module Noir::CLI::ScanCommand

Overview

noir scan [paths...] [flags]

Discovers endpoints across one or more code bases. Positional paths augment any -b PATH flags so both v0 and v1 invocation styles work:

noir scan ./app # v1 positional noir scan ./api ./worker # v1 multi-path positional noir -b ./app # v0 (router default-routes to scan) noir scan -b ./app --passive # v1 explicit + flags

Defined in:

cli/commands/scan.cr

Constant Summary

PROMPT_OVERRIDE_SETTERS = {"override_filter_prompt" => ->(v : String) do LLM::PromptOverrides.filter_prompt = v end, "override_analyze_prompt" => ->(v : String) do LLM::PromptOverrides.analyze_prompt = v end, "override_bundle_analyze_prompt" => ->(v : String) do LLM::PromptOverrides.bundle_analyze_prompt = v end, "override_llm_optimize_prompt" => ->(v : String) do LLM::PromptOverrides.llm_optimize_prompt = v end}

STRUCTURED_OUTPUT_FORMATS = Set {"json", "yaml", "jsonl", "toml", "sarif"}

Output formats whose downstream consumers (jq, SARIF parsers, CI report uploaders) treat empty stdout as a hard error. When a scan finds no endpoints, we still emit a valid empty document for these formats — {"endpoints":[],"passive_results":[]} for json, the matching shape for the others. Plain / human-oriented formats stay silent because there's nothing meaningful to render.

WARNING_COLOR = Colorize::Color256.new(208)

ANSI 256-color orange used for the protocol-missing warning. Kept as a named constant so the call site reads as "warning color" rather than a bare magic number.

Class Method Summary

• .run(argv : Array(String))

Class Method Detail