Scan Mode
Overview
Uses Checkmarx or Snyk CLI tools to run a SAST scan on a given repository
Analyze the vulnerability report to identify issues that can be remediated automatically
Produces the code fixes and redirects the user to the fix report page on the Mobb platform
Scan Mode - Usage
To check what options are available under the analyze mode, run:
npx mobbdev@latest scan --help
Here is the output of the help file:
Scan your code for vulnerabilities, get automated fixes right away.
Options:
-r, --repo Github / GitLab / Azure DevOps repository URL [string] [required]
--ref Reference of the repository (branch, tag, commit) [string]
-s, --scanner Select the scanner to use
[choices: "checkmarx", "codeql", "fortify", "snyk", "sonarqube", "semgrep"]
--org, --organization-id Organization id [string]
--mobb-project-name Mobb project name [string] [default: "My first project"]
-y, --yes Skip prompts and use default values [boolean]
--ci Run in CI mode, prompts and browser will not be opened [boolean] [default: false]
--api-key Mobb authentication api-key [string]
--cx-project-name Checkmarx project name (when scanning with Checkmarx) [string]
--auto-pr Enable automatic pull requests for new fixes [boolean] [default: false]
--help Show help [boolean]
To run a new SAST scan on a repo and get fixes, run the Bugsy Scan command. Example:
npx mobbdev@latest scan --repo https://github.com/mobb-dev/simple-vulnerable-java-project
Last updated
Was this helpful?