Library hierarchy

When an open-source library is added to an application, all of the library's dependencies are also inherited. Some of these indirect dependencies may introduce vulnerable code into your applications. The Contrast CLI identifies all open-source libraries and sends the data to Contrast, where you can visualize these libraries as a hierarchical dependency tree.

To display library hierarchy for your application, Contrast must have to access your application code at pre-compile time⁠—a different stage of the software development lifecycle (SDLC) than the Contrast agents collect. To do this, you must have installed and run the Contrast CLI for your applications.