Enables users to decide whether to open a new Issue only if a certain severity level is available on a detected vulnerability.
Available values for minSeverityLevel:
NOTE: The WhiteSource Security Check summary is also affected by this parameter.
Whether to generate an Issue for every detected license policy violation.
NOTE: This parameter is relevant only if enableLicenseViolations (scanSettings) is set to true.
(only if enableLicenseViolations (scanSettings) is set to true)
Remediate Settings (remediateSettings)
When enabled, Remediate will raise automated Pull Requests for outdated dependencies in addition to Pull Requests remediating vulnerable dependencies. Remediate will then perform all the functionality and support all the configuration options available in WhiteSource Renovate.
See Renovate configuration options for all configuration options.
Refer here for parameter usage.
Whether to enable transitive remediation for NPM repos.
When npm v6 (npm v7 is not currently supported) is used with a package-lock.json file, and vulnerabilities are found within transitive dependencies in the file, then in most cases Remediate is able to successfully remediate the vulnerability. Sometimes it may not be possible to successfully remediate because a parent dependency does not yet have a new release that allows the necessary fixed-in version of the transitive dependency.
Providing a Global Configuration File