Sonatype IQ Server Release 181

55 views
Skip to first unread message

Dariush Griffin

unread,
Aug 21, 2024, 4:59:01 PM8/21/24
to clm-anno...@glists.sonatype.com
Hi all,

The latest version of Sonatype IQ Server version 181 has been released and is freely available for download for all existing users.


This is an Emergency Bug Fix Release, that fixes an issue that could cause IQ Server instances to shutdown. Such incidents occurred when using the Source Control Management (SCM) features like Automated Pull Request and Pull Request Commenting.


We highly recommend that users of IQ Server versions 179 and 180 upgrade to this version immediately.


In addition to the bug fix, it contains all new features, improvements and notable bug fixes of release 180.


New Features in Release 180


  1. Sonatype IQ Server and IQ CLI scanner now support Java 21 and 22 bytecode fingerprinting.

  2. Sonatype SBOM Manager can ingest CycloneDX 1.6 for export and application analysis.

  3. Firewall for Artifactory (FWFA) users can set custom quarantine messages using the quartantineItemCustomMessage property for Configuration REST API to set up more meaningful messages for failed component requests.


Other Improvements in this Release 


  • No more confusion due to Stale Policy Evaluation Reports

The Re-evaluate button will now appear as disabled for policy evaluation reports that are not the latest. Users will be alerted and a link to the latest evaluation report will be provided on the page.


  • Use the Product Switcher

Sonatype Lifecycle users can seamlessly navigate to Sonatype Developer for a standalone Developer experience, using the product switcher in the top navigation menu. 


  • Skip SBOM schema validations

CyclondeDX SBOMs that are not compliant specifications can still be scanned by enabling the skipSbomImportValidation feature using the Feature Configuration REST API.


  • Detect the Type of Vulnerability Detection Used

The new field detectionType obtained in the response of the GET method of Vulnerability Details REST API will indicate the type of vulnerability detection that was used to detect the vulnerable component. 


  • Set Custom Quarantine Messages in FWFA

Users can provide a custom quarantine message using the quartantineItemCustomMessage property for Configuration REST API to set up more meaningful messages for failed component requests.


  • Faster ALP

This release offers major performance enhancements to the Legal Obligations page in the Advanced Legal Pack (ALP). It improves the response times for instances that have a large volume of applications (>10,000.)


Reminder

Release 179 was the last to support Java 8 and 11, If you are unable to upgrade to Java 17 you will need to remain on release 179 until you can do so. Release 179 downloads are available on the Downloads Archives page.


For more detailed information on release 180 and tracking resolved issues, refer to the release notes.

--

Dariush Griffin

Senior Product Manager
Mobile: 512.299.0429

 Sigstrlogo2x1657561912.png

Read the guide that defines rapidly changing open source.

Reply all
Reply to author
Forward
0 new messages