...
Configuration File Parameter | Description and Expected Behavior | If True | If False | Default | Command Line Parameter Available? |
---|---|---|---|---|---|
apiKey | (Mandatory) A unique identifier of your organization. Used to identify the organization in plugins. | N/A | N/A | No default | -apiKey |
userKey | Unique identifier of the user that can be generated from the Profile page in your WhiteSource account. NOTE: Required only if Enforce user level access is selected in the Integrate page. | N/A | N/A | No default | -userKey |
requesterEmail | The provided email will be matched with an existing WhiteSource account. Requests for new libraries will be created with the matched account as the requester email. user@provider.com | N/A | N/A | No default | No |
projectName | The name of the project to update (mandatory). NOTE: If not defined, then projectToken must be defined instead. | N/A | N/A | No default | -project |
projectVersion | The project's version. NOTE: Added to the name if Use version in project names is selected in the Integrate page. | N/A | N/A | No default | -projectVersion |
projectToken | Unique identifier of the project to update; found on the Integrate page. NOTE: If not defined, then projectName must be defined instead. | N/A | N/A | No default | -projectToken |
projectTag | Enables setting of project tag only for a newly-created project. Project tag should be defined with key:value For example: projectTag= myTagKey:myTagValue NOTE: This parameter is not supported when using the Repo Integrations or the Azure DevOps Services Integration. | N/A | N/A | No default | -projectTag |
productName | Name of the product to update | N/A | N/A | MyProduct | -product |
productVersion | Version of the product and project to update. It overrides the project version. | N/A | N/A | No default | -productVersion |
productToken | Unique identifier of the product to update; found on the Integrate page. | N/A | N/A | No default | -productToken |
projectPerFolder | Creates one project per subfolder according to your "-d" parameter. Each subfolder is named according to the folder. | A project per folder is created | A project per folder is not created | False | -projectPerFolder |
projectPerFolderIncludes | Comma or space-delimited list of folder names to be included in the scan. NOTE: Relevant only if projectPerFolder is True. | N/A | N/A | All folders | No |
projectPerFolderExcludes | Comma or space-delimited list of folder names to be excluded from the scan. NOTE: Relevant only if projectPerFolder is True. | N/A | N/A | The default value is "" | No |
wss.connectionTimeoutMinutes | Connection timeout in minutes. | N/A | N/A | 60 | |
wss.url=https://saas.whitesourcesoftware.com/agent | Enable the relevant URL according to your organization's WS Server URL from your Profile page on the Server URLs panel (additionally, it can be found in the Integrate tab). Then, add the agent path. | N/A | N/A | -wss.url |
...
Configuration File Parameter | Description and Expected Behavior | If True | If False | Default | Command Line Parameter Available? |
---|---|---|---|---|---|
offline | Whether to create an offline update request instead of sending one to WhiteSource. | An offline request file is created in the whitesource folder next to the scanned project. | Results are sent directly to the server. | False | -offline |
offline.zip | Whether to create a zipped offline update request instead of sending one to WhiteSource. | A zipped offline request file is created in the whitesource folder next to the scanned project. | The offline request will not be zipped. | False | No |
updateType | If scanning a previously-scanned project, whether to append or override the results.
| N/A | N/A | OVERRIDE | -updateType |
ignoreSourceFiles | Whether to only include package dependencies for all package managers/dependency resolvers. IMPORTANT: As of version 2122.25.21, this parameter is being will be deprecated and will be replaced by a new parameter , | Overrides the individual NOTE: When ignoreSourceFiles is used, then the includes/excludes parameter will be ignored. | No override action will occur, and each of the package manager's | False | No |
fileSystemScan | Performs a file system scan for source files and binaries, in addition to the package manager based dependencies resolution. The files to be scanned can be controlled by the includes and excludes parameters and the resolver-specific ignoreSourceFiles parameters. IMPORTANT: This parameter is new for version 21.2.2, and overrides the soon-to-be-deprecated ignoreSourceFiles. | Performs a file system scan for source files and binaries, in addition to the package manager based dependencies resolution. | Only package manager based dependencies resolution is being performed. | True | No |
scanComment | Adds a comment to a scan. The comment is then displayed in the Project Vitals panel of the Project pages, and the Plugin Request History Report. Supports UTF-8 characters. | A comment is added to the scan. | No comments will be added to the scan. | No default | -scanComment |
failErrorLevel | When set to ALL - the Unified Agent will exit on any major error (such as resolution failed, pre-steps error, etc.) Otherwise, there is no change in behavior. Possible values - ALL or DEFAULT (upper-case only) | N/A | N/A | "DEFAULT" | No |
requireKnownSha1 | Checks for dependencies with known/unknown SHA-1. | The Unified Agent will terminate the scan if one or more dependencies with an unknown SHA-1 were found. | The scan will continue normally. | True | -requireKnownSha1 |
generateProjectDetailsJson | Whether to generate a JSON file upon scan completion containing the projectTokens and projectNames. | The Unified Agent generates a JSON file at the end of the scan named scanProjectDetails.json containing the projectTokens and projectNames. | The JSON file report will not be generated. | False | No |
generateScanReport | (For Organization and Product Administrators only) Whether to create a report in JSON format at the end of the scan, which includes information on vulnerabilities, policy violations, top fixes, and inventory details. The filename format is '<project_name>-<yyyy-mm-dd>T<HHmmss>+<UTC offset>-scan_report.json'. NOTES:
| A report in JSON format is created at the end of the scan, which includes information on vulnerabilities, policy violations, top fixes, and inventory details. | The report will not be generated. | False | -generateScanReport |
scanReportTimeoutMinutes | Time-out (in minutes) for the process of generating the scan report. If the timeout interval has passed then the report will not be generated, but the scan will continue. | N/A | N/A | 10 | No |
scanReportFilenameFormat | Controls the filename format of a generated scan report.
| N/A | N/A | Default value is " | No |
commandTimeout | Time-out (in seconds) for the running of commands. | N/A | N/A | 900 | -commandTimeout |
updateEmptyProject | Whether to create an empty project in WhiteSource or to update an existing project with empty data. NOTE: This parameter affects all resolvers/package managers. | Updates/creates a project even if there are no dependencies. | Will not create/ update the empty project. | True | No |
log.files.level | For storing logs by default, this determines the log's level:
NOTES:
wss-scan-<date>-<time> | N/A | N/A | Debug | -log.files.level |
log.files.maxFileSize | For storing logs by default, this is the maximum size in MB. If exceeding this size, the file will be overridden. NOTE: This reflects one run (cycle) of the Unified Agent. The files accumulate after each run. | N/A | N/A | 10 MB | No |
log.files.maxFilesCount | For storing logs by default, this is the maximal count of log files. If exceeding this size, the oldest files will be overridden with new files. NOTE: This reflects one run (cycle) of the Unified Agent. The files accumulate after each run. | N/A | N/A | 3 | No |
log.files.path | Location of the created log file. NOTE: In Windows, do not put " | N/A | N/A | The default location of the logs is in the 'whitesource' folder (determined by the whiteSourceFolderPath parameter) | No |
sendLogsToWss | Whether to send logs to WhiteSource. | Sends logs to WhiteSource. | Will not send logs to WhiteSource. | False | No |
case.sensitive.glob | Whether the file system should be case sensitive. | The file system will be case sensitive. | The file system will not be case sensitive. | False | No |
showProgressBar | Whether to display a progress bar inside logs. NOTE: This parameter is valid for the Unified Agent only (not Prioritize). | Progress bars will be displayed inside logs. | Progress bars will not be displayed inside logs. | True | No |
...
Configuration File Parameter | Description and Expected Behavior | If True | If False | Default | Command Line Parameter Available? |
---|---|---|---|---|---|
go.resolveDependencies | Whether to resolve Go dependencies managed by one of the following package managers:
| Will resolve Go projects. | Will not resolve Go projects. | True | No |
go.collectDependenciesAtRuntime | Whether to collect Go dependencies at runtime (similar to the 'runPreStep' parameter for the other languages). When set to True, refer here for an explanation. | Will run the command relevant to the select dependency manager. | Will not run the command | False | No |
go.dependencyManager | Determines the Go dependency manager for use when scanning a Go project. Valid values are:
If left empty, the Unified Agent will first try to resolve the dependencies using the first package manager from this list. If it fails, it continues and tries the next one until it succeeds. | N/A | N/A | No default (empty) | No |
go.ignoreSourceFiles | When using the dependency resolver, it will only include package dependencies, not source files. NOTE: Only relevant when fileSystemScan is true. | Will ignore .go. files from scan. | Will not ignore .go. files from the scan. | False | No |
go.glide.ignoreTestPackages | When using the Glide resolver, whether to ignore test packages defined in the 'testImport' section of the 'glide.yaml' file. | Ignore test packages from the scan. | Does not ignore the mentioned test packages from the scan. | True | No |
go.go.enableTaskAlias | Enables/disables task aliasing for go. Set to True when using go dependency manager and the argument (in '.properties') includes 'gograld.alias=true'. | Enables task aliasing for go. | Disables task aliasing for go. | False | No |
Modules
Configuration File Parameter
Description and Expected Behavior
If True
If False
Default
Command Line Parameter Available?
bazel.resolveDependencies
Whether to resolve Bazel dependencies
Resolves Bazel dependencies
Will not resolve Bazel dependencies
True
No
bazel.runPreStep
Indicates whether to perform a pre-step - install dependencies in case they are not installed.
Configuration File Parameter | Description and Expected Behavior | If True | If False | Default | Command Line Parameter Available? |
---|---|---|---|---|---|
go.modules.resolveDependencies | Whether to resolve Go Modules dependencies. | Resolves Go Modules dependencies. | Will not resolve Go Modules dependencies. | True | No |
go.modules.ignoreSourceFiles | Will perform package manager based dependencies resolution only or include source files as well. NOTE: Only relevant when fileSystemScan is true. | Will ignore Go source files during the scan. | Will not ignore Go source file. | True | No |
go.modules.removeDuplicateDependencies | Whether to remove duplicate dependencies during Go Modules dependency resolution. | Removes duplicate dependencies during Go Modules dependency resolution. | Includes duplicate dependencies during Go Modules dependency resolution. | True | No |
go.modules.includeTestDependencies | Whether to scan Go Modules project test dependencies. | Scans Go Modules project test dependencies. | Will not scan Go Modules project test dependencies. | False | No |
Bazel
. |
Prior to scanning, the Unified Agent will not run the Bazel build and Bazel sync.
False | No |
Scala
Configuration File Parameter | Description and Expected Behavior | If True | If False | Default | Command Line Parameter Available? |
---|---|---|---|---|---|
sbt.resolveDependencies | Whether to resolve | Will resolve | The Scala dependencies will not be resolved. | True | No |
sbt.ignoreSourceFiles | When using the dependency resolver, it will include only package dependencies, not source files (file extensions .scala and .sbt). NOTE: Only relevant when fileSystemScan is true. | Will ignore such source files in the scan. | Will scan such source files. | True | No |
sbt.aggregateModules | Whether to create a single project for all modules. | Will gather all Scala modules' scanned dependencies into one project in the WhiteSource application. | A project will be created individually for each module. The name of the project will be equal to the name of the module (projectName will be ignored in this case). | False | No |
sbt.runPreStep | Whether to run "sbt compile" on found in the Scala project folder. | Will run the "sbt compile" command. | Will not run the command. | False | No |
sbt.includedScopes | Describes which scopes should be scanned in the Scala resolver. Users can define additional scopes. | N/A | N/A | The default values are "compile" and "runtime" | No |
...
Configuration File Parameter | Description and Expected Behavior | If True | If False | Default | Command Line Parameter Available? |
---|---|---|---|---|---|
ocaml.resolveDependencies | Whether to resolve dependencies. | Resolves Ocaml projects. | Will not resolve Ocaml projects. | True | No |
ocaml.runPreStep | Whether to install required dependencies. | Installs required dependencies. | Will not install required dependencies. | False | No |
ocaml.ignoreSourceFiles | When using the dependency resolver, it will only include package dependencies, not source files. NOTE: Only relevant when fileSystemScan is true. | Includes package dependencies, not source files. | Will include package dependencies and source files. | False | No |
ocaml.switchName | switch name used for install current project dependencies | N/A | N/A | The default uses activated switch | No |
ocaml.ignoredScopes | Define which exact scope names to ignore. Available values are
| N/A | N/A | No, default is "with-test with-doc" | No |
ocaml.aggregateModules | Whether to aggregate all opam packages/modules. | Aggregates all opam packages/modules. | Will not aggregate opam packages/modules. | False | No |
Bazel
Configuration File Parameter | Description and Expected Behavior | If True | If False | Default | Command Line Parameter Available? |
---|---|---|---|---|---|
bazel.resolveDependencies | Whether to resolve Bazel dependencies | Resolves Bazel dependencies | Will not resolve Bazel dependencies | True | No |
bazel.runPreStep | Indicates whether to perform a pre-step - install dependencies in case they are not installed. | Prior to scanning, the Unified Agent will run the Bazel build and Bazel sync. | Prior to scanning, the Unified Agent will not run the Bazel build and Bazel sync. | False | No |
...
Parameter | Type | Description | Required | Default |
---|---|---|---|---|
-c | String | Configuration file name (including file path). | No | The default file name is 'wss-unified-agent.config'
|
-d | String | Comma-separated list of directories and/or files to scan | No | N/A |
-f | String | File list path | No | N/A |
-v | String | Query the Unified Agent for its version | No | N/A |
-archiveFastUnpack | Boolean | Fast unpacking of archive files | No | False |
-requestFiles | String | Comma-separated list of paths to offline request files. Regarding the priority of the parameters usage, the Unified Agent searches for the CLI argument, then the configuration file parameter (if not found in the CLI), and then the offline request parameter (if not found in the configuration file). If '-d' is explicitly provided when '-requestFiles' is also used, then the Unified Agent does not scan the local folder (which '-d' points to). Instead, it scans only the offline request file(s) provided. '-d' will be ignored in this scenario. | No | When a single request file is provided and if neither 'productName' or 'productToken' values are set in the CLI, Config and Offline request file, then the default product name is 'My Product'. |
-whiteSourceFolderPath | String | A path to the 'whiteSource' directory. The WhiteSource folder is created when checking policies and creating an offline file. Path can be absolute or relative. | No | The default location of the 'whitesource' folder is the working directory from which the Unified Agent is run. |
-requirementsFileIncludes (there is only python) | String | Comma-separated list of dependency filenames specifying which files to be scanned for dependencies. | No | requirements.txt |
-noConfig | Boolean | When set to True, you can run a scan without using a configuration file. However, in this case, parameters - Unless explicitly provided, the default wss.url parameter value is https://saas.whitesourcesoftware.com/agent | No | False |
-detect | When this parameter is added, the Unified Agent will analyze the scanned files and will create a new .config file with the relevant configuration parameters. The new configuration file will contain the Usage: For example, if a | No | By default, the detection is based on the current directory where the Unified Agent jar is located. To change this, add the For example use: | |
-help or -h | Boolean | The Unified Agent prints the parameters that can be used from the CLI. | No | |
-logLevel | String | Specifies the minimal log level printed to stdout. This parameter can be used to control console logging and is useful if a customer is trying to pull logs from a pipeline scan. To disable console logging set log.level=off To enable debug logging set log.level=debug | No | info |
-proxy | String | Proxy info in the following format: | No |
...