Skip to main content
Skip table of contents

FAQs For Whitelist Library And In-House Library

In-House Library FAQs

Q: If a .zip file in the scanned inventory is marked as an in-house library, will the Unified Agent (UA) continue scanning the library for third-party components when it is submitted a second time?

A: No, once a file is marked as in-house, it will be removed from the regular inventory report. You will only be able to view the library in the In-House Report.

Q: When a library is marked as in-house, is it marked per project, or is it marked as in-house for the entire organization?

A: It will be marked for the entire organization. Additionally, if you manually mark a library as in-house and check the “Mark all instances of the selected library as in-house” box, an in-house rule will automatically be created to match the library by name.

Q: Is there a way to use regular expressions (regex) to mark libraries as in-house? For example, if I have the following in-house library named whitesource-1.1.0.jar, and I would like to mark all whitesource*.jar as in-house automatically.

A: We support glob pattern rules to mark libraries as in-house. This can be found in “Admin” → “In-House” → “In-House Rules”.

Q: In the UI, how do I filter the inventory report by in-house? For example, I would like only to view in-house libraries.

A: This can be found in the “Reports” tab, then “In-House Report”. Here, you can filter by product/project.

Q: Is there an API to mark libraries as in-house?

A: No, there isn't. We suggest setting up the in-house rules in the UI so it can automatically mark in-house libraries.

Whitelist Library FAQs

Q: If I add a library to the whitelist, will the library be marked as approved for the organization, product, or project?

A: Yes, the whitelisted library will be approved for the organization.

Q: If a library is added to the whitelist, will it continue to be reported if there is a security vulnerability in it?

A: No, The security alerts will be not appear on reports for whitelisted libraries. The vulnerabilities can still be seen by viewing the library directly.

Q: In the UI, how do I filter the inventory report by whitelist libraries? For example, I would like to view only the whitelisted libraries.

A: Only the organizational admins will have access to review the whitelisted libraries. This can be found in “Admin” → “Library Whitelist”, under “Settings”.

Q: Is there an API to add libraries to the whitelist?

A: No, there isn't.

JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.

Contact Support Close