Scala

ShiftLeft products support applications written in Scala 2.12+.

ShiftLeft Inspect for Scala

ShiftLeft Inspect's Scala code analysis is performed on compiled application bytecode (not source code). As such, you must successfully build your application using a supported build tool before you submit the application for analysis.

After installing the ShiftLeft Command Line Interface (CLI) and authenticating, use the following command to analyze your Scala application with ShiftLeft Inspect

sl analyze --app <name> --java [<path>]

where

--app <name> analyze the application of <name>.

--java identity of the application's language.

<path> location of the .scala file to be analyzed.

Next Steps

Analyze Applications

Identify Branch Names

Fail a Build Based on Analysis Results

ShiftLeft Ocular for Scala

You can examine and investigate only compiled application bytecode (not source code) using ShiftLeft Ocular. This means that for Scala applications, you must successfully build your application using a supported build tool beforehand.

After installing the ShiftLeft Command Line Interface (CLI), authenticating and starting ShiftLeft Ocular, you create the Code Property Graph (CPG) for your Scala application using

ocular> createCpg(<inputPaths>)

where <inputPaths> is the path of the target application; multiple applications are separated by a comma. For Scala, the path is the archive (JAR, WAR or EAR file). For example, createCpg("subjects/hello-shiftleft-0.0.1-SNAPSHOT.jar").

For more information, including additional options, refer to the article Creating the CPG

Next Steps

Generate the Security Profile

Querying the CPG and Security Profile

Uncover the Attack Surface

ShiftLeft Protect for Scala

After installing the ShiftLeft Command Line Interface (CLI) and authenticating, use the following command to monitor and protect your Scala application with ShiftLeft Protect

sl run --app <name> --java

where

--app <name>. Specifies your application's unique name.

--java identity of the application's language.

Next Steps

Secure Your Applications Using ShiftLeft Protect

Run ShiftLeft Protect

The ShiftLeft JSON File