Managing NG-bridge (Digest Data) Updates for Code Insight
The NG-bridge module delivers digest-match data to Code Insight that is used to perform exact matching by the scanner. NG-bridge is Code Insight’s next generation bridge solution that complements the Compliance Library (CL) with digest-match data beyond that provided in CL 2.43. The NG-bridge component is included with Code Insight and is a separate module that runs along-side the product to support “exact match” functionality.
Background
During exact-file matching, the scanner compares each scanned codebase file with the data set across the CL and NG-bridge and reports on any exact matches to open-source software (OSS) files or third-party files in the collection. This matching process compares the MD5s of codebase files against the MD5s stored in the CL and the NG-bridge index for OSS or third-party files.
Automatic Updates Managed by an Internal Update Facility
Starting with the 2020 R4 release, Code Insight began support for a secondary data source for digest matches as an overlay to the data in the CL. Updates to the second data source (NG-bridge) are planned on a regular basis and will keep the MD5 data for exact-file matching up to date. Each NG-bridge data update release is incremental, providing only changes since the last update release. During a Comprehensive scan, the MD5 of a codebase file is checked against both the CL and the NG-bridge index to search for a match. If a match is found in any location, it is recorded in the Analysis Workbench as evidence.
Code Insight provides an internal NG-bridge data update facility that automatically checks for, downloads, and processes update releases on your machine at a regularly scheduled time.
If your site does not have Internet access, Code Insight offers a manual download option for the NG-bridge data update releases. After you have downloaded the update files, the internal update facility will process these files at the next scheduled update time. (Without Internet access, automatic NG-bridge downloads will continue to trigger at the scheduled time but fail with an error message. These attempts do not impact your system nor the processing of the files you have manually downloaded.)
By default, the NG-bridge data update facility is initially disabled. To enable it so that you can obtain NG-bridge data updates, follow the procedure described in Enabling/Disabling NG-bridge Data Updates. (If you do not have the CL installed or are not performing exact-file matching, you can keep the facility disabled.) Once enabled, the facility can always be disabled as necessary for your site.
Configuring the Update Process for Your Site
The following procedures can be used to configure NG-bridge data updates for your site: