation information.

Application Composition Report

Two enhancements have been made to the way License and Security information are displayed. The details have been provided below.

License Analysis

The License Analysis area has been updated so that effective licenses are now displayed.

Security Vulnerability

Previously, security vulnerabilities with a level 7 CVSS score were included in the Severe category and indicated with the color orange. These have been moved into the Critical category, which is indicated with the color red. This brings this type of vulnerability into better alignment with the NVD scoring system.