Types of Evidence
Code Insight 6.14.2
There are several types of third-party indicators available as part of the scan results. These include exact and partial file matches, copyrights, emails and/or URLs, license matches, source code matches, and custom search term matches. You may also choose to ignore copyrights, emails, and URLs if in the Properties file you define the elements you wish the system to ignore. Selecting a node in the file tree shows the file details in the bottom-right panel in Detector. The display consists of a node header as shown in Types of Evidence, and the following tabs (if appropriate):
| • | Summary |
| • | Exact Matches |
| • | Partial Matches |
| • | Ignoring Copyrights, Emails, and URLs |
| • | Tags |
| • | Groups |
This tab contains file-level details about the currently selected node in the file tree.
This tab contains a list of components (including policy data if available) which holds a file, which is an exact (bit-for-bit) match with selected node in the file tree.
This tab contains various partial match details for the selected node in the file tree as shown in the four numbered sections in Tags.
| • | A set of checkboxes runs across the screen horizontally. These highlight various partial-match evidence examples in the selected node in the file tree, as do the following buttons. |
| • | For Source Matches, a table with match details allows you to select which matches should be highlighted in the selected node in the file tree. |
| • | This section contains the content of the selected node in the file tree on top of which highlights are shown. |
| • | A set of color side bars corresponding to the evidence type checkboxes show the location of the highlights for each evidence type in the selected node in the file tree. |
Ignoring Copyrights, Emails, and URLs
In order to ignore copyrights, emails, and URLs, you must set up the strings you wish to ignore in the following properties files: ignoredCopyrights.txt and ignoredEmailURL.txt. Both files are located in <CODE_INSIGHT_ROOT_DIR>/6.14.x/config/scanEngine/. In effect, the system will not flag those elements you set it to ignore. This file may be used to force the scanner to skip a detected email/URL.
| • | The purpose of getting Detector to ignore one of these elements is so you can treat a file as if it does not have third-party content if it only has an internal email or URL within a String literal or comment. |
| • | Lines beginning with # and blank lines are ignored. |
| • | Each line is treated as a string to match. (There is no regex supported). |
| • | An email or URL is ignored if it contains any of the strings from this file. |
| • | The comparison is case-insensitive. |
| • | Avoid use of strings that are over 100 characters in length and those that have hyphens in the name. |
| • | To ignore a set of URLs with a similar pattern, it is recommended that you generalize the notation when possible. For example, to ignore the following five URLs you should use the pattern ://connect.palamida.com instead of listing each URL individually. |
http://connect.palamida.com/EnterpriseEdition/release/details/304958/problem-with-treeview-doubleclick-event
http://connect.palamida.com/EnterpriseEdition/release/details/367247/elementhost-set-child-doesnt-stop-listen
https://connect.palamida.com/EnterpriseEdition/release/details/
https://connect.palamida.com/EnterpriseEdition/release/details/694400
https://connect.palamida.com/EnterpriseEdition/release/details/719443/c-chrono-headers-high-resolution-clock-d
| • | Likewise, to ignore a set of emails such as those listed below you should use the pattern @palamida.com instead of listing each entry individually. |
alex@palamida.com
julia@palamida.com
devnull@palamida.com
Note:Although files that only contain ignored emails/URLs are not tagged as containing these, if you look at the file in Detector you see the supposedly ignored emails/URLs highlighted. This is because the highlighting function in Detector uses its own search rather than basing itself on scan results.
This tab contains a list of tags applied to the currently selected node in the file tree.
This tab contains a list of groups to which the currently selected node in the file tree has been added.