CodeAware

FlexNet Code Insight 6.13.3

CodeAware is basically the “next generation” of automated discovery, providing much of the same analysis functionality as the Analyzer to build groups and auto-generate inventory with relevant details, such as license and vulnerability information. CodeAware detection methods include package, search term, repository, digest, and component analyzers, as well as other intelligent parsing algorithms and live lookups. CodeAware detects various packages and source distributions. You can find details about the files and methods of detection used by CodeAware in the Detection Notes group field.

The CodeAware analysis technique was first introduced in 6.13.1 with limited functionality. While CodeAware performs accurate detection and builds groups and inventory, other capabilities (such as population of As-Found License text, determination of group Priority, and live vulnerability lookups) will be available for CodeAware in subsequent releases. Refer to Comparison of the Analysis Techniques for more information on the existing capability of CodeAware and the other automation techniques.

CodeAware Requirements

CodeAware requires outgoing TCP access on port 443 to access known repository sites for license and vulnerability information and other data. (It performs only lookups and never sends files or code snippets.) If using a proxy server, contact the FlexNet Code Insight or network administrator to ensure that the external URLs required by Code Insight have been added to the proxy server’s white list.

Recommendation When Running CodeAware

If a workspace was previously scanned with the Analyzer, you are strongly recommended not to enable CodeAware in place of the Analyzer for subsequent scans, as this can result in duplicate groups. If you would like to replace Analyzer results with CodeAware results, you can do so in a new project to avoid duplicates.

Open topic with navigation