Skip to content

Commit 46fbdee

Browse files
nhumblotnhumblot
authored
docs: ensure OSS Index URL override is consistently documented (#8338)
2 parents a9c835d + 64eb453 commit 46fbdee

10 files changed

Lines changed: 82 additions & 71 deletions

File tree

.github/workflows/pull_requests.yml renamed to .github/workflows/build-pull-requests.yml

Lines changed: 4 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -1,10 +1,11 @@
1-
name: Pull Requests
1+
name: Build Pull Request
22

33
on:
44
pull_request:
55
paths-ignore:
6-
- '**/*.md'
7-
- '**/*.txt'
6+
- '*.md' # Ignore only in root; we generally want to run build for `site/` changes
7+
- '**/README.md' # Ignore all READMEs
8+
- '.github/**/*.md' # Ignore github config
89

910
permissions: {}
1011

.github/workflows/release.yml renamed to .github/workflows/build-release.yml

File renamed without changes.

.github/workflows/build.yml

Lines changed: 3 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -5,8 +5,9 @@ on:
55
branches:
66
- main
77
paths-ignore:
8-
- '**/*.md'
9-
- '**/*.txt'
8+
- '*.md' # Ignore only in root; we generally want to run build for `site/` changes
9+
- '**/README.md' # Ignore all READMEs
10+
- '.github/**/*.md' # Ignore github config
1011

1112
permissions: {}
1213

ant/src/site/markdown/configuration.md

Lines changed: 2 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -84,8 +84,9 @@ be needed.
8484
| dartAnalyzerEnabled | Sets whether the [experimental](../analyzers/index.html) Dart Analyzer will be used. | true |
8585
| knownExploitedEnabled | Sets whether the Known Exploited Vulnerability update and analyzer are enabled. | true |
8686
| knownExploitedUrl | Sets URL to the CISA Known Exploited Vulnerabilities JSON data feed. | https://www.cisa.gov/sites/default/files/feeds/known_exploited_vulnerabilities.json |
87-
| ossIndexAnalyzerEnabled | Sets whether the [OSS Index Analyzer](../analyzers/oss-index-analyzer.html) will be enabled. This analyzer requires an internet connection. | true |
87+
| ossindexAnalyzerEnabled | Sets whether the [OSS Index Analyzer](../analyzers/oss-index-analyzer.html) will be enabled. This analyzer requires an internet connection. | true |
8888
| ossindexAnalyzerUseCache | Sets whether the OSS Index Analyzer will cache results. Cached results expire after 24 hours. | true |
89+
| ossindexAnalyzerUrl | Alternative URL for the OSS Index. If not set the public Sonatype OSS Index will be used. | https://ossindex.sonatype.org |
8990
| ossindexAnalyzerUsername | Sets the username for OSS Index - note an account with OSS Index is not required. |   |
9091
| ossindexAnalyzerPassword | Sets the password for OSS Index. |   |
9192
| ossIndexAnalyzerWarnOnlyOnRemoteErrors | Whether we should only warn about Sonatype OSS Index remote errors instead of failing completely. |   |

cli/src/site/markdown/arguments.md

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -84,10 +84,10 @@ Advanced Options
8484
| | \-\-disableDart | | Sets whether the [experimental](../analyzers/index.html) Dart Analyzer will be disabled. |   |
8585
| | \-\-disableOssIndex | | Sets whether the [OSS Index Analyzer](../analyzers/oss-index-analyzer.html) will be disabled. This analyzer requires an internet connection. |   |
8686
| | \-\-disableOssIndexCache | | When the argument is present the OSS Index Analyzer will not cache results. By default results are cached for 24 hours. |   |
87+
| | \-\-ossIndexUrl | \<url\> | Alternative URL for the OSS Index. If not set the public Sonatype OSS Index will be used. | https://ossindex.sonatype.org |
8788
| | \-\-ossIndexUsername | \<username\> | To authenticate Sonatype OSS Index requests and profit from higher rate limits, provide the OSS account email address as username. Provide both a username _and_ a password (see below) or none. | &nbsp; |
8889
| | \-\-ossIndexPassword | \<password\> | Password or API token to connect to Sonatype's OSS Index. Provide both a username (see above) _and_ a password or none. | &nbsp; |
8990
| | \-\-ossIndexRemoteErrorWarnOnly | \<true\|false\> | Whether we should only warn about Sonatype OSS Index remote errors instead of failing completely. | &nbsp; |
90-
| | \-\-ossIndexUrl | \<url\> | Alternative URL for the OSS Index. If not set the public Sonatype OSS Index will be used. | https://ossindex.sonatype.org |
9191
| | \-\-disableCentral | | Sets whether the Central Analyzer will be used to enrich Java dependencies. **Disabling this analyzer is not recommended as it could lead to false negatives (e.g. libraries that have vulnerabilities may not be reported correctly).** If this analyzer is being disabled, you can use the Artifactory Analyzer or Nexus Analyzer as a replacement. | &nbsp; |
9292
| | \-\-disableCentralCache | | When the argument is present the Central Analyzer will not cache results locally. By default results are cached locally for 30 days. | &nbsp; |
9393
| | \-\-centralUrl | | Alternative URL for Maven Central Search. If not set the public Sonatype Maven Central will be used. | https://search.maven.org/solrsearch/select |

maven/src/site/markdown/configuration.md

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -63,10 +63,10 @@ be needed.
6363
| knownExploitedUrl | Sets URL to the CISA Known Exploited Vulnerabilities JSON data feed. | https://www.cisa.gov/sites/default/files/feeds/known_exploited_vulnerabilities.json |
6464
| ossindexAnalyzerEnabled | Sets whether the [OSS Index Analyzer](../analyzers/oss-index-analyzer.html) will be enabled. This analyzer requires an internet connection. | true |
6565
| ossindexAnalyzerUseCache | Sets whether the OSS Index Analyzer will cache results. Cached results expire after 24 hours. | true |
66+
| ossindexAnalyzerUrl | Alternative URL for the OSS Index. If not set the public Sonatype OSS Index will be used. | https://ossindex.sonatype.org |
6667
| ossIndexServerId | The id of [a server](https://maven.apache.org/settings.html#Servers) defined in the `settings.xml` to authenticate Sonatype OSS Index requests and profit from higher rate limits. Provide the OSS account email address as `username` and password or API token as `password`. | &nbsp; |
6768
| ossIndexUsername | OSS account email address as an alternative to the indirection through the `ossIndexServerId` (see above). Both `ossIndexUsername` and `ossIndexPassword` must be set to use this approach instead of the server ID. | &nbsp; |
6869
| ossIndexPassword | OSS password or API token as an alternative to the indirection through the `ossIndexServerId` (see above). Both `ossIndexUsername` and `ossIndexPassword` must be set to use this approach instead of the server ID. | &nbsp; |
69-
| ossindexAnalyzerUrl | The OSS Index server URL | https://ossindex.sonatype.org |
7070
| ossIndexWarnOnlyOnRemoteErrors | Sets whether remote errors from the OSS Index (e.g. BAD GATEWAY, RATE LIMIT EXCEEDED) will result in warnings only instead of failing execution. | false |
7171
| nexusAnalyzerEnabled | Sets whether Nexus Analyzer will be used. This analyzer is an alternative to the Central or Artifactory Analyzers, allowing retrieval from Sonatype Nexus installations. | true |
7272
| nexusUrl | Defines the Nexus Server's web service end point (example http://domain.enterprise/service/local/). If not set the Nexus Analyzer will be disabled. | &nbsp; |

0 commit comments

Comments
 (0)