Skip to main content

Export library details

Use the export function to download library details.

To export library details:

  1. Select Libraries in the header, then use the check marks in the left column of the libraries grid to select the library or libraries you want to use for the export. You can also click an individual library name to open the details panel.

  2. In the batch action menu that appears at the bottom of the page, or in the upper right of the details panel, select the Export icon, then select the format you want to use for the export.

    LibraryExport.png

The export will download to your desktop. Note that the XLSX format export will contain two tabs: Libraries and Vulnerabilities.

Note

Exported data reflects your role permissions. When you export library details, the results include only entries for servers you are authorized to view. Entries for servers outside your access are excluded automatically.

When you access the Libraries tab from a specific server and initiate an export there, you can filter the exported data to include only entries associated with that server or its applications. This gives you a focused export scoped to the server you are viewing, rather than all servers within your access. To filter by server or application context, select the appropriate option in the export dialog before downloading.

Data fields

Exports contain the following data fields for each library:

  • Library Name

  • Language

  • Version

  • Release Date

  • Latest Version

  • Grade

  • SHA1

  • CVE Count

  • Application Count

  • Server Count

  • Number of Classes

  • Number of Used Classes

  • Licenses

  • App Name

  • Server Name

  • Server Environment

  • Policy Violation

  • Severity

  • Tags

In addition to the above, the XLSX format export also contains a Vulnerabilities tab with the Hash, Library Name, CVE Name, Severity, and Severity Code fields.

Tip

To create more complex custom software composition analysis reports about your applications, you can use the Libraries API to access Contrast library data. You might also explore additional details on your libraries by using a manual method.

For example, this curl request retrieves a list of libraries, in which each library includes a list of applications that use the library. The jq tool formats the data as CSV for use in a custom report.

$ curl -H "Authorization: $(echo -n $username:$servicekey
base64)" -H "API-Key: $apikey" https://app.contrastsecurity.com/Contrast/api/ng/$org_id/libraries/filter?expand=apps 
jq -r '.libraries[]
{name: .file_name, app_name: .apps[].name}
[.name, .app_name] 
@csv'
In this section: