View dependency trees

When an open-source library is added to an application, all of the library's dependencies are also inherited. Some of these indirect dependencies may introduce vulnerable code into your applications. The Contrast CLI identifies all library dependencies and sends the data to Contrast, where you can visualize these libraries as a hierarchical dependency tree.Contrast CLI

To display library hierarchy for your application, Contrast must have to access your application code at pre-compile time⁠—a different stage of the software development lifecycle (SDLC) than the Contrast agents collect. To do this, you must have installed and run the Contrast CLI for your applications.Contrast CLI

To view an application's library dependency tree:

  1. Select Applications in the header.

  2. Select an application.

  3. From the application's Overview page, select the Libraries tab.

  4. Select the dependency tree  icon to view the analysis of your application.

  5. In this view, Contrast displays the dependency tree for your application's libraries based on the data collected by the Contrast CLI. Within the tree, you can use the carets to expand sections for more information.Contrast CLI