OSS Index
An advisor that uses Sonatype's OSS Index to determine vulnerabilities in dependencies.
Configuration
Example
Use the following syntax to configure this plugin globally as part of config.yml
:
ort:
advisor:
advisors:
OSSIndex:
options:
serverUrl: "https://ossindex.sonatype.org/"
username: <OPTIONAL_STRING>
secrets:
token: <OPTIONAL_SECRET>
Options
serverUrl
The base URL of the OSS Index REST API.
username
The username to use for authentication towards the API.
token
The token to use for authentication towards the API.