...
Parameter | Type | Description | Required | Default | ||
---|---|---|---|---|---|---|
matchHost | String | Defines where the credentials will be applied during the scan. If you want to apply credentials only for a nested path within a host, then write If the same credentials apply to all paths on a host and not on any subdomains, configure Finally, to apply credentials to all hosts within the domain, use a | No | Empty | ||
hostType | String | Type of private registry. Supported values: | No | Empty | ||
username | String | Used when credentials consist of username and password. | No | Empty | ||
password | String | Used when credentials consist of username and password, should be encrypted by this instruction. Encrypted secret that will be applied as a credential to the host set in the
| No | Empty | ||
token | String | Used when credentials consist of username and password, should be encrypted by this instruction. Encrypted secret that will be applied as a credential to the host set in the
| No | Empty |
...
Handling Private Registries and Authenticated Repositories
...
List of supported private registries:
NPM
Gradle
PIP
In order to scan dependencies from private registries and authenticated repositories, WhiteSource must be provided with credentials, such as an NPM token. These credentials must be added as encrypted secrets to the .whitesource file, either per-repository or in the shared global config, if the secret scope is org-wide.
...