With the release of the WhiteSource Unified Agent (previously called the File System Agent (FSA)), WhiteSource will no longer provide standard support, including updates and fixes for the NPM plugin after May 4th, 2019.
Extended Support (limited to configuration & support/troubleshooting) will be provided until November 1st, 2019. Please migrate to the Unified Agent before this date. This plugin will no longer be supported by WhiteSource on November 2nd, 2019.
The WhiteSource Support team is ready to assist with the necessary changes required to use the Unified Agent and can be contacted via the Customer Community.
The plugin allows Node.js based projects to integrate with WhiteSource open source management. Once configured and executed the plugin will create or update WhiteSource projects and enforce inventory policies. Note the following:
The plugin is licensed under the Apache 2.0 license.
Source code and issues are hosted on GitHub and on NPM.
NodeJS, version 5.x.x or later
Installing the Plugin
Install WhiteSource Globally:
$ npm install -g whitesource
If you experience trouble running WhiteSource globally on Ubuntu after installing locate the WhiteSource package by running:
$ which whitesource
and then create an alias to run WhiteSource globally:
$ alias whitesource="node path/to/whitesource"
Troubleshooting: Having trouble finding "node" in Ubuntu?
The node package can be found in several packages in Ubuntu: node and nodejs. Locate the node package by running:
$ which node
if displayed /usr/sbin/node remove it:
$ sudo rm /usr/sbin/node
then make a link:
$ sudo ln -s /usr/bin/nodejs /usr/bin/node
Configuring the Plugin
Create a "whitesource.config.json" file in your project root directory and input your WhiteSource API Token found in the Admin Integration API page:
Install the updated version: "npm install -g whitesource"
All config files are left as is (so you can use the same whitesource.config.json file)
If the issue persists after running the plugin, send the npm-shrinkwrap.json, package.json, npm-debug.log and the WhiteSource log files (located in the project's root and prefixed with ws-log) to firstname.lastname@example.org.
Starting version 1.1.1 and later, the following exit codes are displayed upon scan completion: