WhiteSource BoltDetect & fix security vulnerabilities, problematic open source licenses. This extension is now unpublished from Marketplace. You can choose to uninstall it. |
We've launched a new WhiteSource Bolt extension. Click here for more information.We help you harness the power of open source without compromising on security or agility! WhiteSource Bolt for Azure DevOps is a FREE extension, which scans all your projects and detects open source components, their license and known vulnerabilities. Not to mention, we also provide fixes. We've got you covered with support for most common programming languages and continuous tracking of multiple open source vulnerabilities databases like the NVD, security advisories, peer-reviewed vulnerability databases, and popular open source projects issue trackers. WhiteSource Secures & Manages Your Open Source UsageWhiteSource integrates with your Azure DevOps or Team Foundation Server (TFS) continuous integration servers and detects all open source components in your software, without ever scanning your code. It provides you with real-time alerts on vulnerable and outdated open source components and generates comprehensive up-to-date inventory, licenses and security reports with only one click. You can scan any project up to 5 times a day. Get Real-Time Alerts on Security VulnerabilitiesWhiteSource provides real-time feedback whenever a vulnerable open source component is added to your build or when a vulnerability is discovered in a component already used in your software. You will also be alerted on copyleft open source licenses and outdated libraries with suggested resolution paths.
Ensure license complianceWhiteSource detect all licenses of your open source components and provides its license reference link as required in open source due diligence reports. In addition to comprehensive detailed reports, including all dependencies’ licenses, it also provides an overview of the open source licenses distribution per build and per project.
Automated Up-to-Date Inventory ReportsWhiteSource analyzes your open source usage every time you run your build. Therefore, you can download a full and accurate open source BoM report based on your last build at any given point. Each report will include the library with a download or library home page link and a license reference link.
Track the Outdated Libraries in Your ProjectWhiteSource also helps you to track the outdated libraries in your projects with detailed information on newer version and recommendations.
|
