Skip Navigation
intelliJIdea +sonatype logo resized-1

IntelliJ IDEA Integration

Secure your development workflow directly within the IntelliJ IDEA integrated development environment (IDE). With the Sonatype IntelliJ IDEA integration, you can scan open source components, enforce policies, and get real-time insights — all without leaving your favorite IDE.

Works With:  sonatype-lifecycle-icon

Code Securely with Sonatype SCA Capabilities in IntelliJ IDEA

The Sonatype IntelliJ IDEA integration is a plugin that brings powerful software composition analysis (SCA) capabilities right into your IntelliJ IDE.

Developers working with IntelliJ IDEA can leverage the plugin to:

  • Scan Maven, Gradle, PyPI, and (with IntelliJ IDEA Ultimate) npm projects directly in the IDE
  • Instantly detect vulnerable or risky components
  • Review detailed component intelligence powered by Sonatype Lifecycle
  • Get policy evaluations and remediation guidance without context switching
Blue and Black Sonatype Lifecycle Logo Stacked

 

IntelliJ IDEA + Sonatype Lifecycle

The integration between IntelliJ IDEA and Sonatype Lifecycle empowers development teams to shift security left by identifying vulnerabilities early in the software development life cycle (SDLC).

With the IntelliJ IDEA plugin, Sonatype Lifecycle automatically evaluates open source components against your organization’s policies. Developers stay informed about risks — such as security vulnerabilities or license issues — before pushing code or creating pull requests.

IntelliJ IDEA Integration Features

Inline Component Intelligence in Your IntelliJ IDE

Access Sonatype’s detailed component data including version history, vulnerabilities, licenses, and popularity directly within IntelliJ IDEA.

Instant Remediation Guidance

Quickly identify safe versions to upgrade to with actionable remediation advice surfaced right in your IntelliJ IDE.

Real-Time Policy Evaluation

Automatically assess project dependencies against your organization’s policies inside the IntelliJ IDE, with immediate visual indicators for any violations.

Secure, Streamlined Workflows

Boost developer productivity by integrating Sonatype’s open source risk management into IntelliJ IDEA, reducing context switching and enabling smarter decisions during development.

Support for Maven and Gradle Projects

Use the IntelliJ IDEA plugin to scan both Maven and Gradle builds for security and compliance issues.

Easy Plugin Installation

Install the Sonatype IntelliJ IDEA plugin in just a few clicks — no complex configuration required.

IntelliJ IDEA Resources

Looking to get started or need technical details? Visit our documentation for step-by-step instructions on installing and using the Sonatype plugin for IntelliJ IDEA.

Integration_IntelliJ_IDEA@2xicon-integration_arrowsonatype-lifecycle-icon

Sonatype Lifecycle and IntelliJ IDEA

Learn More

Eclipse+IntelliJ-IDEA+Integration_VisualStudioCode@2x

Auto-remediation now available in Eclipse, IntelliJ, and Visual Studio

Learn More

logo_JetBrains_v3

JavaScript scanning now supported in JetBrains IDEs

Learn More

FAQs

What is Sonatype’s IntelliJ IDEA integration used for?

What IntelliJ versions are supported?

What types of projects can the IntelliJ integration scan?

What Sonatype product is required to use this IntelliJ IDEA integration?

Where can I download the IntelliJ IDEA integration?