Versions Compared


  • This line was added.
  • This line was removed.
  • Formatting was changed.


  • This version introduces support for NPM 7.

  • A new parameter, fileSystemScan, replaces the soon-to-be-deprecated ignoreSourceFiles.


  • In some cases, information regarding source libraries was not displayed correctly; for example, empty projects were still displayed in some source libraries, or some source libraries appeared as empty.

  • Running the gcloud auth command failed during Docker scan on Mac computers.

  • Users with different roles than admins or alert ignorers were able to ignore alerts in VBA mode.

  • Exceptions occurred when trying to assign licenses as part of update policy alerts.

  • In the Unified Agent, when scanning NPM, NPM dependencies were not resolved when package.json did not contain name/version attributes.

  • When downloading a missing jar file, the Unified Agent incorrectly generated success messages.

  • Added indication for missing copyright references in the Attribution report summary.

  • When excluding inner modules (projects) in Gradle, the scan would return the wrong dependencies tree.

  • Azure DevOps Services Integration: In some cases, adding npm.resolveMainPackageJsonOnly=true to the WhiteSource Configuration task parameter led to a scan failing.