Skip to main content
The scan command analyzes your project for known vulnerabilities.

Usage

patcha scan [path] [options]

Arguments

ArgumentDescriptionDefault
pathProject path to scanCurrent directory

Options

OptionAliasDescription
--verbose-vShow verbose output
--json-jOutput in JSON format
--level <level>-lFilter by severity (critical, high, moderate, low)
--number <count>-nNumber of vulnerabilities to display (default: 25)
--all-aShow all vulnerabilities

Examples

Basic Scan

patcha scan

Filter by Severity

# Only show critical vulnerabilities
patcha scan --level critical

# Only show high and critical
patcha scan --level high

JSON Output

patcha scan --json
Useful for CI/CD pipelines: 
patcha scan --json > vulnerability-report.json

Show All Vulnerabilities

patcha scan --all

Verbose Output

patcha scan --verbose
Shows additional details for each vulnerability.

Exit Codes

  • 0: No vulnerabilities found
  • 1: Vulnerabilities found
  • 2: Error occurred

Output Example

🔍 Scanning dependencies...

┌─────────────────┬──────────┬─────────────┬──────────────────────┐
│ Package         │ Severity │ Version     │ Vulnerability ID     │
├─────────────────┼──────────┼─────────────┼──────────────────────┤
│ lodash          │ high     │ 4.17.20    │ SNYK-JS-LODASH-73886 │
│ minimist        │ moderate │ 1.2.5      │ SNYK-JS-MINIMIST-242 │
└─────────────────┴──────────┴─────────────┴──────────────────────┘

Summary:
  Critical: 0
  High: 1
  Moderate: 1
  Low: 0
  Total: 2