0 0
Read Time:2 Minute, 11 Second

Revenera’s OSS Inspector plugin enables developers to assess open source software risks without leaving their integrated development environment

Revenera, producer of leading solutions that help technology companies build better products, accelerate time-to-value, and monetize what matters, today announced the availability of OSS Inspector.

Revenera’s OSS Inspector is a comprehensive, time-efficient approach to open source software (OSS) management. The Revenera OSS Inspector plugin enables developers using IntelliJ IDEA, an integrated development environment (IDE), to examine, within the IDE itself, the licenses and security vulnerabilities associated with the OSS components used in the application code. Without leaving the IDE, developers can immediately assess security risks to determine whether they require further review and remediation.

OSS Inspector helps developers gain a complete understanding of the dependency tree before they introduce new components into code. By providing insights into open source components prior to check-in, OSS Inspector saves significant time and effort, avoiding costly issues later in the development cycle. As part of a comprehensive approach to software composition analysis (SCA), OSS Inspector also prevents the injection of components with copyleft licenses or security vulnerabilities, ensuring that code remains secure and compliant right from the start.

“More than 80 percent of software applications incorporate open source software, offering advantages such as adaptability, cost-effectiveness, and collaborative development. However, failure to address the associated challenges of OSS use, including security vulnerabilities, license compliance issues, and code quality, can lead to serious consequences, such as data breaches and compliance violations,” said Venkat Ram Donga, Product Management Director at Revenera. “Revenera’s OSS Inspector addresses these challenges by offering a comprehensive, proactive, and efficient approach to open source management. OSS Inspector enables developers to gain a complete understanding of their project’s OSS dependency tree, and helps prevent technical debt.”

Revenera’s OSS Inspector supports developers by providing:

  • Comprehensive dependency analysis: OSS Inspector inspects Gradle projects for OSS components, presenting developers with a full dependency tree that includes detailed metadata, such as component name, version, license, and vulnerabilities.
  • Seamless integration with IntelliJ IDEA: The OSS Inspector plugin is specifically designed for developers using IntelliJ IDEA for Java and Kotlin projects. It allows for in-IDE examination of OSS licenses and security vulnerabilities, enabling immediate assessment and remediation without leaving the development environment.
  • Enhanced security and compliance: By providing insights into OSS components before check-in, OSS Inspector helps developers maintain secure and compliant code from the start. Key features include identification of components with copyleft licenses and vulnerabilities, as well as providing critical information such as PURL (Package URL), vulnerability ID, severity level, and CVSS score.

About Post Author

TheTechGossip

Happy
Happy
0 %
Sad
Sad
0 %
Excited
Excited
0 %
Sleepy
Sleepy
0 %
Angry
Angry
0 %
Surprise
Surprise
0 %