Sec1 CLI (Command Line Interface) Overview

Sec1 CLI is designed for scanning your projects to identify and address security vulnerabilities efficiently. This tool integrates seamlessly into your development workflow, enhancing the security aspect of your projects. This tool is an ideal choice for power user developers who demand more control into the security landscape of their applications.

Getting Started with Sec1 CLI

1. Configuration: Initialize the CLI configuration by executing sec1 config. This step is essential for setting up the tool according to your project's needs.

2. Scanning: Perform a security scan on your local project using sec1 scan. This command helps in identifying potential vulnerabilities in your project files.

3. Vulnerability Search: Use sec1 search to delve deeper into specific vulnerabilities. This command is useful for a more targeted approach towards security analysis.

Detailed Command Information

For more detailed information about any command, append --help (e.g. sec1 config --help). This feature provides in-depth guidance on each command's usage and options.

Note: The help on the docs site is the same as the --help in the CLI.

sec1 config

Manages the configuration of the Sec1 CLI. This command is the starting point for customizing the tool for your specific project requirements.

sec1 scan

Conducts a comprehensive scan of the project. The CLI supports various manifest files including 'pom.xml', 'package.json', 'requirements.txt', and others, making it versatile for different project types.

Note: Supported manifest : 'pom.xml', 'package.json', 'requirements.txt', 'package-lock.json', 'package.lock.json', 'yarn.lock', 'gradle.lockfile', 'pnpm-lock.yaml', 'pipfile.lock', '.pom'

sec1 search

Offers a detailed look into the cve information such as Severity, Short Description, CVSS Score.

Debug

The --debug option can be used to generate detailed logs. This is particularly helpful for troubleshooting or gaining deeper insights into the CLI operations.