You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 14 Next »

Log in

WhiteSource provides a number of methods for user login. In GEANT, use the single sign-on login (SSO):

  1. Open WhiteSource login at https://app-eu.whitesourcesoftware.com/

  2. Click Sign in with SSO.

  3. Enter your GEANT email address in order to be forwarded to the GEANT login page.

  4. Log in with your identity provider as you would for other GEANT services.
  5. Your GEANT WhiteSource Home Page opens.

On subsequent logins, you can go directly to https://app-eu.whitesourcesoftware.com/Wss/WSS.html - depending on saved cookies, some or all of the previous steps may be skipped.

Dashboard

Many things are shown on the WhiteSource dashboard. To understand them, read Understanding the WhiteSource Home Page or the following text which is focused on licences and interpretation of the provided data for GEANT.

Finding your product and projects

A detailed explanation of the terms Products, Projects, and Organizations in WS is here. In a nutshell: your team is working on a WhiteSource 'product' which may consist of several pieces of software, which are in WhiteSource called 'projects'.

The Product Page displays detailed information about a specific product (the result of a product scan for a specific version). The product page for a product is accessed from the Products menu item of the main menu and a detailed description is here.

The Project page displays detailed information about a specific project within a previously selected product. It can be accessed from the Projects menu item in the main menu. A detailed description is here.

-------------

If it has been scanned

Narrowing the perspective to a project

Navigating multiple scans

Key information in WhiteSource user interface

Significant tables and charts and how to find, customise and interpret them

Libraries and dependencies

Licenses

Interpreting WS information about licences

The difference in interpreting the presence of a problematic library when assessing the situation vs exploring license compatibility and compliance options vs checking compliance with the established product's licence

same policy/licence across projects in the product vs differentiated project policies

Vulnerabilities

Outdated libraries

Interpreting Risk report

The Risk Report is a management-level tool that provides a bird's-eye view of all aspects of an account's open-source libraries with regard to security, quality and compliance.
The report is available from the "Reports" menu. More about this is here.

-----------------------------------------

Where to get it

What to look at and how to interpret it

Updates of background information in reports

Customising visibility

The GEANT WhiteSource admins can always see all scanned GEANT products.

By default, anyone who applies to WhiteSource can see the content of all non-restricted GEANT products and projects in WhiteSource. It is possible to restrict read permissions to scan results for specific products and projects. You can contact the GEANT WhiteSource support to get access to a specific project that has limited visibility or to restrict the permissions for a specified product or project.

  • No labels