...
- Libraries alert types:
- New Versions - The total count of outdated libraries (counts the libraries that have newer versions)
- Multiple Versions - Multiple versions of the same library are in use
- Multiple Licenses - An alert is triggered for any library that has more than one license.
- Security alerts:
- Per-Library Alerts - The total number of libraries with vulnerability alerts (for example, the alert count for a Product with two Projects where each features an alert for the same library will be "one" and will be displayed in one row noting two project occurrences.)
- Per-Vulnerability Alerts - The total number of vulnerability alerts
- The Libraries table shows detailed information about the product’s (project's) libraries (components). The following attributes are listed:
- Library: Clicking the library name redirects you to the specific library page.
- Licenses: The licenses that are associated with the library.
- Occurrences: The number of occurrences of the library per project.
The Library table in the header has a link to the Inventory Report.
Detailed information about the licences (Licence Distribution)
This section provides an overview of the license distribution of the organization (or product, project), showing which licenses licences are used and how many libraries are associated with each license. The distribution of licences is shown in the pie chart. The following information is displayed for each licence:
...
same policy/licence across projects in the product vs differentiated project policies
Vulnerabilities
Outdated libraries
Interpreting Risk report
The Risk Report is a tool that provides a view of all aspects of open-source libraries concerning their licenses, security, quality and compliance.
...