Project Inventory
The following enhancements to the project inventory are now available.
| • | Automatic Review by Policy After Editing Published Inventory |
| • | Automatic Review by Policy When Saving New Inventory on the Project Inventory Tab |
| • | Forced Automatic Review by Policy Across All Published Inventory in a Project |
| • | Forced Automatic Review by Policy Across Published Inventory in All Projects |
| • | Package URL Property Now Listed for Inventory |
| • | Additional New Fields Added to Project Inventory Details |
| • | Inventory Priority Now Editable Through “Update Inventory” API |
Automatic Review by Policy After Editing Published Inventory
An automatic policy review is now triggered for a published inventory item when you click Save after updating the item’s component, license, or usage properties.
During the review, the review policy criteria defined for the project associated with the inventory item is applied to the item. If the inventory item meets at least one of the criteria, its current Review Status value is overwritten with an Approved or Rejected status. If the item meets no policy criteria, its status remains as is.
Additionally, if the current Review Status value of the inventory item was manually set, users are given the option not to perform the review so that the status is not overwritten.
This feature applies to published inventory on the Project Inventory tab and in the Analysis Workbench. An overwritten status in one location is reflected in the other location.
For complete information, refer to “Editing Inventory from the Analysis Workbench” or “Editing Inventory from the Project Inventory Tab” in the Code Insight User Guide.
Note:An automatic review is also performed when you edit specific inventory properties (as described above) using the Update inventory REST API. See Updates to Existing APIs.
Automatic Review by Policy When Saving New Inventory on the Project Inventory Tab
An automatic policy review is now triggered whenever you create an inventory item from the Project Inventory tab. (The item is automatically saved as a published item.)
During the review, the review policy criteria defined for the project associated with the inventory item is applied to the item. If the item meets at least one of the criteria, its Review Status value is assigned an Approved or Rejected status. If the inventory item meets no policy criteria, it is given a Not Reviewed status.
For complete information, refer to “Creating Inventory from the Project Inventory Tab” in the Code Insight User Guide.
Note:An automatic review is also performed when you create an inventory item using the Create inventory REST API. See Updates to Existing APIs.
Forced Automatic Review by Policy Across All Published Inventory in a Project
A project reviewer can now force an automatic review of all published inventory in a given project based on the project’s associated review policy profile. To initiate the review, the reviewer clicks the new Apply Policy button next to the Policy Profile field on a project’s Summary page. (Clicking the Information icon next to the button shows the current review criteria defined for the policy profile.)
During the review, the project’s review policy is applied to project inventory. If an inventory item meets at least one of the criteria, the item is assigned an Approved or Rejected status, overwriting the current status. The review status of those inventory items that meet no policy criteria remains as is. (Note that the user can configure the review not to overwrite any current status that was manually set for inventory.)
This feature provides a means to automatically apply changed policy criteria across inventory without having to wait for a scan or manually unpublish and re-publish inventory items individually to trigger a review.
When triggered, the operation runs as an Apply Policy - Project job in the Jobs queue.
For complete information, refer to “Forcing an Automatic Review of All Inventory in a Project” in the Code Insight User Guide.
Forced Automatic Review by Policy Across Published Inventory in All Projects
A policy manager can now force an automatic review of published inventory across all projects currently associated with a given review policy profile. To initiate the review, the policy manager clicks the new Apply Policy - Global icon for the policy on the Policy page.
During the review, the Review Status value of those inventory items that meet at least one of the current policy criteria will be overwritten with an Approved or Rejected value, based on the criteria. The status of those inventory items that meet no policy criteria will remain as is.
This feature provides a way to automatically apply changed policy criteria across inventory without having to wait for a scan or manually unpublish and re-publish inventory items individually in order to apply the changed policy.
When triggered, the operation runs as an Apply Policy - Global job in the Jobs queue.
Important:Currently the feature is available for only Code Insight instances that use the MySQL database. Also, no option is currently available to skip overwriting any review status that was manually set for inventory.
For complete information about this feature, refer to “Forcing an Automatic Review of Inventory Across All Projects” in the Code Insight User Guide.
Package URL Property Now Listed for Inventory
The purl property has been added to inventory details on the Project Inventory tab and in the Analysis Workbench to display the package URL for the component represented by the inventory item.
This read-only value is retrieved from the Code Insight data library and is applicable to only those components associated with a non-custom version. If no package URL is available for the component in the data library or the component has a custom version, the value for this field is N/A.
This property is also available in certain API responses. See Updates to Existing APIs.
Additional New Fields Added to Project Inventory Details
The following new properties have been added to the details for a given inventory item on the Project Inventory tab:
| • | Created By—Designates either System (for an inventory item that was automatically generated by a Code Insight scan) or, for a manually created inventory item, the first and last name of the user who created the item. |
| • | Created On—The date and time that the inventory item was created. |
| • | Updated On—The date and time that the inventory item was updated. If the item has not been updated since its creation, this value will be the same as the Created On value. |
Inventory Priority Now Editable Through “Update Inventory” API
The priority property for an inventory item can now be updated through the Update inventory API. See Updates to Existing APIs. Previously you could do so only through the Code Insight user interface.