What do you like most about WhiteSource?
Thanks for sharing your thoughts with the community!
The solution boasts a broad range of features and covers much of what an ideal SCA tool should.
The solution is scalable.
The license management of WhiteSource was at a good level. As compared to other tools that I have used, its functionality for the licenses for the code libraries was quite good. Its UI was also fine.
Its ease of use and good results are the most valuable.
The most valuable feature is the unified JAR to scan for all langs (wss-scanner jar).
With the fix suggestions feature, not only do you get the specific trace back to where the vulnerability is within your code, but you also get fix suggestions.
The reporting capability gives us the option to generate an open-source license report in a single click, which gets all copyright and license information, including dependencies.
It gives us full visibility into what we're using, what needs to be updated, and what's vulnerable, which helps us make better decisions.
Our dev team uses the fix suggestions feature to quickly find the best path for remediation.
For us, the most valuable tool was open-source licensing analysis.
Attribution and license due diligence reports help us with aggregating the necessary data that we, in turn, have to provide to satisfy the various licenses copyright and component usage disclosures in our software.
The most valuable features are the reporting, customizing libraries "In-house, White list, license selection", comparing the products/projects, and License & Copyright resolution.
The most valuable feature is the inventory, where it compiles a list of all of the third-party libraries that we have on our estate.
Let the community know what you think. Share your opinions now!