CLI reference
The following table lists the Veracode CLI commands:
| Command | Description |
|---|---|
cache | Clears the cache for all Veracode CLI commands. |
configure | Configures API credentials for the Veracode CLI. |
dynamic | Performs Dynamic Application Security Testing (DAST) and outputs the results. |
fix | Generates code fixes and, optionally, apply them to flaws in an application source file. |
help | Lists the available commands. |
package | Package project code for Veracode Static Analysis. |
policy | Downloads a security policy as a file. |
repository add | Adds the repositories that you can access from source control management (SCM) systems to inventory Excel files. |
repository report | Generates a report of all developers who have contributed to a repository in the last 90 days. |
sbom | Generates a software bill of materials (SBOM) of an image, archive, repository, or directory. |
scan | Generates vulnerability findings and policy results for an image, archive, repository, or directory. |
static | Performs Static Application Security Testing (SAST) scans. |
version | Returns the Veracode CLI version. |
You must run each command in the filepath where the Veracode CLI is installed.
If you installed it in the working directory, use this format:
./veracode [command]
If you installed it in a different location, use this format:
./veracode <path>/veracode [command]