Detect Properties 6.4.0

detect.packagist.include.dev.dependencies

Default: true
Include Packagist Development Dependencies: Set this value to false if you would like to exclude your dev requires dependencies when ran.

detect.sbt.report.search.depth

Default: 3
SBT Report Search Depth: Depth the sbt detector will use to search for report files.

detect.sbt.excluded.configurations
(Advanced)

SBT Configurations Excluded: The names of the sbt configurations to exclude.

detect.sbt.included.configurations
(Advanced)

SBT Configurations Included: The names of the sbt configurations to include.

detect.bitbake.build.env.name

Default: oe-init-build-env
BitBake Init Script Name: The name of the build environment init script.

detect.bitbake.package.names

BitBake Package Names: A comma-separated list of package names from which dependencies are extracted.

detect.bitbake.search.depth

Default: 1
BitBake Search Depth: The depth at which Detect will search for the recipe-depends.dot or package-depends.dot files.

detect.bitbake.source.arguments

BitBake Source Arguments: A comma-separated list of arguments to supply when sourcing the build environment init script.

detect.bitbake.reference.impl
(Deprecated:)

Default: -poky-linux
Reference implementation: The reference implementation of the Yocto project. These characters are stripped from the discovered target architecture.

Deprecated: This property is no longer required and will not be used in the Bitbake Detector. It will cause failure in 7.0.0 and be removed in 8.0.0.

detect.policy.check.fail.on.severities

Default: NONE
Acceptable values: ALL, NONE, UNSPECIFIED, TRIVIAL, MINOR, MAJOR, CRITICAL, BLOCKER
Fail on Policy Violation Severities: A comma-separated list of policy violation severities that will fail Detect. If this is set to NONE, Detect will not fail due to policy violations. A value of ALL is equivalent to all of the other possible values except NONE.

detect.project.description

Project Description: If project description is specified, your project version will be created with this description.

detect.project.name

Project Name: An override for the name to use for the Black Duck project. If not supplied, Detect will attempt to use the tools to figure out a reasonable project name. If that fails, the final part of the directory path where the inspection is taking place will be used.

detect.project.tier

Project Tier: If a Black Duck project tier is specified, your project will be created with this tier.

detect.project.version.name

Version Name: An override for the version to use for the Black Duck project. If not supplied, Detect will attempt to use the tools to figure out a reasonable version name. If that fails, the current date will be used.

detect.project.version.nickname

Version Nickname: If a project version nickname is specified, your project version will be created with this nickname.

detect.project.version.notes

Version Notes: If project version notes are specified, your project version will be created with these notes.

detect.project.version.phase

Default: DEVELOPMENT
Acceptable values: ARCHIVED, DEPRECATED, DEVELOPMENT, PLANNING, PRERELEASE, RELEASED
Version Phase: An override for the Project Version phase.

detect.project.version.update

Default: false
Update Project Version: If set to true, will update the Project Version with the configured properties. See detailed help for more information.

detect.bom.aggregate.name
(Advanced)

Aggregate BDIO File Name: If set, this will aggregate all the BOMs to create a single BDIO file with the name provided.

detect.bom.aggregate.remediation.mode
(Advanced)

Default: TRANSITIVE
Acceptable values: DIRECT, TRANSITIVE

BDIO Aggregate Remediation Mode: If an aggregate BDIO file is being generated and this property is set to DIRECT, the aggregate BDIO file will exclude code location nodes from the top layer of the dependency tree to preserve the correct identification of direct dependencies in the resulting Black Duck BOM. When this property is set to TRANSITIVE (the default), component source information is preserved by including code location nodes at the top of the dependency tree, but all components will appear as TRANSITIVE in the BOM.

detect.clone.project.version.latest
(Advanced)

Default: false
Clone Latest Project Version: If set to true, detect will attempt to use the latest project version as the clone for this project. The project must exist and have at least one version.

detect.clone.project.version.name
(Advanced)

Clone Project Version Name: The name of the project version to clone this project version from. Respects the given Clone Categories in detect.project.clone.categories or as set on the Black Duck server.

detect.code.location.name
(Advanced)

Scan Name: An override for the name Detect will use for the scan file it creates. If supplied and multiple scans are found, Detect will append an index to each scan name.

detect.custom.fields.project
(Advanced)

Custom Fields: A list of custom fields with a label and comma-separated value starting from index 0. For example detect.custom.fields.project[0].label='example' and detect.custom.fields.project[0].value='one,two'. Note that these will not show up in the detect configuration log.

detect.custom.fields.version
(Advanced)

Custom Fields: A list of custom fields with a label and comma-separated value starting from index 0. For example detect.custom.fields.version[0].label='example' and detect.custom.fields.version[0].value='one,two'. Note that these will not show up in the detect configuration log.

detect.default.project.version.scheme
(Advanced)

Default: TEXT
Acceptable values: TIMESTAMP, TEXT
Default Project Version Name Scheme: The scheme to use when the package managers can not determine a version. See detailed help for more information.

detect.default.project.version.text
(Advanced)

Default: Default Detect Version
Default Project Version Name Text: The text to use as the default project version.

detect.default.project.version.timeformat
(Advanced)

Default: yyyy-MM-dd'T'HH:mm:ss.SSS
Default Project Version Name Timestamp Format: The timestamp format to use as the default project version.

detect.parent.project.name
(Advanced)

Parent Project Name: When a parent project and version name are specified, the created detect project will be added as a component to the specified parent project version.

detect.parent.project.version.name
(Advanced)

Parent Project Version Name: When a parent project and version name are specified, the created detect project will be added as a component to the specified parent project version.

detect.project.application.id
(Advanced)

Application ID: Sets the 'Application ID' project setting.

detect.project.clone.categories
(Advanced)

Default: COMPONENT_DATA,VULN_DATA
Acceptable values: COMPONENT_DATA, VULN_DATA, LICENSE_TERM_FULFILLMENT
Clone Project Categories: An override for the Project Clone Categories that are used when cloning a version. If the project already exists, make sure to use --detect.project.version.update to make sure these are set.

detect.project.codelocation.prefix
(Advanced)

Scan Name Prefix: A prefix to the name of the scans created by Detect. Useful for running against the same projects on multiple machines.

detect.project.codelocation.suffix
(Advanced)

Scan Name Suffix: A suffix to the name of the scans created by Detect.

detect.project.codelocation.unmap
(Advanced)

Default: false
Unmap All Other Scans for Project: If set to true, unmaps all other scans mapped to the project version produced by the current run of Detect.

detect.project.level.adjustments
(Advanced)

Default: true
Allow Project Level Adjustments: An override for the Project level matches.

detect.project.tags
(Advanced)

Project Tags: A comma-separated list of tags to add to the project.

detect.project.user.groups
(Advanced)

Project User Groups: A comma-separated list of names of user groups to add to the project.

detect.project.version.distribution
(Advanced)

Default: EXTERNAL
Acceptable values: EXTERNAL, SAAS, INTERNAL, OPENSOURCE
Version Distribution: An override for the Project Version distribution

blackduck.api.token

Black Duck API Token: The API token used to authenticate with the Black Duck Server.

blackduck.offline.mode

Default: false
Offline Mode: This can disable any Black Duck communication - if true, Detect will not upload BDIO files, it will not check policies, and it will not download and install the signature scanner.

blackduck.password

Black Duck Password: Black Duck password.

blackduck.url

Black Duck URL: URL of the Black Duck server.

blackduck.username

Black Duck Username: Black Duck username.

detect.report.timeout

Default: 300
Report Generation Timeout: The amount of time in seconds Detect will wait for scans to finish and to generate reports (i.e. risk and policy check). When changing this value, keep in mind the checking of policies might have to wait for scans to process which can take some time.

detect.test.connection

Default: false
Test Connection to Black Duck: Test the connection to Black Duck with the current configuration.

blackduck.timeout
(Advanced)

Default: 120
Black Duck Timeout: The time to wait for network connections to complete (in seconds).

blackduck.trust.cert
(Advanced)

Default: false
Trust All SSL Certificates: If true, automatically trust the certificate for the current run of Detect only.

blackduck.hub.api.token
(Deprecated:)

Blackduck Hub Api Token: Hub API Token.

Deprecated: This property is changing.
Use --blackduck.api.token in the future. It will cause failure in 6.0.0 and be removed in 7.0.0.

blackduck.hub.offline.mode
(Deprecated:)

Default: false
Blackduck Hub Offline Mode: This disables any Hub communication. If true, Detect does not upload BDIO files, does not check policies, and does not download and install the signature scanner.
Deprecated: This property is changing.
Use --blackduck.offline.mode in the future. It will cause failure in 6.0.0 and be removed in 7.0.0.

blackduck.hub.password
(Deprecated:)

Blackduck Hub Password: Hub password.

Deprecated: This property is changing.
Use --blackduck.password in the future. It will cause failure in 6.0.0 and be removed in 7.0.0.

blackduck.hub.proxy.host
(Deprecated:)

Blackduck Hub Proxy Host: Proxy host.

Deprecated: This property is changing.
Use --blackduck.proxy.host in the future. It will cause failure in 6.0.0 and be removed in 7.0.0.

blackduck.hub.proxy.ignored.hosts
(Deprecated:)

Blackduck Hub Proxy Ignored Hosts: A comma-separated list of host patterns that should not use the proxy.

Deprecated: This property is changing.
Use --blackduck.proxy.ignored.hosts in the future. It will cause failure in 6.0.0 and be removed in 7.0.0.

blackduck.hub.proxy.ntlm.domain
(Deprecated:)

Blackduck Hub Proxy Ntlm Domain: NTLM Proxy domain.

Deprecated: This property is changing.
Use --blackduck.proxy.ntlm.domain in the future. It will cause failure in 6.0.0 and be removed in 7.0.0.

blackduck.hub.proxy.ntlm.workstation
(Deprecated:)

Blackduck Hub Proxy Ntlm Workstation: NTLM Proxy workstation.

Deprecated: This property is changing.
Use --blackduck.proxy.ntlm.workstation in the future. It will cause failure in 6.0.0 and be removed in 7.0.0.

blackduck.hub.proxy.password
(Deprecated:)

Blackduck Hub Proxy Password: Proxy password.

Deprecated: This property is changing.
Use --blackduck.proxy.password in the future. It will cause failure in 6.0.0 and be removed in 7.0.0.

blackduck.hub.proxy.port
(Deprecated:)

Blackduck Hub Proxy Port: Proxy port.

Deprecated: This property is changing.
Use --blackduck.proxy.port in the future. It will cause failure in 6.0.0 and be removed in 7.0.0.

blackduck.hub.proxy.username
(Deprecated:)

Blackduck Hub Proxy Username: Proxy username.

Deprecated: This property is changing.
Use --blackduck.proxy.username in the future. It will cause failure in 6.0.0 and be removed in 7.0.0.

blackduck.hub.timeout
(Deprecated:)

Default: 120
Blackduck Hub Timeout: The time to wait for rest connections to complete in seconds.

Deprecated: This property is changing.
Use --blackduck.timeout in the future. It will cause failure in 6.0.0 and be removed in 7.0.0.

blackduck.hub.trust.cert
(Deprecated:)

Default: false
Blackduck Hub Trust Cert: If true, automatically trusts the certificate for the current run of Detect only.

Deprecated: This property is changing.
Use --blackduck.trust.cert in the future. It will cause failure in 6.0.0 and be removed in 7.0.0.

blackduck.hub.url
(Deprecated:)

Blackduck Hub URL: URL of the Hub server.

Deprecated: This property is changing.
Use --blackduck.url in the future. It will cause failure in 6.0.0 and be removed in 7.0.0.

blackduck.hub.username
(Deprecated:)

Blackduck Hub Username: Hub username.

Deprecated: This property is changing.
Use --blackduck.username in the future. It will cause failure in 6.0.0 and be removed in 7.0.0.

detect.disable.without.blackduck
(Deprecated:)

Default: false
Check For Valid Black Duck Connection: If true, during initialization Detect will check for Black Duck connectivity and exit with status code 0 if it cannot connect.

Deprecated: This property is changing.
Use --detect.ignore.connection.failures in the future. It will cause failure in 6.0.0 and be removed in 7.0.0.

detect.disable.without.hub
(Deprecated:)

Default: false
Detect Disable Without Hub: If true, during initialization Detect will check for Hub connectivity and exit with status code 0 if it cannot connect.

Deprecated: This property is changing. Use --detect.ignore.connection.failures in the future. It will cause failure in 6.0.0 and be removed in 7.0.0.

detect.docker.image

Docker Image Name: The Docker image name to inspect. For Detect to run Docker Inspector, either this property or detect.docker.tar must be set. Docker Inspector finds packages installed by the Linux package manager in Linux-based images.

detect.docker.image.id

Docker Image ID: The Docker image ID to inspect.

detect.docker.path

Docker executable: Path to the docker executable.

detect.docker.tar

Docker Image Archive File: A saved Docker image - must be a .tar file. For Detect to run Docker Inspector, either this property or detect.docker.tar must be set. Docker Inspector finds packages installed by the Linux package manager in Linux-based images.

detect.docker.inspector.air.gap.path
(Advanced)

Docker Inspector AirGap Path: The path to the directory containing the Docker Inspector jar and images.

detect.docker.inspector.path
(Advanced)

Docker Inspector .jar File Path: This is used to override using the hosted Docker Inspector .jar file by binary repository URL. You can use a compatible (the same major version that Detect downloads by default) local Docker Inspector .jar file at this path.

detect.docker.inspector.version
(Advanced)

Docker Inspector Version: Version of the Docker Inspector to use. By default Detect will attempt to automatically determine the version to use.

detect.docker.path.required
(Advanced)

Default: false
Run Without Docker in Path: If set to true, Detect will attempt to run the Docker Inspector only if it finds a docker client executable.

detect.docker.platform.top.layer.id
(Advanced)

Platform Top Layer ID: To exclude components from platform layers from the results, assign to this property the ID of the top layer of the platform image. Get the platform top layer ID from the output of 'docker inspect platformimage:tag'. The platform top layer ID is the last item in RootFS.Layers. For more information, see 'Isolating application components' in the Docker Inspector documentation.

detect.docker.passthrough
(Advanced)

Docker Passthrough: Additional properties may be passed to the docker inspector by adding the prefix detect.docker.passthrough. The keys will be given to docker inspector without the prefix.

detect.phone.home.passthrough
(Advanced)

Phone Home Passthrough: Additional values may be sent home for usage information. The keys will be sent without the prefix.

detect.bazel.cquery.options

Bazel cquery additional options: A comma-separated list of additional options to pass to the bazel cquery command.

detect.bazel.dependency.type

Default: UNSPECIFIED
Acceptable values: MAVEN_JAR, MAVEN_INSTALL, UNSPECIFIED
Bazel workspace external dependency rule: The Bazel workspace rule used to pull in external dependencies. If not set, Detect will attempt to determine the rule from the contents of the WORKSPACE file.

detect.bazel.path

Bazel executable: The path to the Bazel executable.

detect.bazel.target

Bazel Target: The Bazel target (for example, //foo:foolib) for which dependencies are collected. For Detect to run Bazel, this property must be set.

detect.detector.buildless

Default: false
Buildless Mode: If set to true, only Detector's capable of running without a build will be run.

detect.wait.for.results

Default: false
Wait For Results: If set to true, Detect will wait for Synopsys products until results are available or the detect.report.timeout is exceeded.

detect.force.success
(Advanced)

Default: false
Force Success: If true, Detect will always exit with code 0.

detect.ignore.connection.failures
(Advanced)

Default: false
Detect Ignore Connection Failures: If true, Detect will ignore any products that it cannot connect to.

detect.parallel.processors
(Advanced)

Default: 1
Detect Parallel Processors: The number of threads to run processes in parallel, defaults to 1, but if you specify less than or equal to 0, the number of processors on the machine will be used.

detect.api.timeout
(Deprecated:)

Default: 300000
Detect Api Timeout: Timeout for response from Black Duck regarding your project (i.e. risk reports and policy check). When changing this value, keep in mind the checking of policies might have to wait for a new scan to process which can take some time.

Deprecated: This property is now Deprecated:
Use --detect.report.timeout in the future.
NOTE the new property is in SECONDS not MILLISECONDS. It will cause failure in 6.0.0 and be removed in 7.0.0.

detect.pear.only.required.deps

Default: false
Include Only Required Pear Dependencies: Set to true if you would like to include only required packages.

detect.pear.path

Pear executable: The path to the pear executable.

detect.pipenv.path

Pipenv executable: The path to the Pipenv executable.

detect.pip.only.project.tree

Default: false
PIP Includes only Project Tree: By default, pipenv includes all dependencies found in the graph. Set to true to only include dependencies found underneath the dependency that matches the provided pip project and version name.

detect.pip.project.name

PIP Project Name: The name of your PIP project, to be used if your project's name cannot be correctly inferred from its setup.py file.

detect.pip.project.version.name

PIP Project Version Name: The version of your PIP project, to be used if your project's version name cannot be correctly inferred from its setup.py file.

detect.pip.requirements.path

PIP Requirements Path: A comma-separated list of paths to requirements.txt files.

detect.conda.environment.name

Anaconda Environment Name: The name of the anaconda environment used by your project.

detect.conda.path

Conda executable: The path to the conda executable.

detect.hex.rebar3.path

Rebar3 executable: The path to the rebar3 executable.

detect.python.path

Python executable:: The path to the Python executable.

detect.python.python3

Default: false
Use Python3: If true will use Python 3 if available on class path.

detect.maven.build.command

Maven Build Command: Maven command line arguments to add to the mvn/mvnw command line.

detect.maven.excluded.scopes

Dependency Scope Excluded: A comma separated list of Maven scopes. Output will be limited to dependencies outside these scopes (overrides include).

detect.maven.included.scopes

Dependency Scope Included: A comma separated list of Maven scopes. Output will be limited to dependencies within these scopes (overridden by exclude).

detect.maven.path

Maven executable:: The path to the Maven executable (mvn or mvnw).

detect.maven.excluded.modules
(Advanced)

Maven Modules Excluded: A comma-separated list of Maven modules (sub-projects) to exclude.

detect.maven.included.modules
(Advanced)

Maven Modules Included: A comma-separated list of Maven modules (sub-projects) to include.

detect.maven.include.plugins
(Advanced)

Default: false
Maven Include Plugins: Whether or not detect will include the plugins section when parsing a pom.xml.

detect.maven.scope
(Deprecated:)

Dependency Scope Included: The name of a Maven scope. Output will be limited to dependencies with this scope.

Deprecated: This property is changing.
Use --detect.maven.included.scope in the future. It will cause failure in 7.0.0 and be removed in 8.0.0.

detect.go.path

Go executable:: Path to the Go executable.

detect.npm.arguments

Additional NPM Command Arguments: A space-separated list of additional arguments to add to the npm command line when running Detect against an NPM project.

detect.npm.include.dev.dependencies

Default: true
Include NPM Development Dependencies: Set this value to false if you would like to exclude your dev dependencies when ran.

detect.npm.path

NPM executable:: The path to the Npm executable.

detect.polaris.enabled
(Deprecated:)

Default: false
Detect Polaris Enabled: Set to false to disable the Synopsys Polaris Tool.

Deprecated: This property is changing.
Use --detect.tools and POLARIS in the future. It will cause failure in 6.0.0 and be removed in 7.0.0.

polaris.access.token
(Deprecated:)

Polaris Access Token: The access token for your Polaris instance.

Deprecated: This property is being removed. Detect will no longer invoke the Polaris CLI. It will cause failure in 7.0.0 and be removed in 8.0.0.

polaris.arguments
(Deprecated:)

Polaris Arguments: Additional arguments to pass to Polaris separated by space. The Polaris.command takes precedence.

Deprecated: This property is being removed. Detect will no longer invoke the Polaris CLI. It will cause failure in 7.0.0 and be removed in 8.0.0.

polaris.command
(Deprecated:)

Polaris Command: A replacement command to pass to Polaris separated by space. Include the analyze or setup command itself. If specified, Polaris.arguments will be ignored and this will take precedence.

Deprecated: This property is being removed. Detect will no longer invoke the Polaris CLI. It will cause failure in 7.0.0 and be removed in 8.0.0.

polaris.url
(Deprecated:)

Polaris URL: The URL of your Polaris instance.

Deprecated: This property is being removed. Detect will no longer invoke the Polaris CLI. It will cause failure in 7.0.0 and be removed in 8.0.0.

detect.dotnet.path

dotnet executable:: The path to the dotnet executable.

detect.nuget.config.path

Nuget Config File: The path to the Nuget.Config file to supply to the nuget exe.

detect.nuget.packages.repo.url

Default: https://api.nuget.org/v3/index.json
Nuget Packages Repository URL: The source for nuget packages

detect.nuget.excluded.modules
(Advanced)

Nuget Projects Excluded: The names of the projects in a solution to exclude.

detect.nuget.ignore.failure
(Advanced)

Default: false

Ignore Nuget Failures: If true errors will be logged and then ignored.

detect.nuget.included.modules
(Advanced)

Nuget Modules Included: The names of the projects in a solution to include (overrides exclude).

detect.nuget.inspector.air.gap.path
(Advanced)

Nuget Inspector AirGap Path: The path to the directory containing the nuget inspector nupkg.

detect.nuget.inspector.version
(Advanced)

Nuget Inspector Version: Version of the Nuget Inspector. By default Detect will run the latest version that is compatible with the Detect version.

detect.nuget.inspector.name
(Deprecated:)

Default: IntegrationNugetInspector
Detect Nuget Inspector Name: Name of the Nuget Inspector package and the Nuget Inspector exe. (Do not include '.exe'.)

Deprecated: In the future, Detect will not look for a custom named inspector. It will cause failure in 6.0.0 and be removed in 7.0.0.

detect.nuget.path
(Deprecated:)

Detect Nuget Path: The path to the Nuget executable. Nuget is used to download the classic inspectors nuget package.

Deprecated: In the future, Detect will no longer need a nuget executable as it will download the inspector from Artifactory exclusively. It will cause failure in 6.0.0 and be removed in 7.0.0.

detect.ruby.include.dev.dependencies

Default: false
Ruby Development Dependencies: If set to true, development dependencies will be included when parsing *.gemspec files.

detect.ruby.include.runtime.dependencies

Default: true
Ruby Runtime Dependencies: If set to false, runtime dependencies will not be included when parsing *.gemspec files.

detect.gradle.build.command

Gradle Build Command: Gradle command line arguments to add to the mvn/mvnw command line.

detect.gradle.path

Gradle executable: The path to the Gradle executable (gradle or gradlew).

detect.gradle.excluded.configurations
(Advanced)

Gradle Exclude Configurations: A comma-separated list of Gradle configurations to exclude.

detect.gradle.excluded.projects
(Advanced)

Gradle Exclude Projects: A comma-separated list of Gradle sub-projects to exclude.

detect.gradle.included.configurations
(Advanced)

Gradle Include Configurations: A comma-separated list of Gradle configurations to include.

detect.gradle.included.projects
(Advanced)

Gradle Include Projects: A comma-separated list of Gradle sub-projects to include.

detect.gradle.inspector.air.gap.path
(Advanced)

Gradle Inspector AirGap Path: The path to the directory containing the air gap dependencies for the Gradle inspector.

detect.gradle.inspector.version
(Advanced)

Gradle Inspector Version: The version of the Gradle Inspector that Detect should use. By default, Detect will try to automatically determine the correct Gradle Inspector version.

detect.gradle.inspector.repository.url
(Deprecated:)

Detect Gradle Inspector Repository URL: The respository Gradle should use to look for the Gradle inspector dependencies.

Deprecated: In the future, the Gradle inspector will no longer be downloaded from a custom repository, Use Detect Air Gap instead. It will cause failure in 6.0.0 and be removed in 7.0.0.

blackduck.proxy.host
(Advanced)

Proxy Host: Hostname for proxy server.

blackduck.proxy.ignored.hosts
(Advanced)

Bypass Proxy Hosts: A comma separated list of regular expression host patterns that should not use the proxy.

blackduck.proxy.ntlm.domain
(Advanced)

NTLM Proxy Domain: NTLM Proxy domain.

blackduck.proxy.ntlm.workstation
(Advanced)

NTLM Proxy Workstation: NTLM Proxy workstation.

blackduck.proxy.password
(Advanced)

Proxy Password: Proxy password.

blackduck.proxy.port
(Advanced)

Proxy Port: Proxy port.

blackduck.proxy.username
(Advanced)

Proxy Username: Proxy username.

detect.cpanm.path

cpanm executable: The path to the cpanm executable.

detect.cpan.path

cpan executable: The path to the cpan executable.

detect.cleanup

Default: true
Cleanup Output: If true, the files created by Detect will be cleaned up.

detect.lerna.include.private

default: false
Include Lerna Packages defined as private.: Lerna allows for private packages that do not get published. Set this to true to include all packages including private packages.

detect.lerna.path

Lerna Executable: Path of the lerna executable.

detect.bash.path

Bash executable: Path to the Bash executable.

detect.bdio2.enabled

Default: false
BDIO 2 Enabled: The version of BDIO files to generate.

detect.bdio.output.path

BDIO Output Directory: The path to the output directory for all BDIO files.

detect.detector.search.depth

Default: 0
Detector Search Depth: Depth of subdirectories within the source directory to which Detect will search for files that indicate whether a detector applies.

detect.git.path

Git executable: Path of the git executable

detect.java.path

Java executable: Path to the java executable.

detect.output.path

Detect Output Path: The path to the output directory.

detect.resolve.tilde.in.paths

Default: true
Resolve Tilde in Paths: If set to false Detect will not automatically resolve the '~/' prefix in a mac or linux path to the user's home directory.

detect.scan.output.path

Scan Output Path: The output directory for all signature scanner output files. If not set, the signature scanner output files will be in a scan subdirectory of the output directory.

detect.source.path

Source Path: The path to the project directory to inspect.

detect.swift.path

Swift executable: Path of the swift executable.

detect.tools

Acceptable values: ALL, NONE, DETECTOR, SIGNATURE_SCAN, BINARY_SCAN, POLARIS, DOCKER, BAZEL
Detect Tools Included: The tools Detect should allow in a comma-separated list. Tools in this list (as long as they are not also in the excluded list) will be allowed to run if all criteria of the tool are met. Exclusion rules always win.

detect.tools.excluded

Acceptable values: ALL, NONE, DETECTOR, SIGNATURE_SCAN, BINARY_SCAN, POLARIS, DOCKER, BAZEL
Detect Tools Excluded: The tools Detect should not allow, in a comma-separated list. Excluded tools will not be run even if all criteria for the tool is met. Exclusion rules always win.

detect.detector.search.continue
(Advanced)

Default: false

Detector Search Continue: If true, the BOM tool search will continue to look for nested BOM tools of the same type to the maximum search depth, see the detailed help for more information.

detect.detector.search.exclusion
(Advanced)

Detector Directory Exclusions: A comma-separated list of directory names to exclude from detector search.

detect.detector.search.exclusion.defaults
(Advanced)

Default: true
Detector Exclude Default Directories: If true, the BOM tool search will exclude the default directory names. See the detailed help for more information.

detect.detector.search.exclusion.files
(Advanced)

Detector File Exclusions: A comma-separated list of file names to exclude from detector search.

detect.detector.search.exclusion.paths
(Advanced)

Detector Directory Path Exclusions: A comma-separated list of directory paths to exclude from detector search. (E.g. 'foo/bar/biz' will only exclude the 'biz' directory if the parent directory structure is 'foo/bar/'.)

detect.detector.search.exclusion.patterns
(Advanced)

Detector Directory Patterns Exclusions: A comma-separated list of directory name patterns to exclude from detector search.

detect.project.detector
(Advanced)

Project Name/Version Detector: The detector that will be used to determine the project name and version when multiple detector types. This property should be used with the detect.project.tool.

detect.project.tool
(Advanced)

Default: DOCKER,DETECTOR,BAZEL
Acceptable values: DETECTOR, SIGNATURE_SCAN, BINARY_SCAN, POLARIS, DOCKER, BAZEL
Detector Tool Priority: The tool priority for project name and version. The project name and version will be determined by the first tool in this list that provides them.

detect.tools.output.path
(Advanced)

Detect Tools Output Path: The path to the tools directory where detect should download and/or access things like the Signature Scanner that it shares over multiple runs.

detect.bom.tool.search.continue
(Deprecated:)

Default: false
Detect BOM Tool Search Continue: If true, the BOM tool search will continue to look for nested BOM tools of the same type to the maximum search depth, see the detailed help for more information.

Deprecated: This property is changing.
Use --detect.detector.search.continue in the future. It will cause failure in 6.0.0 and be removed in 7.0.0.

detect.bom.tool.search.depth
(Deprecated:)

Default: 0
Detect BOM Tool Search Depth: Depth of subdirectories within the source directory to search for files that indicate whether a detector applies.

Deprecated: This property is changing.
Use --detect.detector.search.depth in the future. It will cause failure in 6.0.0 and be removed in 7.0.0.

detect.bom.tool.search.exclusion
(Deprecated:)

Detect BOM Tool Search Exclusion: A comma-separated list of directory names to exclude from the BOM tool search.

Deprecated: This property is changing.
Use --detect.detector.search.exclusion in the future. It will cause failure in 6.0.0 and be removed in 7.0.0.

detect.bom.tool.search.exclusion.defaults
(Deprecated:)

Default: true
Detect BOM Tool Search Exclusion Defaults: If true, the BOM tool search will exclude the default directory names. See the detailed help for more information.

Deprecated: This property is changing.
Use --detect.detector.search.exclusion.defaults in the future. It will cause failure in 6.0.0 and be removed in 7.0.0.

detect.project.bom.tool
(Deprecated:)

Detect Project BOM Tool: The detector to choose when multiple detector types are found and one needs to be chosen for project name and version. This property should be used with the detect.project.tool.

Deprecated: This property is changing.
Use --detect.project.detector in the future. It will cause failure in 6.0.0 and be removed in 7.0.0.

detect.binary.scan.file.path

Binary Scan Target: If specified, this file and this file only will be uploaded for binary scan analysis. This property takes precedence over detect.binary.scan.file.name.patterns.

detect.binary.scan.file.name.patterns

Binary Scan Filename Patterns: If specified, all files in the source directory whose names match these file name patterns will be zipped and uploaded for binary scan analysis. This property will not be used if detect.binary.scan.file.path is specified.

detect.blackduck.signature.scanner.arguments

Signature Scanner Arguments: Additional arguments to use when running the Black Duck signature scanner.

detect.blackduck.signature.scanner.copyright.search

Default: false
Signature Scanner Copyright Search: When set to true, user will be able to scan and discover copyright names in Black Duck.

detect.blackduck.signature.scanner.dry.run

Default: false

Signature Scanner Dry Run: If set to true, the signature scanner results are not uploaded to Black Duck, and the scanner results are written to disk.

detect.blackduck.signature.scanner.exclusion.name.patterns

Default: node_modules
Directory name Exclusion patterns: A comma-separated list of directory name patterns for which Detect searches and adds to the signature scanner --exclude flag values.

detect.blackduck.signature.scanner.exclusion.patterns

Exclusion patterns: A comma-separated list of values to be used with the Signature Scanner --exclude flag.

detect.blackduck.signature.scanner.exclusion.pattern.search.depth

Default: 4
Exclusion Patterns Search Depth: Enables you to adjust the depth to which Detect will search when creating signature scanner exclusion patterns.

detect.blackduck.signature.scanner.individual.file.matching

Default: NONE
Acceptable values: NONE, SOURCE, BINARY, ALL
Individual File Matching: Users may set this property to indicate what types of files they want to match

detect.blackduck.signature.scanner.license.search

Default: false
Signature Scanner License Search: When set to true, user will be able to scan and discover license names in Black Duck

detect.blackduck.signature.scanner.local.path

Signature Scanner Local Path: To use a local signature scanner, specify the path where the signature scanner was unzipped. This will likely look similar to 'scan.cli-x.y.z' and includes the 'bin, icon, jre, and lib' directories of the expanded scan.cli.

detect.blackduck.signature.scanner.paths

Signature Scanner Target Paths: These paths and only these paths will be scanned.

detect.blackduck.signature.scanner.snippet.matching

Default: NONE
Acceptable values: NONE, SNIPPET_MATCHING, SNIPPET_MATCHING_ONLY, FULL_SNIPPET_MATCHING, FULL_SNIPPET_MATCHING_ONLY
Snippet Matching: Use this value to enable the various snippet scanning modes. For a full explanation, please refer to the 'Running a component scan using the Signature Scanner command line' section in your Black Duck server's online help.

detect.blackduck.signature.scanner.upload.source.mode

Default: false
Upload source mode: If set to true, the signature scanner will, if supported by your Black Duck version, upload source code to Black Duck.

detect.blackduck.signature.scanner.host.url
(Advanced)

Signature Scanner Host URL: If this URL is set, an attempt will be made to use it to download the signature scanner. The server URL provided must respect the Black Duck's URLs for different operating systems.

detect.blackduck.signature.scanner.memory
(Advanced)

Default: 4096
Signature Scanner Memory: The memory for the scanner to use.

detect.blackduck.signature.scanner.offline.local.path
(Advanced)

Signature Scanner Local Path (Offline): To use a local signature scanner and force offline, specify the path where the signature scanner was unzipped. This will likely look similar to 'scan.cli-x.y.z' and includes the 'bin, icon, jre, and lib' directories of the expanded scan.cli.

detect.blackduck.signature.scanner.disabled
(Deprecated:)

Default: false
Detect Blackduck Signature Scanner Disabled: Set to true to disable the Black Duck Signature Scanner.

Deprecated: This property is changing.
Use --detect.tools in the future. It will cause failure in 6.0.0 and be removed in 7.0.0.

detect.blackduck.signature.scanner.parallel.processors
(Deprecated:)

Default: 1
Signature Scanner Parallel Processors: The number of scans to run in parallel, defaults to 1, but if you specify -1, the number of processors on the machine will be used.

Deprecated: This property is changing. Use --detect.parallel.processors in the future. The --detect.parallel.processors property will take precedence over this property. It will cause failure in 7.0.0 and be removed in 8.0.0.

detect.blackduck.signature.scanner.snippet.mode
(Deprecated:)

Default: false
Snippet Scanning: If set to true, the signature scanner will, if supported by your Black Duck version, run in snippet scanning mode.

Deprecated: This property is now Deprecated:
Use --detect.blackduck.signature.scanner.snippet.matching in the future. NOTE the new property is one of a particular set of values. You will need to consult the documentation for the Signature Scanner in Black Duck for details. It will cause failure in 6.0.0 and be removed in 7.0.0.

detect.hub.signature.scanner.arguments
(Deprecated:)

Detect Hub Signature Scanner Arguments: Additional arguments to use when running the Hub signature scanner.

Deprecated: This property is changing.
Use --detect.blackduck.signature.scanner.arguments in the future. It will cause failure in 6.0.0 and be removed in 7.0.0.

detect.hub.signature.scanner.disabled
(Deprecated:)

Default: false
Detect Hub Signature Scanner Disabled: Set to true to disable the Hub Signature Scanner.

Deprecated: This property is changing.
Use --detect.tools in the future. It will cause failure in 6.0.0 and be removed in 7.0.0.

detect.hub.signature.scanner.dry.run
(Deprecated:)

Default: false
Detect Hub Signature Scanner Dry Run: If set to true, the signature scanner results will not be uploaded to the Hub and the scanner results will be written to disk.
Deprecated: This property is changing.
Use --detect.blackduck.signature.scanner.dry.run in the future. It will cause failure in 6.0.0 and be removed in 7.0.0.

detect.hub.signature.scanner.exclusion.name.patterns
(Deprecated:)

Default: node_modules
Detect Hub Signature Scanner Exclusion Name Patterns: A comma-separated list of directory name patterns Detect will search for and add to the Signature Scanner --exclude flag values.

Deprecated: This property is changing.
Use --detect.blackduck.signature.scanner.exclusion.name.patterns in the future. It will cause failure in 6.0.0 and be removed in 7.0.0.

detect.hub.signature.scanner.exclusion.patterns
(Deprecated:)

Detect Hub Signature Scanner Exclusion patterns: A comma-separated list of values to be used with the Signature Scanner --exclude flag.

Deprecated: This property is changing.
Use --detect.blackduck.signature.scanner.exclusion.patterns in the future. It will cause failure in 6.0.0 and be removed in 7.0.0.

detect.hub.signature.scanner.host.url
(Deprecated:)

Detect Hub Signature Scanner Host URL: If this URL is set, an attempt will be made to use it to download the signature scanner. The server URL provided must respect the Hub's URLs for different operating systems.

Deprecated: This property is changing.
Use --detect.blackduck.signature.scanner.host.url in the future. It will cause failure in 6.0.0 and be removed in 7.0.0.

detect.hub.signature.scanner.local.path
(Deprecated:)

Detect Hub Signature Scanner Local Path: To use a local signature scanner, specify the path where the signature scanner was unzipped. This will likely look similar to 'scan.cli-x.y.z' and includes the 'bin, icon, jre, and lib' directories of the expanded scan.cli.

Deprecated: This property is changing.
Use --detect.blackduck.signature.scanner.local.path in the future. It will cause failure in 6.0.0 and be removed in 7.0.0.

detect.hub.signature.scanner.memory
(Deprecated:)

Default: 4096

Detect Hub Signature Scanner Memory: The memory for the scanner to use.

Deprecated: This property is changing.
Use --detect.blackduck.signature.scanner.memory in the future. It will cause failure in 6.0.0 and be removed in 7.0.0.

detect.hub.signature.scanner.offline.local.path
(Deprecated:)

Detect Hub Signature Scanner Offline Local Path: To use a local signature scanner and force offline, specify the path where the signature scanner was unzipped. This will likely look similar to 'scan.cli-x.y.z' and includes the bin, icon, jre, and lib directories of the expanded scan.cli.

Deprecated: This property is changing.
Use --detect.blackduck.signature.scanner.offline.local.path in the future. It will cause failure in 6.0.0 and be removed in 7.0.0.

detect.hub.signature.scanner.parallel.processors
(Deprecated:)

Default: 1

Detect Hub Signature Scanner Parallel Processors: The number of scans to run in parallel, defaults to 1, but if you specify -1, the number of processors on the machine will be used.

Deprecated: This property is changing.
Use --detect.parallel.processors in the future. It will cause failure in 6.0.0 and be removed in 7.0.0.

detect.hub.signature.scanner.paths
(Deprecated:)

Detect Hub Signature Scanner Paths: These paths and only these paths will be scanned.

Deprecated: This property is changing.
Use --detect.blackduck.signature.scanner.paths in the future. It will cause failure in 6.0.0 and be removed in 7.0.0.

detect.hub.signature.scanner.snippet.mode
(Deprecated:)

Default: false
Detect Hub Signature Scanner Snippet Mode: If set to true, the signature scanner will, if supported by your Hub version, run in snippet scanning mode.

Deprecated: This property is changing.
Use --detect.blackduck.signature.scanner.snippet.mode in the future. It will cause failure in 6.0.0 and be removed in 7.0.0.

detect.notices.report

Default: false
Generate Notices Report: When set to true, a Black Duck notices report in text form will be created in your source directory.

detect.notices.report.path

Default: .
Notices Report Path: The output directory for notices report. Default is the source directory.

detect.risk.report.pdf

Default: false
Generate Risk Report (PDF): When set to true, a Black Duck risk report in PDF form will be created.

detect.risk.report.pdf.path

Default: .
Risk Report Output Path: The output directory for risk report in PDF. Default is the source directory.

logging.level.com.synopsys.integration

Default: INFO
Acceptable values: OFF, ERROR, WARN, INFO, DEBUG, TRACE
Logging level: The logging level of Detect.

logging.level.detect

Default: INFO
Acceptable values: OFF, ERROR, WARN, INFO, DEBUG, TRACE
Logging Level Shorthand: Shorthand for the logging level of detect. Equivalent to setting logging.level.com.synopsys.integration.

detect.suppress.configuration.output
(Deprecated:)

Default: false
Detect Suppress Configuration Output: If true, the default behavior of printing your configuration properties at startup will be suppressed.

Deprecated: This property is being removed. Configuration can no longer be suppressed individually. Log level can be used. It will cause failure in 6.0.0 and be removed in 7.0.0.

detect.suppress.results.output
(Deprecated:)

Default: false

Detect Suppress Results Output: If true, the default behavior of printing the Detect Results will be suppressed.

Deprecated: This property is being removed. Results can no longer be suppressed individually. Log level can be used. It will cause failure in 6.0.0 and be removed in 7.0.0.

logging.level.com.blackducksoftware.integration
(Deprecated:)

Default: INFO
Acceptable values: OFF, ERROR, WARN, INFO, DEBUG, TRACE
Logging level: The logging level of Detect.

Deprecated: This property is changing. Use --logging.level.com.synopsys.integration in the future. It will cause failure in 6.0.0 and be removed in 7.0.0.

detect.yarn.prod.only

Default: false
Include Yarn Production Dependencies Only: Set this to true to only scan production dependencies.

detect.required.detector.types

Acceptable values: BITBAKE, CARGO, COCOAPODS, CONDA, CPAN, CRAN, GIT, GO_MOD, GO_DEP, GO_VNDR, GO_VENDOR, GO_GRADLE, GRADLE, HEX, MAVEN, NPM, NUGET, PACKAGIST, PEAR, PIP, RUBYGEMS, SBT, SWIFT, YARN, CLANG
Required Detect Types: The set of required detectors.

detect.excluded.detector.types
(Advanced)

Acceptable values: ALL, NONE, BITBAKE, CARGO, COCOAPODS, CONDA, CPAN, CRAN, GIT, GO_MOD, GO_DEP, GO_VNDR, GO_VENDOR, GO_GRADLE, GRADLE, HEX, MAVEN, NPM, NUGET, PACKAGIST, PEAR, PIP, RUBYGEMS, SBT, SWIFT, YARN, CLANG
Detector Types Excluded: By default, all detectors will be included. If you want to exclude specific detectors, specify the ones to exclude here. If you want to exclude all detectors, specify "ALL". Exclusion rules always win.

detect.included.detector.types
(Advanced)

Acceptable values: ALL, NONE, BITBAKE, CARGO, COCOAPODS, CONDA, CPAN, CRAN, GIT, GO_MOD, GO_DEP, GO_VNDR, GO_VENDOR, GO_GRADLE, GRADLE, HEX, MAVEN, NPM, NUGET, PACKAGIST, PEAR, PIP, RUBYGEMS, SBT, SWIFT, YARN, CLANG
Detector Types Included: By default, all tools will be included. If you want to include only specific tools, specify the ones to include here. Exclusion rules always win.

detect.excluded.bom.tool.types
(Deprecated:)

Detect Excluded BOM Tool Types: By default, all tools will be included. If you want to exclude specific detectors, specify the ones to exclude here. If you want to exclude all tools, specify "ALL". Exclusion rules always win.

Deprecated: This property is changing. Use --detect.excluded.detector.types in the future. It will cause failure in 6.0.0 and be removed in 7.0.0.

detect.included.bom.tool.types
(Deprecated:)

Detect Included BOM Tool Types: By default, all tools will be included. If you want to include only specific tools, specify the ones to include here. Exclusion rules always win.

Deprecated: This property is changing. Use --detect.included.detector.types in the future. It will cause failure in 6.0.0 and be removed in 7.0.0.

detect.required.bom.tool.types
(Deprecated:)

Detect Required BOM Tool Types: If set, Detect will fail if it does not find the BOM tool types supplied here.

Deprecated: This property is changing. Use --detect.required.detector.types in the future. It will cause failure in 6.0.0 and be removed in 7.0.0.