Overview
What is it?
CLI (short for command line interface) is a program that processes software commands or any other computer program through text.
Horusec-CLI is the part of the code that allows you to run the security analysis commands and vulnerabilities identification and/or classification.
How does the analysis work?
Horusec performs a SAST analysis of your project and it just check out the code, it is not necessary to buil or run anything and this makes your analysis quicker.
The security tools have their own output data, so Horusec reads and changes it to the right format. After that you are able to have data regardless of the tools you are using in the analysis.
What does Horusec-CLI do?
Horusec-CLI sends the analysis report to the Horusec-Platform, and at this moment, you are able to see the vulnerabilities Horusec found and they can be grouped by:
- Repository;
- Commit author;
- Language;
- Vulnerabilities timeline.
After that, you can manage the vulnerabilities changing the types to false positive, accepted risk and others. You can also change the severity from the last repository analysis to critical, medium, etc.
How do you perform an analysis?
Follow the steps below:
Step 1. Install Horusec;
Step 2. Check the requirements and run the command below in the location where your project is:
horusec start
Step 3. Horusec-CLI will return a confirmation message to know if the current directory is correct:
✔ The folder selected is: [/home/your-user/Projects/project-name]. Proceed? [Y/n]: Y
Select Y and press ENTER to continue. Now the tool will start the analysis showing your project’s vulnerabilities.
Horusec can start the analysis without this question. To do that, run the command below:
horusec start -p ./
How to change directories?
If you want to change the current directory, add the directory you want right after the symbol ./
Example
- In this example, the replacement is for a directory called -latest-project. To change run the command:
horusec start -p ./latest-project
- You can also put the full directory where your project is. In this case, the command is:
horusec start -p /home/user-name/folder-name/file-name
Read more
- How to run Horusec in multiple directories?
- How to classify a vulnerability?
- How to add custom rules on Horusec-CLI?
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.