About Analyzing Files With Evidence
Code Insight 6.14.2 SP2
The auditor can use Detector for analyzing scan results in files with evidence. The basic auditing work process includes viewing files with a purpose in mind, and then taking action to mark those files that do or do not represent an indication of third-party content in the scanned code base.
The auditing tasks you can accomplish are as follows:
| • | Research a file—When a file contains third-party indicators, you can use the Exact or Partial Matches tab to review the evidence and decide which group best explains the existence of this file. If no such group exists, a new group can be created to explain the file. |
| • | Customize data—You can associate a file that appears in the file tree with a product or add a license. |
| • | Annotate (tag) a file—You can add information to a file by tagging the file with any type of data. |
| • | Analyze components and licenses—You can view components and licenses that are part of your project inventory, or research any other components or licenses in the Code Insight Compliance Library. |
| • | Designate which files you have reviewed—You can mark a file reviewed or unreviewed anytime during the auditing process. |
| • | Filter files—You can filter evidence, much like filtering email. You can sort the files that fulfill certain filter criteria. |
| • | Add a file to a group—Adding files that share characteristics with a group allows you to organize the scanned codebase. It also allows you to give a file a status, in order to slot it appropriately for review during the auditing workflow. Publishing groups results in project inventory. |