Skip to main content

Component Info View

Visualization Chart

  • This chart shows the properties of the known versions of the selected component ordered from the oldest to the newest.

  • Clicking on any section in the visualization will display details for that specific version in the fields below the visualization.

  • Use the arrows to navigate the full range of available versions.


The heatmap colors represent the highest policy threat levels for each version, with no marker indicating no threat. The properties displayed include:




The relative popularity of a version as compared to the other versions of this component.

Policy Threat

the aggregate of all policy types


security violation policies (known CVEs, Suspicious, or Malicious threat)


licensing violation policies


architectural policies from the component metadata


policy constraints outside of those covered above

The represented values for the heatmap colors are as follows:

For Popularity

  • Grey - any versions older than the current version.

  • Green - newer, but within the same major version of the component.

  • Blue - newer component versions, but with a greater major version than the current component.

For Policy Threat

  • Blue - no risk

  • Yellow - minor risk

  • Orange - medium risk

  • Red - high risk

Version Details

Some of the known metadata of a specific component version is displayed along with access to further features:




Component Identifier

ecosystem-specific fields for grouping and naming the component


currently selected version

Overridden License

chosen license to use

Declared License

specific license declared in the versions manifest

Observed License

licenses found in a source code

Highest Policy Threat

highest threat level violation found

Highest CVSS Score

score of the highest security issue


age of the component listed in the repository

Identification Source

the source of the available metadata


link to the project's website when available

View Details

button to display the details of the selected component

Migrate to Selected

modify the source code to reference the new version