Skip to main content

Manual Codebase Analysis

The following are known issues with manual codebase analysis in the Analysis Workbench.

SCA-46104: Not able to retrieve Advanced File Search results when using same criteria but with distinct values and AND logic

The Advanced File Search feature does not retrieve the expected results when you define a filter using multiple criteria that are the same (but with a distinct value for each criterion) and apply AND logic to the criteria. Files known to meet all the specified criteria are not listed in the File Search Results pane.

SCA-44366: Error thrown when navigating file search results

When you use the Enter search string... field at the top of the Codebase Files pane to search for files by name, you can use the Next or Previous button adjacent to the field to navigate to the search results highlighted in the codebase tree. However, if you click these buttons a rapid pace, you can generate an error (although the user interface does not hang).

Workaround: Click the buttons at a slower pace.

SCA-41440: “Show File Evidence” right-click option on “File Search Results” pane not working at node, folder, and sub-folder levels

When you right-click an alias node, codebase node, folder, or sub-folder in the File Search Results pane in the Analysis Workbench, and then select Show File Evidence, the Evidence Details tab on the right displays the message “No Evidences found”.

However, when you select Show File Evidence at the file level in the File Search Results pane, the evidences properly are listed on the Evidence Details tab as expected.

This behavior occurs whether the files were scanned by a Scan Server or a scan-agent plugin.

Workaround: None exists.

SCA-41964: Empty results when Advanced Search with “File Path” criterion attempts to fetch 2000 or more results

An Advanced Search using the File Path criterion can produce empty results in the Analysis Workbench if the search attempts to retrieve 2000 or more results. This issue can occur whether searching a file system scanned by a remote scan agent or a codebase scanned by a Scan Server.

This issue does not occur when the search fetches less than 2000 results.

Workaround: None exists.

SCA-27011: Advanced Search based on low confidence inventory not working

In the Analysis Workbench, an Advanced Search for files associated with inventory that has a low confidence level is returning incorrect or no results.

Workaround: None exists.

SCA-22398: Licenses not highlighted even though evidence exists

Cases can occur during a scan when a license is discovered in the scan results and listed on the Evidence Summary tab, but no associated license text is highlighted on the Partial Matches tab. The lack of highlighting occurs because the scanner is unable to calculate the offsets for license text in the file.

Workaround: None exists.

SCA-22308: “Email/URLs” evidence truncated

In some cases after running a scan, the Email/URLs evidence on the Evidence Details tab in Analysis Workbench is truncated.

Workaround: None exists.

SCA-10414: Associated files not displayed when user adds more than 37K files to inventory

When more than 37K files are added to an inventory item, the associated files are not displayed on the Associated Files tab.

Workaround: Right-click the inventory item and select Show Inventory Files. The content on the File Search Results pane in Analysis Workbench is filtered to the associated files for the inventory item.

SCA-54661: Files associated with inventory item fail to appear when navigating to the next and last page on the Associated Files tab

On the Associated Files tab in the Project Inventory view and Analysis Workbench, when navigating to next page by clicking the > (next-page) icon and to last page by clicking the >> (last-page) icon, files associated with the inventory item—having 3k or more files—are not being displayed.

Workaround: None exists.

SCA-54998: Inventories display failure for large codebases scans using scan-agent plugin in the SQL server environment

For a plugin scans a large number of codebase files, right-clicking the scan-agent plugin alias node in the Codebase Files pane of the Analysis Workbench and then selecting Show File Inventory from the pop-up menu leads to a failure to display the associated inventory items in the Inventory Items pane.

note

Consider the following conditions contributing to this issue:

  • When Code Insight scanned only the large number of codebases, generating a large number of inventory items.

  • When Code Insight used only the SQL Server database.

  • When inventory items are filtered only by remote plugin alias.

Workaround: Select and right-click the main codebase folder node or any folder/subfolders nodes directly under the scan-agent plugin alias node in the Codebase Files pane from which you want the inventory items, and then select the Show file Inventory from the pop-up menu to display the correct associated inventory items in the Inventory Items pane.