Summary
Starting June 30, users of Nexus Lifecycle and Nexus Firewall who evaluate CocoaPods may experience a change in CocoaPods results.
The change is due to Sonatype’s continuing improvement to CocoaPods. The improvements are in the area of identity and security data services and intended to provide a better experience to our users.
What are the improvements?
CocoaPods now has identity data. Users no longer need to use the Data Source policy condition.
This will also give users access to better security data and as a result, you’ll have more violations. However, this is simply providing more accurate results for you.
You may also notice that existing CocoaPods waivers are no longer waived. Reports from old scans will be viewable except for the vulnerability tab. Users will need to perform a rescan - a reevaluation of the report will not solve the problem.
Where can I ask additional questions?
You can reply directly to this post. If you are not already registered to the Sonatype Community, you’ll be prompted to create an account that will also allow you to engage with other posts and members of the Sonatype Community.
Notifications can be configured to ensure you are aware of updates to this thread or other important announcements in the Community.