Create an account


Thread Rating:
  • 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
What’s new in Red Hat Dependency Analytics

#1
What’s new in Red Hat Dependency Analytics

We are excited to announce a new release of Red Hat Dependency Analytics, a solution that enables developers to create better applications by evaluating and adding high-quality open source components, directly from their IDE.

Red Hat Dependency Analytics helps your development team avoid security and licensing issues when building your applications. It plugs into the developer’s IDE, automatically analyzes your software composition, and provides recommendations to address security holes and licensing problems that your team may be missing.

Without further ado, let’s jump into the new capabilities offered in this release. This release includes a new version of the IDE plugin and the server-side analysis service hosted by Red Hat.

Support for Python applications


Along with Java (maven) and JavaScript (npm), Dependency Analytics now offers its full set of capabilities for Python (PyPI) applications. From your IDE, you can perform the vulnerability and license analysis of the “requirements.txt” file of your Python application, incorporate the recommended fixes, and generate the stack analysis report for more details.

Software composition analysis based on current vulnerability data


An estimated 15,000 open source packages get updated every day. On average, three new vulnerabilities get posted every day across JavaScript (npm) and Python (PyPi) packages. With this new release, the server-side analysis service hosted by Red Hat automatically processes the daily updates to open source packages that it is tracking. The hosted service also automatically ingests new vulnerability data posted to National Vulnerability Database (NVD) for JavaScript and Python packages. This allows the IDE plugin and API calls to provide source code analysis based on current vulnerability and release data.

Analyze transitive dependencies


In addition to the direct dependencies included in your application, Dependency Analytics now leverages the package managers to discover and add the dependencies of those dependencies, called “transitive” dependencies, to the dependency graph of your application. Analysis of your application is performed across the whole graph model and recommendations for fixes are provided across the entire set of dependencies.

https://developers.redhat.com/blog/wp-co...68x480.png 768w, https://developers.redhat.com/blog/wp-co...24x640.png 1024w" sizes="(max-width: 700px) 100vw, 700px" />

Recommendations about complementary open source libraries


With this release, Dependency Analytics looks to recommend high-quality open source libraries that are complementary to the dependencies included in your application. The machine learning technology of the hosted service collects and analyzes various statistics on GitHub to curate a list of high-quality open source libraries that can be added to the current set of dependencies to augment your application. You can provide your feedback about the add-on libraries by clicking on the “thumbs-up” or “thumbs-down” icons shown for each recommendation. Your feedback is automatically processed to improve the quality of the recommendations.

https://developers.redhat.com/blog/wp-co...68x480.png 768w, https://developers.redhat.com/blog/wp-co...24x640.png 1024w" sizes="(max-width: 701px) 100vw, 701px" />

IDE plugin support


The Dependency Analytics IDE plugin is now available for VS Code, Eclipse Che, and any JetBrains IDE, including IntelliJ and PyCharm.

We will continuously release new updates to our Dependency Analytics solution so you can minimize the delays in delivery of your applications due to last-minute security and licensing related issues.

Stay tuned for further updates; we look forward to your feedback about Dependency Analytics.

Share

The post What’s new in Red Hat Dependency Analytics appeared first on Red Hat Developer.



https://www.sickgaming.net/blog/2019/10/...analytics/
Reply



Possibly Related Threads…
Thread Author Replies Views Last Post
  What’s new in Red Hat Dependency Analytics xSicKxBot 0 125 06-03-2020, 12:44 AM
Last Post: xSicKxBot
  What’s new in Red Hat Dependency Analytics xSicKxBot 0 289 01-28-2020, 09:32 PM
Last Post: xSicKxBot

Forum Jump:

Become a Patron!
[-]
Upcoming Events

[-]
Latest Threads
Xbox Wire - Xbox Insider Release Notes –...
Last Post: xSicKxBot
Today 02:31 PM
» Replies: 0
» Views: 2
News - Video: The lighting technology of...
Last Post: xSicKxBot
Today 02:30 PM
» Replies: 0
» Views: 3
News - Talking Point: What Are You Playi...
Last Post: xSicKxBot
Today 02:22 PM
» Replies: 0
» Views: 2
News - Of Course Scalpers Are Already Li...
Last Post: xSicKxBot
Today 02:22 PM
» Replies: 0
» Views: 2
News - Xbox Could Offer Streaming Stick ...
Last Post: xSicKxBot
Today 02:21 PM
» Replies: 0
» Views: 3
(Indie Deal) FREE Ghost Sweeper, ? NBA 2...
Last Post: xSicKxBot
Today 08:16 AM
» Replies: 0
» Views: 4
(Free Game Key) BigFish Game of Your Cho...
Last Post: xSicKxBot
Today 08:16 AM
» Replies: 0
» Views: 5
News - Random: Not Everyone Is Happy Wit...
Last Post: xSicKxBot
Today 08:15 AM
» Replies: 0
» Views: 3
News - Xbox Could Offer Streaming Stick ...
Last Post: xSicKxBot
Today 08:15 AM
» Replies: 0
» Views: 4
microStudio Game Engine Hands-On
Last Post: xSicKxBot
Today 12:22 AM
» Replies: 0
» Views: 6

[-]
Twitter

[-]
Sponsored
Get the Deal of the Week at RefurBees.com

Copyright © SickGaming.net 2012-2020