Library scan for live applications
First Claim
1. A method, comprising:
- detecting a triggering event for scanning an application package deployed in a distributed computing platform for licensing information, the event providing an identifier of the application package;
identifying, in response to the triggering event and based on the identifier of the application package, a package manager that staged the application package in the distributed computing platform, wherein the package manager is configured to transform code of an application program into an executable component of the application package for the distributed computing platform;
obtaining, from the application package and the package manager, respective paths of a plurality of libraries of the application package;
determining a respective checksum of each respective path of each library of the plurality of libraries of the application package;
performing a name and version lookup in a library index database using each respective checksum to obtain a respective name and a respective version identifier for each library of the plurality of libraries of the application package, wherein the library index database stores checksums of a plurality of versions of a plurality of libraries;
obtaining, from a license database, respective content of a respective license or a respective authorization of each library using the respective name and respective version identifier obtained for the library;
determining, based on content of the licenses or authorizations, that the plurality of libraries of the application package include an unlicensed or unauthorized component; and
providing a notification of the unlicensed or unauthorized component for presentation on a client device,wherein the method is performed by one or more processors.
1 Assignment
0 Petitions
Accused Products
Abstract
Methods, systems, and computer-readable media for monitoring states of application packages deployed on a cloud-based application deployment platform. A notification service retrieves a copy of a deployed application package and metadata associated with the application package from the cloud-based deployment platform, and identifies libraries of the application package. The notification service can then determine which, if any, libraries are or will become out-of-date, and obtain license information about the libraries. The notification service can provide notifications of any outdated components and on license compatibilities or incompatibilities. The notification service can automatically restage the application package, or update the license, upon finding outdated components or license incompatibilities.
24 Citations
15 Claims
-
1. A method, comprising:
-
detecting a triggering event for scanning an application package deployed in a distributed computing platform for licensing information, the event providing an identifier of the application package; identifying, in response to the triggering event and based on the identifier of the application package, a package manager that staged the application package in the distributed computing platform, wherein the package manager is configured to transform code of an application program into an executable component of the application package for the distributed computing platform; obtaining, from the application package and the package manager, respective paths of a plurality of libraries of the application package; determining a respective checksum of each respective path of each library of the plurality of libraries of the application package; performing a name and version lookup in a library index database using each respective checksum to obtain a respective name and a respective version identifier for each library of the plurality of libraries of the application package, wherein the library index database stores checksums of a plurality of versions of a plurality of libraries; obtaining, from a license database, respective content of a respective license or a respective authorization of each library using the respective name and respective version identifier obtained for the library; determining, based on content of the licenses or authorizations, that the plurality of libraries of the application package include an unlicensed or unauthorized component; and providing a notification of the unlicensed or unauthorized component for presentation on a client device, wherein the method is performed by one or more processors. - View Dependent Claims (2, 3, 4, 5, 6)
-
-
7. A system comprising:
one or more computers and one or more storage devices on which are stored instructions that are operable, when executed by the one or more computers, to cause the one or more computers to perform operations comprising; detecting a triggering event for scanning an application package deployed in a distributed computing platform for licensing information, the event providing an identifier of the application package; identifying, in response to the triggering event and based on the identifier of the application package, a package manager that staged the application package in the distributed computing platform, wherein the package manage is configured to transform code of an application program into an executable component of the application package for the distributed computing platform; obtaining, from the application package and the package manager, respective paths of a plurality of libraries of the application package; determining a respective checksum of each respective path of each library of the plurality of libraries of the application package; performing a name and version lookup in a library index database using each respective checksum to obtain a respective name and a respective version identifier for each library of the plurality of libraries of the application package, wherein the library index database stores checksums of a plurality of versions of a plurality of libraries; obtaining, from a license database, respective content of a respective license or a respective authorization of each library using the respective name and respective version identifier obtained for the library; determining, based on content of the licenses or authorizations, that the plurality of libraries of the application package include an unlicensed or unauthorized component; and providing a notification of the unlicensed or unauthorized component for presentation on a client device. - View Dependent Claims (8, 9, 10, 11, 12)
-
13. A non-transitory storage device storing instructions that are operable, when executed by one or more computers, to cause the one or more computers to perform operations comprising:
-
detecting a triggering event for scanning an application package deployed in a distributed computing platform for licensing information, the event providing an identifier of the application package; identifying, in response to the triggering event and based on the identifier of the application package, a package manager that staged the application package in the distributed computing platform, wherein the package manage is configured to transform code of an application program into an executable component of the application package for the distributed computing platform; obtaining, from the application package and the package manager, respective paths of a plurality of libraries of the application package; determining a respective checksum of each respective path of each library of the plurality of libraries of the application package; performing a name and version lookup in a library index database using each respective checksum to obtain a respective name and a respective version identifier for each library of the plurality of libraries of the application package, wherein the library index database stores checksums of a plurality of versions of a plurality of libraries; obtaining, from a license database, respective content of a respective license or a respective authorization of each library using the respective name and respective version identifier obtained for the library; determining, based on content of the licenses or authorizations, that the plurality of libraries of the application package include an unlicensed or unauthorized component; and providing a notification of the unlicensed or unauthorized component for presentation on a client device. - View Dependent Claims (14, 15)
-
Specification