Versions Compared

Old Version 73

changes.mady.by.user Vital Batyr

Saved on

compared with

New Version 74

changes.mady.by.user Alex Ragen

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

Table of Contents

...

WhiteSource Advise for IntelliJ IDEA supports Java, Kotlin and Scala projects using Maven (pom.xml dependency files), and supports Java projects using Gradle (build.gradle dependency files).

NOTES: 

  • Gradle Kotlin projects are not supported in WhiteSource Advise.

  • When using the "apply from" script plugin in Gradle projects, remote script location is not supported.

...

  1. Start IntelliJ IDEA.

  2. From the menu bar, select File > Settings. The Settings screen is displayed.

  3. From the left sidebar, click Plugins.

  4. In the Search box, enter whitesource and then press Enter from your keyboard. The WhiteSource Advise plugin information is displayed.

  5. Click Install and then click Restart IDE.

  6. In the pop-up dialog box, click Restart.

Activating WhiteSource Advise

...

  • To quickly locate the component referenced by a reported vulnerability in the project’s pom.xml or build.gradle view, double-click the component in the WhiteSource security check tab. The referenced component description in the pom.xml or build.gradle file will be displayed and highlighted in the main code view.

  • To quickly locate vulnerability analysis results for a component in the pom.xml or build.gradle view, click the WhiteSource Advise severity icon displayed to the left of that component reference in the pom.xml. Note that the icon denotes the severity of the vulnerability (yellow: low severity; orange: medium severity; red: high severity). A tooltip featuring relevant analysis details including a dependency path from the proprietary code to the open-source component will be displayed. Vulnerability details are also displayed as part of the tooltip and include the vulnerability identifier (e.g., CVE), severity, and a fix suggestion if available. A Details link is displayed which leads to the WhiteSource Vulnerability Database, providing more information on the specific vulnerability.

  • To quickly display an analysis summary for a component in the pom.xml or build.gradle view, hover the mouse pointer over the code for the component in that view; a tooltip will be displayed, featuring a list of all the highest severity vulnerabilities found within the particular component. To display a list of all the vulnerabilities, press Alt+Enter.

Viewing General Plugin Information 

...