Plugins Command
The plugins module helps manage plugins within the SAST workflow.
bash
$>rootcause plugins -h
Manage plugins for extending RootCause functionality
Usage: rootcause plugins <COMMAND>
Commands:
verify Verify that a plugin works correctly
ping Ping a plugin to verify connectivity
init Initialise a new plugin from a template
install Install a plugin from a local path or remote repository
list List all installed plugins
remove Remove an installed plugin
disable Disable an installed plugin
enable Enable a previously disabled plugin
config Configure plugin parameters
help Print this message or the help of the given subcommand(s)
Options:
-h, --help Print helpPlugin location
By default, RootCause installs plugins in:
~/.config/rootcause/plugins(Linux/macOS)%APPDATA%\rootcause\plugins(Windows)
Plugin configuration
Plugins are configured in the config.toml file:
toml
[plugins]
[plugins.pdf-report]
enabled = true
output = "report.pdf"
output_dir = "/tmp/output.pdf"
[plugins.rust-analyze]
enabled = falseUsing plugins during scans
Plugins can be used during scans with the following options:
bash
# Specify a plugin
rootcause scan . --plugin ./my-plugin
# Multiple plugins
rootcause scan . --plugin ./plugin1 --plugin ./plugin2
# Plugin options
rootcause scan . --plugin ./my-plugin --plugin-opt param1=value1 --plugin-opt param2=value2
# Plugin configuration file
rootcause scan . --plugin ./my-plugin --plugin-config ./config.jsonPlugin types
RootCause supports different plugin types depending on their capabilities:
| Type | Description |
|---|---|
| Discover | Discover files and directories for analysis |
| Transform | Transform content before analysis |
| Analyse | Perform additional code analysis |
| Rules | Provide custom rules |
| Report | Generate reports in specific formats |
Related commands
- Scan Command - Run security scans
- Rules Command - Manage security rules