Since I’m a developer, I’m gonna bless you with the tl;dr right here. Jump on over to the VS Code Marketplace and check out the new Nexus IQ integration to VS Code. For those of you that want to understand how we built it, why we built it, and the problems it solves, read on for more information.
Innovation Days at Sonatype
At Sonatype, we participate in innovation days every two weeks, where employees take a break from their normal work and dive into projects they are interested in. All this activity culminates with a Hack-o-vation week, where larger teams band together to work on new interests or scale prior innovation day projects.
The Nexus Lifecycle (IQ Server) VS Code Extension was started and spearheaded by Cameron during previous improvement days. The first version of the integration was very popular with over 1,000 downloads, but it only worked with Nexus Lifecycle (IQ Server).
During our recent Hack-o-vation week, a team of developers including Cameron, Adrian Powell (Sonatype developer) and myself (Allen Hsieh) decided to extend the integration to support our free offering, Sonatype OSS Index, so that anyone could start scanning vulnerable open source components and gain insight into the (Read more...)
*** This is a Security Bloggers Network syndicated blog from Sonatype Blog authored by Allen Hsieh. Read the original post at: https://blog.sonatype.com/new-integration-to-visual-studio-code-nexus-iq-and-oss-index