Skip to main content

Application of Scan Profile Settings

During a scan on a remote file system, a scan-agent plugin processes certain options from the scan profile currently associated with the Code Insight project created to store the scan results. Ensure that these options are configured according to your requirements. In general, the Perform Package/License Discovery in Archives, Dependency Support, and Scan Exclusions settings are applied to scans performed by scan-agent plugins.

note

Scan-agent plugin support for the processing of a project’s scan-profile settings was introduced in Code Insight 2022 R2. Scan-agent plugins released prior to 2022 R2 are still compatible with Code Insight 2022 R2 and later. However, they do not process scan profile settings, including settings for dependency processing, scan exclusions, and archive processing. Also, when if you are using a pre-2022 R2 plugin to scan files in Code Insight 2022 R2 or later, dependency processing with use of a codeaware.properties file is no longer supported.

The following sections provide more information about the supported/non-supported scan-profile options:

For more information about these options, see “Managing Scan Profiles” in the Code Insight Installation & Configuration Guide.

Support for Archive Processing

During a scan, the scan-agent plugin processes archives according to the Perform Package/License Discovery in Archives scan profile setting.

Support for Dependency Processing

Based on the Dependency Support value defined in the scan profile, the scan-agent plugin does one of the following to process dependencies of the top-level inventory item during a scan:

  • Processes direct (first-level) dependencies only

  • Processes both direct and transitive dependencies

  • Performs no dependency processing

Support for Scan Exclusions

During a scan, the scan-agent plugin processes the list of file extensions defined in the Scan Exclusions field in the scan profile to exclude any files using those extensions from the scan.

Support for Incremental Rescans

Once the scan-agent plugin performs the initial full scan on a file system, any subsequent rescans it performs are always incremental (that is, only those files changed or new since the most recent scan are scanned). Forced full rescans are not supported. Hence, the plugin ignores the Rescan Options field in the scan profile but applies all other supported scan-profile settings to those files that are scanned during a rescan.

If a file has been deleted since the previous scan, its retention during a rescan is based on the project setting On the data import or rescan, delete inventory with no associated files. See for more information about this option, see “Editing the Project Definition and General Settings” and the related topic “Edit Project: General Tab” in the Code Insight User Guide.

Scan-agent plugins do not support the association of additional files to existing inventory items during scans and therefore ignore the Automatically Add Related Files to Inventory scan profile option.

Code Matching and Search-Term Processing Not Supported

Scan-agent plugins neither support the matching of exact files or code snippets against the Code Insight Data Library nor use search terms to locate possible third-party code or content. Therefore, the Exact Matches, Source Code Matches, or Search Terms profile options are ignored during scans.