Skip to main content

CLI reference

The following table lists the Veracode CLI commands:

configureConfigures API credentials for the Veracode CLI.
fixGenerates code fixes and, optionally, apply them to flaws in an application source file.
helpLists the available commands.
packagePackage project code for Veracode Static Analysis.
policyDownloads a security policy as a file.
repository addAdds the repositories that you can access from source control management (SCM) systems to inventory Excel files.
repository reportGenerates a report of all developers who have contributed to a repository in the last 90 days.
sbomGenerates a software bill of materials (SBOM) of an image, archive, repository, or directory.
scanGenerates vulnerability findings and policy results for an image, archive, repository, or directory.
staticPerforms Static Application Security Testing (SAST) scans.
versionReturns the Veracode CLI version.

You must run each command in the filepath where the Veracode CLI is installed.

If you installed it in the working directory, use this format:

./veracode [command]

If you installed it in a different location, use this format:

<path>/veracode [command]