CLI Reference
This page provides documentation for the command line tools.
cstools
CodeSecTools: A framework for code security that provides abstractions for static analysis tools and datasets to support their integration, testing, and evaluation.
Usage:
Options:
Name | Type | Description | Default |
---|---|---|---|
-d , --debug |
boolean | Show debugging messages and disable pretty exceptions. | False |
-v , --version |
boolean | Show the tool's version. | None |
--install-completion |
boolean | Install completion for the current shell. | None |
--show-completion |
boolean | Show completion for the current shell, to copy it or customize the installation. | None |
--help |
boolean | Show this message and exit. | False |
Subcommands
- allsast: Run all available SAST tools together.
- bearer: Bearer SAST
- coverity: Coverity Static Analysis
- semgrepce: Semgrep Community Edition Engine
- snykcode: Snyk Code
- spotbugs: SpotBugs
- status: Display the availability of SAST tools and datasets.
cstools allsast
Run all available SAST tools together.
Usage:
Options:
Name | Type | Description | Default |
---|---|---|---|
--help |
boolean | Show this message and exit. | False |
Subcommands
- analyze: Analyze a project using all availbale SAST tools.
- benchmark: Benchmark a dataset using all SAST tools.
- info: List used SAST tools.
- list: List existing analysis results.
- plot: Generate plot for results visualization (datasets are not supported).
- report: Generate an HTML report
cstools allsast analyze
Analyze a project using all availbale SAST tools.
Usage:
Options:
Name | Type | Description | Default |
---|---|---|---|
--artifact-dir |
path | Pre-built artifacts directory (for PrebuiltSAST only) | None |
--overwrite |
boolean | Overwrite existing analysis results for current project | False |
--help |
boolean | Show this message and exit. | False |
cstools allsast benchmark
Benchmark a dataset using all SAST tools.
Usage:
Options:
Name | Type | Description | Default |
---|---|---|---|
--overwrite |
boolean | Overwrite existing results (not applicable on CVEfixes) | False |
--testing |
boolean | Run benchmark over a single dataset unit for testing | False |
--help |
boolean | Show this message and exit. | False |
cstools allsast info
List used SAST tools.
Usage:
Options:
Name | Type | Description | Default |
---|---|---|---|
--help |
boolean | Show this message and exit. | False |
cstools allsast list
List existing analysis results.
Usage:
Options:
Name | Type | Description | Default |
---|---|---|---|
--help |
boolean | Show this message and exit. | False |
cstools allsast plot
Generate plot for results visualization (datasets are not supported).
Usage:
Options:
Name | Type | Description | Default |
---|---|---|---|
--overwrite |
boolean | Overwrite existing figures | False |
--show |
boolean | Display figures | False |
--pgf |
boolean | Export figures to pgf format (for LaTeX document) | False |
--help |
boolean | Show this message and exit. | False |
cstools allsast report
Generate an HTML report
Usage:
Options:
Name | Type | Description | Default |
---|---|---|---|
--overwrite |
boolean | Overwrite existing results | False |
--help |
boolean | Show this message and exit. | False |
cstools bearer
Bearer SAST
Usage:
Options:
Name | Type | Description | Default |
---|---|---|---|
--help |
boolean | Show this message and exit. | False |
Subcommands
- analyze: Analyze a project using Bearer.
- benchmark: Benchmark a dataset using Bearer.
- list: List existing analysis results.
- plot: Generate plot for results visualization.
cstools bearer analyze
Analyze a project using Bearer.
Usage:
Options:
Name | Type | Description | Default |
---|---|---|---|
--overwrite |
boolean | Overwrite existing analysis results for current project | False |
--help |
boolean | Show this message and exit. | False |
cstools bearer benchmark
Benchmark a dataset using Bearer.
Usage:
Options:
Name | Type | Description | Default |
---|---|---|---|
--overwrite |
boolean | Overwrite existing results (not applicable on CVEfixes) | False |
--testing |
boolean | Run benchmark over a single dataset unit for testing | False |
--help |
boolean | Show this message and exit. | False |
cstools bearer list
List existing analysis results.
Usage:
Options:
Name | Type | Description | Default |
---|---|---|---|
--help |
boolean | Show this message and exit. | False |
cstools bearer plot
Generate plot for results visualization.
Usage:
Options:
Name | Type | Description | Default |
---|---|---|---|
--overwrite |
boolean | Overwrite existing figures | False |
--show |
boolean | Display figures | False |
--pgf |
boolean | Export figures to pgf format (for LaTeX document) | False |
--help |
boolean | Show this message and exit. | False |
cstools coverity
Coverity Static Analysis
Usage:
Options:
Name | Type | Description | Default |
---|---|---|---|
--help |
boolean | Show this message and exit. | False |
Subcommands
- install: List instruction to install missing requirements.
- list: List existing analysis results.
- plot: Generate plot for results visualization.
cstools coverity install
List instruction to install missing requirements.
Usage:
Options:
Name | Type | Description | Default |
---|---|---|---|
--help |
boolean | Show this message and exit. | False |
cstools coverity list
List existing analysis results.
Usage:
Options:
Name | Type | Description | Default |
---|---|---|---|
--help |
boolean | Show this message and exit. | False |
cstools coverity plot
Generate plot for results visualization.
Usage:
Options:
Name | Type | Description | Default |
---|---|---|---|
--overwrite |
boolean | Overwrite existing figures | False |
--show |
boolean | Display figures | False |
--pgf |
boolean | Export figures to pgf format (for LaTeX document) | False |
--help |
boolean | Show this message and exit. | False |
cstools semgrepce
Semgrep Community Edition Engine
Usage:
Options:
Name | Type | Description | Default |
---|---|---|---|
--help |
boolean | Show this message and exit. | False |
Subcommands
- analyze: Analyze a project using SemgrepCE.
- benchmark: Benchmark a dataset using SemgrepCE.
- list: List existing analysis results.
- plot: Generate plot for results visualization.
cstools semgrepce analyze
Analyze a project using SemgrepCE.
Usage:
Options:
Name | Type | Description | Default |
---|---|---|---|
--overwrite |
boolean | Overwrite existing analysis results for current project | False |
--help |
boolean | Show this message and exit. | False |
cstools semgrepce benchmark
Benchmark a dataset using SemgrepCE.
Usage:
Options:
Name | Type | Description | Default |
---|---|---|---|
--overwrite |
boolean | Overwrite existing results (not applicable on CVEfixes) | False |
--testing |
boolean | Run benchmark over a single dataset unit for testing | False |
--help |
boolean | Show this message and exit. | False |
cstools semgrepce list
List existing analysis results.
Usage:
Options:
Name | Type | Description | Default |
---|---|---|---|
--help |
boolean | Show this message and exit. | False |
cstools semgrepce plot
Generate plot for results visualization.
Usage:
Options:
Name | Type | Description | Default |
---|---|---|---|
--overwrite |
boolean | Overwrite existing figures | False |
--show |
boolean | Display figures | False |
--pgf |
boolean | Export figures to pgf format (for LaTeX document) | False |
--help |
boolean | Show this message and exit. | False |
cstools snykcode
Snyk Code
Usage:
Options:
Name | Type | Description | Default |
---|---|---|---|
--help |
boolean | Show this message and exit. | False |
Subcommands
- analyze: Analyze a project using SnykCode.
- benchmark: Benchmark a dataset using SnykCode.
- list: List existing analysis results.
- plot: Generate plot for results visualization.
cstools snykcode analyze
Analyze a project using SnykCode.
Usage:
Options:
Name | Type | Description | Default |
---|---|---|---|
--overwrite |
boolean | Overwrite existing analysis results for current project | False |
--help |
boolean | Show this message and exit. | False |
cstools snykcode benchmark
Benchmark a dataset using SnykCode.
Usage:
Options:
Name | Type | Description | Default |
---|---|---|---|
--overwrite |
boolean | Overwrite existing results (not applicable on CVEfixes) | False |
--testing |
boolean | Run benchmark over a single dataset unit for testing | False |
--help |
boolean | Show this message and exit. | False |
cstools snykcode list
List existing analysis results.
Usage:
Options:
Name | Type | Description | Default |
---|---|---|---|
--help |
boolean | Show this message and exit. | False |
cstools snykcode plot
Generate plot for results visualization.
Usage:
Options:
Name | Type | Description | Default |
---|---|---|---|
--overwrite |
boolean | Overwrite existing figures | False |
--show |
boolean | Display figures | False |
--pgf |
boolean | Export figures to pgf format (for LaTeX document) | False |
--help |
boolean | Show this message and exit. | False |
cstools spotbugs
SpotBugs
Usage:
Options:
Name | Type | Description | Default |
---|---|---|---|
--help |
boolean | Show this message and exit. | False |
Subcommands
- analyze: Analyze a project using SpotBugs.
- benchmark: Benchmark a dataset using SpotBugs.
- list: List existing analysis results.
- plot: Generate plot for results visualization.
cstools spotbugs analyze
Analyze a project using SpotBugs.
Usage:
Options:
Name | Type | Description | Default |
---|---|---|---|
--artifact-dir |
path | Pre-built artifacts directory | _required |
--overwrite |
boolean | Overwrite existing analysis results for current project | False |
--help |
boolean | Show this message and exit. | False |
cstools spotbugs benchmark
Benchmark a dataset using SpotBugs.
Usage:
Options:
Name | Type | Description | Default |
---|---|---|---|
--overwrite |
boolean | Overwrite existing results (not applicable on CVEfixes) | False |
--testing |
boolean | Run benchmark over a single dataset unit for testing | False |
--help |
boolean | Show this message and exit. | False |
cstools spotbugs list
List existing analysis results.
Usage:
Options:
Name | Type | Description | Default |
---|---|---|---|
--help |
boolean | Show this message and exit. | False |
cstools spotbugs plot
Generate plot for results visualization.
Usage:
Options:
Name | Type | Description | Default |
---|---|---|---|
--overwrite |
boolean | Overwrite existing figures | False |
--show |
boolean | Display figures | False |
--pgf |
boolean | Export figures to pgf format (for LaTeX document) | False |
--help |
boolean | Show this message and exit. | False |
cstools status
Display the availability of SAST tools and datasets.
Usage:
Options:
Name | Type | Description | Default |
---|---|---|---|
--sasts |
boolean | Show sasts only | False |
--datasets |
boolean | Show datasets only | False |
--help |
boolean | Show this message and exit. | False |