ggshield sca scan ci
This feature is experimental, and only available from GGShield version 1.18.0.
Evaluates if a CI event introduces SCA vulnerabilities.
ggshield sca scan ci [OPTIONS] [DIRECTORY]
Scanning a repository with this command will not trigger any incident on your dashboard.
Only metadata such as call time, request size and scan mode is stored server-side.
--json: Use JSON output.
--ipa PATTERN: Do not scan paths that match the specified glob-like patterns.
--minimum-severity [LOW|MEDIUM|HIGH|CRITICAL]: Minimum severity of the policies.
--exit-zero: Always return a 0 (non-error) status code, even if incidents are found. This option can also be set with the
--all: Reports all vulnerabilities in the final state.
This command supports all ggshield global options.