You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: docs/organizations/managing-security-and-risk.md
+22Lines changed: 22 additions & 0 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -6,6 +6,7 @@ Under Security and risk management, you can find the following pages to help you
6
6
7
7
-[Overview](#dashboard)
8
8
-[Findings](#item-list)
9
+
-[Dependencies](#dependencies-list)
9
10
10
11
In addition, on these pages, you can [share filtered views of findings](#sharing-filtered-view), [export findings as a CSV file](#exporting-the-security-item-list), and [review severity rules and integration settings](#reviewing-settings)
11
12
@@ -514,6 +515,27 @@ Security and risk management supports checking the languages and infrastructure-
514
515
</tbody>
515
516
</table>
516
517
518
+
## Dependencies {: id="dependencies-list"}
519
+
520
+
The **Security and risk management dependencies** page displays a unified view of all dependencies used by your repositories.
521
+
522
+
To access the dependencies page, access the [overview page](#dashboard) and click the **Findings** tab.
523
+
524
+
525
+
526
+
When viewing dependencies, you'll be presented with a list of the dependencies used by all repositories in your organization. For each dependency, you'll be able to see how many repositories are making use of it, how many different versions you are using across all repositories, and how many security findings were found due to the presence of that dependency.
527
+
528
+
You're also able to click any dependency to find out more information about it.
529
+
530
+
531
+
532
+
The dependency overview page offers a quick birds-eye view of that particular dependency. You'll be able to see all different versions that are being used, including which repository is using them, the oldest and most recent versions you're leveraging, as well as the highest criticality of security issues and the license applied to any particular version of that dependency.
533
+
534
+
!!! important
535
+
The dependency explorer is a timed business-tier feature! We'll be releasing it to every Pro user in the near future, but if in the meanwhile you want to learn about it, and other business features we're offering or have planned [get in touch with us](https://www.codacy.com/pricing)!
536
+
537
+
538
+
517
539
<sup><spanid="semgrep">1</span></sup>: Semgrep supports additional security rules when signing up for [Semgrep Pro](https://semgrep.dev/pricing/).
518
540
<sup><spanid="yaml-only">2</span></sup>: Currently, Trivy only supports scanning YAML files on this platform.
519
541
<sup><spanid="client-side">3</span></sup>: Supported as a [client-side tool](../repositories-configure/local-analysis/client-side-tools.md).
0 commit comments