Does code insight provide EOL details for the components?

nikhilamy · ‎Nov 29, 2023

Hi team,
I am investigating on fetching EOL information for the components detected in scans
Can someone please let me know if Revenera has the ability to provide the below information
1. Components which has reached EOL/nearing EOL
2. If the module is a minor version, suggestions on the latest LTS version/alternative versions
3. Suggestions on versions without vulnerabilities

tphamda · ‎Nov 29, 2023

Hi @nikhilamy,

Code Insight does not currently have the ability to retrieve end-of-life notices for component versions or provide suggestions on what versions to use.

However, we do have an open enhancement request for retrieving EOL on component versions. As there is no single source of truth for end-of-life information, the feature would need to pull in data from many different sources, and we will not able to address this issue in the near future, but if you would like to receive updates on this ticket, please open a support case with us.

If you wanted to submit enhancement requests for #2 and #3, please feel free to open support cases for those as well.

tphamda · ‎Dec 01, 2023

@nikhilamy,

I was recently reminded that there is some relevant information we provide via the Project Inventory Report. This is one of our customizable Python-based reports available on our public Github Repo.

This report calls out the outdated version as an “Old version” compliance issue and when you mouse over, a pop-up indicates how far back the selected version is to the latest version in the Code Insight library. Here is a screenshot of the report:

Does code insight provide EOL details for the components?

FlexNet Code Insight 7.x

Revenera