Summary Tab

The Summary tab for a project allows you to add and edit users who can work in Code Insight, view scan settings and status, generate reports, and manage projects. The page contains the following fields:

Project Summary Tab Fields

Category

Column/Field

Description

Start Scan button

Click this button start or schedule a Scan Server scan on the project. If a scan is running on another project, your scan is queued and will automatically run based on queue order. (A temporarily inactive Scan Server will also cause your scan to be queued. The scan will automatically start based on queue order once the server is running again.)

If a scan on the your project has already been scheduled or is running, this button is disabled; you must wait until the scan is complete before you can schedule another one for the project. (This button is also disabled if the Scan Server is totally disabled. See Actions to Take When the Start Scan Button is Disabled for details.)

For the initial scan of a project codebase, a full scan is run. For subsequent rescans, an incremental scan is run by default (except when a certain event causes a full rescan). However, if necessary, you can force a full rescan by clicking the down arrow on the button and selecting Full Rescan.

For more information about scans, see Scanning the Codebase (Server Scans) and Rescanning Your Codebase (Server Scans Only)

Manage Project button

Click this button to view and select from a menu of options used to manage the current project. For more information, see Managing Projects.

Upload Project Codebase button

Select this button to upload a codebase for the current project. For instructions, see Uploading a Project Codebase (for Server Scans).

Project Details

These field describe the project attributes. You can edit these details using the Manage Project | Edit Project and Manage Project | Edit Project Users options available on this Summary tab.

Note:For inventory-only projects migrated from Code Insight 2020 R2 or earlier, a legacy attribute, Project Type, will also display. However, for migrated standard projects, this attribute is no longer required and therefore does not display. See also Legacy Projects.

Name

The name and ID of the selected project.

Project Contact

The hyperlinked name of the user who is the main point of contact for the project. Initially, the Project Contact is the project creator but can be assigned to another user (see Changing the Project Contact). You can click the user name to open your default email program to send an email to the Project Contact.

By default, all Miscellaneous tasks created for project inventory are assigned to the Project Contact. Additionally, the Project Contact is automatically designated the creator of all manual review and remediation tasks automatically created by project policy.

Legal Contact

The hyperlinked name of the legal contact assigned to tasks created to review legal issues in the project inventory (for example, inventory that do not meet your site’s legal policies). Click the name to open your default email program to send an email to the contact.

For details on changing the legal contact for the project, see Updating Inventory Review and Remediation Settings for a Project. If no changes are made to the initial system default for the legal contact (which is set to the Project Contact) or if the automated legal-review process is disabled, this value shows the Project Contact name.

Security Contact

The hyperlinked name of the default security contact assigned to tasks created to review security issues in the project inventory. Click the name to open your default email program to send an email to the contact.

For details on changing the security contact for the project, see Updating Inventory Review and Remediation Settings for a Project. If no changes are made to the initial system default for the security contact (which is set to the Project Contact) or if the automated security-review process is disabled, this value shows the Project Contact name.

Developer Contact

The hyperlinked name of the default development contact assigned to remediation tasks created to take action on code-related issues in the project inventory. Click the name to open your default email program to send an email to the contact.

For details on changing the default development contact, see Updating Inventory Review and Remediation Settings for a Project. If no changes are made to the initial system default for the developer contact (which is set to the Project Contact) or if the automated remediation process is disabled, this value shows the Project Contact name.

Description

A description of the project, if provided in the project definition, appears in this field.

Project Visibility

The visibility of the project:

•

Public—A project visible to all users in the system. Users assigned to roles for the project can perform various maintenance functions based on their project roles.

•

Private—A project visible to and accessible by the Project Contact and those users assigned to roles for the project.

Project Risk

The project vulnerability risk value (Low, Medium, or High).

Project Hierarchy

Links to the projects that have been defined as parent and child projects of the current project. These links provide a means to easily navigate to projects directly related to the current project. (Relationships between projects are established by the creation of project hierarchies, as described in Identifying Child Projects for a Project.)

When you click a Project Hierarchy link, a dialog is displayed listing the direct links to the parent or child projects.

Click a link on the dialog to open the given child or parent project on its Project Inventory tab. From here you can navigate the project as needed.

Project Status

The current status of the project that can be manually updated through the Manage Project | Edit Project menu option available on this tab. Available status types include:

•

Not Started—Indicates that the project scan results are not available for manual analysis. This value automatically defaults when the initial project scan has not been run or when the initial scan fails. However, you can manually change this status.

•

Analysis in Progress—Indicates that the project scan results are available for manual analysis, or a manual analysis is underway. This value is automatically set when the initial project scan is complete. (For a project import, however, the status of the target project is retained.) You can manually change this status.

•

Analysis Completed—Indicates that manual analysis is finished; and the published inventory is ready for legal, security, or software-engineering review. (You must manually set this value.)

•

Project Complete—Indicates that the project analysis and review processes are complete, and notices content for all OSS and third-party software is finalized. (You must manually set this value.)

For more information, see Editing the Project Definition and General Settings and Edit Project: General Tab.

The name of the policy profile associated with this project. Click View Policy Details to open a read-only version of the Policy Details Window for the policy profile.

A policy profile contains a set of policies used to perform an automatic review of inventory items upon their publication during the scan. Each policy defines criteria based on OSS or third-party component versions, licenses, or security vulnerabilities. Inventory items that meet any of the profile’s policy criteria can be automatically approved or rejected (or flagged for a manual review). For more information, see Managing Policy Profiles.

Provenance

If this project is the result of a project-copy or project-branching operation, the hyperlinked name of the source project from which this project is derived. The name of the source project has the following format:

Copied from <sourceProjectName> (Id: <sourceProjectID>)

Note:Projects are copied using the Code Insight Project Copy feature and are branched using the Branch Project wizard.

When you click the link, the Summary tab of the source project is opened. (If the source project has been deleted, a message is displayed, stating that the project no longer exists. Once clicked, the link for the deleted project is permanently disabled.)

For projects that are not the result of a project-copy or project-branching operation, this field shows N/A.

Custom Fields

The Custom Fields pane lists the fields that were defined specifically for projects at your site. These fields provide users with helpful information that supplements the information provided by the project fields standard to Code Insight. The values shown for these fields pertain to the current project. If no value has been defined for a given field, a hyphen is displayed in place of the value. While these fields are not editable from this location, you can do the following to manage your view of the field:

•

If the value for a specific field is cut off within the Custom Fields pane, click the Show more link to view the entire value in a pop-up.

•

Click the

icon (if available) in the upper-right corner of a field to obtain more information about the field.

Note:If no custom fields for projects have been configured for your site or, if custom fields have been defined but are currently not available for display, this pane shows no fields.

Scan Settings

The following fields show scan configuration details. You can edit these details on the Scan Settings tab accessed using the Manage Project | Edit Project option available on this tab.

Scan Profile

The name of the scan profile associated with this project. Click to view the details of the scan profile.

Scan Paths

The absolute path for each scan folder for the project. A given scan folder contains files for either:

•

A codebase scanned by the Scan Server.

•

A codebase scanned by a Code Insight scan-agent plugin on a remote Engineering system. (The results of the remote scan are sent to the project.) For more information, see Performing Remote Scans.

Click to view the details about Scan Server or the scan-agent plugin.

Scan Status

The following fields provide information about current and historical scans for this project. For more information about scans, see About Code Insight Scans.

Scan Server Status

The server scan status for this project:

•

If you have started a server scan for this project, but the scan has been placed in queue, this field shows “Scan scheduled”. The Scan Progress field provides a link to view the scan queue and other details (see the “Scan Progress” description below).

•

If the server scan you scheduled for this project is running, this field shows “Project being scanned”. The Scan Progress field keeps track of the number of files that have been scanned.

•

When no scan is currently running for this project, this field shows “No scan scheduled” and provides a hyperlinked here to schedule another scan. (However, if the Scan Server is disabled, this link is disabled. See Actions to Take When the Start Scan Button is Disabled.) The Scan Progress field is not available when the “No scan scheduled” status is in effect.

Note:Under certain circumstances, the Scan Server Status field might not update quickly enough to reflect the “Scan scheduled” or “Project being scanned” status. However, if a scan on the current project is indeed already in queue or running, an attempt to click the field’s “here” link to schedule a scan will result in an error message, stating that you cannot start another scan on the project. For your reference, the message also provides the task ID for the currently queued or running scan. (This ID can be used with the Get Scan Status API to check the scan status outside of the UI when necessary.)

Scan Progress

(Available only when a server scan for the project is scheduled or is running) The progress of the scan as follows:

•

If the scan has been placed in queue, this field shows “In Scan Queue” and provides a Show Details link to open the Scan Server Status window. This window identifies the scan server, shows the project currently being scanned by the server, lists the other project scans (if any) currently waiting in queue order (up to 25 scans), and provides an email link for the Project Contact of each project listed. You cannot sort or reorganize the queue list.

•

If the scan you scheduled is running, this field keeps track of the number of files that have been scanned against the total number of files to scan in the project.

Last Server Scan

The final status of the last server scan for the project and a statistical summary of files, disk space, and lines of code scanned. The following are available scan statuses:

•

Completed—The scan succeeded with no warnings during the scan or the analysis phase. This message appears on the screen in green.

•

Completed with warnings—The scan succeeded but the analysis phase produced warnings. For more information, check scanEngineDetail log for the Scan Server.

•

Failed—The scan failed. This status appears on the screen in red. For more information, see Scan Failure Reasons and Troubleshooting Measures.

Past Server Scans

Click the hyperlinked term here to view a history of the server scans performed for the project. If a server scan has not yet been performed for the project, the list will be empty.

Last Remote Scan

Information about the most recent scans run by remote scan agents.

The Scan Summary section shows the following combined totals for the most recent scan run by every remote scan agent associated with the project:

•

The combined total of scanned codebase files across all scan agents associated with the project.

•

The combined size of all agent-scanned codebases.

The field also shows the following pertaining to the scan results for the most recently run remote scan only:

•

The status for the import of these results (“Completed” or “Failed”) into Code Insight

•

The timestamp for the import

For information about remote scans, see Performing Remote Scans.

Note:If the project is a newly migrated inventory-only project from Code Insight 2020 R2 or earlier, only the statistics for the scan agent that last performed a scan (in the previous Code Insight version) are shown.

Project Data

This section provides the status of the most recent attempt to import data into the project.

Import Project

The status of the most recent attempt to import data into the project.

Status statements specify that the import process is either “in queue” or “in progress” or that it “completed” (at the specified date and time) or “failed”. If no data import was ever performed on the project, the status states “No project data has been imported”.

More information about the most recently run import job, including who triggered the job and any errors encountered during the job, can be found in the Jobs queue. (Use the instructions in Monitoring the Code Insight Jobs Queue to access and monitor the queue.)

Buttons

The following buttons are used to upload a codebase for scanning, perform a scan or rescan, and edit current project settings.

Start Scan

Initiates the initial scan or a rescan (incremental by default) on the project codebase. Alternatively, click the dropdown and select Full Rescan to force a full rescan or the codebase. For more information about scans, see Scanning the Codebase (Server Scans) and Rescanning Your Codebase (Server Scans Only).

Manage Project

Opens a menu that provides options to edit the project’s settings, manage its users and data, and globally apply Third-Party Notices content across all the project’s inventory. The menu options available depend on the project role(s) you have been assigned. For more information, see Managing Projects.

Upload Project Codebase

Opens the File Upload dialog. From here, you select the codebase archive to upload for the project to the Scan Server. You also configure how the upload handles archive expansion and any codebase files already installed for the project on the Scan Server.

If the current project is not associated with a Scan Server or if the associated Scan Server is disabled, this button is disabled.

For more information about uploading a project codebase, see Uploading a Project Codebase (for Server Scans).

Note: Instead of (or in addition to) uploading a codebase for a project to the Scan Server, you can configure the project to automatically synchronize a codebase from a remote repository to the Scan Server. For more information, see Configuring Source Code Management.