Sick Gaming
What’s new in Red Hat Dependency Analytics - Printable Version

+- Sick Gaming (https://www.sickgaming.net)
+-- Forum: Programming (https://www.sickgaming.net/forum-76.html)
+--- Forum: Java Language, JVM, and the JRE (https://www.sickgaming.net/forum-78.html)
+--- Thread: What’s new in Red Hat Dependency Analytics (/thread-97105.html)



What’s new in Red Hat Dependency Analytics - xSicKxBot - 09-08-2020

What’s new in Red Hat Dependency Analytics

<div style="margin: 5px 5% 10px 5%;"><img src="https://www.sickgaming.net/blog/wp-content/uploads/2020/01/whats-new-in-red-hat-dependency-analytics.png" width="300" height="188" title="" alt="" /></div><div><p>We are excited to announce a new release of Red Hat Dependency Analytics, a solution that enables developers to create better applications by evaluating and adding high-quality open source components, directly from their IDE.</p>
<p>Red Hat Dependency Analytics helps your development team avoid security and licensing issues when building your applications. It plugs into the developer’s IDE, automatically analyzes your software composition, and provides recommendations to address security holes and licensing problems that your team may be missing.</p>
<p>Without further ado, let’s jump into the new capabilities offered in this release. This release includes a new version of the IDE plugin and the server-side analysis service hosted by Red Hat.<span id="more-626717"></span></p>
<h3>Support for Python applications</h3>
<p>Along with <a href="https://developers.redhat.com/developer-tools/java">Java</a> (maven) and JavaScript (npm), Dependency Analytics now offers its full set of capabilities for Python (PyPI) applications. From your IDE, you can perform the vulnerability and license analysis of the “requirements.txt” file of your Python application, incorporate the recommended fixes, and generate the stack analysis report for more details.</p>
<p><iframe src="https://www.youtube.com/embed/sy2gUH2iPOg" width="560" height="315" frameborder="0" allowfullscreen="allowfullscreen"></iframe></p>
<h3>Software composition analysis based on current vulnerability data</h3>
<p>An estimated 15,000 open source packages get updated every day. On average, three new vulnerabilities get posted every day across JavaScript (npm) and Python (PyPi) packages. With this new release, the server-side analysis service hosted by Red Hat automatically processes the daily updates to open source packages that it is tracking. The hosted service also automatically ingests new vulnerability data posted to <a href="https://nvd.nist.gov/">National Vulnerability Database</a> (NVD) for JavaScript and Python packages. This allows the IDE plugin and API calls to provide source code analysis based on current vulnerability and release data.</p>
<h3>Analyze transitive dependencies</h3>
<p>In addition to the direct dependencies included in your application, Dependency Analytics now leverages the package managers to discover and add the dependencies of those dependencies, called “transitive” dependencies, to the dependency graph of your application. Analysis of your application is performed across the whole graph model and recommendations for fixes are provided across the entire set of dependencies.</p>
<p><img loading="lazy" class="wp-image-630267 aligncenter" src="https://developers.redhat.com/blog/wp-content/uploads/2020/09/Screen-Shot-2019-09-19-at-10.16.08-AM-300x188.png" alt="" width="700" height="439" srcset="https://developers.redhat.com/blog/wp-content/uploads/2020/09/Screen-Shot-2019-09-19-at-10.16.08-AM-300x188.png 300w, https://developers.redhat.com/blog/wp-content/uploads/2020/09/Screen-Shot-2019-09-19-at-10.16.08-AM-768x480.png 768w, https://developers.redhat.com/blog/wp-content/uploads/2020/09/Screen-Shot-2019-09-19-at-10.16.08-AM-1024x640.png 1024w" sizes="(max-width: 700px) 100vw, 700px" /></p>
<h3>Recommendations about complementary open source libraries</h3>
<p>With this release, Dependency Analytics looks to recommend high-quality open source libraries that are complementary to the dependencies included in your application. The machine learning technology of the hosted service collects and analyzes various statistics on GitHub to curate a list of high-quality open source libraries that can be added to the current set of dependencies to augment your application. You can provide your feedback about the add-on libraries by clicking on the “thumbs-up” or “thumbs-down” icons shown for each recommendation. Your feedback is automatically processed to improve the quality of the recommendations.</p>
<p><img loading="lazy" class="wp-image-630277 aligncenter" src="https://developers.redhat.com/blog/wp-content/uploads/2020/09/Screen-Shot-2019-09-19-at-10.29.44-AM-300x188.png" alt="" width="701" height="439" srcset="https://developers.redhat.com/blog/wp-content/uploads/2020/09/Screen-Shot-2019-09-19-at-10.29.44-AM-300x188.png 300w, https://developers.redhat.com/blog/wp-content/uploads/2020/09/Screen-Shot-2019-09-19-at-10.29.44-AM-768x480.png 768w, https://developers.redhat.com/blog/wp-content/uploads/2020/09/Screen-Shot-2019-09-19-at-10.29.44-AM-1024x640.png 1024w" sizes="(max-width: 701px) 100vw, 701px" /></p>
<h3>IDE plugin support</h3>
<p>The Dependency Analytics IDE plugin is now available for VS Code, Eclipse Che, and any JetBrains IDE, including IntelliJ and PyCharm.</p>
<p>We will continuously release new updates to our Dependency Analytics solution so you can minimize the delays in delivery of your applications due to last-minute security and licensing related issues.</p>
<p>Stay tuned for further updates; we look forward to your feedback about Dependency Analytics.</p>
<p><a class="a2a_button_facebook" href="https://www.addtoany.com/add_to/facebook?linkurl=https%3A%2F%2Fdevelopers.redhat.com%2Fblog%2F2019%2F10%2F15%2Fwhats-new-in-red-hat-dependency-analytics%2F&amp;linkname=What%E2%80%99s%20new%20in%20Red%20Hat%20Dependency%20Analytics" title="Facebook" rel="nofollow noopener noreferrer" target="_blank"></a><a class="a2a_button_twitter" href="https://www.addtoany.com/add_to/twitter?linkurl=https%3A%2F%2Fdevelopers.redhat.com%2Fblog%2F2019%2F10%2F15%2Fwhats-new-in-red-hat-dependency-analytics%2F&amp;linkname=What%E2%80%99s%20new%20in%20Red%20Hat%20Dependency%20Analytics" title="Twitter" rel="nofollow noopener noreferrer" target="_blank"></a><a class="a2a_button_linkedin" href="https://www.addtoany.com/add_to/linkedin?linkurl=https%3A%2F%2Fdevelopers.redhat.com%2Fblog%2F2019%2F10%2F15%2Fwhats-new-in-red-hat-dependency-analytics%2F&amp;linkname=What%E2%80%99s%20new%20in%20Red%20Hat%20Dependency%20Analytics" title="LinkedIn" rel="nofollow noopener noreferrer" target="_blank"></a><a class="a2a_button_email" href="https://www.addtoany.com/add_to/email?linkurl=https%3A%2F%2Fdevelopers.redhat.com%2Fblog%2F2019%2F10%2F15%2Fwhats-new-in-red-hat-dependency-analytics%2F&amp;linkname=What%E2%80%99s%20new%20in%20Red%20Hat%20Dependency%20Analytics" title="Email" rel="nofollow noopener noreferrer" target="_blank"></a><a class="a2a_button_print" href="https://www.addtoany.com/add_to/print?linkurl=https%3A%2F%2Fdevelopers.redhat.com%2Fblog%2F2019%2F10%2F15%2Fwhats-new-in-red-hat-dependency-analytics%2F&amp;linkname=What%E2%80%99s%20new%20in%20Red%20Hat%20Dependency%20Analytics" title="Print" rel="nofollow noopener noreferrer" target="_blank"></a><a class="a2a_button_reddit" href="https://www.addtoany.com/add_to/reddit?linkurl=https%3A%2F%2Fdevelopers.redhat.com%2Fblog%2F2019%2F10%2F15%2Fwhats-new-in-red-hat-dependency-analytics%2F&amp;linkname=What%E2%80%99s%20new%20in%20Red%20Hat%20Dependency%20Analytics" title="Reddit" rel="nofollow noopener noreferrer" target="_blank"></a><a class="a2a_button_flipboard" href="https://www.addtoany.com/add_to/flipboard?linkurl=https%3A%2F%2Fdevelopers.redhat.com%2Fblog%2F2019%2F10%2F15%2Fwhats-new-in-red-hat-dependency-analytics%2F&amp;linkname=What%E2%80%99s%20new%20in%20Red%20Hat%20Dependency%20Analytics" title="Flipboard" rel="nofollow noopener noreferrer" target="_blank"></a><a class="a2a_dd addtoany_share_save addtoany_share" href="https://www.addtoany.com/share#url=https%3A%2F%2Fdevelopers.redhat.com%2Fblog%2F2019%2F10%2F15%2Fwhats-new-in-red-hat-dependency-analytics%2F&title=What%E2%80%99s%20new%20in%20Red%20Hat%20Dependency%20Analytics" data-a2a-url="https://developers.redhat.com/blog/2019/10/15/whats-new-in-red-hat-dependency-analytics/" data-a2a-title="What’s new in Red Hat Dependency Analytics"><img src="https://static.addtoany.com/buttons/favicon.png" alt="Share"></a></p>
<p>The post <a rel="nofollow" href="https://developers.redhat.com/blog/2019/10/15/whats-new-in-red-hat-dependency-analytics/">What’s new in Red Hat Dependency Analytics</a> appeared first on <a rel="nofollow" href="https://developers.redhat.com/blog">Red Hat Developer</a>.</p>
</div>


https://www.sickgaming.net/blog/2019/10/15/whats-new-in-red-hat-dependency-analytics/