About Black Duck KnowledgeBase components

The Black Duck® KnowledgeBase™ (Black Duck KB) is the industry’s most comprehensive database of open source component information. Since 2003, Black Duck has searched the Internet for information on open source software (OSS) components and downloadable source code. The complete version of Black Duck KB includes more than 2 million unique components from more than 10,000 sites and contains detailed data on more than 79,000 actively traced vulnerabilities across more than 530 billion lines of code. The Black Duck KB includes detailed data for more than 2,500 unique licenses, including the full license text and dozens of encoded attributes and obligations for each license. Black Duck connects to a version of Black Duck KB hosted in the cloud.

New OSS component versions and meta data, such as vulnerabilities, are continually added and updated to the version of Black Duck KB that supports Black Duck.

The Black Duck KB provides information about OSS components at the component level and at the component version level.

So that your BOM accurately reflects your project, users with the Component Manager role can:

• Modify Black Duck KB components and/or Black Duck KB component versions.

• Undo these modifications and reset the KB data back to its original values.

• Define an approval status for a Black Duck KB component and/or component version to ensure that only approved components/version are included in your BOM.