phylum package
Retrieve the details of a specific package
Usage: phylum package [OPTIONS] <type> <name> <version>
Arguments
Package ecosystem type
Accepted values: `npm`, `rubygems`, `pypi`, `maven`, `nuget`, `golang`, `cargo`
The name of the package.
The version of the package.
Options
-j, --json
Produce output in json format (default: false)
-f, --filter
Provide a filter used to limit the issues displayed
EXAMPLES:
# Show only issues with severity of at least 'high'
--filter=high
# Show issues with severity of 'critical' in the 'author'
and 'engineering' domains
--filter=crit,aut,eng
-v, --verbose...
Increase the level of verbosity (the maximum is -vvv)
-q, --quiet...
Reduce the level of verbosity (the maximum is -qq)
-h, --help
Print help
Details
If the requested package has not yet been analyzed by Phylum, it will
automatically be submitted for processing.
The following order is used to determine which lockfile will be parsed:
- CLI
--lockfile
parameters - Lockfiles in the
.phylum_project
file specified duringphylum init
- Recursive filesystem search
If any of these locations provides a lockfile, no further search will be done.
Recursive filesystem search takes common ignore files like .gitignore
and
.ignore
into account.
Examples
# Query specific package details
$ phylum package -t npm axios 0.19.0
Updated 2 months ago