Quickstart

This page will help you get started with Phylum CLI tool. You'll be up and running in a jiffy!


Introduction

The command line interface (CLI) allows users to submit their project package dependencies to Phylum's API for analysis. Currently pre-built binaries for Linux and macOS are available. For other platforms (e.g., Windows), binaries can easily be built.

asciicastasciicast

Quickstart for Linux or macOS

  1. Download the latest release package for your target:

    TargetPackage
    x86_64-unknown-linux-muslphylum-x86_64-unknown-linux-musl.zip
    aarch64-unknown-linux-muslphylum-aarch64-unknown-linux-musl.zip
    x86_64-apple-darwinphylum-x86_64-apple-darwin.zip
    aarch64-apple-darwinphylum-aarch64-apple-darwin.zip
  2. Confirm the signature of the archive with minisign and the public key for Phylum

    $ minisign -Vm phylum-*.zip -P RWT6G44ykbS8GABiLXrJrYsap7FCY77m/Jyi0fgsr/Fsy3oLwU4l0IDf
    Signature and comment signature verified
    Trusted comment: Phylum - the future of software supply chain security
    
  3. Unzip the archive

    unzip phylum-*.zip
    
  4. Run the installer script for installation

    ./install.sh
    
  5. Register for an account (if you don't already have one)

    phylum auth register
    
  6. Authenticate with Phylum

    phylum auth login
    
  7. Create a new Phylum project in your project directory

    phylum project create <project-name>
    
  8. Submit your package lock file

    phylum analyze <package-lock-file.ext>
    
  9. (Optional) View the analysis results in the Phylum UI


Slack

Join us on the Phylum Community Slack!

Questions/Issues

Please contact Phylum with any questions or issues using the CLI tool.

Email: [email protected]


Did this page help you?