Documentation | Debricked

# Debricked CLI

We provide a Command Line Tool (CLI) for interacting with Debricked. It supports uploading and checking your dependency files for vulnerabilities from your console. This could be useful when you want to check whether your dependency files are vulnerable before uploading them to your repository or in a custom CI pipeline. This tool also powers some of our integrations, such as the Bitbucket “pipe” integration.

# Installation

  • PHP is required, run php -v on your system to see if it is installed or not. If it is not installed, refer to your favourite package manager or, if you are on Windows, installthe - latest version available on PHP for Windows (opens new window).
  • Install the CLI tool
  • Install using composer (opens new window) (recommended, omit global if you want to install into current project) composer global require debricked/cli, or
  • Download it manually from GitHub (opens new window)
  • [Windows only] In order to be able to run the first time setup, cd to your installation directory such as cd ~/AppData/Roaming/Composer/vendor/debricked/cli, and then execute bin/console debricked:scan --help
  • Done! You can now run any of the available commands using php ~/.composer/vendor/debricked/cli/bin/console *command*. If you using Windows it will be available at php ~/- AppDataRoaming/Composer/vendor/debricked/cli/bin/console *command*

# Additional note when running on Windows

If you are on Windows, make sure to execute the commands using a bash script (.sh) compatible shell. If you do not have a bash script compatible shell installed already, we recommend the one bundled with Git for windows called “Git Bash”.

# Available commands

All commands have a help command available listing possible arguments and options by passing the flag “help”, for example:

php bin/console debricked:scan --help

# All-in-one vulnerability scan

Combines uploading dependency files with monitoring their vulnerability status.

php bin/console debricked:scan *username* *password* *product_name* *release_name* *repository url* cli

Example:

php bin/console debricked:scan user1@email.com pass1 myproduct 1.0.1 local cli

# Upload dependency files and trigger a vulnerability scan

php bin/console debricked:find-and-upload-files username password product_name release_name repository url cli

# Check vulnerability scan

php bin/console debricked:check-scan *username* *password* *upload_id*

GitHub