Basic Concepts
Open-Source Software
Open-source software is software that is released under a license, allowing groups and individuals to use, copy, distribute, modify, and release their own versions.
Open-Source License
Open-source software is accompanied by a license that grants permissions, rights, and obligations, while also setting limitations. All behaviors related to the open-source software should adhere to the license. Common licenses include the BSD license, Apache license, Eclipse Public License (EPL), and GNU General Public License (GPL).
Reports
CodeArts Governance generates a report after the binary component analysis is complete. The report may involve the following information that requires special attention.
- Open-Source Software Vulnerabilities: There are vulnerabilities in the open-source software list or version. Confirm whether to fix them, and then, install patches or upgrade the software as required.
- Key and Info Leakage: There may be sensitive information that is prone to breaches, such as weak passwords, hard-coded secret keys, and IP addresses. Confirm whether to fix it.
- Secure Compiler Options: The building or compilation scripts may have risks. Add secure compiler options for specific languages like C, C++, and Go to prevent attacks like buffer overflow.
- Security Configurations: The credentials and authentications may involve risks. Rectify the issues according to the reports.
- Open-Source Software Licenses: Licenses used in your artifact may be incompatible with each other. Using such licenses may violate regulations. Fix this issue if needed.
Feedback
Was this page helpful?
Provide feedbackThank you very much for your feedback. We will continue working to improve the documentation.See the reply and handling status in My Cloud VOC.
For any further questions, feel free to contact us through the chatbot.
Chatbot
