Project Inventory

The following are known issues with the review process for Code Insight project inventory.

See also SCA-53169: Project-suppressed vulnerabilities considered not suppressed when policy is applied in the Vulnerability Suppression and Unsuppression section.

SCA-53837: Top-level inventory deletion not deleting all inventory items in the case of NPM cyclic dependencies

When a top-level NPM inventory item is deleted, some of the inventory items are not being deleted in the case of cyclic dependencies.

Workaround: The user can manually delete the inventory items individually or in a multiple selection.

SCA-44107: Unable to delete an inventory item with a large number of associated files

Attempts to delete an inventory item associated with a large number files (50KB or more) can fail.

Workaround: None exists.

SCA-44077: Deletion of a top-level inventory item causing deletion of dependency inventory

When a user deletes a top-level inventory item, all of its dependent inventory items are also deleted.

Workaround: None exists.

SCA-41263: License text shown twice in As-Found License Text field in Analysis Workbench

In the Analysis Workbench, the text for a license can be repeated twice for some components (such as the component glob) when the license file contains more than one license.

Workaround: To apply policy, first recall all inventory and rescan with Automatically publish system-created inventory items enabled.

SCA-54517: Creating inventory items with zero files association for the REST API project import data with the “On the data import or rescan, delete inventory with no associated file” option enabled for the project

When the On the data import or rescan, delete inventory with no associated file option at the project settings is checked/enabled and the REST API import project data is performed, inventory items with zero file association are generated.

Workaround: Import the data from an another Code Insight project via selecting the Import Project Data option from the Manage Project menu on the project’s Summary tab, which restricts the creation of inventory items without associated files.

SCA-56254: Entire copyright text removed from “Copyrights” field after exceeding the maximum character limit in the same field

If the copyright text exceeds the maximum character limit while adding a new or editing an existing open-source or third-party copyright for an inventory item in the Copyrights field on the Copyrights & Usage tab in the Analysis Workbench, a popup displays with an error message stating The Copyright text should not exceed 512 characters, and the entire text is removed from the Copyrights field.

Workaround: None exists.

SCA-56306: The “Copyrights and Usage” tab on the “Inventory Details” tab fails to populate copyrights when associated files exceed 20k.

The Copyrights and Usage tab on the Inventory Details tab in the Analysis Workbench fails to display open-source or third-party copyrights for an inventory item when its associated files count exceeds 20k in the SQL server database.

Workaround: None exists.