Lineaje AI
Last updated
Last updated
Lineaje is powered by AI in Search and BOMbot.
BOMbot is a chatbot that can help answering questions about your projects.
With Lineaje BOMbot, you can chat, view the data for your question, ask for recommendation.
BOMbot can answer questions about your projects like
What are the critical vulnerabilities in the project?
How many critical vulnerabilities are present in the project that have available fixes?
Summarize the high severity vulnerabilities that have patches available in my SBOM
Show the exploitable vulnerabilities in the project
Which exploitable vulnerabilities in the project's dependencies have fixes available?
Show me vulnerable components that are older than 36 months
Show we critical vulnerabilities that have code issues
Along with the answers to your question, the BOMbot also gives all relevant data associated with the answer available under "View Details" link. Clicking on the link opens up a table view that shows all the relevant data.
You can ask BOMbot recommendations in fixing the issues. An e.g. recommendation is shown below
Query : "Show me the recommendation for fixing vulnerabilities"
"Recommendation
There are a total of 88 components, with 17 direct dependencies and 71 transitive dependencies. The direct dependencies consist of 17 OSS components, while the transitive dependencies consist of 71 OSS components.
The total vulnerability count is 70, with 38 direct vulnerabilities and 32 transitive vulnerabilities. The 38 direct vulnerabilities consist of 38 OSS vulnerabilities.
Of the direct dependency vulnerabilities, 3 components have vulnerabilities with fixes available, while 14 components have vulnerabilities without fixes available. There are 4 direct dependency vulnerabilities that have fixes available.
Here are some of the least effort changes that can be appliedpkg:maven/org.apache.rocketmq/rocketmq-broker@5.0.0 to pkg:maven/org.apache.rocketmq/rocketmq-broker@5.1.1 pkg:maven/org.apache.rocketmq/rocketmq-controller@5.0.0 to pkg:maven/org.apache.rocketmq/rocketmq-controller@5.1.1 pkg:maven/org.apache.rocketmq/rocketmq-namesrv@5.0.0 to pkg:maven/org.apache.rocketmq/rocketmq-namesrv@5.1.2
Since there are no vulnerabilities impacted by the least effort changes, the IRL score of 7.13 does not change for this scenario.
Here are some of the optimal effort changes that can be appliedpkg:maven/org.apache.rocketmq/rocketmq-broker@5.0.0 to pkg:maven/org.apache.rocketmq/rocketmq-broker@5.1.1 pkg:maven/org.apache.rocketmq/rocketmq-controller@5.0.0 to pkg:maven/org.apache.rocketmq/rocketmq-controller@5.1.1 pkg:maven/org.apache.rocketmq/rocketmq-namesrv@5.0.0 to pkg:maven/org.apache.rocketmq/rocketmq-namesrv@5.1.2
Applying the optimal effort changes reduces the total vulnerability count from 70 to 21, and the IRL score improves from 7.13 to 6.35."
