Table of Contents | ||
---|---|---|
|
...
WhiteSource Advise allows your developers to view a snapshot of a component’s details before they download it to their repository, and incorporate it in the codebase. It is delivered as a Chrome or Microsoft Edge (from version 83) extension.
...
Info |
---|
For Admins to Know: Ensure that the email link is opened in the relevant browser (Chrome / Microsoft Edge). The browser also marks these references in the relevant web pages. If Chrome or Microsoft Edge are not the default browser, then you must copy and paste the email link in either Chrome / Microsoft Edge. WhiteSource Advise scans web pages for open-source installation references. To perform these functions, it requires permissions to read and write on web pages. You must approve these permissions (no browsing history information is saved). |
Activating WhiteSource Advise via the Profile Page (WhiteSource Users Only)
...
- Go to your Profile Page.
- Navigate to the 'Advise for Chrome' panel on this page.
- Click Advise for Chrome to generate an activation link. An activation link is be generated. If you are a member of multiple organizations, click the link for the relevant organization.
- Add the WhiteSource Advise extension to your browser.
- Click Activation Link in order to complete the activation process.
...
WhiteSource Advise searches for the following text patterns in these languages:
Python (pip)
Code Block |
---|
pip install {package name}=={version} |
Ruby (bundler)
One of the following
Code Block |
---|
gem install {package name}={version} |
...
Code Block |
---|
gem install {package name}:{version} |
...
JavaScript (NPM)
Code Block |
---|
npm install {package name}@{version} |
...
.NET (NuGet)
One of the following:
Code Block |
---|
install-package {package name} –package {version} |
...
Code Block |
---|
nuget update {package name} –package {version} |
Java (Maven)
One of the following:
Code Block |
---|
<dependency> <groupId>{group}</groupId> <artifactId>{artifact}</artifactId> <versionId>{version}</versionId> </dependency> |
...
Code Block |
---|
import ( “github.com/{owner1}/{repository1}” “github.com/{owner2}/{repository2}” ... ) |
PHP (Composer)
One of the following:
Code Block |
---|
"require": { “{group}/{artifact}”: “{version}” } |
...
Code Block |
---|
"require-dev": { “{group}/{artifact}”: “{version}” } |
Scala (SBT)
One of the following:
Code Block |
---|
librarydependencies += "{group}" % "{artifact}" % "{version}" |
...
Code Block |
---|
libraryDependencies ++= Seq( "{group-1}" % "{artifact-1}" % "{version-1}", "{group-2}" % "{artifact-2}" % "{version-2}" % "test" ) |
Rust (Cargo)
One of the following:
Code Block |
---|
cargo install --version {version} {package name} |
...
Code Block |
---|
cargo update --package {package name} --precise {version} |
Haskell (Cabal)
One of the following:
Legacy:
...
Code Block |
---|
cabal v2-install {package name}-{version} |
OCaml (Opam)
One of the following:
Code Block |
---|
opam install {package name} |
...
Info |
---|
The code snippet scanning option currently supports the following package managers: Maven (Java), SBT (Scala), NuGet (.NET), npm (JavaScript), Bundler (Ruby), Pip (Python), Go, and Composer (PHP). |