# Debricked CLI
We provide a Command Line Tool (CLI) for interacting with Debricked. It supports uploading and checking your dependency files for vulnerabilities from your console. This could be useful when you want to check whether your dependency files are vulnerable before uploading them to your repository or in a custom CI pipeline. This tool also powers some of our integrations, such as the Bitbucket “pipe” integration.
# Installation
- PHP is required, run
php -v
on your system to see if it is installed or not. If it is not installed, refer to your favourite package manager or, if you are on Windows, installthe - latest version available on PHP for Windows (opens new window). - Install the CLI tool
- Install using composer (opens new window) (recommended, omit
global
if you want to install into current project)composer global require debricked/cli
, or - Download it manually from GitHub (opens new window)
- [Windows only] In order to be able to run the first time setup, cd to your installation directory such as
cd ~/AppData/Roaming/Composer/vendor/debricked/cli
, and then executebin/console debricked:scan --help
- Done! You can now run any of the available commands using
php ~/.composer/vendor/debricked/cli/bin/console *command*
. If you using Windows it will be available atphp ~/- AppDataRoaming/Composer/vendor/debricked/cli/bin/console *command*
# Additional note when running on Windows
If you are on Windows, make sure to execute the commands using a bash script (.sh) compatible shell. If you do not have a bash script compatible shell installed already, we recommend the one bundled with Git for windows called “Git Bash”.
# Available commands
All commands have a help command available listing possible arguments and options by passing the flag “help”, for example:
php bin/console debricked:scan --help
# All-in-one vulnerability scan
Combines uploading dependency files with monitoring their vulnerability status.
php bin/console debricked:scan *username* *password* *product_name* *release_name* *repository url* cli
Example:
php bin/console debricked:scan user1@email.com pass1 myproduct 1.0.1 local cli
# Upload dependency files and trigger a vulnerability scan
php bin/console debricked:find-and-upload-files username password product_name release_name repository url cli
# Check vulnerability scan
php bin/console debricked:check-scan *username* *password* *upload_id*