OSS Index

An advisor that uses Sonatype's OSS Index to determine vulnerabilities in dependencies.

Configuration

Example

Use the following syntax to configure this plugin globally as part of config.yml:

ort:
  advisor:
    advisors:
      OSSIndex:
        options:
          serverUrl: "https://ossindex.sonatype.org/"
        secrets:
          username: <OPTIONAL_SECRET>
          password: <OPTIONAL_SECRET>

Options

serverUrl

The base URL of the OSS Index REST API.

username

The username to use for authentication. If not both [username] and [password] are provided, authentication is disabled.

password

The password to use for authentication. If not both [username] and [password] are provided, authentication is disabled.

Configuration​

Example​

Options​

serverUrl​

username​

password​