Nexus IQ Server Release 163
Dariush Griffin
Latest version of Sonatype IQ Server version 163 has been released and is freely available for download for all existing users.
With a sharp focus on customer feedback that drives the continuous improvement at Sonatype, we are excited to present release 163 with some significant improvements and bug fixes.
Improvements in this release
Analysis of conaninfo.txt file: The improved analysis process for Conan dependencies now handles the scenario of duplicate dependencies by giving higher precedence to dependencies under the “full_requres” section over those under the “requires” section of the conaninfo.txt file.
SBOM Generation: Scanning binaries that contain components with the same coordinates, but different hashes could lead to duplicates in the SBOM. The SBOM generation for all supported ecosystems has been improved to avoid such duplicates that resulted in invalid SBOM files.
Wildcard character set compatibility: Sonatype (Nexus) IQ for SCM is now compatible with all wildcard characters used in markdown across supported developer platforms. This fixes the issue of malformed pull request (PR) layouts on encountering wildcard characters.
Notable Bug Fixes
The response for Cyclone DX REST API has been tweaked to include a predefined parent component name as a placeholder, if the application evaluation report does not contain any project data.
Fix for an issue with IQ webhook payload (pathnames) that triggered at the Violation Alerts event.
We have resolved the gateway timeout issue in reverse proxy environments, for long running Attribution Reports in ALP, containing large no. of components.
The duplicate primary key error condition that occurred due to incompatible handling of case sensitive characters in GitHub has been resolved.
For more detailed information on release 163, please refer to the release notes.
Thank you,
Dariush Griffin
Sonatype Lifecycle - Product Manager
--
