Hi, folks!
The Customer Education team here is always looking to learn from our most successful customers. Something we know that successful Lifecycle customers are doing is using the Sonatype Platform browser extension.
The Sonatype Platform browser extension for Chrome and Edge (which recently received a major upgrade) is a free, open-source resource for Lifecycle customers. Add the extension, visit a component’s page in a public repository, (Maven, PyPI, RubyGems, etc.), and the extension will evaluate that component against Lifecycle’s policies.
What’s the value? The Chrome browser extension lets you shift left. When developers get information earlier, they make better decisions earlier – and better decisions means less risk, less frustration, fewer disruptions, and higher velocity.
The best practice here is to make the browser extension available to your developers as early as you can. Start by sending an email or message to your development teams to let them know it’s available. Follow up a week later. If they don’t have a login to the IQ Server, provide them with one!
Need more convincing? Consider the following:
- Setup is easy. The extension can be added to a browser with just a few clicks, and connecting the extension to IQ Server requires just two bits of information:
- The URL of your IQ Server.
- A username and password for your IQ Server.
- It’s contextual. During setup, users will pick an Application from the IQ Server, and the extension will compare against that Application’s policies, which means developers will only see policy violations that matter to them. Don’t worry; users can change Applications at any time!
- It’s smart. The browser extension uses the same component intelligence that’s piped into Lifecycle, so you’re always seeing our latest-and-greatest about the component.
- It’s actionable. The extension automatically compares the component in question with other versions of itself, which lets users quickly identify better versions of the same component.
The bottom line is that the platform browser extension is a huge value add that puts power into the hands of your developers, and that means less work for everyone – you included!
Are you using the extension? I’d especially like to know if you have any concerns or apprehensions about the extension. Sound off in the comments below!
Resources:
Sonatype Platform Browser Extension on the Chrome web store
Sonatype Platform Browser Extension on the Edge Add-Ons store
View the files and read documentation on GitHub
For more advice and best practices, visit my.sonatype.com and learn.sonatype.com! In particular, check out our Shift Left guide, and then learn more about putting information in front of developers in our course about Lifecycle integrations with IDEs.