SONATYPE SOFTWARE SUPPORT POLICY 4.0 – OPEN SOURCE OFFERINGS
Pursuant to and in accordance with Section 6 of Sonatype’s Software Support Policy available at https://www.sonatype.com/usage/software-support-policy (“Support Policy”), Sonatype will provide support for the following open source tools (“Open Source Offerings”):
Nancy - https://github.com/sonatype-nexus-community/nancy
Nancy scans Golang projects for vulnerable third party dependencies.
Chelsea - https://github.com/sonatype-nexus-community/chelsea
Chelsea is a CLI application that scans RubyGem projects for vulnerable third party dependencies.
Jake - https://github.com/sonatype-nexus-community/jake
Jake scans Python and Conda environments for vulnerable third-party dependencies.
AuditJS - https://www.npmjs.com/package/auditjs
Nexus IQ Chrome Extension - https://github.com/sonatype-nexus-community/nexus-iq-chrome-extension
Chrome Plugin for use with Sonatype Nexus Lifecycle - IQ server
Nexus Firewall for Artifactory Plugin - https://github.com/sonatype/firewall-for-artifactory
Firewall plugin for JFrog Artifactory to block known and unknown risk from entering your SDLC.
* This list of Open Source Offerings and the terms of the Support Policy may be updated by Sonatype from time to time at its discretion.