Skip to main content

OSS Index

OSSIndex

An advisor that uses Sonatype's OSS Index to determine vulnerabilities in dependencies.

Configuration

Example

Use the following syntax to configure this plugin globally as part of config.yml:

ort:
advisor:
advisors:
OSSIndex:
options:
serverUrl: "https://ossindex.sonatype.org/"
username: <OPTIONAL_STRING>
secrets:
token: <OPTIONAL_SECRET>

Options

serverUrl

STRING Default

The base URL of the OSS Index REST API.

username

STRING Required

The username to use for authentication towards the API.

token

SECRET Required

The token to use for authentication towards the API.