CodeAnt CLI

0.4.7 verified Sat Apr 25 auth: no javascript

A command-line tool for code review and secret scanning that integrates with the CodeAnt platform. Current version is 0.4.7. It is actively developed with weekly releases. Key differentiators include: staged-only scanning, confidence-level-based exit codes (HIGH/MEDIUM/FALSE_POSITIVE), flexible file filtering via glob patterns, and easy setup as a Git pre-commit hook. The tool supports scanning staged, uncommitted, last-commit, or all changed files, and provides a login-based authentication flow with configurable API base URL.

Common errors

error codeant: command not found ↓

cause CLI not installed globally or not in PATH.

fix

Run 'npm install -g codeant-cli' or use 'npx codeant-cli'

error Error: Not authenticated. Please run 'codeant login'. ↓

cause User is not logged in and no token is set.

fix

Run 'codeant login' or set CODEANT_API_TOKEN environment variable.

error Error: Failed to fetch api endpoint. Please check your internet connection. ↓

cause Network issue or incorrect API base URL.

fix

Verify internet connectivity and check API URL with 'codeant get-base-url' or set CODEANT_API_BASE_URL env var.

Warnings

gotcha Running 'codeant secrets' without arguments only scans staged files by default. ↓

fix Use --all to scan all changed files, or --uncommitted, --last-commit as appropriate.

gotcha The --exclude and --include patterns are comma-separated and do not support multi-extension syntax correctly? Verified: works with '**/*.{js}' but not with '*.{js,ts}' as shown? ↓

fix Use separate patterns per extension: --include '**/*.js' --include '**/*.ts'

gotcha Confidence level FALSE_POSITIVE is always ignored and never blocks the build. ↓

fix Do not rely on FALSE_POSITIVE for blocking; set --fail-on to HIGH or MEDIUM to block real secrets.

gotcha The config file is stored in ~/.codeant/config.json; environment variables override config values. ↓

fix Use CODEANT_API_BASE_URL env var instead of set-base-url command for CI/CD.

gotcha Login requires a browser; headless environments may fail. ↓

fix Set CODEANT_API_TOKEN environment variable directly to bypass login.

Install

npm install codeant-cli

yarn add codeant-cli

pnpm add codeant-cli

Imports

codeant (CLI)
wrong
```
node codeant-cli.js secrets
```
correct
```
npx codeant-cli secrets
```
The package is a CLI tool, not a library. Use via npx or global install.

Quickstart

Demonstrates global install, login, and common scanning commands with file filtering and severity threshold options.

# Install globally
npm install -g codeant-cli

# Login to CodeAnt (opens browser)
codeant login

# Scan staged files for secrets
codeant secrets

# Scan all changed files
codeant secrets --all

# Scan last commit
codeant secrets --last-commit

# Fail on MEDIUM or HIGH confidence secrets
codeant secrets --fail-on MEDIUM

# Only scan JavaScript files
codeant secrets --include '**/*.js'

# Exclude test files and node_modules
codeant secrets --exclude 'node_modules/**,*.test.*'