Viewing Source Matches

FlexNet Code Insight 2019 R3

When you scan your codebase with source-code (fingerprint) matching enabled, FlexNet Code Insight will produce results that you can view from the Partial Matches tab for a given codebase file. The results include a list of third-party (remote) files associated with fingerprint instances discovered. When you select one of these remote files, the fingerprint instances that match code in the remote file are highlighted in your source code.

Note • The size limit for a file that you open in the Partial Matches tab is 2 MB. If the file you want to inspect is too large, you can download and open it outside of FlexNet Code Insight to inspect it manually for evidence.

To view source matches, do the following:

1. Ensure that you have run a scan with Comprehensive Scan Profile selected in the project (or a custom scan profile with source-code matches enabled). For more information, see “Creating a Scan Profile” in the FlexNet Code Insight Installation and Configuration Guide.
2. In the Analysis Workbench, click the Source link in the legend at the top right of the page to filter to all files with source-code matches (see Using the Filter Legend Options to Filter the Codebase). Results are listed in the File Search Results pane.
3. Click a codebase file in the list in File Search Results, and select the Partial Matches tab.
4. On the Partial Matches tab, click the Source Matches selection box at the top of the tab to enable source code fingerprint match results.

The Remote Files panels are displayed.

5. Select a remote file in the Remote Files panel on the left to highlight the source code fingerprint matches in the file and to see the lists of associated component and license information (on the Components and Licenses panels, respectively).

The information in the Remote Files panel consists of a set of files from the open source community that contain identical code to the scanned file. This means that the scanned file in the codebase possibly contains content that originated from outside the organization, and its origin needs to be identified.

See the More About the “Remote Files” Panels on the Exact or Partial Matches Tabs for details about the functionality available from the three panels.

Note that, for source matches, the Remote Files panel will additionally contain the following CodeRank values:

CodeRank (CR%): A composite heuristic comprised of Coverage, Clustering, and Uniqueness. The higher the number, the stronger the match confidence.
Coverage (CV%): The percentage of the matching third-party file contained in your scanned file.
Clustering (CL%): The density or proximity of the source code matches within your scanned file.
Uniqueness (U%): The uniqueness of the set of discovered source code matches are in the Compliance Library (CL).
Matches: The number of unique matches in the scanned file.
6. To view the instances of other types of evidence (for example, copyrights, licenses, URLs, email addresses, and search terms) in the codebase file, click the appropriate color-coded selection boxes at the top of the Partial Matches tab:

Each instance of evidence is highlighted in the same color as its corresponding selection box.

FlexNet Code Insight 2019 R3 Help Library

October 2019

 Copyright Information | Flexera

Open topic with navigation