All Downloads are FREE. Search and download functionalities are using the official Maven repository.

toolkit.model.41.0.0.source-code.reference.yml Maven / Gradle / Ivy

Go to download

Part of the OSS Review Toolkit (ORT), a suite to automate software compliance checks.

There is a newer version: 42.0.0
Show newest version
# Copyright (C) 2022 The ORT Project Authors (see )
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
#     https://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
#
# SPDX-License-Identifier: Apache-2.0
# License-Filename: LICENSE

# A reference configuration file containing all possible ORT configuration options. Some of those options are mutually
# exclusive, so this file is only used to show all options and to validate the configuration.

ort:
  allowedProcessEnvironmentVariableNames:
    - PASSPORT
    - USER_HOME
  deniedProcessEnvironmentVariablesSubstrings:
    - PASS
    - SECRET
    - TOKEN
    - USER

  enableRepositoryPackageConfigurations: true
  enableRepositoryPackageCurations: true

  # Force overwriting of any existing output files.
  forceOverwrite: true

  licenseFilePatterns:
    licenseFilenames: ['license*']
    patentFilenames: ['patents']
    otherLicenseFilenames: ['readme*']

  # Package configurations have to be unique by ID and provenance. Ensure that different providers do not provide
  # configurations for the same package, see https://github.com/oss-review-toolkit/ort/issues/6972 for details.
  packageConfigurationProviders:
  - type: DefaultDir
  - type: Dir
    id: SomeConfigDir
    options:
      path: '/some-path/'
      mustExist: true
  - type: OrtConfig

  # Package curation providers are listed from highest to lowest priority. Technically, they are applied in reverse
  # order: The provider with the highest priority is applied last, so it can overwrite any previously applied curations.
  packageCurationProviders:
  - type: DefaultFile
  - type: DefaultDir
  - type: File
    id: SomeCurationsFile
    options:
      path: '/some-path/curations.yml'
      mustExist: true
  - type: File
    id: SomeCurationsDir
    options:
      path: '/some-path/curations-dir'
      mustExist: false
  - type: OrtConfig
    enabled: '${USE_ORT_CONFIG_CURATIONS:-true}'
  - type: ClearlyDefined
    options:
      serverUrl: 'https://api.clearlydefined.io'
      minTotalLicenseScore: 80
  - type: SW360
    options:
      restUrl: 'https://your-sw360-rest-url'
      authUrl: 'https://your-authentication-url'
    secrets:
      username: username
      password: password
      clientId: clientId
      clientPassword: clientPassword
      token: token

  severeIssueThreshold: ERROR
  severeRuleViolationThreshold: ERROR

  analyzer:
    allowDynamicVersions: true

    # A list of enabled package managers.
    enabledPackageManagers: [Gradle]

    # A list of disabled package managers. Disabling a package manager here overrides enabling it in
    # `enabledPackageManagers`.
    disabledPackageManagers: [Maven, NPM]

    # A flag to control whether excluded scopes and paths should be skipped during the analysis.
    skipExcluded: true

    packageManagers:
      Gradle:
        # A list of package manager names that this package manager must run after. For example, this can be used if
        # another package manager generates files that this package manager requires to run correctly.
        mustRunAfter: [NPM]

      GradleInspector:
        options:
          # An optional path to the Java home to use for Gradle project analysis. By default the Java version that ORT
          # itself is run with will be used.
          javaHome: "/path/to/java/home"

      Yarn2:
        options:
          # If set to true, disable verification of HTTPS certificate of remote registries. Useful when using a proxy to
          # intercept requests to the registry.
          disableRegistryCertificateVerification: false

      Conan:
        # Holds a name of the lockfile. Required if allowDynamicVersions = false.
        # The lockfile should be located in the same directory as the conanfile.py or conanfile.txt.
        options:
          lockfileName: "lockfile.lock"

  advisor:
    # A flag to control whether excluded scopes and paths should be skipped when giving the advice.
    skipExcluded: true

    config:
      GitHubDefects:
        options:
          endpointUrl: 'https://api.github.com/graphql'
          labelFilter: '!duplicate, !enhancement, !invalid, !question, !documentation, *'
          maxNumberOfIssuesPerRepository: 50
          parallelRequests: 5
        secrets:
          token: githubAccessToken

      OssIndex:
        options:
          serverUrl: 'https://ossindex.sonatype.org/'
        secrets:
          username: username
          password: password

      OSV:
        options:
          serverUrl: 'https://api.osv.dev'

      VulnerableCode:
        options:
          serverUrl: 'http://localhost:8000'
          readTimeout: 40
        secrets:
          apiKey: 0123456789012345678901234567890123456789

  downloader:
    allowMovingRevisions: true

    # Only used if the '--license-classifications-file' option is specified.
    includedLicenseCategories:
      - 'category-a'
      - 'category-b'

    # A flag to control whether excluded scopes and paths should be skipped during the download.
    skipExcluded: true

    sourceCodeOrigins: [VCS, ARTIFACT]

  scanner:
    skipConcluded: true
    skipExcluded: true

    archive:
      enabled: true

      fileStorage:
        localFileStorage:
          directory: ~/.ort/scanner/archive
          compression: false

      postgresStorage:
        connection:
          url: 'jdbc:postgresql://your-postgresql-server:5444/your-database'
          schema: public
          username: username
          password: password
          sslmode: require
          sslcert: /defaultdir/postgresql.crt
          sslkey: /defaultdir/postgresql.pk8
          sslrootcert: /defaultdir/root.crt
          connectionTimeout: 30000
          idleTimeout: 600000
          keepaliveTime: 0
          maxLifetime: 1800000
          maximumPoolSize: 10
          minimumIdle: 600000

    # Map scanner license findings to valid SPDX licenses. Note that these mappings are only applied in new scans,
    # stored scan results are not affected.
    detectedLicenseMapping:
      BSD (Three Clause License): 'BSD-3-clause'
      LicenseRef-scancode-generic-cla: 'NOASSERTION'

    fileListStorage:
      fileStorage:
        localFileStorage:
          directory: ~/.ort/scanner/file-lists
          compression: false

      postgresStorage:
        connection:
          url: 'jdbc:postgresql://your-postgresql-server:5444/your-database'
          schema: public
          username: username
          password: password
          sslmode: require
          sslcert: /defaultdir/postgresql.crt
          sslkey: /defaultdir/postgresql.pk8
          sslrootcert: /defaultdir/root.crt
          connectionTimeout: 30000
          idleTimeout: 600000
          keepaliveTime: 0
          maxLifetime: 1800000
          maximumPoolSize: 10
          minimumIdle: 600000

    config:
      # A map from scanner plugin types to the plugin configuration.
      ScanCode:
        options:
          # Command line options that affect the ScanCode output. If changed, stored scan results that were created with
          # different options are not reused.
          commandLine: '--copyright --license --info --strip-root --timeout 300'

          # Command line options that do not affect the ScanCode output.
          commandLineNonConfig: '--processes 4'

          # Use per-file license findings instead of per-line ones.
          preferFileLicense: false

          # Criteria for matching stored scan results. These can be configured for any scanner that uses semantic
          # versioning. Note that the 'maxVersion' is exclusive and not part of the range of accepted versions.
          minVersion: '3.2.1-rc2'
          maxVersion: '32.0.0'

      FossId:
        options:
          serverUrl: 'https://fossid.example.com/instance/'

          namingProjectPattern: '$Var1_$Var2'
          namingScanPattern: '$Var1_#projectBaseCode_$Var3'
          namingVariableVar1: myOrg
          namingVariableVar2: myTeam
          namingVariableVar3: myUnit

          waitForResult: false

          keepFailedScans: false
          deltaScans: true
          deltaScanLimit: 10

          detectLicenseDeclarations: true
          detectCopyrightStatements: true

          timeout: 60

          urlMappingExample: "https://my-repo.example.org(?.*) -> ssh://my-mapped-repo.example.org${repoPath}"

          sensitivity: 10

        secrets:
          user: user
          apiKey: XYZ

      SCANOSS:
        options:
          apiUrl: 'https://api.osskb.org/'
        secrets:
          apiKey: 'your API key'

    storages:
      local:
        backend:
          localFileStorage:
            directory: ~/.ort/scanner/results
            compression: false

      http:
        backend:
          httpFileStorage:
            url: 'https://your-http-server'
            query: '?username=user&password=123'
            headers:
              key1: value1
              key2: value2

      aws:
        backend:
          s3FileStorage:
            accessKeyId: "accessKey"
            awsRegion: "us-east-1"
            bucketName: "ort-scan-results"
            compression: false
            customEndpoint: "http://localhost:4567"
            secretAccessKey: "secret"

      clearlyDefined:
        serverUrl: 'https://api.clearlydefined.io'

      postgres:
        connection:
          url: 'jdbc:postgresql://your-postgresql-server:5444/your-database'
          schema: public
          username: username
          password: password
          sslmode: require
          sslcert: /defaultdir/postgresql.crt
          sslkey: /defaultdir/postgresql.pk8
          sslrootcert: /defaultdir/root.crt
          connectionTimeout: 30000
          idleTimeout: 600000
          keepaliveTime: 0
          maxLifetime: 1800000
          maximumPoolSize: 10
          minimumIdle: 600000
        type: PROVENANCE_BASED

      sw360Configuration:
        restUrl: 'https://your-sw360-rest-url'
        authUrl: 'https://your-authentication-url'
        username: username
        password: password
        clientId: clientId
        clientPassword: clientPassword
        token: token

    # Storage readers are listed from highest to lower priority, i.e. the first match wins.
    storageReaders: [local, postgres, http, aws, clearlyDefined]

    # For storage writers no priority is implied by the order; scan results are stored for all writers.
    storageWriters: [postgres]

    ignorePatterns: ['**/META-INF/DEPENDENCIES']

    provenanceStorage:
      fileStorage:
        localFileStorage:
          directory: ~/.ort/scanner/provenance
          compression: false

      postgresStorage:
        connection:
          url: 'jdbc:postgresql://your-postgresql-server:5444/your-database'
          schema: public
          username: username
          password: password
          sslmode: require
          sslcert: /defaultdir/postgresql.crt
          sslkey: /defaultdir/postgresql.pk8
          sslrootcert: /defaultdir/root.crt
          connectionTimeout: 30000
          idleTimeout: 600000
          keepaliveTime: 0
          maxLifetime: 1800000
          maximumPoolSize: 10
          minimumIdle: 600000

  reporter:
    config:
      CycloneDx:
        options:
          schema.version: 1.6

      FossId:
        options:
          serverUrl: 'https://fossid.example.com/instance/'
        secrets:
          user: user
          apiKey: XYZ

  notifier:
    mail:
      hostName: 'localhost'
      username: user
      password: password
      port: 465
      useSsl: true
      fromAddress: '[email protected]'

    jira:
        host: 'localhost'
        username: user
        password: password




© 2015 - 2024 Weber Informatics LLC | Privacy Policy