Edit Custom Rule Dialog

The Edit Custom Rule dialog enables you to edit an existing custom detection rule. Custom detection rules are user-defined when needed to supplement the internal detection rules used by Automated Analysis to automatically create inventory during a scan. These custom rules are saved to the Code Insight library for global use across projects. For complete details about custom detection rules, see Managing Custom Detection Rules.

The following table describes the fields, buttons, and icons on the Edit Custom Rule dialog. You can edit any of the fields, using the methods described in the table.

Category

Column/Field

Description

Component selection

The following fields describe the component on which the custom detection rule is based. These fields are editable.

Component

The name of the component on which this detection rule is based. You cannot edit this value directly, but you can switch to another component. To do so, click Lookup Component to select another component, along with its version, license, and forge URL.

License

The license associated with the component. You cannot edit this value directly, but you can select a different license. Click to switch to another license and, optionally, change the component version.

Additionally, you can click to view the details and text of the selected license as stored in the Code Insight Data Library.

Description

A description of the component.

URL

The forge URL for the component.

License, notices, and note content

The following fields are used to provide license or notice content and any audit notes for the inventory item generated from this rule. These fields are editable.

As-Found License Text

The license content you want to associate with the inventory item. If no Notices Text content is provided, the Notices report uses the information in this field as the license text for the third-party component. For more information, see Finalizing the Notices Text for the Notices Report.

Notices Text

The content to include in the Notices report. This is usually a modification of the content in As-Found License Text pane. (You can copy the As-Found License Text content to the Notices Text pane and edit it.)

If content exists in this field, the Notices report uses it as the license text for the third-party component and ignores any information in the As-Found License Text pane. For more information, see Finalizing the Notices Text for the Notices Report.

Audit Notes

Any notes you want to add to the inventory item based on your findings during the analysis.

File criteria

The following fields identify the set of file criteria used by the rule to detect the third-party or OSS component and create the associated inventory. The set of criteria is based on either the file path or MD5 value of the files.

Detection Criteria

The type of file criteria used to detect the presence of the third-party or OSS component:

•

File MD5—The file in each criterion is identified by its MD5 value.

•

File Path—The file in each criterion is identified by its file path.

If you want to switch the current Detection Criteria type from File MD5 to File Path or vice versa, know that once you enter the new set of criteria and save the rule, the criteria for the type currently not selected for Detection Criteria is automatically deleted. A custom detection rule allows only a single set of criteria to exist at any one time.

Consider that, if the custom detection rule is defined with multiple file criteria, the scan uses OR logic when processing the criteria against the target codebase. Consequently, only one file match between codebase and the rule is required to automatically create an inventory item. For a comprehensive list of rule-processing behavior, see Rule-Processing Considerations.

File MD5 grid

(Available if Detection Criteria is File MD5)

The file criteria consisting of the file name and the MD5 value for each file used as an indicator of the existence of the component.

To manage the file criterion in the grid:

•

Add a file criterion— Click Add File and enter the file’s name and MD5 value in the Name and MD5 fields, respectively, in the new row.

•

Edit a file criterion—Click within the Name or MD5 field for the criterion and make the textual changes.

•

Remove a file criterion—Click

at the end of the criterion’s row.

File Path text box

(Available if Detection Criteria is File Path)

The file criteria consisting of the file path for each file used as an indicator of the existence of the component.

To manage the file criterion in the text box:

•

Add a file path— Click the Add icon

and enter the file’s path in the new row. You can provide the file’s absolute or relative path or enter a path pattern.

A path pattern consists of the asterisk symbol * within the path, denoting any number of directories or files. For example, the following path pattern indicates that any file with the extension .h under the directory root will be considered detection criteria for the rule.

**/root/*.h

•

Edit a file path— Click within the path row and make the textual changes.

•

Remove a file path—Click within the path row, and then click the Remove icon

Actions

The following are actions conclude your update session.

Save

Click Save to save the rule updates to the Code Insight Data Library. You will be asked for confirmation to proceed with the creation.

Cancel

Click Cancel to cancel your updates. You will be asked for confirmation to proceed with the cancellation.