The WhiteSource application uses the alerts concept to notify users of licensing and vulnerability open-source issues. Alerts work the following way: Upon scan completion, a customer’s inventory is synchronized to WhiteSource, and the application analyzes the customer’s open-source libraries and source files and compares them to the WhiteSource knowledge base and policy definitions. If security vulnerabilities, licensing and compatibility issues, or policy violations, etc. exist, alerts are triggered for the organization.
In order to manage alerts, a dedicated Alerts menu is provided. The Alerts menu comprises the following (click the links below to access the documentation).
The following types of alerts are generated by WhiteSource:
Review alerts for vulnerabilities. This category comprises two views (each with its own screen):
View By Vulnerability - Enables you to view and manage the alerts per vulnerability according to the selected products/projects. For example, use this screen to ignore alerts of a specific vulnerability across all libraries in the selected scope.
View By Library - Enables you to view and manage the alerts per library according to the selected products/projects. For example, use this screen to ignore all security alerts of a specific library in the selected scope.