Versions Compared

Old Version 122

changes.mady.by.user Lena Kleyner

Saved on

compared with

New Version 123

changes.mady.by.user Michelle Friedman

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Table of Contents
minLevel1
maxLevel7

Overview

This page describes the parameters used in the Unified Agent's configuration.

...

Configuration File Parameter

Description and Expected Behavior

If True

If False

Default

Command Line Parameter Available?

offline 

Whether to create an offline update request instead of sending one to WhiteSource.

An offline request file is created in the whitesource folder next to the scanned project.

Results are sent directly to the server.

False

-offline

offline.zip

Whether to create a zipped offline update request instead of sending one to WhiteSource.

A zipped offline request file is created in the whitesource folder next to the scanned project.

The offline request will not be zipped.

False

No

updateType 

If scanning a previously-scanned project, whether to append or override the results.

  • APPEND - Add the scanned libraries to the project’s inventory. If only a transitive dependency has been added, it will be added as a direct dependency, so all of the application's mechanisms such as alerts and policies will be applied on it. Use this value only in case of working with multiple build processes that are managed under the same WhiteSource project.

  • OVERRIDE- Adds the newly-added dependencies (the difference)

N/A

N/A

OVERRIDE

-updateType

ignoreSourceFiles  

Whether to only include package dependencies for all package managers/dependency resolvers. 

IMPORTANT: As of version 21.2.2, this parameter is being deprecated and will be replaced by a new parameter, fileSystemScan.



Overrides the individual x.ignoreSourceFiles parameter value of each of the package managers and ignores all source files discovered during the dependency resolution.

NOTE: When ignoreSourceFiles is used, then the includes/excludes parameter will be ignored.

No override action will occur, and each of the package manager's x.ignoreSourceFiles parameter default values will apply (unless explicitly stated).

False

No

fileSystemScan

Performs a file system scan for source files and binaries, in addition to the package manager based dependencies resolution. The files to be scanned can be controlled by the includes and excludes parameters and the resolver-specific ignoreSourceFiles parameters.

IMPORTANT: This parameter is new for version 21.2.2, and overrides the soon-to-be-deprecated ignoreSourceFiles.

Performs a file system scan for source files and binaries, in addition to the package manager based dependencies resolution. 

Only package manager based dependencies resolution is being performed. 

True

No

scanComment 

Adds a comment to a scan. The comment is then displayed in the Project Vitals panel of the Project pages, and the Plugin Request History Report. Supports UTF-8 characters.

A comment is added to the scan.

No comments will be added to the scan.

No default

-scanComment

failErrorLevel 

When set to ALL - the Unified Agent will exit on any major error (such as resolution failed, pre-steps error, etc.)

Otherwise, there is no change in behavior.

Possible values - ALL or DEFAULT (upper-case only)

N/A

N/A

"DEFAULT"

No

requireKnownSha1 

Checks for dependencies with known/unknown SHA-1. 

The Unified Agent will terminate the scan if one or more dependencies with an unknown SHA-1 were found.

The scan will continue normally.

True

-requireKnownSha1

generateProjectDetailsJson 

Whether to generate a JSON file upon scan completion containing the projectTokens and projectNames.

The Unified Agent generates a JSON file at the end of the scan named scanProjectDetails.json containing the projectTokens and projectNames.

The JSON file report will not be generated.

False

No

generateScanReport 

(For Organization and Product Administrators only) Whether to create a report in JSON format at the end of the scan, which includes information on vulnerabilities, policy violations, top fixes, and inventory details.

The filename format is '<project_name>-<yyyy-mm-dd>T<HHmmss>+<UTC offset>-scan_report.json'. 
For example: 'Demo App-2019-06-04T181226+0300-scan_report.json'

NOTES:

  • The userKey configuration parameter is mandatory for this report.

  • To generate this report, the configuration parameter updateInventory must be set to True.

  • This parameter does not work in offline mode.

A report in JSON format is created at the end of the scan, which includes information on vulnerabilities, policy violations, top fixes, and inventory details.

The report will not be generated.

False

-generateScanReport

scanReportTimeoutMinutes 

Time-out (in minutes) for the process of generating the scan report. If the timeout interval has passed then the report will not be generated, but the scan will continue.

N/A

N/A

10

No

scanReportFilenameFormat 

Controls the filename format of a generated scan report.
Valid values are: 

  • project_with_timestamp (default) - the format will be: <project_name>-<yyyy-mm-dd>T<HHmmss>+<UTC offset>-scan_report.json

  • project_only - the format will be: <project_name>-scan_report.json

  • static - the format will be scan_report.json

N/A

N/A

Default value is "project_with_timestamp"

No

commandTimeout

Time-out (in seconds) for the running of commands.

N/A

N/A

900

-commandTimeout

updateEmptyProject 

Whether to create an empty project in WhiteSource or to update an existing project with empty data.

NOTE: This parameter affects all resolvers/package managers.

Updates/creates a project even if there are no dependencies.

Will not create/ update the empty project.

True

No

log.files.level 

For storing logs by default, this determines the log's level: 

  • Trace

  • Debug (default)

  • Info

  • Warn

  • Error

  • Off - Deactivates the feature.

NOTES:

  • The location of the logs is determined by the log.files.path parameter.

  • In the Unified Agent, each successive scan of the same library generates its own folder. The structure is: 

wss-scan-<date>-<time>

N/A

N/A

Debug

-log.files.level 

log.files.maxFileSize 

For storing logs by default, this is the maximum size in MB. If exceeding this size, the file will be overridden. 

NOTE: This reflects one run (cycle) of the Unified Agent. The files accumulate after each run.

N/A

N/A

10 MB

No

log.files.maxFilesCount 

For storing logs by default, this is the maximal count of log files. If exceeding this size, the oldest files will be overridden with new files. 

NOTE: This reflects one run (cycle) of the Unified Agent. The files accumulate after each run.

N/A

N/A

3

No

log.files.path 

Location of the created log file.

NOTE:  In Windows, do not put "\ " at the end of the value.

N/A

N/A

The default location of the logs is in the 'whitesource' folder (determined by the whiteSourceFolderPath parameter)

No

sendLogsToWss

Whether to send logs to WhiteSource.

Sends logs to WhiteSource.

Will not send logs to WhiteSource.

False

No

case.sensitive.glob

Whether the file system should be case sensitive.

The file system will be case sensitive.

The file system will not be case sensitive.

False

No

showProgressBar

Whether to display a progress bar inside logs.

NOTE: This parameter is valid for the Unified Agent only (not Prioritize).

Progress bars will be displayed inside logs.

Progress bars will not be displayed inside logs.

True

No

...