Login Contact Us Book a Demo

Integrations

Eclipse Integration

Bring secure development directly into your workflow with the Sonatype for Eclipse integrated development environment (IDE) integration. This plugin embeds software composition analysis (SCA) and policy enforcement into Eclipse IDE for Java and other supported languages, helping developers identify and fix open source risks without ever leaving their Eclipse IDE software.

Header-LR-Gray-(RIGHT)
Header-LR-Gray-(LEFT)

Using Eclipse IDE with Sonatype Lifecycle

The Sonatype for Eclipse IDE integration enables real-time software composition analysis by scanning your open source components and delivering immediate feedback on security, license, and quality policy violations. The integration works natively within Eclipse IDE for Java development, making it easier to remediate issues during active coding.

Developers using Eclipse IDE can now automatically scan their Maven projects and receive detailed policy violation information within the IDE. The Eclipse integration with Sonatype Lifecycle ensures your applications meet security and compliance requirements from the earliest stages of development.

Explore Sonatype Lifecycle

Eclipse Integration Features

Inline Policy Violation Warnings

Get real-time alerts within Eclipse IDE when open source components violate organizational policies related to security, licensing, or quality.

Direct Links to Lifecycle Reports

Quickly access detailed guidance and remediation strategies by jumping from Eclipse policy results to full Sonatype Lifecycle reports.

Automated Scanning for Maven

Easily run software composition analysis on your Maven projects without leaving Eclipse IDE for Java or other languages.

Shift Left Security

Catch issues earlier and reduce technical debt by building open source risk management directly into your development environment.

Component Intelligence

Gain deep visibility into components, including known vulnerabilities, license obligations, popularity, and project health, all from your Eclipse IDE.

Developer-Friendly Interface

Let developers view scan results, investigate issues, and navigate component details without leaving their workflow, reducing friction for continuous development.

Eclipse IDE Software Documentation

Looking to get started or need technical details? Visit our documentation for step-by-step instructions on installing and using the Sonatype for Eclipse integration.

Integration Documentation

See Full Documentation

Auto-remediation in Eclipse and IntelliJ

See Blog Post

Eclipse IDE FAQs

What types of projects are supported by the Sonatype for Eclipse IDE integration?

The integration supports software composition analysis for Maven projects within the Eclipse IDE.

What do I need to start using this Eclipse integration with Sonatype?

You’ll need Eclipse IDE software installed, a Sonatype Lifecycle license, and the Sonatype for Eclipse integration.

Can I use this integration with Eclipse IDE for Java development?

Yes, the integration works seamlessly with Eclipse IDE for Java and supports scanning Java-based Maven projects.

Will I get real-time policy feedback while coding in Eclipse IDE?

Yes, you’ll receive immediate, inline alerts and policy results based on your organization’s predefined open source governance rules.

Is software bill of materials (SBOM) support included?

Yes. With Sonatype Lifecycle, Jenkins builds can automatically generate and upload SBOMs for monitoring and compliance purposes.