OSS Index

An advisor that uses Sonatype's OSS Index to determine vulnerabilities in dependencies.

Configuration

Example

Use the following syntax to configure this plugin globally as part of config.yml:

ort:
  advisor:
    advisors:
      OSSIndex:
        options:
          serverUrl: "https://api.guide.sonatype.com/"
          username: <OPTIONAL_STRING>
        secrets:
          token: <OPTIONAL_SECRET>

Options

serverUrl

The base URL of the OSS Index REST API.

username

The optional username is null when using Sonatype Guide authentication, or the username when using OSS Index authentication.

token

The personal access token when using Sonatype Guide authentication, or the password when using OSS Index authentication.

Configuration​

Example​

Options​

serverUrl​

username​

token​