You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: cli/src/site/markdown/arguments.md
+2-2Lines changed: 2 additions & 2 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -79,8 +79,8 @@ Advanced Options
79
79
||\-\-disableDart || Sets whether the [experimental](../analyzers/index.html) Dart Analyzer will be disabled. | |
80
80
||\-\-disableOssIndex || Sets whether the [OSS Index Analyzer](../analyzers/oss-index-analyzer.html) will be disabled. This analyzer requires an internet connection. | |
81
81
||\-\-disableOssIndexCache || When the argument is present the OSS Index Analyzer will not cache results. By default results are cached for 24 hours. | |
82
-
||\-\-ossIndexUsername |\<username\>|The optional username to connect to Sonatype's OSS Index. | |
83
-
||\-\-ossIndexPassword |\<password\>|The optional password to connect to Sonatype's OSS Index. | |
82
+
||\-\-ossIndexUsername |\<username\>|To authenticate Sonatype OSS Index requests and profit from higher rate limits, provide the OSS account email address as username. Provide both a username _and_ a password (see below) or none.| |
83
+
||\-\-ossIndexPassword |\<password\>|Password or API token to connect to Sonatype's OSS Index. Provide both a username (see above) _and_ a password or none.| |
84
84
||\-\-ossIndexRemoteErrorWarnOnly |\<true\|false\>| Whether we should only warn about Sonatype OSS Index remote errors instead of failing completely. | |
85
85
||\-\-ossIndexUrl |\<url\>| Alternative URL for the OSS Index. If not set the public Sonatype OSS Index will be used. |https://ossindex.sonatype.org|
86
86
||\-\-disableCentral || Sets whether the Central Analyzer will be used. **Disabling this analyzer is not recommended as it could lead to false negatives (e.g. libraries that have vulnerabilities may not be reported correctly).** If this analyzer is being disabled there is a good chance you also want to disable the Artifactory or Nexus Analyzer. | |
Copy file name to clipboardExpand all lines: maven/src/site/markdown/configuration.md
+1-1Lines changed: 1 addition & 1 deletion
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -62,7 +62,7 @@ knownExploitedEnabled | Sets whether the Known Exploited Vulnerabi
62
62
knownExploitedUrl | Sets URL to the CISA Known Exploited Vulnerabilities JSON data feed. | https://www.cisa.gov/sites/default/files/feeds/known_exploited_vulnerabilities.json
63
63
ossindexAnalyzerEnabled | Sets whether the [OSS Index Analyzer](../analyzers/oss-index-analyzer.html) will be enabled. This analyzer requires an internet connection. | true
64
64
ossindexAnalyzerUseCache | Sets whether the OSS Index Analyzer will cache results. Cached results expire after 24 hours. | true
65
-
ossindexServerId | The id of a server defined in the settings.xml to retrieve the credentials (username and password) to connect to OSS Index instance; not it is not required to have a registered account and use this configuration. |
65
+
ossindexServerId | The id of [a server](https://maven.apache.org/settings.html#Servers) defined in the `settings.xml` to authenticate Sonatype OSS Index requests and profit from higher rate limits. Provide the OSS account email address as `username` and password or API token as `password`. |
66
66
ossindexAnalyzerUrl | The OSS Index server URL | https://ossindex.sonatype.org
67
67
ossIndexWarnOnlyOnRemoteErrors | Sets whether remote errors from the OSS Index (e.g. BAD GATEWAY, RATE LIMIT EXCEEDED) will result in warnings only instead of failing execution. | false
68
68
nexusAnalyzerEnabled | Sets whether Nexus Analyzer will be used (requires Nexus Pro). This analyzer is superceded by the Central Analyzer; however, you can configure this to run against a Nexus Pro installation. | true
Copy file name to clipboardExpand all lines: src/site/markdown/dependency-check-gradle/configuration-aggregate.md
+2-2Lines changed: 2 additions & 2 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -175,8 +175,8 @@ retirejs | retireJsUrl | The URL to the Retire JS repository.
175
175
retirejs | filterNonVulnerable | Configures the RetireJS Analyzer to remove non-vulnerable JS dependencies from the report. | false
176
176
retirejs | filters | Configures the list of regular expessions used to filter JS files based on content. |
177
177
ossIndex | enabled | Sets whether [OSS Index Analyzer](../analyzers/oss-index-analyzer.html) will be used. This analyzer requires an internet connection. | true
178
-
ossIndex | username | The optional user name to connect to Sonatype's OSS Index. |
179
-
ossIndex | password | The password or API token to connect to Sonatype's OSS Index. |
178
+
ossIndex | username | To authenticate Sonatype OSS Index requests and profit from higher rate limits, provide the OSS account email address as username. Provide both a username _and_ a password (see below) or none. |
179
+
ossIndex | password | Password or API token to connect to Sonatype's OSS Index. Provide both a username (see above) _and_ a password or none. |
180
180
ossIndex | warnOnlyOnRemoteErrors| Sets whether remote errors from the OSS Index (e.g. BAD GATEWAY, RATE LIMIT EXCEEDED) will result in warnings only instead of failing execution. | false
181
181
slack | enabled | Whether or not slack notifications are enabled. | false
182
182
slack | webhookUrl | The custom incoming webhook URL to receive notifications. |
0 commit comments