NAnt Plugin

General Information

The plugin is an NAnt task which integrates automatic open source management with NAnt.

Once set up, all usage of open source software in the organization will be continuously and automatically in sync with WhiteSource.

  • New projects will be created
  • Existing projects will be updated
  • Policies will be enforced on every action, failing the build if necessary

The plugin is licensed under the Apache 2.0 license.

Source code and issues are hosted on github.

How it Works

On execution, the plugin will determine which open source is currently used by your project and send it to WhiteSource.

Normal Flow

WhiteSource uses the collected information to create new projects or update existing ones.

Policy Check Flow

The plugin will check each new library against the organizational policies. If any library should be automatically rejected by some policy the build will fail. Otherwise your account will be updated.

An informative report of the results will be generated regardless of the outcome.



  • NAnt 0.92 or higher
  • .NET Framework 4.0 or higher


Download the latest version.

VersionFileFeaturesRelease Date

Bug Fix - ArrayIndexOutOfBound error

Resolved issues WSA-261

1.2whitesource-nant-1.2.dllForce update with build failure option11.05.2017
1.1whitesource-nant-1.1.dllForce update27.04.2017
1.0NAnt PluginUpdate and Check Policies24.04.2014


Place the .dll file in one of the following:

  1. In your ${NANT_HOME}/bin directory.
  2. Wherever you want and reference it from your NAnt build file.



1. Define a new target named "whitesource":

2. Define the "updatetask" task:


General Parameters

apikeyStringUnique identifier of the organization to update, can be retrieved from the admin page in your White Source accountYes
productStringName or unique identifier of the product to update.No, defaults to project name
productversionStringVersion of the product to update.No 
projectTokenStringAPI token to match an existing WhiteSource project, can be retrieved from the Integration API page in your White Source accountNo, matching existing WhiteSource projects to your project is done by name
failonerrorboolWhether or not to stop the build when encountering an errorNo, defaults to true

Check Policies

You can initiate a policies check during the update with a nested <checkpolicies> element.

reportdirFileOutput directory for generated report file (a folder named "whitesource" will be created at this location)No. Default is project.baseDir/reports
failonrejectionboolWhether or not to fail the build if policy rejects a libraryNo, defaults to true
forceupdateboolUpdates organization inventory regardless of policy violationsNo, defaults to false

Executing the Plugin

To execute the task directly, simply run "nant whitesource" in your shell.

You can setup NAnt to execute the task as part of a build by binding it to a target.

Build Log

The plugin is executed during the build process. Sample log section: