Inventory Collaborators Scan

The Inventory Scan may include an analysis of administrative users, contributors, and collaborators associated with the repository. This Collaborator analysis helps identify inactive or overprivileged users, tracing potential risks they introduce.

Collaborators analysis

The collaborators analysis will categorize groups and users based on the following criteria:

  • List all SCM user accounts with direct or inherited read, write, or manage permissions on the repository.

  • Identify all SCM groups those user belong to.

  • All git users not related to a SCM account but have commits on the git history. (any branch)

By default, only user activity from the past 12 months is considered.

Collaborators analysis tab can be found in SLDC Inventory page:

(Visit the Collaborators Inventory page)

How to run a Collaborators analysis

Example:

xygeni inventory --dir DIR --format json --output INVENTORY.json --include-collaborators

Last updated