| Info |
|---|
With the release of the WhiteSource Unified Agent (previously called the File System Agent (FSA)), WhiteSource will no longer provide standard support, including updates and fixes for the NPM plugin after May 4th, 2019. Extended Support (limited to configuration & support/troubleshooting) will be provided until November 1st, 2019. Please migrate to the Unified Agent before this date. This plugin will no longer be supported by WhiteSource on November 2nd, 2019. The WhiteSource Support team is ready to assist with the necessary changes required to use the Unified Agent and can be contacted via the Customer Community. |
...
| Attribute | Type | Description | Required |
|---|---|---|---|
| apiKey | String | Unique identifier of the organization to update, can be retrieved from the admin page in your WhiteSource account. | Yes |
| checkPolicies | Boolean | Whether or not to send the check policies request before updating WhiteSource. | No |
| productName | String | Name of the product to update. | No, if not defined matching to existing WhiteSource products is done by productToken |
| productVer | String | Version of the product and project to update. This overrides the project version. | No, only read if productName is defined |
| productToken | String | API token to match an existing WhiteSource product, can be retrieved from the Integration API page in your WhiteSource account. | No, if not defined matching to existing WhiteSource products is done by name. No projectToken is allowed |
| projectName | String | Name of the project to update. | No, if not defined matching to existing WhiteSource projects is done by projectToken |
| projectVer | String | Version of the project. | No, only read if projectName is defined |
| projectToken | String | API token to match an existing WhiteSource project, can be retrieved from the Integration API page in your WhiteSource account. | No, if not defined matching to existing WhiteSource projects is done by name. No productToken is allowed |
| devDep | String | Adds devDependencies to the WhiteSource report. Accepts either "true" or "false" | No |
| baseURL | String | The IP / Name of the destination WhiteSource service | No. Will use the default configuration |
| port | Int | The port number of the destination baseURL | No. Will use the default configuration |
| https | Boolean | Whether or not to use HTTPS secured connection | No. Will use the default configuration |
| proxy | String | The proxy server from which you want to redirect the messages. (e.g - "proxy":"http://10.0.0.1:8080" ) | No |
| forceUpdate | Boolean | If true - updates the project even if the "checkPolicies" step failed. (default is false) | No. Will use the default configuration |
| failOnError | Boolean | If true, fails the process if "checkPolicies" failed (default is false) | No. Will use the default configuration |
| timeoutMinutes | Int | Number of minutes to timeout. (default is one hour) | No. Will use the default configuration |
| debugMode | Boolean | If true, adds to the root folder a new folder with log files. (default is false) | No. Will use the default configuration |
| registryAccessToken | String | Access token to private registries | No |
| connectionRetries | int | Connection retries when unable to connect to WhiteSource service. (default is 1) | No. Will use the default configuration |
| failOnConnectionError | Boolean | Fails the build when unable to connect to WhiteSource service | No, default value is true |
| userKey | String | Unique identifier of the user who updates, can be retrieved from the admin page in your WhiteSource account. | Required if WhiteSource administrator has enabled "Enforce user level access" option |
| ignoreNpmLsErrors | Boolean | Whether or not to ignore errors of the 'npm ls' command. | No, the default value is false |
Resolving NPM Dependencies
...
If you scan a private registry that requires an access token, add the property "registryAccessToken" to the WhiteSource config file.
| Info |
|---|
Supported from version 17.12.4 |
Executing the Plugin
Make sure you have package.json and whitesource.config.json files located at project root.
...
The exit codes WhiteSource returns in the Bash command language should be treated as 'x' modulo 256:
- Exit code 0 is equivalent to code 0 (0 mod 256 = 0)
- Exit code -1 is equivalent to code 255 (-1 mod 256 = 255)
- Exit code -2 is equivalent to code 254 (-2 mod 256 = 254)
- Exit code -3 is equivalent to code 253 (-3 mod 256 = 253)
- Exit code -4 is equivalent to code 252 (-4 mod 256 = 252)
- Exit code -5 is equivalent to code 251 (-5 mod 256 = 251)
...