The command line interface (CLI) allows users to submit their project package dependencies to Phylum's API for analysis. Currently pre-built binaries for Linux and macOS are available. For other platforms (e.g., Windows), binaries can easily be built.
-
Download the latest release package for your target:
Target Package x86_64-unknown-linux-musl phylum-x86_64-unknown-linux-musl.zip x86_64-apple-darwin phylum-x86_64-apple-darwin.zip aarch64-apple-darwin phylum-aarch64-apple-darwin.zip -
Confirm the signature of the archive with minisign and the public key for Phylum
$ minisign -Vm phylum-*.zip -P RWT6G44ykbS8GABiLXrJrYsap7FCY77m/Jyi0fgsr/Fsy3oLwU4l0IDf Signature and comment signature verified Trusted comment: Phylum - the future of software supply chain security
-
Unzip the archive
unzip phylum-*.zip
-
Run the installer script for installation
./install.sh
-
Register for an account (if you don't already have one)
phylum auth register
-
Authenticate with Phylum
phylum auth login
-
Create a new Phylum project in your project directory
phylum project create <project-name>
-
phylum analyze <package-lock-file.ext>
Please contact Phylum with any questions or issues using the CLI tool.
Email: support@phylum.io