This article includes troubleshooting steps you can use to identify and fix issues that may come up when using ShiftLeft CORE's NG SAST.
General troubleshooting tips
sl check-environmentto see if there are issues related to your environment (be sure to pass in your language-specific option).
Create an environment variable called
SHIFTLEFT_SHOW_HIDDENand set it to
trueto show the hidden flags supported by the ShiftLeft CLI.
sl analyze, include the
--cpg-output-dirflag to specify your CPG output directory. ShiftLeft will place the CPG in this directory after analysis.
Get verbose logs for additional information by including the
--diagnosticflags when invoking
sl analyze --verbose --diagnostic).
If your scan does not complete or nothing gets uploaded to ShiftLeft:
- Check that your antivirus/anti-malware program isn't preventing ShiftLeft from performing correctly
- (For macOS users) Ensure that ShiftLeft can access the necessary directory (e.g., by default, ShiftLeft may not be able to access files in Documents or on the Desktop without explicit permission)
Working with monorepos
Please keep the following in mind when analyzing a monorepo:
Depending on the size of your monorepo, you may need to scan individual components of the app (e.g., UI, API, CLI) separately instead of scanning the monorepo as a whole
- While you can run sequential scans, you can also implement parallel scans with a CI system to save time
You can use the ShiftLeft Dashboard's app groups functionality to group all of the individual scans for your monorepo so that you can view them simultaneously
For Windows users
On Windows platforms,
sl.exe doesn't auto-update. Please begin your code analysis or troubleshooting steps by checking your ShiftLeft version and updating if necessary:
Path argument positioning
The path argument used with
sl analyze should be the last value. If any other argument follows the path,
sl analyze will fail.
The following is an example of an incorrect invocation (notice that the path argument value comes before the
The correct invocation is:
Specifying additional arguments to
sl cli tool accepts standard arguments, such as
--verbose. In addition to this, the CPG generator plugins accept additional arguments for each language. To specify these arguments, you must provide a double hyphen (
--), then additional arguments.
See the language-specific pages for your application for additional information.