Overview of the Library Refresh
The following provides an overview of the Library Refresh service.
About the Library Refresh
Basically, the Library Refresh is like a partial Electronic Update. While an Electronic Update performs an overall update of the Code Insight Data Library, the Library Refresh focuses on only these operations:
-
Updating library tables with new vulnerability data
-
Updating library tables with new mapping information defining which component versions are associated with each new vulnerability
-
Generating vulnerability alerts, email notifications, and remediation tasks for project inventory affected by the new vulnerabilities (see User Notifications of New Vulnerabilities).
Additionally, because the Library Refresh is run daily, it processes only those new vulnerabilities discovered since the previous day.
User Notifications of New Vulnerabilities
Depending on the Code Insight and project configuration, a Library Refresh can notify users in the following ways when new vulnerabilities are discovered:
-
Generate alerts in the user interface for inventory items associated with the newly discovered vulnerabilities. (For more information about alerts, refer to the “Managing Security Vulnerability Alerts” section in the Code Insight User Guide.)
-
Issue emails to the project owners whose inventory is affected by any of the vulnerabilities.
-
Create remediation tasks for those inventory items that are rejected due to associated vulnerabilities that exceed policy thresholds.
While the Library Refresh always updates library tables with information about new vulnerabilities and new mappings of vulnerabilities to component versions, it requires additional configuration to perform the tasks listed in this section. For more information, see Ensuring Proper Configuration for the Library Refresh.
Refresh Schedule
The Library Refresh runs daily at 12 am.
If desired, you can disable the Library Refresh. See Disabling or Re-enabling the Daily Library Refresh.