Snippet Matching Parameter Guidelines

The following command line parameters control how snippet matching is performed during signature scans:

--snippet-matching

Enables a two-phase approach to scanning. First, a component scan is completed for files that have changed since the previous scan. After that, a snippet scan runs on those newly scanned files only.

Black Duck Software recommends using this parameter for snippet scanning.

--snippet-matching-only

Runs a snippet scan only on files that have changed; a component scan is not performed. Ensure you have completed a full file scan prior to using this parameter.

--snippet-matching-all-source

Runs a snippet scan for all files with supported extensions, regardless of whether they belong to unmatched directories or archives.

--full-snippet-scan

Forces the snippet scan to search the KnowledgeBase regardless of locally cached matches from previous scans. This parameter must be used with one of the snippet matching parameters:

• --snippet-matching: Performs a signature scan first, then a snippet scan on unmatched files.

• --snippet-matching-only: Performs a snippet scan on unmatched files without executing a signature scan.

• --snippet-matching-all-source: Performs a snippet scan on all files after a signature scan.

To upload source files, you must use the --upload-source parameter, as described in the command section above.