Login Contact Us Book a Demo

Integrations

IntelliJ IDEA Integration

Secure your development workflow directly within the IntelliJ IDEA integrated development environment (IDE). With the Sonatype IntelliJ IDEA integration, you can scan open source components, enforce policies, and get real-time insights — all without leaving your favorite IDE.

Header-LR-Gray-(RIGHT)
Header-LR-Gray-(LEFT)

Code Securely with Sonatype SCA Capabilities in IntelliJ IDEA

The Sonatype IntelliJ IDEA integration is a plugin that brings powerful software composition analysis (SCA) capabilities right into your IntelliJ IDE. With the IntelliJ IDEA plugin, Sonatype Lifecycle automatically evaluates open source components against your organization’s policies. Developers stay informed about risks — such as security vulnerabilities or license issues — before pushing code or creating pull requests. Developers working with IntelliJ IDEA can leverage the plugin to scan projects, detect vulnerabilities, review detailed component intelligence, and get policy evaluations and remediation guidance without leaving IDE workflows.

Explore Sonatype Lifecycle

IntelliJ IDEA Integration Features

Inline Component Intelligence in Your IntelliJ IDE

Access Sonatype’s detailed component data including version history, vulnerabilities, licenses, and popularity directly within IntelliJ.

Real-Time Policy Evaluation

Automatically assess project dependencies against your organization’s policies inside the IntelliJ IDE, with immediate visual indicators for any violations.

Instant Remediation Guidance

Quickly identify safe versions to upgrade to with actionable remediation advice surfaced right in your IntelliJ IDE.

Secure, Streamlined Workflows

Boost developer productivity by integrating Sonatype’s SCA capabilities into IntelliJ IDEA, reducing context switching and enabling smarter decisions during development.

Easy Plugin Installation

Install the Sonatype IntelliJ IDEA plugin in just a few clicks — no complex configuration required.

Maven and Gradle Project Support

Use the IntelliJ IDEA plugin to scan both Maven and Gradle builds for security and compliance issues.

IntelliJ IDEA Resources

Looking to get started or need technical details? Visit our documentation for step-by-step instructions on installing and using the Sonatype plugin for IntelliJ IDEA.

Sonatype Lifecycle and IntelliJ IDEA

Learn More

Auto-remediation now available in Eclipse + IntelliJ

See Blog Post

JavaScript scanning now supported in JetBrains IDEs

Learn More

FAQs

What is Sonatype’s IntelliJ IDEA integration used for?

The IntelliJ plugin enables developers to scan open source components in real-time, identify policy violations, and get actionable remediation advice within IntelliJ IDEA.

What IntelliJ versions are supported?

The plugin supports IntelliJ IDEA version 2022.1 or newer.

What types of projects can the IntelliJ integration scan?

The IntelliJ IDEA integration supports scanning projects that use Maven, Gradle, and PyPI. If you’re using IntelliJ IDEA Ultimate, the plugin can also scan npm-based projects.

What Sonatype product is required to use this IntelliJ IDEA integration?

The IntelliJ plugin integrates with Sonatype Lifecycle to provide policy enforcement and component intelligence.

Where can I download the IntelliJ IDEA integration?

You can install it from the Sonatype integrations page or visit the JetBrains Marketplace.