--- name: deepsource description: > Analyze code quality, view issues, check metrics, find dependency vulnerabilities, and report test coverage via DeepSource CLI. Use when the user mentions deepsource, code quality, static analysis, vulnerability scan, test coverage reporting, or report cards. argument-hint: "[command] [options]" allowed-tools: Bash(deepsource *), Read, Grep, Glob --- # DeepSource CLI Analyze code quality from the command line. Install: `curl https://cli.deepsource.com/install | sh` ## Prerequisites ```bash deepsource auth login # Browser-based login deepsource auth status # Verify session deepsource auth logout # Remove credentials ``` ## Commands ### issues — View code issues ```bash deepsource issues deepsource issues --severity critical,major --category security --analyzer python deepsource issues --pr 42 --output json deepsource issues --commit abc123f deepsource issues --path src/,internal/ deepsource issues --source static,ai deepsource issues --limit 10 --verbose ``` ### metrics — View code metrics ```bash deepsource metrics deepsource metrics --output json deepsource metrics --commit abc123f deepsource metrics --pr 123 deepsource metrics --default-branch ``` ### vulnerabilities — Dependency security ```bash deepsource vulnerabilities deepsource vulnerabilities --severity critical,high deepsource vulnerabilities --verbose --output json ``` ### report-card — Overall code health ```bash deepsource report-card deepsource report-card --commit abc123f --output json ``` ### runs — Analysis history ```bash deepsource runs --limit 5 deepsource runs --commit abc123f --output json ``` ### report — Submit artifacts (CI/coverage) ```bash deepsource report --analyzer test-coverage --key go --value-file coverage.out deepsource report --analyzer test-coverage --key python --value '' deepsource report --analyzer test-coverage --key go --value-file coverage.out --use-oidc ``` ### repo — Repository management ```bash deepsource repo status # View activation & analyzers deepsource repo status --output json deepsource repo dashboard # Open web dashboard deepsource repo dashboard --repo gh/owner/name ``` ## Flag Reference ### Shared flags (most commands) | Flag | Description | |------|-------------| | `--commit SHA` | Specific commit | | `--pr NUMBER` | Pull request | | `--default-branch` | Default branch (main/master) | | `--output pretty\|json` | Output format | | `--limit N` | Limit results | | `--verbose` | Detailed output | | `--repo PREFIX/owner/name` | Override repo (auto-detected from git remote) | Scope flags (`--commit`, `--pr`, `--default-branch`) are mutually exclusive. No flag = latest commit on current branch. ### issues-specific flags `--analyzer`, `--category`, `--severity`, `--path`, `--source` (static|ai) ### vulnerabilities-specific flags `--severity` (critical, high, major, minor) ### report-specific flags `--analyzer`, `--analyzer-type`, `--key`, `--value`, `--value-file`, `--use-oidc`, `--oidc-provider`, `--host`, `--skip-verify` ## Common Patterns All list commands support `--output json` for scripting: ```bash deepsource issues --output json | jq '.issues[] | {title, severity}' ``` Repo provider prefixes: `gh` (GitHub), `gl` (GitLab), `bb` (Bitbucket), `ads` (Azure DevOps) ## Recommended Workflows **Quick code health check:** ```bash deepsource report-card && deepsource issues --severity critical,major --limit 20 ``` **Pre-PR review:** ```bash deepsource issues --severity critical,major --verbose deepsource vulnerabilities --severity critical,high deepsource metrics ``` **CI coverage reporting:** ```bash deepsource report --analyzer test-coverage --key python --value-file coverage.xml ``` ## Documentation Reference ### Getting Started - [Quickstart](docs/getting-started/quickstart.md) - [Configure Analyzers](docs/getting-started/configure-analyzers.md) - [Enable Code Formatters](docs/getting-started/enable-code-formatters.md) - [Track Code Coverage](docs/getting-started/track-code-coverage.md) - [Scan for Vulnerabilities](docs/getting-started/scan-for-vulnerabilities.md) - [Enforce License Compliance](docs/getting-started/enforce-license-compliance.md) - [Fix Issues and Vulnerabilities](docs/getting-started/fix-issues.md) - [Using CLI with AI Agents](docs/getting-started/cli-with-ai-agents.md) ### Dashboard — Repository - [Overview](docs/dashboard/repository/overview.md) - [Issues](docs/dashboard/repository/issues.md) - [Dependencies](docs/dashboard/repository/dependencies.md) - [Metrics](docs/dashboard/repository/metrics.md) - [Reports](docs/dashboard/repository/reports.md) - [History](docs/dashboard/repository/history.md) - [Settings](docs/dashboard/repository/settings.md) ### Dashboard — Team - [Home](docs/dashboard/team/home.md) - [Repositories](docs/dashboard/team/repositories.md) - [Monorepos](docs/dashboard/team/monorepos.md) - [Reports](docs/dashboard/team/reports.md) - [Members](docs/dashboard/team/members.md) - [Policies](docs/dashboard/team/policies.md) - [Settings](docs/dashboard/team/team-settings.md) ### Dashboard — Account - [Account Types](docs/dashboard/account/account-management.md) - [User Settings](docs/dashboard/account/user-settings.md) ### Integrations - [SSO and SCIM](docs/integrations/sso/sso.md) - [Okta](docs/integrations/sso/okta.md) - [OneLogin](docs/integrations/sso/onelogin.md) - [Azure AD](docs/integrations/sso/azure-ad.md) - [Google Workspace](docs/integrations/sso/google-workspace.md) - [Jira Cloud](docs/integrations/jira.md) - [Slack](docs/integrations/slack.md) - [Vanta](docs/integrations/vanta.md) ### Reference - [Core Analyzers](docs/reference/core-analyzers.md) - [Community Analyzers](docs/reference/community-analyzers.md) - [Code Coverage](docs/reference/code-coverage.md) - [Vulnerability Scanning](docs/reference/vulnerability-scanning.md) - [Code Formatters](docs/reference/code-formatters.md) - [Billing](docs/reference/billing.md) ### Support - [FAQ](docs/support/faq.md) - [Troubleshooting](docs/support/troubleshooting.md) - [Permissions](docs/support/permissions.md) - [Support Channels](docs/support/channels.md)