Installing the Compliance Library
The Code Insight Compliance Library (CL) is a library used by the codebase scan to perform exact-file and source-code fingerprint (snippet) matching. Code Insight compares elements of scanned codebase files with information contained in the CL to generate file-level evidence on which you can take action.
Using the CL is optional. The exact-file and source-code fingerprint (snippet) matching capabilities available with the CL are in addition to the Automated Analysis techniques basic to all scans to identify components, versions, licenses, and security vulnerabilities and to generate inventory.
Use the following instructions to install the CL on a drive accessible to the Code Insight Scan Server. For optimal performance, install the CL on the same instance as the Scan Server but on a different drive or volume from the one on which the Scan Server is installed.
Repeat this procedure on each instance hosting a Scan Server.
For more information about keeping the MD5 data used for exact-matching current, see Keeping Exact-Match Data Up to Date.
To install the Compliance Library, do the following:
- Download the Compliance Library (CL) installer from the Product and License Center:
-
For Windows,
CodeInsightComplianceLibrary-``version``.exe -
For Linux,
CodeInsightComplianceLibrary-``version``.bin
-
- Navigate to the directory where you downloaded the installer, and launch the installer.
- Follow the prompts to install the CL.
- When the installation is complete, navigate to the Scan Servers tab on the Administration page to configure the CL for use by future scans. Refer to Adding or Editing Scan Servers or Checking Server Status for instructions.