Detect Properties 6.8.0
Use properties at the command line or in a script to issue instruction about how a Synopsys Detect scan functions during a scan. For example, you can use properties to configure Black Duck connection details or to provide instructions to detectors and package managers.
Â
Packagist
Property | Description |
---|---|
Default: true |
Â
sbt
Property | Description |
---|---|
Default: 3 | |
detect.sbt.excluded.configurations | SBT Configurations Excluded: The names of the sbt configurations to exclude. |
detect.sbt.included.configurations | SBT Configurations Included: The names of the sbt configurations to include. |
Bitbake
Property | Description |
---|---|
default: oe-init-build-env BitBake Init Script Name: The name of the build environment init script. | |
BitBake Package Names: A comma-separated list of package names from which dependencies are extracted. | |
BitBake Source Arguments: A comma-separated list of arguments to supply when sourcing the build environment init script. | |
default: 1 BitBake Search Depth: The depth at which Detect will search for files generated by Bitbake. | |
detect.bitbake.reference.impl | Default: -poky-linux Deprecated: This property is no longer required and will not be used in the Bitbake Detector. It will cause failure in 7.0.0 and be removed in 8.0.0. |
Â
Conan
Property | Description |
---|---|
Conan Executable: The path to the conan executable. | |
default: true Include Conan Build Dependencies: Set this value to false if you want to exclude your project's build dependencies. | |
Additional Conan Arguments: A space-separated list of additional arguments to add to the 'conan info' command line when running Detect against a Conan project. Detect will execute the command 'conan info {additional arguments} .' | |
Conan Lockfile: The path to the conan lockfile to apply when running 'conan info' to get the dependency graph. If set, Detect will execute the command 'conan info --lockfile {lockfile} .' | |
default: false Attempt Package Revision Match: If package revisions are available (a Conan lock file is found or provided, and Conan's revisions feature is enabled), require that each dependency's package revision match the package revision of the component in the KnowledgeBase. |
Â
Project
Property | Description |
---|---|
default: NONE Acceptable Values: ALL, NONE, UNSPECIFIED, TRIVIAL, MINOR, MAJOR, CRITICAL, BLOCKER Fail on Policy Violation Severities: A comma-separated list of policy violation severities that will fail Detect. If this is set to NONE, Detect will not fail due to policy violations. A value of ALL is equivalent to all of the other possible values except NONE. | |
Project Description: | |
Project Name: | |
Project Tier: | |
Version Name: | |
Version Nickname: | |
Version Notes: If project version notes are specified, your project version will be created with these notes. | |
default: DEVELOPMENT Acceptable Values: ARCHIVED, DEPRECATED, DEVELOPMENT, PLANNING, PRERELEASE, RELEASED Version Phase: An override for the Project Version phase. | |
default: false Update Project Version: If set to true, will update the Project Version with the configured properties. See detailed help for more information. | |
(Advanced) | Aggregate BDIO File Name: If set, this will aggregate all the BOMs to create a single BDIO file with the name provided. |
detect.bom.aggregate.remediation.mode (Advanced) | default: TRANSITIVE Acceptable Values: DIRECT, TRANSITIVE BDIO Aggregate Remediation Mode: If an aggregate BDIO file is being generated and this property is set to DIRECT, the aggregate BDIO file will exclude code location nodes from the top layer of the dependency tree to preserve the correct identification of direct dependencies in the resulting Black Duck BOM. When this property is set to TRANSITIVE (the default), component source information is preserved by including code location nodes at the top of the dependency tree, but all components will appear as TRANSITIVE in the BOM. |
detect.clone.project.version.name (Advanced) | Clone Project Version Name: The name of the project version to clone this project version from. Respects the given Clone Categories in detect.project.clone.categories or as set on the Black Duck server. |
detect.clone.project.version.latest (Advanced) | default: false Clone Latest Project Version: If set to true, detect will attempt to use the latest project version as the clone for this project. The project must exist and have at least one version. |
(Advanced) | Scan Name: An override for the name Detect will use for the scan file it creates. If supplied and multiple scans are found, Detect will append an index to each scan name. |
| Application ID: Sets the 'Application ID' project setting. |
detect.custom.fields.project | Custom Fields: A list of custom fields with a label and comma-separated value starting from index 0. For each index, provide one label and one value. For example, to set a custom field with label 'example' to 'one,two': detect.custom.fields.project[0].label='example' and detect.custom.fields.project[0].value='one,two'. To set another field, use index 1. Note that these will not show up in the detect configuration log. |
detect.custom.fields.version | Custom Fields: A list of custom fields with a label and comma-separated value starting from index 0. For each index, provide one label and one value. For example , to set a custom field with label 'example' to 'one,two': detect.custom.fields.version[0].label='example' and detect.custom.fields.version[0].value='one,two'. To set another field, use index 1. Note that these will not show up in the detect configuration log. |
detect.project.clone.categories | default: COMPONENT_DATA,VULN_DATA Acceptable Values: COMPONENT_DATA, VULN_DATA, LICENSE_TERM_FULFILLMENT Clone Project Categories: An override for the Project Clone Categories that are used when cloning a version. If the project already exists, make sure to use --detect.project.version.update to make sure these are set. |
detect.project.codelocation.prefix | Scan Name Prefix: A prefix to the name of the scans created by Detect. Useful for running against the same projects on multiple machines. |
detect.project.codelocation.suffix | Scan Name Suffix: A suffix to the name of the scans created by Detect. |
detect.project.codelocation.unmap | default: false Unmap All Other Scans for Project: If set to true, unmaps all other scans mapped to the project version produced by the current run of Detect. |
detect.project.user.groups | Project User Groups: A comma-separated list of names of user groups to add to the project. |
detect.project.tags | Project Tags: A comma-separated list of tags to add to the project. This property is not supported when using Synopsys Detect in offline mode. |
detect.project.level.adjustments | default: true Allow Project Level Adjustments: An override for the Project level matches. |
detect.parent.project.name | Parent Project Name: |
detect.parent.project.version.name | Parent Project Version Name: |
detect.project.version.distribution | default: EXTERNAL Acceptable Values: EXTERNAL, SAAS, INTERNAL, OPENSOURCE Version Distribution: An override for the Project Version distribution |
detect.default.project.version.scheme (Deprecated) | default: TEXT Acceptable Values: TIMESTAMP, TEXT Default Project Version Name Scheme: The scheme to use when the package managers can not determine a version. See detailed help for more information. Deprecated: This property is being removed in an effort to simplify Detect. It will cause failure in 7.0.0 and be removed in 8.0.0. |
detect.default.project.version.text (Deprecated) | default: Default Detect Version Default Project Version Name Text: The text to use as the default project version. Deprecated: This property is being removed in an effort to simplify Detect. It will cause failure in 7.0.0 and be removed in 8.0.0. |
detect.default.project.version.timeformat | default: Default Project Version Name Timestamp Format: The timestamp format to use as the default project version. Deprecated: This property is being removed in an effort to simplify Detect. It will cause failure in 7.0.0 and be removed in 8.0.0. |
Â
Blackduck server
Property | Description |
---|---|
Black Duck API Token: The API token used to authenticate with the Black Duck Server. | |
Default: false | |
Black Duck URL: URL of the Black Duck server. | |
detect.timeout | default: 300 Detect Timeout: The time in seconds that Detect will wait for a network connection, for scans to finish, and to generate reports (i.e. risk and policy check). When changing this value, keep in mind the policy checking might have to wait for scans to process, which can take some time. |
Default: false | |
blackduck.trust.cert | Default: false |
blackduck.hub.api.token | Blackduck Hub Api Token: Hub API Token. Deprecated: This property is changing. |
blackduck.hub.offline.mode | Default: false |
blackduck.hub.password | Blackduck Hub Password: Hub password. Deprecated: This property is changing. |
blackduck.hub.proxy.host | Blackduck Hub Proxy Host: Proxy host. Deprecated: This property is changing. |
blackduck.hub.proxy.ignored.hosts | Blackduck Hub Proxy Ignored Hosts: A comma-separated list of host patterns that should not use the proxy. Deprecated: This property is changing. |
blackduck.hub.proxy.ntlm.domain | Blackduck Hub Proxy Ntlm Domain: NTLM Proxy domain. Deprecated: This property is changing. |
blackduck.hub.proxy.ntlm.workstation | Blackduck Hub Proxy Ntlm Workstation: NTLM Proxy workstation. Deprecated: This property is changing. |
blackduck.hub.proxy.password | Blackduck Hub Proxy Password: Proxy password. Deprecated: This property is changing. |
blackduck.hub.proxy.port | Blackduck Hub Proxy Port: Proxy port. Deprecated: This property is changing. |
blackduck.hub.proxy.username | Blackduck Hub Proxy Username: Proxy username. Deprecated: This property is changing. |
blackduck.hub.timeout | Default: 120 Deprecated: This property is changing. |
blackduck.hub.trust.cert | Default: false Deprecated: This property is changing. |
blackduck.hub.url | Blackduck Hub URL: URL of the Hub server. Deprecated: This property is changing. |
blackduck.hub.username | Blackduck Hub Username: Hub username. Deprecated: This property is changing. |
detect.disable.without.blackduck | Default: false Deprecated: This property is changing. |
detect.disable.without.hub | Default: false Deprecated: This property is changing. Use --detect.ignore.connection.failures in the future. It will cause failure in 6.0.0 and be removed in 7.0.0. |
(Deprecated:) | Black Duck Username: Black Duck username. Deprecated: This property is being removed. Please use |
(Deprecated:) | Black Duck Password: Black Duck password. Deprecated: This property is being removed. Please use |
(Deprecated:) | Default: 300 Deprecated: This property is deprecated. Use |
blackduck.timeout | Default: 120 Deprecated: This property is being removed in an effort to simplify Detect. It will cause failure in 7.0.0 and be removed in 8.0.0. |
Â
Docker
Property | Description |
---|---|
Docker Image Name: The Docker image name to inspect. For Detect to run Docker Inspector, either this property, | |
Docker Image ID: The Docker image ID to inspect. | |
Docker executable: Path to the docker executable. | |
Docker Image Archive File: A saved Docker image - must be a .tar file. For Detect to run Docker Inspector, either this property or detect.docker.tar must be set. Docker Inspector finds packages installed by the Linux package manager in Linux-based images. | |
detect.docker.inspector.air.gap.path | Docker Inspector AirGap Path: The path to the directory containing the Docker Inspector jar and images. Deprecated: This property is being removed in an effort to simplify Detect. It will cause failure in 7.0.0 and be removed in 8.0.0. |
detect.docker.inspector.path | Docker Inspector .jar File Path: This is used to override using the hosted Docker Inspector .jar file by binary repository URL. You can use a compatible (the same major version that Detect downloads by default) local Docker Inspector .jar file at this path. |
detect.docker.inspector.version | Docker Inspector Version: Version of the Docker Inspector to use. By default Detect will attempt to automatically determine the version to use. |
detect.docker.path.required | Default: false |
detect.docker.platform.top.layer.id | Platform Top Layer ID: To exclude components from platform layers from the results, assign to this property the ID of the top layer of the platform image. Get the platform top layer ID from the output of 'docker inspect platformimage:tag'. The platform top layer ID is the last item in RootFS.Layers. For more information, see 'Isolating application components' in the Docker Inspector documentation. |
detect.docker.passthrough | Docker Passthrough: Additional properties may be passed to the docker inspector by adding the prefix detect.docker.passthrough. The keys will be given to docker inspector without the prefix. |
detect.phone.home.passthrough | Phone Home Passthrough: Additional values may be sent home for usage information. The keys will be sent without the prefix. |
Â
Bazel
Property | Description |
---|---|
Bazel cquery additional options: A comma-separated list of additional options to pass to the bazel cquery command. | |
Acceptable values: ALL, NONE, MAVEN_JAR, MAVEN_INSTALL, HASKELL_CABAL_LIBRARY | |
Bazel executable: The path to the Bazel executable. | |
Bazel Target: The Bazel target (for example, //foo:foolib) for which dependencies are collected. For Detect to run Bazel, this property must be set. |
Debug
Property | Description |
---|---|
default: false Diagnostic Mode: When enabled, diagnostic mode collects all files generated by Synopsys Detect and zips the files using a unique run ID. It includes logs, BDIO files, extraction files, and reports. | |
default: false Diagnostic Mode Extended: When enabled, Synopsys Detect performs the actions of --detect.diagnostic, but also includes relevant files such as lock files and build artifacts. |
Â
General
Property | Description |
---|---|
Default: false | |
Default: false | |
detect.force.success | Default: false |
detect.ignore.connection.failures | Default: false |
detect.parallel.processors | Default: 1 |
Â
Project info
Property | Description |
---|---|
detect.api.timeout | Default: 300000 Deprecated: This property is now Deprecated: |
Â
Pear
Property | Description |
---|---|
Default: false | |
Pear executable: The path to the pear executable. |
Â
Pip
Property | Description |
---|---|
Pipenv executable: The path to the Pipenv executable. | |
Default: false | |
PIP Project Name: The name of your PIP project, to be used if your project's name cannot be correctly inferred from its setup.py file. | |
PIP Project Version Name: The version of your PIP project, to be used if your project's version name cannot be correctly inferred from its setup.py file. | |
PIP Requirements Path: A comma-separated list of paths to requirements.txt files. | |
detect.pip.path | Pip Executable: The path to the Pip executable. |
Â
Conda
Property | Description |
---|---|
Anaconda Environment Name: The name of the anaconda environment used by your project. | |
Conda executable: The path to the conda executable. |
Â
Hex
Property | Description |
---|---|
Rebar3 executable: The path to the rebar3 executable. |
Impact analysis
Property | Description |
---|---|
default: false | |
Impact Analysis Output Directory: The path to the output directory for Impact Analysis reports. |
Â
Python
Property | Description |
---|---|
Python executable:: The path to the Python executable. | |
(Deprecated) | Default: false Deprecated: This property is deprecated. It will cause failure in 7.0.0 and be removed in 8.0.0. Due to the January 2020 sunset of Python 2, future versions of Detect will assume that the executable named python points to a Python 3 executable. |
Â
Maven
Property | Description |
---|---|
Maven Build Command: Maven command line arguments to add to the mvn/mvnw command line. | |
Dependency Scope Excluded: A comma separated list of Maven scopes. Output will be limited to dependencies outside these scopes (overrides include). | |
Dependency Scope Included: A comma separated list of Maven scopes. Output will be limited to dependencies within these scopes (overridden by exclude). | |
Maven executable::Â The path to the Maven executable (mvn or mvnw). | |
detect.maven.excluded.modules | Maven Modules Excluded: A comma-separated list of Maven modules (sub-projects) to exclude. |
detect.maven.included.modules | Maven Modules Included: A comma-separated list of Maven modules (sub-projects) to include. |
detect.maven.include.plugins | Default: false |
detect.maven.scope | Dependency Scope Included: The name of a Maven scope. Output will be limited to dependencies with this scope. Deprecated: This property is changing. |
Â
Go
Property | Description |
---|---|
Go executable:: Path to the Go executable. |
Â
npm
Property | Description |
---|---|
Additional NPM Command Arguments: A space-separated list of additional arguments to add to the npm command line when running Detect against an NPM project. | |
Include NPM Development Dependencies: Default: true Set this value to false if you would like to exclude your dev dependencies when ran. | |
NPM executable: The path to the Npm executable. |
Â
Polaris (Deprecated)
Property | Description |
---|---|
detect.polaris.enabled | Default: false Deprecated: This property is changing. |
polaris.access.token | Polaris Access Token: The access token for your Polaris instance. Deprecated: This property is being removed. Detect will no longer invoke the Polaris CLI. It will cause failure in 7.0.0 and be removed in 8.0.0. |
polaris.arguments | Polaris Arguments: Additional arguments to pass to Polaris separated by space. The Polaris.command takes precedence. Deprecated: This property is being removed. Detect will no longer invoke the Polaris CLI. It will cause failure in 7.0.0 and be removed in 8.0.0. |
polaris.command | Polaris Command: A replacement command to pass to Polaris separated by space. Include the analyze or setup command itself. If specified, Polaris.arguments will be ignored and this will take precedence. Deprecated: This property is being removed. Detect will no longer invoke the Polaris CLI. It will cause failure in 7.0.0 and be removed in 8.0.0. |
polaris.url | Polaris URL: The URL of your Polaris instance. Deprecated: This property is being removed. Detect will no longer invoke the Polaris CLI. It will cause failure in 7.0.0 and be removed in 8.0.0. |
Â
NuGet
Property | Description |
---|---|
dotnet executable:: The path to the dotnet executable. | |
Nuget Config File: The path to the Nuget.Config file to supply to the nuget exe. | |
Default: https://api.nuget.org/v3/index.json | |
detect.nuget.excluded.modules | Nuget Projects Excluded: The names of the projects in a solution to exclude. |
detect.nuget.ignore.failure | Default: false Ignore Nuget Failures: If true errors will be logged and then ignored. |
detect.nuget.included.modules | Nuget Modules Included: The names of the projects in a solution to include (overrides exclude). |
detect.nuget.inspector.air.gap.path | Nuget Inspector AirGap Path: The path to the directory containing the nuget inspector nupkg. Deprecated: This property is being removed. Detect will no longer invoke the Polaris CLI. It will cause failure in 7.0.0 and be removed in 8.0.0. |
detect.nuget.inspector.version | Nuget Inspector Version: Version of the Nuget Inspector. By default Detect will run the latest version that is compatible with the Detect version. |
detect.nuget.inspector.name | Default: IntegrationNugetInspector Deprecated: In the future, Detect will not look for a custom named inspector. It will cause failure in 6.0.0 and be removed in 7.0.0. |
detect.nuget.path | Detect Nuget Path: The path to the Nuget executable. Nuget is used to download the classic inspectors nuget package. Deprecated: In the future, Detect will no longer need a nuget executable as it will download the inspector from Artifactory exclusively. It will cause failure in 6.0.0 and be removed in 7.0.0. |
Â
Ruby
Property | Description |
---|---|
Default: false | |
Default: true |
Â
Gradle
Property | Description |
---|---|
Gradle Build Command: Gradle command line arguments to add to the | |
Gradle executable:Â The path to the Gradle executable (gradle or gradlew). | |
detect.gradle.excluded.configurations | Gradle Exclude Configurations: A comma-separated list of Gradle configurations to exclude. |
detect.gradle.excluded.projects | Gradle Exclude Projects: A comma-separated list of Gradle sub-projects to exclude. |
detect.gradle.included.configurations | Gradle Include Configurations: A comma-separated list of Gradle configurations to include. |
detect.gradle.included.projects | Gradle Include Projects: A comma-separated list of Gradle sub-projects to include. |
detect.gradle.inspector.air.gap.path | Gradle Inspector AirGap Path: The path to the directory containing the air gap dependencies for the Gradle inspector. Deprecated: This property is being removed. Detect will no longer invoke the Polaris CLI. It will cause failure in 7.0.0 and be removed in 8.0.0. |
detect.gradle.inspector.version | Gradle Inspector Version: The version of the Gradle Inspector that Detect should use. By default, Detect will try to automatically determine the correct Gradle Inspector version. |
detect.gradle.inspector.repository.url | Detect Gradle Inspector Repository URL: The respository Gradle should use to look for the Gradle inspector dependencies. Deprecated: In the future, the Gradle inspector will no longer be downloaded from a custom repository, Use Detect Air Gap instead. It will cause failure in 6.0.0 and be removed in 7.0.0. |
Â
Proxy
Property | Description |
---|---|
blackduck.proxy.host | Proxy Host: Hostname for proxy server. |
blackduck.proxy.ignored.hosts | Bypass Proxy Hosts: A comma separated list of regular expression host patterns that should not use the proxy. |
blackduck.proxy.ntlm.domain | NTLM Proxy Domain: NTLM Proxy domain. |
blackduck.proxy.ntlm.workstation | NTLM Proxy Workstation: NTLM Proxy workstation. |
blackduck.proxy.password | Proxy Password: Proxy password. |
blackduck.proxy.port | Proxy Port: Proxy port. |
blackduck.proxy.username | Proxy Username: Proxy username. |
Â
Cpan
Property | Description |
---|---|
cpanm executable:Â The path to the cpanm executable. | |
cpan executable: The path to the cpan executable. |
Â
Cleanup
Property | Description |
---|---|
Default: true |
Lerna
Property | Description |
---|---|
default: false | |
Lerna Executable: Path of the lerna executable. |
Â
Paths
Property | Description |
---|---|
Bash executable: Path to the Bash executable. | |
Default: false | |
BDIO Output Directory: The path to the output directory for all BDIO files. | |
Default: 0 | |
Git executable: Path of the git executable | |
Java executable: Path to the java executable. | |
Detect Output Path: The path to the output directory. | |
(Deprecated) | Default: true Deprecated: This property is being removed. Detect will no longer invoke the Polaris CLI. It will cause failure in 7.0.0 and be removed in 8.0.0. |
Scan Output Path: The output directory for all signature scanner output files. If not set, the signature scanner output files will be in a scan subdirectory of the output directory. | |
Source Path: The source path is the path to the project directory to inspect. If no value is provided, the source path defaults to the current working directory | |
Swift executable: Path of the swift executable. | |
Acceptable values: ALL, NONE, DETECTOR, SIGNATURE_SCAN, BINARY_SCAN, IMPACT_ANALYSIS, POLARIS, DOCKER, BAZEL | |
Acceptable values: ALL, NONE, DETECTOR, SIGNATURE_SCAN, BINARY_SCAN, IMPACT_ANALYSIS, POLARIS, DOCKER, BAZEL | |
detect.detector.search.continue | Default: false Detector Search Continue: If true, the BOM tool search will continue to look for nested BOM tools of the same type to the maximum search depth, see the detailed help for more information. |
detect.detector.search.exclusion | Detector Directory Exclusions: A comma-separated list of directory names to exclude from detector search. Deprecated: This property is now deprecated. In future versions of Detect, it will be consolidated with other exclusion properties. It will cause failure in 7.0.0 and be removed in 8.0.0. |
detect.detector.search.exclusion.defaults | Default: true Deprecated: This property is now deprecated. In future versions of Detect, it will be consolidated with other exclusion properties. It will cause failure in 7.0.0 and be removed in 8.0.0. |
detect.detector.search.exclusion.files | Detector File Exclusions: A comma-separated list of file names to exclude from detector search. Deprecated: This property is now deprecated. In future versions of Detect, it will be consolidated with other exclusion properties. It will cause failure in 7.0.0 and be removed in 8.0.0. |
detect.detector.search.exclusion.paths | Detector Directory Path Exclusions: A comma-separated list of directory paths to exclude from detector search. (E.g. 'foo/bar/biz' will only exclude the 'biz' directory if the parent directory structure is 'foo/bar/'.) Deprecated: This property is now deprecated. In future versions of Detect, it will be consolidated with other exclusion properties. It will cause failure in 7.0.0 and be removed in 8.0.0. |
detect.detector.search.exclusion.patterns | Detector Directory Patterns Exclusions: A comma-separated list of directory name patterns to exclude from detector search. Deprecated: This property is now deprecated. In future versions of Detect, it will be consolidated with other exclusion properties. It will cause failure in 7.0.0 and be removed in 8.0.0. |
detect.project.detector | Project Name/Version Detector: The detector that will be used to determine the project name and version when multiple detector types. This property should be used with the detect.project.tool. |
detect.project.tool | Default: DOCKER,DETECTOR,BAZEL |
detect.tools.output.path | Detect Tools Output Path: The path to the tools directory where detect should download and/or access things like the Signature Scanner that it shares over multiple runs. |
detect.bom.tool.search.continue | Default: false Deprecated: This property is changing. |
detect.bom.tool.search.depth | Default: 0 Deprecated: This property is changing. |
detect.bom.tool.search.exclusion | Detect BOM Tool Search Exclusion: A comma-separated list of directory names to exclude from the BOM tool search. Deprecated: This property is changing. |
detect.bom.tool.search.exclusion.defaults | Default: true Deprecated: This property is changing. |
detect.project.bom.tool | Detect Project BOM Tool: The detector to choose when multiple detector types are found and one needs to be chosen for project name and version. This property should be used with the detect.project.tool. Deprecated: This property is changing. |
Â
Â
Binary scanner
Property | Description |
---|---|
Binary Scan Target: If specified, this file and this file only will be uploaded for binary scan analysis. This property takes precedence over detect.binary.scan.file.name.patterns. The BINARY_SCAN tool does not provide project and version name defaults to Detect, so you need to set project and version names via properties when only the BINARY_SCAN tool is invoked. | |
Binary Scan Filename Patterns: If specified, all files in the source directory whose names match these file name patterns are zipped and uploaded for binary scan analysis. This property will not be used if detect.binary.scan.file.path is specified. The depth of the search is 0 (subdirectories are not searched). This property accepts filename globbing-style wildcards. |
Signature scanner
Property | Description |
---|---|
detect.blackduck.signature.scanner.arguments  | Signature Scanner Arguments: Additional arguments to use when running the Black Duck signature scanner. |
detect.blackduck.signature.scanner.copyright.search  | Default: false  |
detect.blackduck.signature.scanner.dry.run  | Default: false Signature Scanner Dry Run: If set to true, the signature scanner results are not uploaded to Black Duck, and the scanner results are written to disk.  |
detect.blackduck.signature.scanner.exclusion.name.patterns  | Default: node_modules |
detect.blackduck.signature.scanner.exclusion.patterns  | Exclusion patterns: A comma-separated list of values (each value is a directory name pattern surrounded by |
detect.blackduck.signature.scanner.exclusion.pattern.search.depth  | Default: 4  |
detect.blackduck.signature.scanner.individual.file.matching  | Default: NONE  |
detect.blackduck.signature.scanner.license.search  | Default: false  |
detect.blackduck.signature.scanner.local.path  | Signature Scanner Local Path: To use a local signature scanner, specify the path where the signature scanner was unzipped. This will likely look similar to 'scan.cli-x.y.z' and includes the 'bin, icon, jre, and lib' directories of the expanded scan.cli.  |
detect.blackduck.signature.scanner.paths  | Signature Scanner Target Paths:  |
detect.blackduck.signature.scanner.snippet.matching  | Default: NONE  |
detect.blackduck.signature.scanner.upload.source.mode  | Default: false  |
detect.blackduck.signature.scanner.host.url  | Signature Scanner Host URL: If this URL is set, an attempt will be made to use it to download the signature scanner. The server URL provided must respect the Black Duck's URLs for different operating systems. Deprecated: This property is being deprecated. It will cause failure in 7.0.0 and be removed in 8.0.0. |
detect.blackduck.signature.scanner.memory  | Default: 4096  |
detect.blackduck.signature.scanner.offline.local.path  | Signature Scanner Local Path (Offline): To use a local signature scanner and force offline, specify the path where the signature scanner was unzipped. This will likely look similar to 'scan.cli-x.y.z' and includes the 'bin, icon, jre, and lib' directories of the expanded scan.cli. Deprecated: This property is deprecated. In the future, please use detect.blackduck.signature.scanner.local.path to specify a local signature scanner zip, and blackduck.offline.mode to run offline. It will cause failure in 7.0.0 and be removed in 8.0.0. |
detect.blackduck.signature.scanner.disabled | Default: false Deprecated: This property is changing. |
detect.blackduck.signature.scanner.parallel.processors | Default: 1 Â |
detect.blackduck.signature.scanner.snippet.mode | Default: false Deprecated: This property is now Deprecated: |
detect.hub.signature.scanner.arguments | Detect Hub Signature Scanner Arguments: Additional arguments to use when running the Hub signature scanner. Deprecated: This property is changing. |
detect.hub.signature.scanner.disabled | Default: false Deprecated: This property is changing. |
detect.hub.signature.scanner.dry.run | Default: false |
detect.hub.signature.scanner.exclusion.name.patterns | Default: node_modules Deprecated: This property is changing. |
detect.hub.signature.scanner.exclusion.patterns | Detect Hub Signature Scanner Exclusion patterns: A comma-separated list of values to be used with the Signature Scanner --exclude flag. Deprecated: This property is changing. |
detect.hub.signature.scanner.host.url | Detect Hub Signature Scanner Host URL: If this URL is set, an attempt will be made to use it to download the signature scanner. The server URL provided must respect the Hub's URLs for different operating systems. Deprecated: This property is changing. |
detect.hub.signature.scanner.local.path | Detect Hub Signature Scanner Local Path: To use a local signature scanner, specify the path where the signature scanner was unzipped. This will likely look similar to 'scan.cli-x.y.z' and includes the 'bin, icon, jre, and lib' directories of the expanded scan.cli. Deprecated: This property is changing. |
detect.hub.signature.scanner.memory | Default: 4096 Detect Hub Signature Scanner Memory: The memory for the scanner to use. Deprecated: This property is changing. |
detect.hub.signature.scanner.offline.local.path | Detect Hub Signature Scanner Offline Local Path: To use a local signature scanner and force offline, specify the path where the signature scanner was unzipped. This will likely look similar to 'scan.cli-x.y.z' and includes the bin, icon, jre, and lib directories of the expanded scan.cli. Deprecated: This property is changing. |
detect.hub.signature.scanner.parallel.processors | Default: 1 Detect Hub Signature Scanner Parallel Processors: The number of scans to run in parallel, defaults to 1, but if you specify -1, the number of processors on the machine will be used. Deprecated: This property is changing. |
detect.hub.signature.scanner.paths | Detect Hub Signature Scanner Paths: These paths and only these paths will be scanned. Deprecated: This property is changing. |
detect.hub.signature.scanner.snippet.mode | Default: false Deprecated: This property is changing. |
Â
Report
Property | Description |
---|---|
Default: false | |
Default: . | |
Default: false | |
Default: . |
Â
Logging
Property | Description |
---|---|
Default: INFO | |
Default: INFO | |
detect.suppress.configuration.output | Default: false Deprecated: This property is being removed. Configuration can no longer be suppressed individually. Log level can be used. It will cause failure in 6.0.0 and be removed in 7.0.0. |
detect.suppress.results.output | Default: false Detect Suppress Results Output: If true, the default behavior of printing the Detect Results will be suppressed. Deprecated: This property is being removed. Results can no longer be suppressed individually. Log level can be used. It will cause failure in 6.0.0 and be removed in 7.0.0. |
logging.level.com.blackducksoftware.integration | Default: INFO Deprecated: This property is changing. Use --logging.level.com.synopsys.integration in the future. It will cause failure in 6.0.0 and be removed in 7.0.0. |
Â
Yarn
Property | Description |
---|---|
Default: false |
Â
Detector
Property | Description |
---|---|
Acceptable values:Â BITBAKE, CARGO, COCOAPODS, CONDA, CONAN, CPAN, CRAN, GIT, GO_MOD, GO_DEP, GO_VNDR, GO_VENDOR, GO_GRADLE, GRADLE, HEX, LERNA, MAVEN, NPM, NUGET, PACKAGIST, PEAR, PIP, RUBYGEMS, SBT, SWIFT, YARN, CLANG | |
detect.excluded.detector.types | Acceptable values:Â ALL, NONE, BITBAKE, CARGO, COCOAPODS, CONDA, CONAN, CPAN, CRAN, GIT, GO_MOD, GO_DEP, GO_VNDR, GO_VENDOR, GO_GRADLE, GRADLE, HEX, LERNA, MAVEN, NPM, NUGET, PACKAGIST, PEAR, PIP, RUBYGEMS, SBT, SWIFT, YARN, CLANG |
detect.included.detector.types | Acceptable values:Â ALL, NONE, BITBAKE, CARGO, COCOAPODS, CONDA, CONAN, CPAN, CRAN, GIT, GO_MOD, GO_DEP, GO_VNDR, GO_VENDOR, GO_GRADLE, GRADLE, HEX, LERNA, MAVEN, NPM, NUGET, PACKAGIST, PEAR, PIP, RUBYGEMS, SBT, SWIFT, YARN, CLANG |
detect.excluded.bom.tool.types | Detect Excluded BOM Tool Types: By default, all tools will be included. If you want to exclude specific detectors, specify the ones to exclude here. If you want to exclude all tools, specify "ALL". Exclusion rules always win. Deprecated: This property is changing. Use --detect.excluded.detector.types in the future. It will cause failure in 6.0.0 and be removed in 7.0.0. |
detect.included.bom.tool.types | Detect Included BOM Tool Types: By default, all tools will be included. If you want to include only specific tools, specify the ones to include here. Exclusion rules always win. Deprecated: This property is changing. Use --detect.included.detector.types in the future. It will cause failure in 6.0.0 and be removed in 7.0.0. |
detect.required.bom.tool.types | Detect Required BOM Tool Types: If set, Detect will fail if it does not find the BOM tool types supplied here. Deprecated: This property is changing. Use --detect.required.detector.types in the future. It will cause failure in 6.0.0 and be removed in 7.0.0. |
©2018 Synopsys, Inc. All Rights Reserved