CLI commands

The CLI offers a command line help guide with the --h or --help option. The help guide displays the following commands you can use to understand more about Contrast configuration, applications, and vulnerabilities.

In the following examples, replace <string> or <level> with the value that applies to your particular situation.

Command	Description
`--yamlPath <string>`	The path to display parameters from the YAML file (optional)
`--cli_api_key <string>`	An agent API key provided by Contrast (required)
`--cli_authorization <string>`	Agent authorization credentials provided by Contrast (required)
`--cli_organization_id <string>`	The ID of your organization in Contrast (required)
`--cli_application_id <string>`	The ID of the application cataloged by Contrast (required)
`--cli_application_name <string>`	The name of the application cataloged by Contrast (optional)
`--cli_catalogue_application`	Catalog an application (required for `catalogue`)
`--cli_language <string>`	Application language, such as JAVA, NODE, PYTHON, RUBY. Provide this when cataloging an application. (required for `catalogue`)
`--cli_app_groups <string>`	Assigns your application to one or more pre-existing groups when using the `catalogue` command. Group lists should be comma separated. (optional for `catalogue`)
`--cli_proxy <string>`	Allows for connection over a proxy server. If authentication is required, provide the username and password with the protocol, host and port. For example, http://username:password@<host>:<port>. (optional)
`--cli_host <string>`	The name of the host and, optionally, the port expressed as `<host>:<port>`. Does not include the protocol section of the URL (https://). Defaults to app.contrastsecurity.com . (optional) Only HTTPS connections are supported at this time.
`--cli_project_path <string>`	The directory root of a project/application that you want to analyze. Defaults to the current directory. (optional)
`--cve_severity <level>`	Combined with `--report`, allows the user to report vulnerabilities above a chosen severity level. For example, `cve_severity medium` only reports vulnerabilities at Medium or higher severity.
`--fail`	Fails the build if any vulnerabilities are found. Can be used in combination with `cve_severity` to fail builds with vulnerabilities at severity levels defined by the user.
`--report`	Shows a report of vulnerabilities in the application from compile time.
`--silent`	Silences JSON output. (optional)
`-v, --version`	Displays the CLI version you are currently using.
`-h, --help`	Displays the help guide.

Note

Parameters in these commands may need to be quoted to avoid issues with special characters. For example

--cli_application_name = "My_app_name_$+=(/\"

In this section:

Was this helpful?

Would you like to provide feedback? Just click here to suggest edits.