How to disable Log4j Visualizer from Nexus Welcome page

[samkhamk]

Hello Team,

I am building nexus container with latest version but I don’t want popup message for log4j visualizer at Nexus Welcome page , is there any setting I can enable/disable to disable that warning

I tried to comment here

github.com sonatype/nexus-public/blob/0da1f75f64137a453504ea52dd2519270afc8fc9/plugins/nexus-coreui-plugin/src/main/resources/static/rapture/NX/coreui/controller/Outreach.js#L148

log4jDisclaimerAvailable = response.data === 'false'; var user = NX.State.getUser(); if (user && user.administrator) { welcomePage.add({ xtype: 'container', id: 'log4jDisclaimer', hidden: !log4jDisclaimerAvailable, style: { padding: '24px' }, html: '

' + // TODO close btn is disabled due to some UI issues '

' + ' ' + '

In response to the log4j vulnerability identified in CVE-2021-44228 (also known as "log4shell") impacting organizations world-wide, we are providing an experimental Log4j Visualizer capability to help our users identify log4j downloads impacted by CVE-2021-44228 so that they can mitigate the impact. Note that enabling this capability may impact Nexus Repository performance. Also note that the visualizer does not currently identify or track other log4j vulnerabilities.

' + '

Enable Capability

' + '

', listeners: { render: function(doc) { doc.el.dom.getElementsByClassName('nx-log4j-button')[0].addEventListener('click', function(event) {

Which is part of the “nexus-coreui-plugin” ( see nexus-public/plugins/nexus-coreui-plugin at release-3.38.0-01 · sonatype/nexus-public · GitHub

but it will be helpful if anyone can direct me to correct file, I know its weird request but that pop is not allowing us to do some automation testing,

Please guide

Regards SAM