Scan Mode

Overview

Uses Checkmarx or Snyk CLI tools to run a SAST scan on a given repository
Analyze the vulnerability report to identify issues that can be remediated automatically
Produces the code fixes and redirects the user to the fix report page on the Mobb platform

Scan Mode - Usage

To check what options are available under the analyze mode, run:

npx mobbdev@latest scan --help

Here is the output of the help file:

Scan your code for vulnerabilities, get automated fixes right away.

Options:
  -r, --repo                    Github / GitLab / Azure DevOps repository URL                        [string] [required]
      --ref                     Reference of the repository (branch, tag, commit)                               [string]
  -s, --scanner                 Select the scanner to use
                                             [choices: "checkmarx", "codeql", "fortify", "snyk", "sonarqube", "semgrep"]
      --org, --organization-id  Organization id                                                                 [string]
      --mobb-project-name       Mobb project name                                 [string] [default: "My first project"]
  -y, --yes                     Skip prompts and use default values                                            [boolean]
      --ci                      Run in CI mode, prompts and browser will not be opened        [boolean] [default: false]
      --api-key                 Mobb authentication api-key                                                     [string]
      --cx-project-name         Checkmarx project name (when scanning with Checkmarx)                           [string]
      --auto-pr                 Enable automatic pull requests for new fixes                  [boolean] [default: false]
      --help                    Show help                                                                      [boolean]

To run a new SAST scan on a repo and get fixes, run the Bugsy Scan command. Example:

npx mobbdev@latest scan --repo https://github.com/mobb-dev/simple-vulnerable-java-project

PreviousAnalyze Mode NextAdd SCM Token Mode

Last updated 3 months ago

Was this helpful?

Overview

Uses Checkmarx or Snyk CLI tools to run a SAST scan on a given repository

Analyze the vulnerability report to identify issues that can be remediated automatically

Produces the code fixes and redirects the user to the fix report page on the Mobb platform

Scan Mode - Usage

To check what options are available under the analyze mode, run:

npx mobbdev@latest scan --help

Here is the output of the help file:

Scan your code for vulnerabilities, get automated fixes right away.

Options:
  -r, --repo                    Github / GitLab / Azure DevOps repository URL                        [string] [required]
      --ref                     Reference of the repository (branch, tag, commit)                               [string]
  -s, --scanner                 Select the scanner to use
                                             [choices: "checkmarx", "codeql", "fortify", "snyk", "sonarqube", "semgrep"]
      --org, --organization-id  Organization id                                                                 [string]
      --mobb-project-name       Mobb project name                                 [string] [default: "My first project"]
  -y, --yes                     Skip prompts and use default values                                            [boolean]
      --ci                      Run in CI mode, prompts and browser will not be opened        [boolean] [default: false]
      --api-key                 Mobb authentication api-key                                                     [string]
      --cx-project-name         Checkmarx project name (when scanning with Checkmarx)                           [string]
      --auto-pr                 Enable automatic pull requests for new fixes                  [boolean] [default: false]
      --help                    Show help                                                                      [boolean]

To run a new SAST scan on a repo and get fixes, run the Bugsy Scan command. Example:

npx mobbdev@latest scan --repo https://github.com/mobb-dev/simple-vulnerable-java-project