How are you tracking the software bugs in your open source components? How do you know if a new version was released that solves a major issue?
Get real-time alerts on severe software bugs
WhiteSource continuously tracks open source projects’ bug trackers, meaning it reports security and quality bugs for each library version. We then alert you in real-time on severe software bugs discovered in your open source components, and you will also be notified if the bug was fixed in a later version. All this information will help you decide which version to use, or whether you should upgrade or not.
Each bug is classified based on its severity:
You can also generate an automated report of all your severe software bugs, per product and severity, in only one click.
Choose libraries according to their quality scoring
WhiteSource also calculates a quality rating for each component version. This scoring enables you to make a more educated decision when you are considering upgrading to a newer version.
Furthermore, our selection tool ► indicates this quality scoring, thereby helping you choose better maintained open source components before even download and integrate them with your code.
Our quality scoring is an aggregated value calculated for each open source library version based on three parameters:
- Bug Statistic – Reflects the amount and severity of open bugs for each specific version.
- Fix rating - Represents the number of bugs fixed in each specific version.
- Source Control Activity- Uses the number of commits as an indicator of its level of activity.
Automate your policies
You can also set up automated policies based on each component’s ‘Bug Rating’ to automatically reject or request specific approval when such a buggy component is added to the build. Read more about automated policies here ►.