OSS Index

An advisor that uses Sonatype's OSS Index to determine vulnerabilities in dependencies.

Configuration

Example

Use the following syntax to configure this plugin globally as part of config.yml:

ort:
  advisor:
    advisors:
      OSSIndex:
        options:
          serverUrl: "https://ossindex.sonatype.org/"
          username: <OPTIONAL_STRING>
        secrets:
          token: <OPTIONAL_SECRET>

Options

serverUrl

The base URL of the OSS Index REST API.

username

The username to use for authentication towards the API.

token

The token to use for authentication towards the API.

Configuration​

Example​

Options​

serverUrl​

username​

token​