-
Notifications
You must be signed in to change notification settings - Fork 3
/
orthwconfig-template
132 lines (112 loc) · 4.01 KB
/
orthwconfig-template
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
#
# Directory containing the configuration directory.
#
configuration_home=~/ort-project/ort-config
#
# Directory containing a copy of the ort repository:
# https://github.com/oss-review-toolkit/ort
#
ort_home=~/ort-project/ort
#
# Directory containing a copy of the scancode-toolkit repository:
# https://github.com/nexB/scancode-toolkit
#
scancode_home=~/ort-project/scancode-toolkit
#
# Configuration entries database home (used by import- and export commands):
#
exports_home=~/ort-project/exports
#
# Directory containing a copy of the orthw repository:
# https://github.com/oss-review-toolkit/orthw
#
orthw_home=~/ort-project/orthw
#
# Set of policy rules for which violations can be triggered even by excluded license findings:
#
ignore_excluded_rule_ids=""
#
# ScanCode version to filter the scan results with the 'create-analyzer-result' command.
# An empty string matches any ScanCode version.
#
scancode_version="30.1.0"
#
# Comma-separated list of advisors to query for known security advisories or defects.
# A list of valid values can be obtained from the ORT CLI via the command `ort advise --help`.
#
enabled_advisors="osv"
#
# Comma-separated list of license categories within 'license-classifications.yml' for which no path excludes will be
# created during package configuration generation (e.g. pc-create, pc-create-offending, pc-create-all commands). If
# no non-offending license IDs and categories are defined, then path excludes will be generated for all file findings
# within a package.
#
non_offending_license_categories=""
#
# Comma-separated list of license IDs for which no path excludes will be created during package configuration generation
# (e.g. pc-create, pc-create-offending, pc-create-all commands). If non non-offending license IDs and categories are
# defined, then path excludes will be generated for all file findings within a package.
#
non_offending_license_ids=""
#
# The template for the license classification request. Supported placeholders:
# - <REPLACE_LICENSE_ID>
# - <REPLACE_LICENSE_URL>
#
license_classification_request_template="
Dear legal team,
Please help with the following questions regarding the license '<REPLACE_LICENSE_ID>', see [1]:
1. In which category do we have to add that license?
2. Should the license be added to the notice file?
3. Should a source code offer be included in the notice file?
[1] <REPLACE_LICENSE_URL>
"
#
# Scan results cache Postgres database.
#
scandb_host=""
scandb_port=""
scandb_db=""
scandb_schema=""
scandb_user=""
scandb_password=""
#
# ORT docker image.
# The registry server, username and password should only be specified if authentication is required.
# For GitLab it is recommended to use API tokens (as password), with "read registry" permission, instead of user
# credentials.
#
ort_docker_registry_server=""
ort_docker_registry_username=""
ort_docker_registry_password=""
ort_docker_image="ghcr.io/oss-review-toolkit/ort-extended:latest"
#
# netrc file credentials to inject when running ORT docker.
#
# Some package managers, e.g. Npm and Pip, use the netrc file for authenticating against artifact repositories.
#
netrc_machine="artifactory.example.com"
netrc_login="example-user"
netrc_password="example-password"
#
# GitLab credentials for using the "init" command provided a URL pointing to a GitLab job artifact.
# The password can either be a token or a password. The token can be created under
# https://docs.gitlab.com/ee/user/profile/personal_access_tokens.html and should have 'read_registry' and 'read_api'
# permissions.
#
gitlab_host="gitlab.example.com"
gitlab_token=""
#
# Options for ORT's CLI and helper CLI binaries, `ort` and `orth`.
# Please refer to the help instructions of the respective CLI binary for the full list of available options.
#
# The log level can be configured e.g. via "--error", "--warn", "--info" and "--debug".
# The output of stack traces can be enabled with "--stacktrace".
#
ort_options="--info"
orth_options=""
#
# JVM options for ORT's CLI and helper CLI binaries, `ort` and `orth`.
#
ort_jvm_options="-Xmx16G"
orth_jvm_options="-Xmx16G"