JavaScript is not currently enabled, but is required for full
CodeSonar manual search and browse functionality.
If you are viewing this file in your hub's Web GUI, enable
JavaScript in your browser: you will also need it for GUI
functionality.
If you opened this file directly from disk, your browser may be
directly suppressing JavaScript functionality: certain browsers
perform this suppression on local files (but not files delivered by
web servers) for security reasons.
-
If you access the manual through the hub's Web GUI, the
functionality will not be suppressed because the hub is a web
server.
-
Alternatively, your browser may allow you to explicitly
disable the security setting that suppresses functionality. See
the CodeSonar
FAQ for more information.
The codesonar Command
CodeSonar-related command line functionality is provided via
subcommands of the codesonar
command. Individual subcommands are documented in the relevant
manual sections; this page provides a central reference with links
to those sections.
codesonar activate
Activate the CodeSonar installation. See Accepting the
License for full details.
codesonar add_source_files.py [ <file_or_dir> ...] [-include
file_pat] [-exclude file_pat] \
[-language lang] [-max-bytes
num]
When executed as part of the command observed by codesonar analyze or
codesonar build,
imports files into the CodeSonar analysis.
There are two main use cases:
- To include a file or set of files in your project for
completeness or documentation purposes (a README file, for
example).
- To import source files that are in tier 3 languages
(all languages except C, C++, Java, C#) and for which
you do not have third-party analysis results.
If you do have third party analysis results for your tier 3
source files, see Including Tier 3 Components in
a CodeSonar Project.
See Importing
Other File Types to CodeSonar for details.
Note that this is not useful as a standalone command: its
execution must be observed as part of the CodeSonar
build/analysis.
codesonar analysis_id.py
path/to/analysis_directory [-strip]
Print (to stdout) the analysis ID for
the most recent analysis performed in the specified analysis
directory.
analysis_id.py is a codesonar
Python subcommand.
codesonar analyze /path/to/pfiles-name
[-project [/[ancestors/]]proj-name] [-no-services] [-foreground] [-wait] [-clean] [-clean-backend] \
[-force-base-hub-analysis] [-name analysis-name] [-preset preset-name] [-no-default-presets] [-conf-file extra-conf-path] \
[-offline] [-property propkey propval] [-launchd-group ldgroup] [-launchd-key ldkey] \
[-watch-pid pid] [-watch-all-pids] \
[-auth authtype] [-hubuser username] [-hubpwfile pwfile] [-hubbearerfile bearerfile] [-hubcert certfile] [-hubkey privatekeyfile] \
[-remote analysis-launchd] [-remote-archive daemonmode-launchd] [-srcroot basedir] [[protocol://]host:port] [command]
Build and analyze
a project by observing the software build process invoked by
command (if any), updating (or creating) the CodeSonar project
file accordingly, performing the CodeSonar analysis, and outputting
the result to a hub. See the codesonar analyze reference for full
details.
codesonar bi_transfer.py --create-bi-conf
path/to/conffile.conf
--bi-tool tool_name
codesonar bi_transfer.py --test-connection
path/to/conffile.conf
codesonar bi_transfer.py --download
path/to/wfile.csv
--type warning --analysis-url aurl
[--search wsearch_expr]
[-auth authtype] [-hubuser username] [-hubpwfile pwfile] [-hubbearerfile bearerfile] [-hubcert certfile] [-hubkey privatekeyfile]
codesonar bi_transfer.py --download
path/to/wfile.csv
--type warning --hub hub_home
--search wsearch_expr
[-auth authtype] [-hubuser username] [-hubpwfile pwfile] [-hubbearerfile bearerfile] [-hubcert certfile] [-hubkey privatekeyfile]
codesonar bi_transfer.py --upload
path/to/wfile.csv
--bi-config
path/to/conffile.conf validation
path/to/tmpdir/
[--remote-file-name-prefix
pref]
Transfer warning information to a
business intelligence (BI) tool.
bi_transfer.py is a codesonar
Python subcommand.
codesonar build /path/to/pfiles-name
[-project [/[ancestors/]]proj-name] [-no-services] [-foreground] [-wait] [-clean] [-clean-backend] \
[-force-base-hub-analysis] [-name analysis-name] [-preset preset-name] [-no-default-presets] [-conf-file extra-conf-path] \
[-offline] [-property propkey propval] [-launchd-group ldgroup] [-launchd-key ldkey] \
[-watch-pid pid] [-watch-all-pids] \
[-auth authtype] [-hubuser username] [-hubpwfile pwfile] [-hubbearerfile bearerfile] [-hubcert certfile] [-hubkey privatekeyfile] \
[-remote analysis-launchd] [-remote-archive daemonmode-launchd] [-srcroot basedir] [[protocol://]host:port] command
Build a project
or part of a project by observing the software build process invoked
by command and updating (or creating) the CodeSonar project
files accordingly. See the codesonar build reference for full
details.
codesonar config
Start the CodeSonar configuration
tool.
codesonar create-conf pfilesname [compilername]
Create a new general
project configuration file for building and analyzing
pfilesname.prj. If
compilername is specified, also create the corresponding new
project-compiler
configuration file. See Creating/Reverting
A Configuration File for full details.
codesonar cs_android.py configure \
[-release relver] [-logfile
path/to/logfname] [-verbose] \
root_dir
codesonar cs_android.py env-run \
-lunch target [-envsetup
path/to/esu_dir] [-shell shellcmd] \
[-source sourcecmd] [-workdir
path/to/wdir] \
[-release relver] [-outdir
path/to/odir] [-logfile path/to/logfname]
[-verbose] \
root_dir build_cmd
[build_args]
codesonar cs_android.py java-extract \
[-force] [-name namepat]
\
[-release relver] [-outdir
path/to/odir] [-logfile path/to/logfname]
[-verbose]
root_dir
codesonar cs_android.py java-scan \
[-build-system-format bsf_name]
[-class-extraction-tolerance tolerance_level] \
[-cs-verbosity num] [-jobs
num] [-print] \
[-release relver] [-outdir
path/to/odir] [-logfile path/to/logfname]
[-verbose] \
root_dir
[source_dir1 sourcedir2 ...
]
codesonar cs_android.py clean \
[-verbose] [-logfile
path/to/logfname] \
root_dir
Prepare and analyze the
Android Open Source Project.
Note: cs_android.py is not suitable
for use with Android App projects.
cs_android.py is a codesonar
Python subcommand.
codesonar dump_warnings.py [-h]
[--project-file
path/to/prjfile] [--project-name
prjname] [--analysis-id aid] [--analysis-url
aurl] [--search search_term]
[--hub
[protocol://]host:port]
[--show-column "colname"]
[--sort "ascending:colname"] [--sort
"descending:colname"]
[--format "fmtstr"] [--csv]
[--json] [--sarif]
[--fail-if-more-warnings-than
max_warnings] [--gained-since-previous-analysis]
[--lost-since-previous-analysis]
[--visible-warnings warning_filter]
[-t max_seconds] [--src-root /path/to/repo]
[--sarif-detail detail_level]
[--metrics-csv
path/to/csv_outfile] [--metrics-xml
path/to/xml_outfile]
[-auth authtype] [-hubuser username] [-hubpwfile pwfile] [-hubbearerfile bearerfile] [-hubcert certfile] [-hubkey privatekeyfile]
[-o outfname]
Download specified warnings.
dump_warnings.py is a codesonar
Python subcommand.
codesonar eclipse-install path/to/EclipseDir
Install the
CodeSonar plug-in for Eclipse, where path/to/EclipseDir
is the Eclipse installation directory.
This functionality is also available through the CodeSonar configuration tool.
codesonar es_scan.py file_or_dir1
[file_or_dir2 ...] [-C rundir] [-directory
rundir] \
[-include-sources file_pat]
[-exclude-sources file_pat] [-eslint-cmd cmd]
\
[-ext replacement_ext_list] [-ext+
additional_ext_list] [-X+eslint_options_list]
\
[-sarif-output sarif_fname]
[-source-max-bytes num] [@infile]
When executed as part of the command observed by codesonar analyze or
codesonar build,
analyzes the indicated JavaScript and TypeScript source files with
ESLint and then imports the source files and SARIF analysis results
into the CodeSonar project. See Including
JavaScript and TypeScript Components in a CodeSonar Project for
details.
Note that this is not useful as a standalone command: its
execution must be observed as part of the CodeSonar
build/analysis.
codesonar generate-hub-cert
[-auth authtype] [-hubuser username] [-hubpwfile pwfile] [-hubbearerfile bearerfile] [-hubcert certfile] [-hubkey privatekeyfile]
[-foruser uname] [-csr
csrfile] [-outkey outkeyfile] [-out
outcertfile]
[[protocol://]host:port]
Obtain a new user
certificate (issued by the hub). See TLS Certificates:
Generating User Certificates and Keys for full details. This
functionality is also available through the User Certificates page.
For other certificate types, see the corresponding
documentation:
If you're not sure what kind of certificate you need, see
TLS Certificates:
Overview.
codesonar generate-license
Collect system information for CodeSecure to use in your CodeSonar
license key. See Installation: Hub Setup: Hub
License Key for full details.
This functionality is also available through the CodeSonar configuration tool and through the
License Utilization
page.
codesonar generate_hubbearerfile.py
[protocol://]host:port
path/to/out_bearerfile \
[-hubuser username] [-hubcacert
path/to/certfile] \
[--make-dirs, --makedirs, --parent, -p]
[--overwrite, -f] [--expires-in num] \
[--overflow-ok] [--keepalive, --keep-alive]
\
[--note msg, --message msg, -m
msg] [--pool poolname]
codesonar generate_hubbearerfile.py
[protocol://]host:port
path/to/in_bearerfile \
--delete [--unlink, -u] [-hubcacert
path/to/certfile]
Interactively create a user session and store its associated
bearer token in a file, or interactively delete the user session
associated with a bearer file. See codesonar generate_hubbearerfile.py:
Create/Delete a Hub User Session and Bearer File for full
details.
generate_hubbearerfile.py is a
codesonar Python subcommand.
codesonar generate_hubpwfile.py
Interactively generate a
hub password file. The password file can then be supplied with
the -hubpwfile option to any
codesonar subcommands that require hub
authentication.
generate_hubpwfile.py is a
codesonar Python subcommand.
codesonar get
[-auth authtype] [-hubuser username] [-hubpwfile pwfile] [-hubbearerfile bearerfile] [-hubcert certfile] [-hubkey privatekeyfile]
[-o path/to/outfile] [-t
timeout_seconds] [-follow-redirect] url
Download the GUI page located at url and store it in the
working directory. See Accessing GUI
Pages for full details.
codesonar go_scan.py go_pkg_or_file1
[go_pkg_or_file2 ...] [-C moddir]
[-directory moddir] \
[-include-sources file_pat]
[-exclude-sources file_pat] [-staticcheck
staticcheck_path] \
[-X+sc_options_list] [-sarif-output
sarif_fname] [-source-max-bytes num]
[@infile]
When executed as part of the command observed by codesonar analyze or
codesonar build,
analyzes the indicated Go source files with Staticcheck and then
imports the source files and Staticcheck SARIF results into the
CodeSonar project. See Including Go Components in a CodeSonar
Project for details.
Note that this is not useful as a standalone command: its
execution must be observed as part of the CodeSonar
build/analysis.
codesonar --help
codesonar -h
codesonar -?
codesonar -help
codesonar help
Prints a brief help message about the codesonar command and subcommands.
codesonar hub-info [-force]
[-auth authtype] [-hubuser username] [-hubpwfile pwfile] [-hubbearerfile bearerfile] [-hubcert certfile] [-hubkey privatekeyfile]
[[protocol://]host:port |
hubdir]
Get information about the specified (or implied) hub. See Getting Information About A Hub for full
details.
This functionality is also available through the CodeSonar configuration tool.
codesonar hub-start [-setadminpw] [-allow-satellites]
[-https-redirect]
[-tls-server-certkey
{certpath|disable}] [-tls-client-certkey
{certpath|disable}]
[-permissive] [-no-services] hubdir
[interface:port]
Start a primary
hub whose location is
interface:port and whose hub directory is hubdir.
This functionality is also available through the CodeSonar configuration tool.
codesonar hub-stop
[-auth authtype] [-hubuser username] [-hubpwfile pwfile] [-hubbearerfile bearerfile] [-hubcert certfile] [-hubkey privatekeyfile]
[[protocol://]host:port |
hubdir]
Shut down the specified (or implied) hub. See Shutting Down a Hub for full
details.
This functionality is also available through the CodeSonar configuration tool.
codesonar import_sarif.py [--require-source] [sarif_file
...] \
[-analyzer an3p_name]
[-include-sources file_pat] [-exclude-sources
file_pat] \
[-source-language lang]
[-source-max-bytes num] \
[-path-base dir] [-path-baseid
id dir] \
[-staticcheck
path/to/staticcheck] [-staticcheck-list
path/to/list]
When executed as part of the command observed by codesonar analyze or
codesonar build,
imports the warnings from the specified SARIF files into the
CodeSonar analysis. See SARIF
Importer for CodeSonar for details.
Note that this is not useful as a standalone command: its
execution must be observed as part of the CodeSonar
build/analysis.
codesonar install-launchd
[-auth authtype] [-hubuser username] [-hubpwfile pwfile] [-hubbearerfile bearerfile] [-hubcert certfile] [-hubkey privatekeyfile]
[-launchd-group ldgroup]
[-launchd-key ldkey] [-launchd-home ldhomedir]
[-launchd-quota ldquota]
[-max-processes proclimit]
[-no-services] [-foreground]
[[protocol://]host:port]
Start a CodeSonar launch daemon
and update the hub's analysis cloud
register. See Starting A
Launch Daemon with codesonar
install-launchd for full details.
This functionality is also available through the CodeSonar configuration tool.
codesonar jira_cloud_hub_install.py
[-h] [--processor-name dest_name]
[--overwrite]
hubdir service_location
pkey
Install the Jira Cloud
integration warning processor on the hub.
codesonar kotlin_scan.py [file_or_dir ...] [-C
rundir, -directory rundir] \
[-include-sources file_pat]
[-exclude-sources file_pat] \
[-detekt-cli detekt_path]
[-use-external-jdk] [-Xdetekt_options_list] \
[-sarif-output sarif_fname]
[-source-max-bytes num] [@infile]
When executed as part of the command observed by codesonar analyze or
codesonar build,
analyzes the indicated Kotlin source files with detekt and then
imports the source files and detekt SARIF results into the CodeSonar
project. See Including
Kotlin Components in a CodeSonar Project for details.
Note that this is not useful as a standalone command: its
execution must be observed as part of the CodeSonar
build/analysis.
codesonar python_scan.py [file_or_dir ...] [-C
rundir, -directory rundir] \
[-include-sources file_pat]
[-exclude-sources file_pat] \
[-Xpylint_options_list]
[-pylint-output pylint_raw_fname] [-sarif-output
sarif_fname] \
[-source-max-bytes num]
[@infile]
When executed as part of the command observed by codesonar analyze or
codesonar build,
analyzes the indicated Python source files with Pylint and then
imports the source files and Pylint SARIF results into the CodeSonar
project. See Including
Python Components in a CodeSonar Project for details.
Note that this is not useful as a standalone command: its
execution must be observed as part of the CodeSonar
build/analysis.
codesonar relocate newpath/to/pfiles
[-no-services]
[-auth authtype] [-hubuser username] [-hubpwfile pwfile] [-hubbearerfile bearerfile] [-hubcert certfile] [-hubkey privatekeyfile]
[-launchd-group ldgroup]
[-launchd-key ldkey]
[protocol://]host:port
If you have analyzed a project on the hub at host:port and
then moved the analysis
directory pfiles.prj_files and project file
pfiles.prj, run this command
to inform the hub of their new location.
- The user authorizing
the relocate command must have
ANALYSIS_TERMINATE permission for the
analysis and PROJECT_ADD_CHILD permission for the
corresponding project.
- The Analysis
Launch Daemon will be set to a launch daemon L such that:
- The parent launchd group for L is ldgroup (or the root
launchd group).
- The identifying property tuple for L corresponds to that of
the command. That is, L is running on the same Machine as the relocate command, from the same Installation, as the same
System User,
authorized
by the same Hub User,
and with the specified Key
(or established
default).
- If such a launch daemon is not already running, CodeSonar
will start one.
- If the launch daemon does not already exist in the
hub's analysis cloud register, it will be created with
Parent LDGroup
as specified (or established
default).
- (Windows only) L will run as a Windows service unless -no-services is specified.
- If you move the analysis files without running the relocate command, the hub will not be able to
interact with the relocated files, so some information about the
corresponding analysis will be unavailable: see Source File:
Availability and Procedure:
Availability for more information. (However, the hub will
interact normally with subsequent analyses carried out in the new
directory.)
Full instructions for moving analysis files are provided in
Task: Relocate
Analysis Files.
If you specify the -remote-archive option when you build and analyze a
project, the analysis files will be automatically moved to the
corresponding location when the analysis transitions to daemon
mode.
codesonar rust_scan.py cargo_projdir [-C rundir,
-directory rundir] \
[-include-sources file_pat]
[-exclude-sources file_pat] \
[-cargo cargo_path] [-cargo-clippy
clippy_path] [-clippy-sarif clippy_sarif_path]
\
[-clippy-exit-ok clippy_code]
[-Xclippy_options_list] [-sarif-output sarif_fname]
\
[-source-max-bytes num]
[@infile]
When executed as part of the command observed by codesonar analyze or
codesonar build,
analyzes the indicated Rust source files with Clippy, converts the
Clippy output to SARIF, and then imports the SARIF results and Rust
source files into the CodeSonar project. See Including Rust Components in a
CodeSonar Project for details.
Note that this is not useful as a standalone command: its
execution must be observed as part of the CodeSonar
build/analysis.
codesonar slave m_host:m_port
Manually start a slave process, where m_host:m_port is the
address on which the master process is listening (not the hub
address). See Parallelism in
CodeSonar: Manually Started Slaves for full details. If you are
starting a slave on a different machine to the master process, see
also the section on Distributed
Analysis.
codesonar transcode_annotations.py annotations_infile
annotations_outfile input_encoding
Converts a file of warning annotations
exported from a hub running CodeSonar 6.0 (or earlier) to a format
suitable for importing into a hub running CodeSonar 6.1 (or
later).
The main use case is
updating hub annotation encoding in hubs that have been directly
or gradually upgraded to CodeSonar 6.1 or later and previously
used non-ASCII encodings for some or all annotations, because such
annotations are not automatically transcoded during the upgrade
process. The transcode_annotations.py subcommand is also
suitable for any other case where you have exported annotations from
an older hub and wish to import them into a newer one.
codesonar uninstall-services [-all-installs]
(Windows only) Uninstall CodeSonar services on the current
machine. See Uninstalling
Services for full details.
This functionality is also available through the CodeSonar configuration tool.
You can create and install custom codesonar subcommands as follows.
- Write a Python 3 script that implements your subcommand.
If your subcommand is
intended to interact with the hub, you may find the hub HTTP API documentation
useful. If your
subcommand is intended to interact with the hub, you may find the
hub HTTP API documentation
useful.
- Save your script in directory $CSONAR/codesonar/subcommands.
- You can now invoke your script as a
codesonar subcommand.
For example, suppose you saved your script as $CSONAR/codesonar/subcommands/my_subcommand.py.
Then you can invoke it with:
codesonar my_subcommand.py [arguments to my_subcommand.py,
if any]
This invokes the specified subcommand script on the specified
arguments, using the Python executable shipped with CodeSonar
($CSONAR/codesonar/bin/cspython[.exe]).
Subcommands Shipped with CodeSonar
There are several Python subcommands shipped with CodeSonar.
You can use these as models for writing your own subcommands, or
make a copy and try modifying it to see the effects.