ShiftLeft
ShiftLeft
Home
Blog
ShiftLeft Login
What is ShiftLeft?
Quickstart
For Linux and macOS Users
For Windows Users
Inspect
Getting Started
Analyzing Applications
Integrations
How to Tag Inspect Results with the Git Branch Name
How to Fail Builds Based on Inspect Results
Integrating Inspect into the GitHub Pull Request Workflow
How to Work with Build Rules in Your Code Repository
Protect
Overview
Securing Applications
The ShiftLeft JSON File
How to Configure the Microagent
Integrations
Languages
Supported Languages
C
C++
C#
Golang
Java
JSP
LLVM
Scala
About ShiftLeft
ShiftLeft Products
Compliance
Requirements
The HelloShiftLeft Sample Application
Understanding the CPG
Using the ShiftLeft CLI
Installing the CLI
Authenticating with ShiftLeft
CLI Reference
Using ShiftLeft Ocular
About ShiftLeft Ocular
Getting Started
Common Queries
Use Cases
Tutorials
Configuring and Extending ShiftLeft Ocular
Ocular API
Quick Start
Installing on Windows
Analyzing Your Code
Protecting Runtime Applications
Using the ShiftLeft Dashboard
Workflow Integrations
Application Programming Interfaces (APIs)
ShiftLeft Policies
About Policies
Creating a Custom Policy
Policy Language
Use Case: Identifying Sensitive Data Variables
Use Case: Excluding Vulnerabilities with a Sanitization Function
Software Updates
2020
2019
Powered by GitBook

Scala

ShiftLeft products support applications written in Scala 2.12+.

ShiftLeft Inspect for Scala

ShiftLeft Inspect's Scala code analysis is performed on compiled application bytecode (not source code). As such, you must successfully build your application using a supported build tool before you submit the application for analysis.

After installing the ShiftLeft Command Line Interface (CLI) and authenticating, use the following command to analyze your Scala application with ShiftLeft Inspect

sl analyze --app <name> --java [<path>]

where

--app <name> analyze the application of <name>.

--java identity of the application's language.

<path> location of the .jar / .war file to be analyzed.

Next Steps

​Analyze Applications​

​Identify Branch Names​

​Fail a Build Based on Analysis Results​

ShiftLeft Ocular for Scala

You can examine and investigate only compiled application bytecode (not source code) using ShiftLeft Ocular. This means that for Scala applications, you must successfully build your application using a supported build tool beforehand.

After installing the ShiftLeft Command Line Interface (CLI), authenticating and starting ShiftLeft Ocular, you create the Code Property Graph (CPG) for your Scala application using

ocular> createCpg(<inputPaths>)

where <inputPaths> is the path of the target application; multiple applications are separated by a comma. For Scala, the path is the archive (JAR, WAR or EAR file). For example, createCpg("subjects/hello-shiftleft-0.0.1-SNAPSHOT.jar").

For more information, including additional options, refer to the article Creating the CPG​

Next Steps

​Generate the Security Profile​

​Querying the CPG and Security Profile​

​Uncover the Attack Surface​

ShiftLeft Protect for Scala

After installing the ShiftLeft Command Line Interface (CLI) and authenticating, use the following command to monitor and protect your Scala application with ShiftLeft Protect

sl run --app <name> --java

where

--app <name>. Specifies your application's unique name.

--java identity of the application's language.

Next Steps

​Secure Your Applications Using ShiftLeft Protect​

​Run ShiftLeft Protect​

​The ShiftLeft JSON File​

Languages - Previous
LLVM
Next - About ShiftLeft
ShiftLeft Products
Last updated 4 weeks ago
Edit on GitHub
Contents
ShiftLeft Inspect for Scala
Next Steps
ShiftLeft Ocular for Scala
Next Steps
ShiftLeft Protect for Scala
Next Steps