Scan a directory or file

Usage:
  bearer scan [flags] <path>
Aliases:
  scan, s
Examples:
  # Scan a local project, including language-specific files
  $ bearer scan /path/to/your_project


Report Flags
      --fail-on-severity string   Specify which severities cause the report to fail. Works in conjunction with --exit-code. (default "critical,high,medium,low")
  -f, --format string             Specify report format (json, yaml, sarif, gitlab-sast, rdjson, html)
      --output string             Specify the output path for the report.
      --report string             Specify the type of report (security, privacy, dataflow). (default "security")
      --severity string           Specify which severities are included in the report. (default "critical,high,medium,low,warning")

Rule Flags
      --disable-default-rules   Disables all default and built-in rules.
      --only-rule strings       Specify the comma-separated ids of the rules you would like to run. Skips all other rules.
      --skip-rule strings       Specify the comma-separated ids of the rules you would like to skip. Runs all other rules.

Scan Flags
      --context string                       Expand context of schema classification e.g., --context=health, to include data types particular to health
      --data-subject-mapping string          Override default data subject mapping by providing a path to a custom mapping JSON file
      --diff                                 Only report differences in findings relative to a base branch.
      --disable-domain-resolution            Do not attempt to resolve detected domains during classification (default true)
      --domain-resolution-timeout duration   Set timeout when attempting to resolve detected domains during classification, e.g. --domain-resolution-timeout=3s (default 3s)
      --exit-code int                        Force a given exit code for the scan command. Set this to 0 (success) to always return a success exit code despite any findings from the scan. (default -1)
      --external-rule-dir strings            Specify directories paths that contain .yaml files with external rules configuration
      --force                                Disable the cache and runs the detections again
      --hide-progress-bar                    Hide progress bar from output
      --internal-domains strings             Define regular expressions for better classification of private or unreachable domains e.g. --internal-domains=".*.my-company.com,private.sh"
      --parallel int                         Specify the amount of parallelism to use during the scan
      --quiet                                Suppress non-essential messages
      --scanner strings                      Specify which scanner to use e.g. --scanner=secrets, --scanner=secrets,sast (default [sast])
      --skip-path strings                    Specify the comma separated files and directories to skip. Supports * syntax, e.g. --skip-path users/*.go,users/admin.sql
      --skip-test                            Disable automatic skipping of test files (default true)

General Flags
      --api-key string          Legacy.
      --config-file string      Load configuration from the specified path. (default "bearer.yml")
      --debug                   Enable debug logs. Equivalent to --log-level=debug
      --disable-version-check   Disable Bearer version checking
      --ignore-file string      Load ignore file from the specified path. (default "bearer.ignore")
      --log-level string        Set log level (error, info, debug, trace) (default "info")
      --no-color                Disable color in output


--

