Skip to main content
Skip table of contents

Legacy Mend UI - Submitting libraries for review

Overview

When reviewing the inventory report of a project or product, you may come across libraries that don't have a license or copyright assigned to them in the Mend application. These libraries are marked as “Requires Review”.

It's important to note that automatic request resolution cases are not meant to handle comprehensive support for broader issues. The request resolution cases are specifically designed to help with any missing licenses or copyrights related to your libraries. This can occur due to various reasons.

Use cases

If you require license or copyright information for a specific library or a group of libraries under the "Requires Review" status, we offer you the option to request an individual review by our team.

The “Requires Review” option can be applied in the following scenario:

  • Your development teams require information for a library or group of libraries that are missing license or copyright information.

Getting it done

The following steps will demonstrate how to proceed with the process:

  1. Access your environment: Log in to the MEND application and select the product or project containing the desired library. In this example, we are choosing a product:

  2. View the Libraries table: Once you entered the product/project’s page, go to the center of the page and locate the "Libraries" section. From there, select the desired library by checking the checkbox on the left side (you can choose multiple libraries simultaneously). The next step will be choosing the “Actions” section.

  3. Perform an action: Click on the "Actions" button at the upper-right corner of the Libraries table and choose "Request Resolution".

  4. Choose the type of review: In the "Request Resolution" section, select the desired review type (license, copyright, or both) and click "Ok".

5. After clicking "Ok", the request will be sent to our team for review.

Reference

Boundaries of Request Resolution

  • Only libraries sourced from package managers supported by Mend should be requested.

  • We cannot examine files in unsupported formats such as "Archive" files (ZIP/Tar.gz) or POM files.

  • Libraries that do not have SHA-1 or GAV coordinates will be reviewed with our best guess effort.

  • Internal / In-House or Non-Open Source files should not be submitted.

Note: Mend.io recommends submitting libraries in bulk instead of multiple individual requests. Up to 100 libraries can be submitted in the same request for enhanced efficiency and smoother communication.

Resources of Request Resolution

If you require further review or would like to contest the currently assigned license or copyright that is associated with the library in question, you will need to open a Support case through our Support Portal. This will ensure that you receive the proper assistance and guidance tailored to your specific concerns.

JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.

Contact Support Close