Open Source Components
PreviousOpen Source (SCA) User Interface GuideNextSupported Package Managers for dependency resolution
Last updated
Last updated
The Open Source Components page provides a comprehensive view of all your project's dependencies :
This page is an Inventory view of your dependencies. Please refer to Inventory - Components for a full description.
The Alert filter field allows you to see those dependencies with License warnings, dependencies tagged as Malicious code or Obsolete dependencies.
Filtering by Licensing allows you to see those dependencies with some kind of License warning.
A Licensing Compliance Alert typically has to do with usage of Copyleft licenses.
Filtering by Malware allows you to see those dependencies that have been identified as malware.
For "known" malware: Xygeni gathers details from public sources (NIST's NVD, GitHub Advisory Database and OSV among others) to identify and document these components.
For "unknown" malware: Xygeni provides a Malware Early Warning (MEW) functionality that conducts real-time scans to detect and block malware based on code behavior analysis.
Components with License alerts can be identified by icon.
Clicking on the icon of a component with a License alert will open a Summary slide with details of the component.
Components with Malware alerts can be identified by the icon.
Clicking on the icon of a component with a Malware alert will open a Summary slide with details of the component.
