Example Custom Reports
The following example custom reports (located in Revenera’s public GitHub report repositories) are currently available to you:
| • | Project Inventory Report |
| • | Evidence Report |
| • | Project Comparison Report |
| • | Claimed Evidence Report |
| • | Vulnerabilities Report |
| • | Project Compliance Report |
You can download any of these reports, register them with Code Insight, and then generate the reports as needed. Additionally, these reports can be modified for your special use or serve as the basis for creating other custom reports. Note the following disclaimer for using these example reports.
Disclaimer for Using the Example Custom Reports
These report scripts are being provided solely as examples. They are external to, and not an official part of, the Code Insight product.
THE REPORT SCRIPTS ARE PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SCRIPT OR THE USE OR OTHER DEALINGS IN THE REPORT SCRIPTS.
This report provides an easy, quick method for obtaining a high-level summary of the inventory items within a project.
If you have designated a parent-child hierarchy for your projects to better represent your company offerings, this report can be configured to pull in all child projects (recursively) for the current project and roll up the associated inventory information on a project, as well as an application, basis. Including child projects in the report is useful for keeping track of your software Bill of Materials (SBOM). The report can be further customized to report on other inventory attributes, such as third-party notices, which in turn would capture the notices for all the third-party components included in the report scope.
The report is available at this location:
https://github.com/flexera/sca-codeinsight-reports-project-inventory
This report allows you to report on the following types evidence found in the project:
| • | Copyrights |
| • | Licenses |
| • | Emails and URLs |
| • | Search terms |
| • | Exact-file matches |
| • | Source-code matches (snippets) |
The report is available at this location:
https://github.com/flexera/sca-codeinsight-reports-third-party-evidence
This report compares the inventory of two projects or two project versions, enabling you to identify inventory differences and commonalities.
The report is available at this location:
https://github.com/flexera/sca-codeinsight-reports-project-comparison
This report allows you to determine which files in a project contain only evidence that is claimable based on string comparisons to the follow evidence types:
| • | Copyrights |
| • | Emails/URLs |
Additionally, you can configure the report so that scanned files that contain only the evidence for the specified claimable values are marked as reviewed and associated with the appropriate inventory items.
The report is available at this location:
https://github.com/flexera/sca-codeinsight-reports-claim-files
This security-focused report calls out all vulnerable project inventory items and lists their associated security vulnerabilities. Use this report to easily collect and review security issues or to share data with your Security team. The report supports searches and enables you to click-through to the actual vulnerable inventory in Code Insight for additional information.
The report is available at this location:
https://github.com/flexera/sca-codeinsight-reports-project-vulnerabilities
This report visualizes inventory items in a project in terms of their various compliance issues. The compliance issues listed in this report include inventory with P1 licenses, rejected inventory items, unreviewed items, inventory with security vulnerabilities, and inventory with old component versions.
The report is available at this location:
https://github.com/flexera/sca-codeinsight-reports-project-compliance