docs(website): Add a section for the new BlackDuck advisor

Signed-off-by: Frank Viernau <x9fviern@zeiss.com>
oss-review-toolkit · Dec 23, 2024 · d154358 · d154358
1 parent f4e72c2
commit d154358
Showing 1 changed file with 16 additions and 0 deletions.
diff --git a/website/docs/tools/advisor.md b/website/docs/tools/advisor.md
@@ -14,6 +14,22 @@ The providers require specific configuration in the [ORT configuration file](htt
 When executing the advisor, the providers to enable are selected with the `--advisors` option (or its short alias `-a`); here a comma-separated list with provider IDs is expected.
 The following sections describe the providers supported by the advisor:
 
+# Black Duck
+
+This vulnerability provider obtains information about security vulnerabilities from the Black Duck instance specified
+in the configuration. The configuration is mandatory, because authentication is required.
+The implementation is in *experimental* state.
+
+```yaml
+ort:
+  advisor:
+    config:
+      BlackDuck:
+        options:
+          serverUrl: 'server-url'
+          apiToken: 'token'
+```
+
 ## OSS Index
 
 This vulnerability provider does not require any further configuration as it uses the public service at https://ossindex.sonatype.org/.