...
Microsoft Windows (Windows Server 2016; or Windows 10)
Linux Ubuntu
Red Hat Enterprise Linux (with an installation of java-11-openjdk-devel)
Supported Languages
Language | Supported Environments | Notes |
---|---|---|
Java (including Scala and Kotlin) | Oracle JDK (8 or 11) |
|
JavaScript (Node.JS server-side only) | Node.JS (npm & yarn package managers) |
|
Python | Projects with pip dependency manager, written and running in Python 3.5-3.8, or Python 2.7 | Analysis is supported for Python projects with either a single requirements.txt file (pip format, with explicit references to PyPI) or a setup.py file.
|
C# | .NET Core 3.0 or 3.1 (LTS) |
|
Configuring WhiteSource Prioritize Parameters
The following parameters must be set in the Unified Agent configuration file (wss-unified-agent.config). Refer here for additional documentation regarding the Unified Agent configuration parameters.
Parameter | Usage | Description |
---|---|---|
wss.url | ||
enableImpactAnalysis | enableImpactAnalysis=True | Activate the analysis module within the Unified Agent scan. |
apiKey | apiKey=organizationToken | |
productName | productName=YourSelectedProductName | |
resolveAllDependencies | resolveAllDependencies=False | Edit the resolveAllDependencies parameter to specify that all resolvers should be disabled, and only the specific resolver should be enabled. By default it is set to True, whereas for WhiteSource Prioritize scans it must be False. |
Parameters for Java-based Projects
The following parameters must be set according to project’s package manager:
Package Manager | Parameters |
---|---|
|
maven.downloadMissingDependencies=False (True by default)
It is recommended to download all the dependencies to the local repository before a Prioritize scan.
In case the local Maven cache folder is different than its default, it should also be set in the following parameter
| |
|
gradle.downloadMissingDependencies=False (True by default)
It is recommended to download all the dependencies to the local repository before Prioritize scan.In case the local Gradle cache folder is different than its default it should be set in the following parameter as well:
| |
POJO (without Package Manager) |
In case of scanning Java project without a package manager the /wiki/spaces/WD/pages/1525383269 -iaLanguage should be set to Java |
Parameters for JavaScript-based Projects
...
The following parameters must be set according to a project’s dependencies reference:
Dependencies Reference Method | Parameters |
---|---|
PackageReference (csproj based with assets.json) |
|
packages.config based (csproj and packages.config) |
|
Combined (default) |
|
Preparing the Project Package
...