di2-whitesource

The actual whitesource NPM library has some opportunities for improvement. We've wrapped it up here to realise those opportunities and stop that extra code leaking into all our projects.

How to use actually?

npm install --save-dev @financial-times/di2-whitesource

Then in your Makefile deploy-prod task add whitesource --prod, and whitesource to your deploy-latest task.

(Note: it's recommended to add the whitesource / whitesource --prod tasks before the deploy has happened so that bad code never hits production.)

It is also recommended to add the following line to your .gitignore file:-

WhiteSource-log-files

API

The following command runs whitesource with the given product name:-

whitesource "My Really Cool Product"

The following command runs whitesource with the given product name and adds -prod as a suffix to the project name:-

whitesource "My Really Cool Product" --prod

Add the following option to get whitesource to also check development dependencies (default is just to check production dependencies)

--include-dev-deps

Won't I need some kind of API key?

Yes, you will. It's in LastPass and it's called WHITESOURCE_API_KEY.

@financial-times/di2-whitesource

di2-whitesource

How to use actually?

API

Won't I need some kind of API key?

Readme

Keywords

Package Sidebar

Install

Weekly Downloads

Version

License

Unpacked Size

Total Files

Last publish

Collaborators

@financial-times/di2-whitesource

di2-whitesource

How to use actually?

API

Won't I need some kind of API key?

Readme

Keywords

Package Sidebar

Install

DownloadsWeekly Downloads

Version

License

Unpacked Size

Total Files

Last publish

Collaborators

Weekly Downloads