Scan Types

Code Insight 2021 R2

Code Insight performs two type of codebase scans—server and remote. A single Code Insight project for a given application can contain of the results of either or both types of scans.

Server Scans

Server scans are performed by the Code Insight Scan Server. A server scan requires that the codebase files you want to scan reside on the Scan Server. These files are placed on the server either by uploading them (manually or through Code Insight) or by synchronizing one or more repositories in a Source Control Management (SCM) system, such as Git or Perforce, to the server. The complete codebase for a server scan typically represents the source code for a given application. Once the scan is complete, you can review and remediate the inventory of discovered open-source and third-party software, as well as audit the scanned files to verify the inventory findings and customize inventory as needed. For more information about configuring a project for server scans and performing these scans, see the following:

Uploading a Project Codebase (for Server Scans)
Configuring Source Code Management
Scanning the Codebase (Server Scans)

Remote Scans

Remote scans are performed by a Code Insight scan-agent plugin, which is installed and configured on a remote instance to perform a scan within the context of an Engineering build server on that instance (for example, an IDE, an artifact repository, a CI product, or an product to build, test, or install your application).

The plugin allows a scan of built artifacts and source files and then sends the results to Code Insight as inventory for review and remediation. A representation of the scanned remote files is also available in the project, enabling you associate these files with inventory, mark them as reviewed, or perform other file-related actions.

For more information about configuring Code Insight scan-agent plugins and remote scanning, see the following:

Performing a Remote Scan
Code Insight Plugins Guide (available for download in the Revenera Customer Community)