Aug 17, 2022
09:00 PM
If your Code Insight servers are behind a firewall, you may want to check the logs to see if there are failures accessing external url: https://proxy.golang.org/github.com
This url is missing from the admin documentation 'External URLs' section thru release 2022R2 (7.20). I ran into that problem when attempting to scan go, and ending up with 0 inventory items. Also note that Code Insight detects top-level inventory and direct deps for go projects. Also only detects go components from GitHub forge.
... View more
May 08, 2022
09:30 PM
I found the answer to my first question. I had overlooked the REST API interfaces in the swagger doc under /projects/{projectID}.
Still curious whether reports can be run without registering the report.
thanks,
... View more
May 07, 2022
05:56 PM
I would like to generate report via the command line, is this possible in current FNCI v7 release?
Related question - Is it possible to run any of the custom reports without installing on core server?
... View more
Labels
- Labels:
-
FlexNet Code Insight 7.x
-
How To
Apr 28, 2020
05:31 PM
Thank you, Medha. My apologies -- I overlooked the Oracle JRE requirement stated in the guide. Do you know if there are any plans to support OpenJDK in the detector client? thanks, Michelle
... View more
Apr 27, 2020
02:22 PM
Starting with FNCI 6.13.0, The Release Notes and Admin guide indicate that Zulu OpenJDK 8 (64-bit from Azul) is supported. Does your comment above mean that Zulu OpenJDK is supported for core & scan servers only, and not for the detector client? This is not indicated in current documentation. thanks, Michelle
... View more
Apr 06, 2020
04:02 PM
What are the plans to support Dockerfile scanning in FNCI v6 From initial tests scanning docker containers (using 6.x, on docker layer tarfiles), the scan results are incomplete. e.g. No inventory for baseOS layer (centos/rpm-based, no matches on libs/executables), and partial for other layers. Having inventory for the BaseOS layer is important because with container distribution model, the user-space OS components are now being distributed which has copyleft compliance implications (many user-space Linux components are under a copyleft license). Scanning the Dockerfile would provide details of OSS dependencies at the source level, without requiring full image build/scan. I have not tried using the v7 container plugin yet, so don't know if users are getting better results with the v7.
... View more
Labels
- Labels:
-
FlexNet Code Insight 6.x
Apr 06, 2020
01:31 PM
Are there any plans to support ability to specify range of versions in request policies? The ability to set a request policy based on a range of versions.e.g. using wildcards or regex would significantly reduce review overhead and improve compliance. Use case: Users submit requests for all component updates. The ability to policy approve requests that are minor version updates , e.g. 1.1 -> 1.2 , that are submitted to address vulnerabilities would significantly improve efficiency and reduce workload for submitters and approvers. It is extremely rare to have license changes in bug fix patches, so this would be safer than using "any version" + license. Defining a Policy using "any version" + license is not a safe solution, since licenses can change between major releases (from permissive to copyleft or non-OSI type license), and component definitions in PDL often club all licenses together at a component level (versus version level). This allows requester to select any license from the list of licenses for that component, even if NOT correct for the specified version. If policy-approval in effect then the wrong license could be selected and auto approved. It is critical to NOT policy-approve a component where a license has changed from permissive to copyleft, AGPL or SSPL type of license.
... View more
Labels
- Labels:
-
FlexNet Code Insight 6.x
Nov 04, 2019
11:03 AM
FNCI 6.x -- attachments to requests are kept under {install-dir}/config/core/attachments/{mmddyyyy}_ {nnnnnnnnn}_{username}_{attachment filename} I am not sure what the {nnnnnnnnn} number is -- I assume it is a timestamp? Is there a way to determine from this filename what request the file is attached to? It would very useful if an attachment name could be mapped back to the request to which it is attached. thanks, Michelle
... View more
Labels
- Labels:
-
FlexNet Code Insight 6.x
Nov 04, 2019
10:38 AM
I have experienced the same issue -- detector display gets corrupted and unusable after 1-2 hours, and only fix seems to be to exit and restart detector. my setup: Windows 10, Firefox (currently 69.03, but happened with earlier versions as well) I have noticed that resizing the detector window almost always causes strange display issues, but even without resize, I have issues with display corruption, just not as often. I have not found a solution, except to exit & restart detector --michelle
... View more
Latest posts by mruscetta
Subject | Views | Posted |
---|---|---|
215 | Aug 17, 2022 09:00 PM | |
289 | May 08, 2022 09:30 PM | |
299 | May 07, 2022 05:56 PM | |
1064 | Apr 28, 2020 05:31 PM | |
1073 | Apr 27, 2020 02:22 PM | |
1886 | Apr 06, 2020 04:02 PM | |
1037 | Apr 06, 2020 01:31 PM | |
1312 | Nov 04, 2019 11:03 AM | |
502 | Nov 04, 2019 10:38 AM |
Activity Feed
- Kudoed “I don’t know” license type should not be published for sewechad. Oct 05, 2022 09:34 PM
- Kudoed Tips for Filing Support Cases (SCA) for jrubin1. Sep 19, 2022 11:13 PM
- Posted Re: Scanning a Golang project results in 0 inventory items on Code Insight Forum. Aug 17, 2022 09:00 PM
- Kudoed Code Insight Resources to bookmark and subscribe to for jrubin1. May 10, 2022 06:06 PM
- Posted Re: Code Insight 7 - can reports be generated via command line (vs GUI) on Code Insight Forum. May 08, 2022 09:30 PM
- Posted Code Insight 7 - can reports be generated via command line (vs GUI) on Code Insight Forum. May 07, 2022 05:56 PM
- Kudoed Bypassing Proxy Server for erohitkatta. Apr 21, 2021 05:47 PM
- Kudoed FNCI 6.13.3 - CodeAware Now Replacing Analyzer . for lpopescu. May 14, 2020 02:16 PM
- Posted Re: How do you launch the detector client if you don't want to install Oracle JDK? on Code Insight Forum. Apr 28, 2020 05:31 PM
- Posted Re: How do you launch the detector client if you don't want to install Oracle JDK? on Code Insight Forum. Apr 27, 2020 02:22 PM
- Posted Plans to Support for scanning docker files on Code Insight Forum. Apr 06, 2020 04:02 PM
- Kudoed Scanning Docker Files for sewechad. Apr 06, 2020 03:35 PM
- Posted Setting request policy based on version range (v6, workflow) on Code Insight Forum. Apr 06, 2020 01:31 PM
- Kudoed SPDX for bandrighetti. Mar 10, 2020 05:10 PM
- Posted Is there a way to determine the request an attachment is associated with? on Code Insight Forum. Nov 04, 2019 11:03 AM
- Posted Re: Detector's screen gets corrupted on Code Insight Forum. Nov 04, 2019 10:38 AM
- Kudoed Re: Version Scanning Best Practices for sewechad. Aug 15, 2019 02:02 PM