Versions Compared

Old Version 40

changes.mady.by.user Tsur Rothfeld

Saved on

compared with

New Version 41

changes.mady.by.user Tsur Rothfeld

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

Table of Contents

...

  1. Start PyCharm.

  2. From the menu bar, select File > Settings. The Settings screen is displayed.

  3. From the left sidebar, click Plugins.

  4. In the Search box, enter whitesource and then press Enter from your keyboard. The WhiteSource Advise plugin information is displayed.

  5. Click Install and then click Restart IDE.

  6. In the pop-up dialog box, click Restart.

Activating WhiteSource Advise

...

Option

Description

Default Setting

Only show issues for direct dependencies

When enabled, WhiteSource Advise will only return vulnerabilities for direct dependencies defined in your dependency file.

Unselected (not checked)

Minimum vulnerability severity level

Alert only on detected vulnerabilities satisfying a Low/Medium/High minimum severity level.

  • Low - Vulnerability alerts for all severities (Low, Medium, High) are displayed.

  • Medium- Vulnerability alerts only for Medium or High severities are displayed.

  • High - Vulnerability alerts only for High severities are displayed.

Low

Include dev dependencies

Whether to alert on vulnerabilities detected in dev dependencies.

Unselected (not checked)

Diff operation to be performed on a base branch

Enables developer focus mode functionality. 

  • The dropdown will include all locally available git branches for this project. 

  • It will allow to choose the base branch which will be the base for comparing security alerts from feature branches. 

Unselected (not checked)

Scanning a Project for Security Vulnerabilities

...

  • From the menu bar, select Tools > WhiteSource Advise

  • From the top toolbar, click the WhiteSource icon

  • Do as follows:

    1. From the sidebar on the right, click WhiteSource.

    2. From the top, click Advise.

    3. Click Run WhiteSource Advise.

...

Developer Focus Mode

The developer focus mode will allow developers to see only vulnerability alerts that are new in their feature branches compared to a predefined base branch. This will promote the security shift left approach and will empower developers to fix newly introduced vulnerabilities immediately as part of their feature development efforts and prior to merging vulnerable code into production branches.

In order to enable focus mode:

  • In the WhiteSource Advise project-level configuration enable the “Diff operation to be performed on a base branch” checkbox.

  • Choose the base branch to which all other branch scans will be compared to

  • Make sure your base branch is checked out and trigger a WhiteSource Advise scan either manually or by building your project.

In case there was no scan on the predefined base branch after its initial configuration, all branches will show all the scan results, not just the newly created security alerts. 

Info

Every time the base branch configuration changes, a WhiteSource Advise scan must be triggered on that branch prior to seeing new security results.   

Reviewing Scan Results

To review scan results, open one of the following windows:

...