veracode package
Packages project code as an artifact (archive file) that you can upload to Veracode for Static Analysis or SCA upload and scan. SCA agent-based scanning is not supported. To automate packaging, see About auto-packaging.
Usage
./veracode package --source <string> --trust [environment variables] [flags]
Flags
| Flag | Description |
|---|---|
-d, --debug | Deprecated. Use --verbose. Displays detailed output. |
-h, --help | Show help for this command. |
-o, --output | Output directory to place the output artifact file on your local system. Default is the local working directory. |
-s, --source | Location of the source to package based on the target --type. If the target is directory, enter the path to a local directory. If the target is repo, enter the URL to a Git version control system. If you enter a repository URL, the package command clones the repository to a temporary directory, packages the code, and then deletes the cloned repository after packaging. |
-a, --trust | Acknowledges that the source project is a trusted source. Required the first time you package a project. |
-t, --type | Specifies the target type you want to package. Values are repo or directory. Default is directory. |
-v, --verbose | Displays detailed output. |
--strict | If this optional flag is enabled, the exit code 4 indicates build failure during packaging. |
Environment variables
All environment variables are optional.
| Environment variable | Description |
|---|---|
SRCCLR_IOS_SCHEME | For iOS projects, defines a custom scheme. A scheme is a collection of settings that define how the xcodebuild process builds, runs, and configures an application. By default, the auto-packager creates a scheme for a project based on the project name. To set this environment variable, run: export SRCCLR_IOS_SCHEME=<custom scheme> |
SRCCLR_IOS_DESTINATION | For iOS projects, defines the destination platform, such as iOS, tvOS, watchOS, or visionOS, for the application. The default is generic/platform=iOS. To set this environment variable, run: export SRCCLR_IOS_DESTINATION=<custom destination> |
SRCCLR_IOS_CONFIGURATION | For iOS projects, defines the build configuration that the xcodebuild process uses to build the project. Values are Debug or Release. The default is Debug.To set this environment variable, run: export SRCCLR_IOS_CONFIGURATION=<value> |
SRCCLR_MAKE_TARGETS | For Makefiles with C/C++ sources, defines the Make goals (targets) required to build the project and package preprocessed source code. By default, the auto-packager uses the Makefile's default goal. To override the default goal, run: export SRCCLR_MAKE_TARGETS=<target1 target2 targetN> |
SRCCLR_MAKE_JOBS | For Makefiles with C/C++ sources, defines the number of recipes (jobs) to run simultaneously. By default, the auto-packager runs as many jobs concurrently as the system allows. To set this environment variable, run: export SRCCLR_MAKE_JOBS=<jobs> |
SRCCLR_MSVC_PREPROCESS | For Visual Studio solutions with C/C++ projects, defines whether to package preprocessed source code or built debug binaries. By default, the auto-packager packages preprocessed source code. To package built debug binaries instead of preprocessed source code, run: set SRCCLR_MSVC_PREPROCESS=false |
SRCCLR_MSVC_CONFIGURATION | For Visual Studio solutions with C/C++ projects, defines the solution build configuration that the MSBuild process uses to preprocess or build the solution. The default is the first solution build configuration listed in the solution file that is configured as a debug build, if available. To set this environment variable, run: set SRCCLR_MSVC_CONFIGURATION=<value> |
SRCCLR_MSVC_PLATFORM | For Visual Studio solutions with C/C++ projects, defines the target solution platform, such as x64 or x86. The default is the first solution build configuration listed in the solution file that is configured as a debug build, if available.To set this environment variable, run: set SRCCLR_MSVC_PLATFORM=<value> |
Examples
To package a local directory and place the output in a different directory, run:
./veracode package --source path/to/project --output path/to/output/dir
To package source for a GitHub repository that you trust and place the output in the current directory, run:
./veracode package --source https://github.com/veracode/verademo --type repo --trust
To perform the same action with a custom scheme, run:
SRCCLR_IOS_SCHEME=MyTestProj ./veracode package --source https://example.com/My-iOS-App-repo --type repo --trust