This feature is currently in Beta status. |
The WhiteSource application uses the alerts concept to notify users of licensing and vulnerability open-source issues. Alerts work the following way: Upon scan completion, a customer’s inventory is synchronized to WhiteSource, and the application analyzes the customer’s open-source libraries and source files and compares them to the WhiteSource knowledge base and policy definitions. If security vulnerabilities, licensing and compatibility issues, or policy violations, etc. exist, alerts are triggered for the organization.
In order to manage alerts, a dedicated Alerts menu is provided. The Alerts menu comprises the following (click the links below to access the documentation).
The following types of alerts are generated by WhiteSource:
Alerts Category | Description |
---|---|
Security Alerts | Review alerts for vulnerabilities. This category comprises two views (each with its own screen):
|
Other Alerts - Licensing and Compliance | Review alert details for licensing and quality issues reported for a given product or project.
|
Once you have all alerts of the scope you selected, you can choose to ignore those that are not relevant to your environment. Ignored Alerts won't appear in the dashboards and reports.
For further analysis, do the following: