Versions Compared

Old Version 22

changes.mady.by.user Michael Hollander

Saved on

compared with

New Version 23

changes.mady.by.user Tsur Rothfeld

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.


Table of Contents

...

WhiteSource Advise supports JavaScript projects using npm (package.json dependency files) that include a package-lock.json file.

NOTE: Yarn projects are not supported.

Prerequisites

Ensure the following:

...

  1. Start WebStorm.

  2. From the menu bar, select File > Settings. The Settings screen is displayed.

  3. From the left sidebar, click Plugins.

  4. In the Search box, enter whitesource and then press Enter from your keyboard. The WhiteSource Advise plugin information is displayed.

  5. Click Install and then click Restart IDE.

  6. In the pop-up dialog box, click Restart.

Activating WhiteSource Advise

...

NOTE: If you check Remember Token, the login credentials will be stored for later use. Once stored, the WhiteSource Advise login credentials will be used for all projects.

Configuring WhiteSource Advise

To configure WhiteSource Advise, do as follows:

Info

Changes made to the WhiteSource settings will only apply after running the next scan.

  1. From the menu bar, select File > Settings. The Settings screen is displayed.

  2. Select Tools > WhiteSource.

  3. In Scan Results Settings, review the options and modify if necessary. See here for a list of all options.

Options Table

Option

Description

Default Setting

Only show issues for direct dependencies

When enabled, WhiteSource Advise will only return vulnerabilities for direct dependencies defined in your dependency file.

Unselected (not checked)

Scanning a Project for Security Vulnerabilities

...