Configuration File Reference

[WebApp]

;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
; Database settings                                                           ;
;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;

; Database server name/IP
webapp_db_server=localhost

; Database name
webapp_db_database=YOUR_DATABASE_NAME

; Database user
webapp_db_username=YOUR_DATABASE_USER

; Database user password
webapp_db_password=YOUR_DATABASE_PASSWORD

; Database port
webapp_db_port=3306



;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
; Basic settings                                                              ;
;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;

; Contains the path to  CLI with parameter "--config" indicating the location
; of the configuration file. Do not uncomment if there is no need to add
; additional configuration
;webapp_cli_command=/fossid/bin/fossid-cli --config /fossid/etc/fossid.conf

; In order to use fossid-toolbox please uncomment below line
;webapp_cli_command=/fossid/bin/fossid-toolbox -c /fossid/etc/fossid.conf

; To enable whitelisting add the parameters to webapp_cli_command "--fields +mid"
;webapp_cli_command=/fossid/bin/fossid-cli --config /fossid/etc/fossid.conf --fields +mid


; Contains the path to CLI with the parameters needed to run VSF.
; Do not uncomment if there is no need to add additional configuration
;webapp_vsf_command=/fossid/bin/fossid-cli --config /fossid/etc/fossid.conf --vsf

; In order to use fossid-toolbox for VSF, please uncomment the below line
;webapp_vsf_command=/fossid/bin/fossid-toolbox filescan --mode vsf -c /fossid/etc/fossid.conf

; Give a unique name to your WebApp instance. This will be used in several places,
; for example when generating  whitelist rules names
webapp_server_name=YOUR_SERVER_NAME

; The webapp_timezone parameter in Workbench must align with the timezone settings in the database (MySQL/MariaDB).
; List of supported values: http://php.net/manual/en/timezones.php
webapp_timezone ="UTC"

; Dependency analysis tool
; This is required to use the dependency analysis functionality
; ORT example
;webapp_dependency_analysis_tool="sudo -u ort /fossid/lib/ort/bin/ort"
;
; FossID-DA example. NOTE: fossid-shinobi needs to be started on the server/local machine that runs Workbench.
;webapp_dependency_analysis_tool="/fossid/bin/fossid-da"

; In the past from UI there was the  possibility to generate scan reports directly or in background for huge projects.
; The parameter async_generate_report_for_scans_with_more_than_x_files was used to change between these two behaviours
; based on the number of files from a scan. Today the parameter just enables or disables emulating the old behaviour in UI.
; This option is activated by the system if amount of files in a scan is equal or more than specified in the option OR
; equal or more than 30 000.
;async_generate_report_for_scans_with_more_than_x_files=30000


; Temporary solution, it can be 0 or 1 for example:
; If 0 - API response data has numbers as a string.
; If 1 - API response data has types according to DataBase fields types
api_response_strict_data_types=0

; By default /tmp is used as temporary directory.
; If you want to change this behaviour set webapp_read_tmp_from_sys_get_temp_dir=1.
; This will result in reading the value for temporary directory from PHP function sys_get_temp_dir().
; See here official docs:  https://www.php.net/manual/en/function.sys-get-temp-dir.php
webapp_read_tmp_from_sys_get_temp_dir=0

;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
; Email                                                                       ;
;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;

; Send email to user when receiving a message in WebApp inbox
;webapp_enable_email_sending=0

; The exact transport method to use to deliver emails. Valid values are: smtp, sendmail
;webapp_mailer_transport=smtp

; The host to connect to when using smtp as the transport.
;webapp_mailer_host=

; The port when using smtp as the transport.
;webapp_mailer_port=

; The username when using smtp as the transport.
;webapp_mailer_username=

; The password when using smtp as the transport.
;webapp_mailer_password=

; The encryption mode to use when using smtp as the transport.
; Valid values are tls, ssl, or leave commented (indicating no encryption).
;webapp_mailer_encryption=

; The authentication mode to use when using smtp as the transport.
; Valid values are plain, login, cram-md5, or null (leave commented).
;webapp_mailer_auth_mode=

; The email address which appears as sender for all emails from WebApp
;webapp_mailer_sender_address=

; The name which appears together with sender_address as sender for all emails from WebApp
;webapp_mailer_sender_display_name=

; Command to be executed by sendmail transport.
;webapp_mailer_sendmail_command='/usr/sbin/sendmail -bs'

; FossID WebApp URL. This information is used to generate correct absolute URLs in emails
;webapp_base_url='https://mycompany.com/index.php'

; Custom signature to be added to all emails sent from WebApp
;webapp_mailer_email_signature=



;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
; SCIM user provisioning                                                    ;
;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
;Set to 1 to allow incoming requests from external identity provider through SCIM
;webapp_scim_enabled=0

;Self-generated token that will be saved on external identity provider's side and sent with requests from SCIM
;It is recommended to use characters matching [-a-zA-Z0-9._~+/]+=* and keep token value between ""
;webapp_scim_api_token=""

;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
; OAuth2 login                                                      ;
;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;

; Enable OAuth2 sign in
;webapp_oauth2_login=0

; Only one value from the currently supported providers: Microsoft, Gitlab, Okta
;webapp_oauth2_provider=""

; Text displayed to user in WebApp when signing in using OAuth2
;webapp_oauth2_displayed_text="Login using OAuth2"

; Application (client) ID
;webapp_oauth2_client_id=""

; Application (client) secret
;webapp_oauth2_secret=""

; Directory (tenant) ID (for Microsoft)
;webapp_oauth2_tenant=""

; Domain for identity provider, eg. Okta/Gitlab domain. For using Okta custom authorization server id, this should be of format: https://yourOktaDomain/oauth2/authServerId
;webapp_oauth2_domain=""

; The redirect_uri of your app, where authentication responses can be sent and received by your app
; This MUST be a https address
;webapp_oauth2_redirect_uri="https://fossidwebapp.mycompany.com/index.php"

; Allow Manual Login
;webapp_oauth2_fallback_local_login=0

; Text displayed to user in WebApp when signing in Manual Login
;webapp_oauth2_fallback_local_login_text="Manual login"

;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
; LDAP login                                                                  ;
;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;

; If this parameter is set to 1 the WebApp will use the below LDAP related parameters in order to
; authenticate users against LDAP
;webapp_use_ldap_auth=0

; If this parameter is set to 1 the WebApp will try to use local login after failed LDAP login
; This parameter is used when webapp_use_ldap_auth is set to 1.
;webapp_fallback_local_login=0

; Address to you LDAP server. Several servers can be added separated by comma.
; For SSL encryption specify also protocol:  ldaps://hostname
;webapp_ldap_connection="ldap.address.com,ldap2.address.com"

; Optional. LDAP server port. Default 389
;webapp_ldap_port=389

; Optional. Name of the user key for dn string. [ukey] will be replaced in webapp_ldap_dn.
; Several keys can be added separated by comma. They need to have a counterpart in webapp_ldap_dn
; Example:
;    webapp_ldap_dn_ukey=none,cn,uid
; In this example 'none' will not be replaced because corresponding ldap_dn is using
; Domain\sAMAccountName authentication. See webapp_ldap_dn example
;webapp_ldap_dn_ukey=uid

; Optional. dn string. [uvalue] will be replaced by the username that is being logged-in.
; Several ldap dn can be added separated by 3 hashtags:  ###
; The number of ldap dn keys needs to be equal with the number of ldap dn entries.
; Example:
;   webapp_ldap_dn="SomeDomain\[uvalue]###[ukey]=[uvalue],ou=support,dc=company,dc=com###[ukey]=[uvalue],dc=example,dc=com"
;webapp_ldap_dn="[ukey]=[uvalue],cn=read-only-admin,dc=example,dc=com"

; Optional. Use one account (LDAP manager) that will query the LDAP for the user trying to login.
; After getting the user DN from LDAP response, authenticate user with DN and password.
; webapp_ldap_manager_dn needs to be set together with webapp_ldap_manager_password, webapp_ldap_search_base and
; webapp_ldap_search_field_from_result
; When using this option the parameters from "webapp_ldap_db_ukey" and "webapp_ldap_dn" will be ignored

;; LDAP manager dn
;webapp_ldap_manager_dn="uid=manager,DC=users,DC=com"

; LDAP manager password
;webapp_ldap_manager_password=

; LDAP search base. When querying for users in LDAP specify a search base
; This parameter is used together with webapp_ldap_manager_dn, webapp_ldap_manager_password and
; webapp_ldap_search_field_from_result
;webapp_ldap_search_base="dc=example,dc=com"

; LDAP search filter. When querying for users in LDAP specify a filter
; This parameter is used together with webapp_ldap_manager_dn, webapp_ldap_manager_password,
; webapp_ldap_search_base and webapp_ldap_search_field_from_result
; The special value ##username## will be replaced with the information entered in login form.
;
;webapp_ldap_search_filter="(&(objectClass=user)(sAMAccountName=##username##))(|(memberOf=cn=fire,ou=users,dc=company,dc=com)(memberOf=cn=wind,ou=users,dc=company,dc=com)))"

; Name of the field from the LDAP search result which represent the DN of the user
; This parameter is used together with webapp_ldap_manager_dn, webapp_ldap_manager_password and
; webapp_ldap_search_base
;
;webapp_ldap_search_field_from_result="dn"

; Optional. Timeout of the LDAP connection.
;webapp_ldap_opt_network_timeout=20;

;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
; Password settings                                                           ;
;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;

; Allow only complex passwords (password min length 8 and should contain at
; least one of: upper case, lower case, numerical, and special characters)
; Default is disabled
;webapp_password_enforce_secure=0

; If activated there is a password history remembering the last 8 passwords and
; the user is prohibited from reusing the last 8 passwords.
; Default is disabled
;webapp_password_prohibit_reuse=0

; If activated a user needs to wait at least 3 days before changing the
; password. Also the password will expire at 90 days
; Default is disabled
;webapp_password_enforce_update=0

; Block user account after n failed login attempts. Set value to 0 to disable
; or to a positive number for "n" tries before the account will be locked.
; Default is disabled
;webapp_password_login_attempts=0



;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
; User settings                                                               ;
;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;

; When a user is added via LDAP/OAuth login and these conditions are fulfilled:
; - it has the username specified in webapp_default_admin_username
; - the total number of users in the webapp is less than three
; grant them admin role as part of user creation
;webapp_default_admin_username='admin'



;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
; Directories                                                                 ;
;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;

; Path to the directory where the uploaded files from WebApp are stored
; Default is /fossid/uploads
;webapp_storing=/fossid/uploads

; Path to the directory where logs are stored
; Default is /fossid/logs
;webapp_logs=/fossid/logs

; Path to where the backups created with the WebApp are stored
; Default is disabled. This path must be set to enable backups
;webapp_backups=/fossid/backup/

; Set to a path to enable the component intake repository
; Default is disabled.
;webapp_intake_repository=/fossid/intake/

; Add a root folder with the scan's ID as name when a scan is created by
; uploading content, purpose is to give the user easy access to total scan
; metrics. Default is disabled
;webapp_add_root_directory=0

; Allow users to specify a local file system path to scan from instead of
; uploading the code that should be scanned. Default is disabled.
; Copying code at that path will be handled by user and not by the application and
; it should contain files and folders, no archives.
;webapp_scan_path_enable=0

; Restrict file system paths to only access content available at specified
; locations. Several comma separated locations can be specified.
; Example:
;   webapp_scan_path_prefixes="/my/path/1,/my/path/2"
;webapp_scan_path_prefixes=

; By setting this parameter to 0 WebApp will not follow symbolic links
; when reading files from disk. Default is enabled. Please note that leaving
; this enabled there is a risk that users may gain access to local files by
; uploading a tar file that contains a symlink.
;webapp_follow_symlinks=1



;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
; Extraction options                                                          ;
;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
; The setting for if archive file should be recursively decompressed.
; Default is disabled, specify 1 for recursively decompressed.
; This can be overridden on a per scan basis when uploading source code
;webapp_recursively_extract_archives=0

; Control default behavior related to extracting .jar files. Possible values:
;  - always  - always extract .jar files
;  - never   - never extract .jar files
;  - if_no_fullmatch  - extract .jar files only if there is no full match
; This can be overridden on a per scan basis when uploading source code
;webapp_jar_file_extraction=never

; Control whenever to create a directory with the same name as the archive
; Possible values:
;  - only_additional_files - Only create directories for consecutive uploads
;  - always   - Always extract to a separate directory
;  - never    - Always extract to the root directory
; This can be overridden on a per scan basis when uploading source code
;extract_to_directory=only_additional_files

; WebApp is relying on external programm "unzip" to open .zip archives
; Sometimes additional parameters need to be added when running the command
; Example: "unzip -O cp932"
;webapp_alias_unzip="unzip"



;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
; JIRA integration                                                            ;
;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;

; Path to your JIRA API endpoint, more specifically to issue. Example of a path:
;  https://your_company.atlassian.net/rest/api/2/issue/
;webapp_jira=YOUR_JIRA_API_ADDRESS

; Set to the IP address of your Proxy Server to connect to JIRA through a proxy
;webapp_jira_proxy_host=YOUR_JIRA_HOST_ADDRESS

; Set to the port of your Proxy Server to connect to JIRA through a proxy
;webapp_jira_proxy_port=YOUR_JIRA_PORT_ADDRESS



;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
; UI Settings                                                                 ;
;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;

; Multi language support
; To enable multi language support, uncomment this line. Allowed settings are
; either en (English ony), ja (Japnese only) or en,ja (Both English and
; Japanese enabled) Default is English only.
;webapp_enabled_languages=en,ja

; If multi language is enabled, this parameter sets the default language for
; new users and the login screen. Default is English.
;default_language=en

; The webapp does some sanity checking on every login. To disable warnings
; about missing upload directories, enable this option.
; Default is disabled.
;webapp_avoid_login_dir_check=0

; How often (in milliseconds) to check for new messages
; Default is 10000 (10 seconds)
;webapp_messages_refresh=10000

; Disable to hide (instead of graying out) menu options the user do not have
; permission to use. Default is enabled.
;show_hidden_menu_items=1

; Enable to not include the auditors names in reports. Default is disabled.
;no_auditor_name_in_reports=0

; Display extensions bar in folder metrics view. Files can be marked as identified based on their extensions from this bar.
; By default hidden from 23.1 versions
;webapp_display_extensions_in_folder_metrics=0



;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
; Scan Settings                                                               ;
;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;

; Save raw copyright information instead of trying to parse the result.
; Default is disabled.
; extract_default_copyright=0

; Save warnings from shinobi as licences. Default is disabled.
;webapp_license_extractor_warnings=0

; Save links from shinobi as licences. Default is disabled.
;webapp_license_extractor_links=0

; Automatically mark files as done if there has been a previous identification
; done for the same file in another scan and the scan is set to reuse that
; identification. Default is disabled.
;webapp_mark_as_done_on_reuse=0

; This command is executed each time when a new scan is executed and there are new
; files uploaded and not scanned. This command is executed after archives are
; decompressed. This is not applied to files from scans using a target path.
; The scope of this command is to execute custom operations against the files before
; scanning them. For example actually removing .git folder (not just ignore it in
; WebApp) or change file names encodings. It is recommended to be an idempotent command.
; Example:
; webapp_custom_command_on_files="convmv -f cp932 -t utf8 -r [[DIRECTORY]]* --notest 2>&1"
; When executing the command [[DIRECTORY]] will be replaced with the scan directory
; resulting the executed command:
;   "convmv -f cp932 -t utf8 -r /fossid/uploads/files/scans/71/* --notest 2>&1"
;
;webapp_custom_command_on_files=

; Some 3rd party reports use a counter instead of an spdx identifier. Enable
; this option to deduce a new identifier from the license name.
;webapp_spdx_modify_numeric_license_identifier=0

;Minimum number of characters a snippet can have to be still considered a match after intelligent match filtering is applied
;webapp_match_filtering_threshold=300

; When using reuse identification also reuse status of "is_distributed" flag of the file
; By default when reusing identifications "is_distributed" status is not reused.
;
;webapp_scan_reuse_additional_info=0

;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
; Auto identifications settings (aka Automatically resolve pending identifications)    ;
;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;

; Control the behaviour of the auto identification mechanism
; Accepted values: top_matched_components, custom
;
;webapp_autoid_mode=top_matched_components

; Use for autoid mechanism only matches with Hits percentage (remote file coverage percentage) higher than X.
; This is used only when webapp_autoid_mode=custom
; 100 percentage means only full matches can be picked as identification.
; 0 percentage means any match can be picked as identification.
;
;webapp_autoid_min_percentage_match=0

;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
; Control which component license is selected when multiple options are returned by CLI;
; Default behaviour is to pick first DECLARED license
;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;

; List of preferred licenses
; Add each license identifier on one line, do not forget [] after parameter name. Example:
; webapp_component_preferred_licenses[]=MIT
; webapp_component_preferred_licenses[]=Apache-2.0
;
;webapp_component_preferred_licenses[]=

; List of undesirable licenses
; Add each license identifier on one line, do not forget [] after parameter name. Example:
; webapp_component_undesirable_licenses[]=GPL-3.0
; webapp_component_undesirable_licenses[]=GPL-3.0-or-later
;
;webapp_component_undesirable_licenses[]=

;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
; Performance tuning                                                          ;
;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;

; Amount of RAM each WebApp process may use. Default is -1 (unlimited)
; max_memory_limit=-1

; Maximum number of concurrent scans. It is reccommended to keep this low to
; reduce the required RAM memory. Low value may also help with slow disc access
; For servers with a large amount of RAM and SSD drives it is possible to
; increase this value to run more scans at once.
;webapp_max_concurrent_scans=3

; Maximum number of files per thread
;webapp_max_files_per_thread=128

; Maximum number of threads
;webapp_max_threads=8



;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
; Proxy settings                                                              ;
;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;

; For easy of copy pasting these settings have the same name as the settings
; in the [CLI] section, but they have a different use. These settings are not
; used by the CLI, but rather by the WebApp when
;  - Downloading a file in the component hashing interface
;  - Updating the CPE list
; If you do not wish to connect to the internet through a proxy, leave these
; settings as-is.

;Your proxy hostname or IP
;cli_proxy_host=

;Your proxy port (i.e. 8080)
;cli_proxy_port=

;Your proxy username
;cli_proxy_user=

;Your proxy password (plain text), or
;cli_proxy_pass=


;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
; Misc settings                                                               ;
;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;

; URL used to retrieve the CPE list when updating manually through
; System Utils => Update CPE List.
; To set the url used by the automated nightly update process, see
; System Utils => Scheduled Tasks
;cpe_download_url='https://nvd.nist.gov/feeds/json/cpe/2.0/nvdcpe-2.0.zip'

; List of package managers that ORT should use to resolve dependencies
; Supported package managers to be activated:
;     Bower, Bundler, Cargo, Carthage, CocoaPods, Composer, Conan, DotNet, GoDep, GoMod, Gradle, Maven, NPM,
;     NuGet, PIP, Pipenv, PNPM, Poetry, Pub, SBT, Stack, Yarn, Yarn2
; Modifying this list may cause unexpected behavior
;webapp_dependency_analysis_supported_package_managers='Bundler,DotNet,Gradle,Maven,NPM,PIP,Yarn'

; If it is required to access the webapp API through a browser, set this to the
; domain(s) of the web sites(s). Use the '*' wildcard, to tell browsers to
; allow any origin.
; Example:
;   cors_allow_origins='https://mydomain1.com,https://mydomain2.com'
;
;cors_allow_origins=

; If 1 - redirect user on nextGen login page 
; If 0 - load current version
webapp_enable_new_login=0

; Specify JVM parameters when calling Shinobi from Workbench
;webapp_jvm_parameters="-Xmx4096m"

; Toggle seeing and editing fossid.conf from the Workbench UI.
; By default accessing fossid.conf via Workbench UI is enabled.
;webapp_enable_ui_fossid_conf_edit=1

; Toggle seeing errors.log file from the Workbench UI.
; By default accessing errors.log file via Workbench UI is enabled.
;webapp_enable_ui_errors_log=1
; Optional message to be displayed in the footer of the Workbench UI.
webapp_footer_message="<a href='https://war.ukraine.ua/support-ukraine/' target='_blank' rel='noreferrer'>Support Ukraine<img src='images/ukraine.png' alt='Support Ukraine' /></a>"