

Eclipse Integration
Bring secure development directly into your workflow with the Sonatype for Eclipse integrated development environment (IDE) integration. This plugin embeds software composition analysis (SCA) and policy enforcement into Eclipse IDE for Java and other supported languages, helping developers identify and fix open source risks without ever leaving their Eclipse IDE software.
Works With: 
Using Eclipse IDE with Sonatype Lifecycle
The Sonatype for Eclipse IDE integration enables real-time software composition analysis by scanning your open source components and delivering immediate feedback on security, license, and quality policy violations. The integration works natively within Eclipse IDE for Java development, making it easier to remediate issues during active coding.
Developers using Eclipse IDE can now automatically scan their Maven projects and receive detailed policy violation information within the IDE. The Eclipse integration with Sonatype Lifecycle ensures your applications meet security and compliance requirements from the earliest stages of development.
Eclipse Integration Features
Inline Policy Violation Warnings
Get real-time alerts within Eclipse IDE when open source components violate organizational policies related to security, licensing, or quality.
Direct Links to Sonatype Lifecycle Reports
Quickly access detailed guidance and remediation strategies by jumping from Eclipse policy results to full Sonatype Lifecycle reports.
Automated Scanning for Maven Projects
Easily run software composition analysis on your Maven projects without leaving Eclipse IDE for Java or other languages
Shift Left Security
Catch issues earlier and reduce technical debt by building open source risk management directly into your development environment.
Component Intelligence
Gain deep visibility into components, including known vulnerabilities, license obligations, popularity, and project health, all from your Eclipse IDE.
Developer-Friendly Interface
Let developers view scan results, investigate issues, and navigate component details without leaving their workflow, reducing friction and supporting continuous development.
Related Integrations
Eclipse IDE Software Documentation
Looking to get started or need technical details? Visit our documentation for step-by-step instructions on installing and using the Sonatype for Eclipse integration.
FAQs
What types of projects are supported by the Sonatype for Eclipse IDE integration?
The integration supports software composition analysis for Maven projects within the Eclipse IDE.
What do I need to start using this Eclipse integration with Sonatype?
You’ll need Eclipse IDE software installed, a Sonatype Lifecycle license, and the Sonatype for Eclipse integration.
Can I use this integration with Eclipse IDE for Java development?
Yes, the integration works seamlessly with Eclipse IDE for Java and supports scanning Java-based Maven projects.
Will I get real-time policy feedback while coding in Eclipse IDE?
Yes, you’ll receive immediate, inline alerts and policy results based on your organization’s predefined open source governance rules.
Is software bill of materials (SBOM) support included?
Yes. With Sonatype Lifecycle, Jenkins builds can automatically generate and upload SBOMs for monitoring and compliance purposes.