Logo Sonatype CLM Sonatype CLM Server - Policy Management Guide
Documentation Index
Sonatype CLM Downloads
Document Descriptions
Release Notes

Sonatype CLM Server
Installation and Deployment Guide
Security Administration Guide
Policy Management Guide
Report User Guide

CI User Guide

IDE User Guide

Repository Manager User Guide

Nine Steps For Open Source Governance
Optimized Component Lifecycle Management with Sonatype CLM

Sonatype CLM Server - Policy Management Guide

Chapter 9. Reviewing Evaluation Results

9.1. Accessing the Application Composition Report
9.2. Reviewing the Report
9.3. Summary

The Application Composition Report provides the results of an evaluation of your application. The results are broken into three key categories:

  • Policy Violations
  • Security Vulnerabilities
  • License Issues.

As mentioned previously, this will be the same report, whether you are using the stand-alone scanner, the CLM Maven plugin, the manual evaluation, or and of the integrated enforcement points (e.g. Sonatype CLM for CI, IDE, Nexus Pro).

Let’s take a look at how to access the report first.

Note

Depending on the enforcement point, or the stage options you manually selected, your report may be listed under different stages in the Reporting area of the Sonatype CLM Server. For example, the default location for the stand alone scanner, is the build stage.