dpndncY

dpndncy CLI reference.

Cross-platform Node.js CLI. Bearer-token authenticated against any dpndncY instance.

Top-level commands

help
dpndncy --help

Commands:
  scan <path>            Scan a manifest, repo, or directory
  verify <file>          Verify a DSSE-signed in-toto Statement offline
  policy                 List, apply, and export policies
  export                 Export findings (sarif, cyclonedx, spdx, pdf, json)
  firewall test <pkg>    Dry-run a firewall request against the current policy
  monitor                Manage continuous-monitoring projects
  agent                  Manage runtime-agent registrations

Authentication

The CLI reads DPNDNCY_URL and DPNDNCY_TOKEN from the environment, or accepts --url and --token flags.

env
export DPNDNCY_URL=https://dpndncy.acme.internal
export DPNDNCY_TOKEN=pat_…

Common flags

  • --outputjson (default) / sarif / cyclonedx / spdx / pdf
  • --fail-oncritical / high / any / policy
  • --tenant — override default tenant
  • --policy — override active policy
  • --no-color — disable ANSI output

Exit codes

  • 0 — success / no findings above threshold
  • 1 — findings exceed threshold
  • 2 — invalid input
  • 3 — auth or network failure
  • 4 — server error
← Previous
SSO / OIDC / SAML
Next →
REST API