Skip to main content

Your first code analysis

This article will walk you through your first code analysis with preZero. This process works with applications written using any language preZero supports.

Before you start

  1. Make sure that the machine on which you're running preZero meets the prerequisites for an optimal experience.
  2. Set up preZero.

Analyzing your code

Once you've set up your workstation to run preZero, you're ready to submit your code for analysis. To do so, run the following in the command line:

# preZero is capable of inferring from your code repository
# the language in which the code is written, as well as the
# application's name.

sl analyze <path to code>

If no argument is given, the current working directory is used instead:

cd <path to code>
sl analyze

If no language flag is specified, we will decide the language based off of the language detected in most of the files (considering only supported languages), similar to how GitHub and other platforms show this information. The automatic detection can be overridden with any of the language-specific flags.

For example, a project written predominantly in Java will be detected as such and the analysis will proceed accordingly:

sl version 0.9.2297 (4de81fcbba084ce360101d0dde26be5692d36914)
WARNING: sun.reflect.Reflection.getCallerClass is not supported. This will impact performance.
2024-02-27 23:25:24.157 INFO shutdown finished
Uploading to secure tenant namespace
3.44 MB / 3.44 MB [======] 100.00% 275.54 MB/s 0s
... Done. Submitted for analysis
Wait for 5-10 minutes and load the following URL in your browser:

The Scan ID for application shiftleft-java-demo is: 2

You will see status updates regarding the analysis in the CLI; when your results are ready, you can view them using the Qwiet UI.

Advanced options

For information about language-specific features, please review the options available as part of sl analyze or the page appropriate for your application: