Versions Compared


  • This line was added.
  • This line was removed.
  • Formatting was changed.


This integration does not support Azure DevOps Server (TFS) installations.


Major improvements to the Azure DevOps integration will be introduced in July 2021. The underlying scanning mechanism will be modified to allow a direct WhiteSource scan from within the Azure DevOps pipeline. As part of this change, the following updates will be introduced:

  • The extension activation procedure will be moved to the Organization settings section by navigating to Organization settings > Extensions > WhiteSource page.

  • The WhiteSource tab under Project > Pipelines will be deprecated.

  • The WhiteSource Open Source Risk Report will be available at the Azure DevOps build level only, deprecating the project level aggregated report.

  • The direct WhiteSource scan from within the Azure DevOps pipeline will be the only scanning option.

The WhiteSource Bolt extension enables you to do the following:


The WhiteSource Bolt report is available on a pipeline build level and it comprises 3 tabs: Inventory, Security Vulnerabilities, and License Risks. You can view the WhiteSource report at a build or project level (aggregated report of all your builds). NOTE: There is a current known issue where a fourth tab, Outdated Libraries,is displayed. This issue will be fixed on February 28, 2021.

Viewing the Report

To view the report, do as follows: