The Legacy CLI has now been officially deprecated. By April 2nd using it will result in pipeline failures, and the scans will be completely turned off on May 2nd 2024. Going forward, all our efforts and enhancements will be dedicated solely to the new Debricked CLI. Thus, we strongly recommend and encourage your transition to the new CLI in order to stay aligned with the latest features and improvements.
Read on to find out why you should migrate to the new CLI and what actions are needed from your side.
Why switch to the new CLI?
The new Debricked CLI is distributed as a self-contained binary, removing the need for a PHP environment. This makes it easier to install, integrate, run, and upgrade. We have also added and will continue to add new functionalities and improvements, such as:
- Automatic application of git metadata to scans
- Faster scanning*: Finding and uploading files is now significantly faster
- Improved call graph generation for vulnerable functionality
- Manifest-less/fingerprint matching (upcoming)
*In the new CLI, we have incorporated a cutting-edge technology: High Performance Scans. This technology enables you to accurately and swiftly resolve full dependency trees for repositories without a lock file. Learn more here.
How do I migrate to the new CLI?
Migration to the new CLI is a simple process, but the pipeline configuration needed will differ depending on your CI/CD tool. We have created templates using the new CLI for all natively supported integrations. With the new CLI it is also easier than before to set up an integration with a non-natively supported CI/CD tool. The templates for setting up the integration can be found below. If you need help in setting up your migration, don’t hesitate to contact our support team and we will happily help you get set up with the new CLI.
- GitHub Actions
- GitHub example template
- To integrate several repositories with a single configuration check this article
- Azure DevOps
- Azure example template
- To integrate several repositories with a single configuration check this article
- GitLab CICD
- GitLab example template
- To integrate several repositories with a single configuration check this article
- Bitbucket
- Bitbucket example template
- To integrate several repositories with a single configuration check this article
- Argo
- Travis
- CircleCI
- Jenkins
- BuildKite
- Other, If your CI/CD tool is not mentioned above
- Because the CLI is distributed as a self-contained binary, using it in your CI/CD is often as simple as downloading the binary and running `debricked scan`. An example of how that script might look, using a linux based CI/CD setup, can be found below.
- curl -L https://github.com/debricked/cli/releases/latest/download/cli_linux_x86_64.tar.gz | tar -xz debricked
- ./debricked scan
- Because the CLI is distributed as a self-contained binary, using it in your CI/CD is often as simple as downloading the binary and running `debricked scan`. An example of how that script might look, using a linux based CI/CD setup, can be found below.