This section introduces you to the Components tab in Kiuwan Insights.
Contents:
The Components Inventory section shows the following information:
Kiuwan Insights provides a full list of all those components being used by your application.
For every 3rd party component, you will have access to detailed component information such as:
Name | Description |
---|---|
Component name | Name of the component |
Version | The version(s) in use |
Filename | The physical container (.jar, .dll, .js, etc) |
Language | The programming language it is written in. |
Obsolescence risk | A component’s Obsolescence Risk is a measure of the risk level relative to:
Both values are combined in the Obsolescence Risk to provide a value of the risk associated with using outdated or “dead” components. Please visit Obsolescence Risk for further information. |
License risk | A component’s License Risk is a measure of the risk level relative to the legal implications of used components’ licenses. Please visit Insights Licenses for further information. |
Security risk | A component’s Security Risk is based on CVSS v2 Base Scores (Severities) of its vulnerabilities:
|
By clicking on a component, you will have access to the following information:
With Kiuwan Insights you can identify different versions of the same component used by your application.
The below example shows that the analyzed application is incorporating two different versions of ZKoss common library: 8.0.1 and 6.0.0
Most probably, this component duplication is not intended, and it’s something that would produce maintainability headaches when upgrading to a newer version of the library.