scanr-engine 0.1.1

Scanr engine abstraction contracts
Documentation
  • Coverage
  • 0%
    0 out of 64 items documented0 out of 19 items with examples
  • Size
  • Source code size: 15.01 kB This is the summed size of all the files inside the crates.io package for this release.
  • Documentation size: 6.44 MB This is the summed size of all files generated by rustdoc for all configured targets
  • Ø build duration
  • this release: 29s Average build duration of successful builds.
  • all releases: 29s Average build duration of successful builds in releases after 2024-10-23.
  • Links
  • Homepage
  • Open-Lab-s/Scanr
    0 0 0
  • crates.io
  • Dependencies
  • Versions
  • Owners
  • PrasanthYT

Scanr

Open, privacy-first, self-hostable DevSecOps runtime.

Release NPM Bun Homebrew Cargo License

πŸ”­ Vision

Scanr is a multi-engine security framework built for teams that need deterministic security checks without SaaS lock-in.

It is designed around:

  • sovereignty
  • offline capability
  • transparent local execution
  • engine-first extensibility
  • deterministic CI enforcement

🧱 Architecture

scanr-engine      Unified engine contracts and finding model
scanr-sca         Software composition analysis engine (production-ready)
scanr-cli         CLI + TUI interface
scanr-container   Container engine (planned)
scanr-iac         IaC engine (planned)
scanr-sast        SAST engine (planned)
scanr-secrets     Secret scanning engine (planned)
scanr-server      Self-hosted control plane (future)
scanr-dashboard   Web UI (future)

βœ… What Works Today (v0.1.1)

  • Node, Python, and Rust dependency parsing
  • OSV vulnerability matching with CVE + severity data
  • remediation suggestions and upgrade guidance
  • baseline tracking (.scanr/baseline.json)
  • project-local OSV cache (.scanr/cache) with offline/refresh modes
  • policy enforcement in CI via scanr.toml
  • deterministic exit codes (0, 1, 2, 3, 4)
  • CycloneDX SBOM generation and SBOM diff
  • SARIF + JSON + raw JSON structured outputs
  • Node dependency path tracing (scanr trace <package>)
  • full-screen TUI with scan controls

πŸ“¦ Install Channels

# NPM
npm install -g @openlabs/scanr_cli

# BUN (uses npm package)
bun install -g @openlabs/scanr_cli

# Homebrew
brew install Open-Lab-s/tap/scanr

# Cargo (from source workspace)
cargo install --path crates/scanr-cli

# Curl installer
curl -fsSL https://scanr.dev/install.sh | bash

πŸ› οΈ Run From Source (Clone + Test Locally)

# 1) Clone
git clone https://github.com/Open-Lab-s/Scanr.git
cd Scanr

# 2) Build release workspace
cargo build --workspace --release

# 3) Run without installing (dev run)
cargo run --package scanr-cli --bin scanr -- scan .

# 4) Install local CLI binary for testing (overwrites old local install)
cargo install --path crates/scanr-cli --force

# 5) Verify installed CLI
scanr --version
scanr --help

Optional validation:

cargo test --workspace

⚑ Quick Start

# interactive UI
scanr

# core scanning
scanr scan .
scanr scan . --ci
scanr scan . --json
scanr scan . --sarif

# caching and baseline
scanr scan . --offline
scanr scan . --refresh
scanr baseline save
scanr baseline status
scanr scan . --baseline --ci

# investigation + sbom
scanr trace minimatch
scanr sbom generate
scanr sbom diff old.cdx.json new.cdx.json

πŸ—ΊοΈ Release Timeline

Version Theme Highlights
v0.1.0 Foundation CLI skeleton, SCA scanning, OSV integration, recommendations, CI policy, SBOM, SARIF/JSON, TUI, distribution setup
v0.1.1 Enterprise hardening Baseline/security debt tracking, OSV cache + offline mode, dependency tracing, license compliance, engine abstraction (scanr-engine)

πŸ“ˆ Product Timeline

Phase Version Status Outcome
Foundation v0.1.0 Completed Built Scanr CLI + SCA core, CI mode, SBOM, SARIF/JSON outputs, install channels
Hardening v0.1.1 Completed Added baseline, cache/offline, tracing, license enforcement, and engine abstraction
Multi-Engine Expansion v0.2.x Planned Add container engine, then IaC/secrets/SAST engines on the same contract
Security OS Layer v1.x Planned Self-hosted server, dashboard, org policy management, and governance workflows

βœ… Phase Checklist (From Roadmap)

  • Phase 1: Engine Stabilization - SCA engine complete (scanr-sca)
  • Phase 1: Engine Stabilization - Container engine (scanr-container)
  • Phase 1: Engine Stabilization - IaC engine (scanr-iac)
  • Phase 1: Engine Stabilization - Secrets engine (scanr-secrets)
  • Phase 1: Engine Stabilization - SAST engine (scanr-sast)
  • Phase 2: Local Security Suite - CLI + TUI foundation complete
  • Phase 2: Local Security Suite - Multi-engine invocation UX
  • Phase 3: Security OS - scanr-server (self-hosted control plane)
  • Phase 3: Security OS - scanr-dashboard (web UI)
  • Phase 3: Security OS - SCM/GitHub integration + org governance

βœ… Feature Timeline (What Is Done)

v0.1.0 delivered

  • CLI command system (scan, sbom, trace foundations)
  • dependency parsing for Node/Python/Rust
  • OSV vulnerability lookup with remediation hints
  • risk summary and CI policy checks
  • CycloneDX SBOM generation and SBOM diff
  • JSON/SARIF/raw JSON outputs
  • interactive TUI experience
  • packaging for npm/bun/homebrew/cargo/curl

v0.1.1 delivered

  • baseline save/status/compare workflow
  • security debt delta behavior in CI with baseline mode
  • project-local OSV cache with TTL
  • offline mode and forced refresh mode
  • Node dependency path tracing
  • license policy enforcement with dedicated exit semantics
  • refactor to scanr-engine + scanr-sca architecture

🧠 Workspace

F:\Scanr
β”œβ”€β”€ crates/
β”‚   β”œβ”€β”€ scanr-engine/
β”‚   β”œβ”€β”€ scanr-sca/
β”‚   └── scanr-cli/
β”œβ”€β”€ installers/
β”œβ”€β”€ docs/
β”œβ”€β”€ Cargo.toml
└── mkdocs.yml

πŸ“š Docs

Run docs locally:

mkdocs serve