VulnerableCode

An advisor that uses a VulnerableCode instance to determine vulnerabilities in dependencies.

Configuration

Example

Use the following syntax to configure this plugin globally as part of config.yml:

ort:
  advisor:
    advisors:
      VulnerableCode:
        options:
          serverUrl: "https://public.vulnerablecode.io/api/"
          readTimeout: <OPTIONAL_LONG>
        secrets:
          apiKey: <OPTIONAL_SECRET>

Options

serverUrl

The base URL of the VulnerableCode REST API. By default, the public VulnerableCode instance is used.

apiKey

The optional API key to use.

readTimeout

The read timeout for the server connection in seconds. Defaults to whatever is the HTTP client's default value.

Configuration​

Example​

Options​

serverUrl​

apiKey​

readTimeout​