Login Method
WhiteSource provides a number of methods for user login. In GEANT organization it is used Single sign-on login (SSO).
Do as follows:
- Open page WhiteSource Home
Click Sign in with SSO.
Enter your email address in order to be forwarded to your company's login page.
The organization Home Page page opens immediately after logging in to WhiteSource (Understanding the WhiteSource Home Page).
Finding your product and projects
A detailed explanation of the terms Products, Projects, and Organizations in WS is given here.
The Product page displays detailed information regarding a specific Product (Product scan result). The Product page for specific product is accessed from the Products menu item of the main menu and a detailed description is given here.
The Project page displays detailed information about a specific project. It can be accessed from the Projects menu item in the main menu. A detailed description is given here.
-------------
If it has been scanned
Narrowing the perspective to a project
Navigating multiple scans
Important information in WS (UI)
Significant tables and charts and how to find, customise and interpret them
Libraries and dependencies
Licenses
Interpreting WS information about licences
The difference in interpreting the presence of a problematic library when assessing the situation vs exploring license compatibility and compliance options vs checking compliance with the established product's licence
same policy/licence across projects in the product vs differentiated project policies
Vulnerabilities
Outdated libraries
Interpreting Risk report
The Risk Report is a management-level tool that provides a bird's-eye view of all aspects of an account's open-source libraries with regard to security, quality and compliance.
The report is available from the "Reports" menu. More about this is here.
-----------------------------------------
Where to get it
What to look at and how to interpret it
Updates of background information in reports
Customising visibility
Organization administrators have admin privileges in the product/project whether or not they are assigned directly. All scanned products are visible to administrators in WS.
By default, anyone who applies to WhiteSource can see (read) its content of all products / projects of a given organization. It is possible to restrict read permissions to scan results for specific products/projects. So you can contact WS team when you want to get access to a specific project that has limited visibility or contact WS team to restrict the reading permissions to scan reports for a specified product project.