Inventory
System-generated inventory is created by Code Insight during a scan and is available for view in the Analysis Workbench and, if automatically published, on the Project Inventory tab. An inventory item represents an explicit finding in the scanned codebase and can represent any of the following: top-level component, bundled component, component found inside an archive, or direct or transitive dependency component.
Note:Alternatively, you can review the published inventory across all projects. For details, see Viewing Inventory Across All Projects.
An inventory item typically has an associated component, version, license and list of security vulnerabilities, as well as other details about these elements. See Inventory Details Tab in the Analysis Workbench for a full description of the information collected by the scan.
These are some important elements about an inventory item that you can view at a glance:
| • | Review Status of Inventory |
| • | Inventory Priority |
| • | Inventory Confidence |
| • | Security Vulnerabilities Associated with Inventory |
| • | Inventory Usage Information |
The following example highlights these elements for a given inventory item on the Project Inventory tab. Many of these same elements are available in the inventory view in the Analysis Workbench. (For more information about the Analysis Workbench, see Auditing Scan Results in the Analysis Workbench . For information about the Project Inventory tab, see Reviewing Published Inventory for a Project.)
