...
...
Table of Contents | ||
---|---|---|
|
Introduction
WhiteSource Bolt is a GitHub app, scanning your GitHub.com repositories at no cost (GitHub Enterprise Server is not supported). The app can be installed from the GitHub marketplace.
...
Fill in all the required fields, select the required checkboxes, and then click Submit.
NOTE: If the form page accidentally closes before you clicked on the Submit button then you can use the link in the registration email message that was sent to you in order to complete the registration process. Use this link only in cases where the form screen has been closed before the Submit button was clicked. This feature is only available when your GitHub email address is not marked as Private.You will be forwarded to the Bolt for GitHub Thanks for Installing page. Click the Go back to GitHub button to return to your GitHub account page.
...
Parameter | Type | Description | Required | Default |
---|---|---|---|---|
minSeverityLevel | String | Enables users to decide whether to open a new GitHub Issue only if a certain Severity Level is available. Available values for "minSeverityLevel" needs to be:
| No | LOW |
Initiating a Scan
Info |
---|
New users are entitled to scan each repository up to five times a day. Existing WhiteSource customers have the scan limitations that are set in their account agreement with WhiteSource. |
A WhiteSource scan is initiated via a valid GitHub push command. A valid push command meets at least one of the following requirements:
...
The Issues tab displays all the issues that WhiteSource Bolt for GitHub detected with the red 'security vulnerability' label. This proprietary label indicates a security vulnerability was detected by WhiteSource.
...
The information in the email message is identical to the displayed information on the 'Issues ' tab.
Initiating a Merge Policy
...
The repository has reached its daily limit of scans, and the next security check will only run on push commands that are done on the following day:
The push command was not valid. See the Initiating a Scan section for more information on valid commands.
Uninstalling WhiteSource Bolt
Uninstalling WhiteSource Bolt for GitHub removes it from all your repositories.
To uninstall WhiteSource Bolt, do as follows:
Go to the Applications section of In your GitHub's account settings, and next (personal) settings, click Applications. The Applications screen is displayed.
Ensure Installed GitHub Apps is the active tab.
Next to WhiteSource Bolt for GitHub, click Configure.
The WhiteSource Bolt for GitHub page is displayed. Scroll down in order to view the '
In the Uninstall WhiteSource Bolt for GitHub' button.
Click on the 'Uninstall' button. Uninstalling WhiteSource Bolt for GitHub removes it from all your repositories. area, click Uninstall.
Optionally, go to 'the Authorized GitHub apps' tab, and click the 'Revoke' button next to the 'Bolt for GitHub ' app, click Revoke.