Versions Compared

Old Version 112

changes.mady.by.user Tsur Rothfeld

Saved on

compared with

New Version 113

changes.mady.by.user Tsur Rothfeld

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

...

Table of Contents
maxLevel4

Introduction

WhiteSource Bolt is a GitHub app, scanning your GitHub.com repositories at no cost (GitHub Enterprise Server is not supported). The app can be installed from the GitHub marketplace.  

...

  1. Fill in all the required fields, select the required checkboxes, and then click Submit.
    NOTE: If the form page accidentally closes before you clicked on the Submit button then you can use the link in the registration email message that was sent to you in order to complete the registration process. Use this link only in cases where the form screen has been closed before the Submit button was clicked. This feature is only available when your GitHub email address is not marked as Private.

  2. You will be forwarded to the Bolt for GitHub Thanks for Installing page. Click the Go back to GitHub button to return to your GitHub account page.

...

Parameter 

Type

Description

Required 

Default

minSeverityLevel

String

Enables users to decide whether to open a new GitHub Issue only if a certain Severity Level is available.

Available values for "minSeverityLevel" needs to be:

  • NONE - No GitHub Issues will be generated.

  • LOW - Any Low/Medium/High vulnerabilities found will generate a GitHub Issue.

  • MEDIUM - Any Medium/High vulnerabilities found will generate a GitHub Issue.

  • HIGH - Any High vulnerabilities found will generate a GitHub Issue.

No

LOW

Initiating a Scan

Info

New users are entitled to scan each repository up to five times a day. Existing WhiteSource customers have the scan limitations that are set in their account agreement with WhiteSource.  

A WhiteSource scan is initiated via a valid GitHub push command. A valid push command meets at least one of the following requirements:

...

The Issues tab displays all the issues that WhiteSource Bolt for GitHub detected with the red 'security vulnerability' label. This proprietary label indicates a security vulnerability was detected by WhiteSource. 

...

The information in the email message is identical to the displayed information on the 'Issues ' tab.

Initiating a Merge Policy

...

  • The repository has reached its daily limit of scans, and the next security check will only run on push commands that are done on the following day:

  • The push command was not valid. See the Initiating a Scan section for more information on valid commands.

Uninstalling WhiteSource Bolt

Uninstalling WhiteSource Bolt for GitHub removes it from all your repositories.

To uninstall WhiteSource Bolt, do as follows:

  1. Go to the Applications section of In your GitHub's account settings, and next (personal) settings, click Applications. The Applications screen is displayed.

  2. Ensure Installed GitHub Apps is the active tab.

  3. Next to WhiteSource Bolt for GitHub, click Configure.

    Image Removed

  4. The WhiteSource Bolt for GitHub page is displayed. Scroll down in order to view the '

  5. In the Uninstall WhiteSource Bolt for GitHub' button.

    Image Removed

    Click on the 'Uninstall' button. Uninstalling WhiteSource Bolt for GitHub removes it from all your repositories. area, click Uninstall.

  6. Optionally, go to 'the Authorized GitHub apps' tab, and click the 'Revoke' button next to the 'Bolt for GitHub ' app, click Revoke.