npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2026 – Pkg Stats / Ryan Hefner

sequb-security-cli

v1.0.0

Published

Sequb Command Line Interface for Post-Quantum Cryptographic Security Scanning

Vulnerabilities

Powered byPowered by Snyk
  • 0High
  • 0Medium
  • 0Low

Links

Git

Maintainers

sequbsequb

Keywords

sequbsecuritycryptographypost-quantumcliscanning

Readme

Sequb CLI

The official command-line interface for Sequb, the Post-Quantum Cryptography Scanner platform.

npm version License: MIT

Quick Start

# Install globally
npm install -g @sequb/cli

# Login to your Sequb account
sequb auth login

# Scan your project
sequb scan .

# View results
sequb scan list

Features

  • 🔐 Multiple Authentication Methods - API keys, OAuth, organization tokens
  • 📊 Comprehensive Scanning - Single repos, batch operations, watch mode
  • 🚀 CI/CD Integration - Templates for GitHub Actions, GitLab CI, Azure DevOps
  • 📈 Real-time Progress - WebSocket monitoring with fallback polling
  • 📋 Multiple Output Formats - JSON, SARIF, CBOM, PDF reports
  • 🎯 Quality Gates - Configurable failure conditions
  • 🔄 Batch Operations - Scan multiple repositories simultaneously

Installation

Global Installation (Recommended)

npm install -g @sequb/cli

Local Installation

# Install in your project
npm install --save-dev @sequb/cli

# Run with npx
npx @sequb/cli scan .

Docker

docker run --rm -v $(pwd):/workspace sequb/cli:latest scan /workspace

Authentication

Login with Browser

sequb auth login
# Opens browser for OAuth authentication

API Key Authentication

# Set API key via environment variable
export SEQUB_API_KEY="your-api-key"
sequb scan .

# Or login with API key
sequb auth login --api-key your-api-key

Organization Token

sequb auth login --org-token your-org-token

Multiple Profiles

# Create named profiles
sequb auth login --profile production
sequb auth login --profile staging

# Switch between profiles
sequb auth profile production
sequb auth status

Scanning

Basic Scanning

# Scan current directory
sequb scan .

# Scan specific directory
sequb scan /path/to/project

# Scan remote repository
sequb scan https://github.com/user/repo.git

Scan Options

# Quick scan (faster, less detailed)
sequb scan . --mode quick

# Deep scan (comprehensive analysis)
sequb scan . --mode deep

# Watch mode (continuous scanning)
sequb scan . --watch

# Exclude patterns
sequb scan . --exclude "node_modules/**" "*.test.js"

# Include only specific languages
sequb scan . --language javascript python

# Custom output directory
sequb scan . --output ./security-results

# Multiple output formats
sequb scan . --format json sarif pdf

Quality Gates

# Fail on critical findings
sequb scan . --fail-on-critical

# Fail on high risk threshold
sequb scan . --fail-on-high --risk-threshold 8.0

# Maximum number of findings
sequb scan . --max-findings 50

Batch Operations

Repository Lists

Create a file with repositories to scan:

repos.txt

https://github.com/org/repo1.git
https://github.com/org/repo2.git
https://github.com/org/repo3.git

repos.json

[
  {
    "url": "https://github.com/org/repo1.git",
    "branch": "main",
    "name": "Repository 1"
  },
  {
    "url": "https://github.com/org/repo2.git",
    "branch": "develop",
    "name": "Repository 2"
  }
]

Batch Scanning

# Scan from repository list
sequb batch scan repos.txt

# Control concurrency
sequb batch scan repos.json --max-concurrent 5

# Continue on errors
sequb batch scan repos.txt --continue-on-error

# Monitor batch progress
sequb batch status batch-id-123
sequb batch list --status running

Pre-defined Templates

# Scan common open source projects
sequb batch create --template security-tools
sequb batch create --template crypto-libraries
sequb batch create --template web-frameworks

# List available templates
sequb batch templates

CI/CD Integration

Generate Workflow Templates

# GitHub Actions
sequb template cicd github --output .github/workflows/sequb-scan.yml

# GitLab CI
sequb template cicd gitlab --output .gitlab-ci.yml

# Azure DevOps
sequb template cicd azure --output azure-pipelines.yml

# List available templates
sequb template list

Template Options

# Customize template variables
sequb template cicd github \
  --api-key-var SEQUB_API_KEY \
  --fail-on-critical true \
  --upload-sarif true \
  --pr-comments true

Configuration

Project Configuration

# Initialize project configuration
sequb project init

# Interactive setup wizard
sequb project setup

# Validate configuration
sequb project validate

# Show project information
sequb project info

Global Configuration

# Interactive configuration
sequb config init

# Get/set specific values
sequb config get api.url
sequb config set api.timeout 300

# List all configuration
sequb config list

# Reset to defaults
sequb config reset

Results and Reports

View Scan Results

# List recent scans
sequb scan list

# Show scan details
sequb scan show scan-id-123

# Compare scans
sequb scan compare baseline-id current-id

# Export results
sequb scan export scan-id-123 --format pdf --output report.pdf

Output Formats

  • JSON - Machine-readable results
  • SARIF - GitHub Security tab integration
  • CBOM - Cryptographic Bill of Materials
  • PDF - Executive summary reports
  • CSV - Spreadsheet-compatible format
  • YAML - Human-readable structured data

Examples

Basic Project Setup

# 1. Install CLI
npm install -g @sequb/cli

# 2. Login
sequb auth login

# 3. Initialize project
cd /path/to/your/project
sequb project init

# 4. Run first scan
sequb scan .

# 5. Set up CI/CD
sequb template cicd github --output .github/workflows/sequb-scan.yml

Enterprise Batch Scanning

# 1. Create repository list
cat > enterprise-repos.json << EOF
[
  {"url": "https://github.com/company/api.git", "name": "Main API"},
  {"url": "https://github.com/company/frontend.git", "name": "Frontend"},
  {"url": "https://github.com/company/mobile.git", "name": "Mobile App"}
]
EOF

# 2. Start batch scan
sequb batch scan enterprise-repos.json \
  --max-concurrent 3 \
  --continue-on-error \
  --format json sarif

# 3. Monitor progress
sequb batch list --status running

# 4. Get results
sequb batch export batch-id-123 --format pdf

Continuous Integration

# .github/workflows/sequb-scan.yml
name: Sequb Security Scan

on:
  push:
    branches: [ main ]
  pull_request:
    branches: [ main ]

jobs:
  security-scan:
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v4
      
      - name: Run Sequb scan
        run: |
          npx @sequb/cli scan . \
            --format json sarif \
            --fail-on-critical \
            --upload
        env:
          SEQUB_API_KEY: ${{ secrets.SEQUB_API_KEY }}
      
      - name: Upload SARIF
        if: always()
        uses: github/codeql-action/upload-sarif@v3
        with:
          sarif_file: sequb-results/sequb-scan.sarif

Environment Variables

# Authentication
SEQUB_API_KEY=your-api-key
SEQUB_API_URL=https://api.sequb.com

# Behavior
SEQUB_NO_COLOR=1              # Disable colored output
SEQUB_VERBOSE=1               # Enable verbose logging
SEQUB_TIMEOUT=300             # Default timeout in seconds
SEQUB_CONFIG_DIR=~/.sequb     # Configuration directory

Configuration Files

Global Config (~/.sequb/config.yml)

api:
  url: "https://api.sequb.com"
  timeout: 300000

defaults:
  output_format: "table"
  include_tests: true
  include_dependencies: true

profiles:
  production:
    api_url: "https://api.sequb.com"
  staging:
    api_url: "https://staging-api.sequb.com"

Project Config (.sequb.yml)

api:
  url: "https://api.sequb.com"

scan:
  include_tests: true
  include_dependencies: true
  languages: ["javascript", "python"]
  exclude_patterns:
    - "node_modules/**"
    - "dist/**"
    - "**/*.test.*"
  
  fail_on:
    critical_findings: true
    risk_score_threshold: 8.0
    quantum_vulnerable_algorithms: true
  
  output:
    formats: ["json", "sarif"]
    directory: "./sequb-results"

compliance:
  - nist_pqc
  - fips_140_2

notifications:
  on_completion: true
  channels: ["email"]

Troubleshooting

Common Issues

Authentication Errors

# Check authentication status
sequb auth status

# Re-authenticate
sequb auth logout
sequb auth login

Network Issues

# Test API connectivity
sequb auth status --verbose

# Use custom API URL
sequb config set api.url https://your-api.com

Scan Failures

# Run with verbose output
sequb scan . --verbose

# Check project validation
sequb project validate

# Review logs
cat ~/.sequb/logs/sequb-cli.log

Debug Mode

# Enable debug logging
DEBUG=sequb:* sequb scan .

# Verbose output
sequb scan . --verbose

# Save debug information
sequb scan . --debug --output-debug debug-info.json

API Reference

For detailed API documentation, see:

Support

Contributing

We welcome contributions! Please see our Contributing Guide for details.

License

MIT License - see LICENSE file for details.

Changelog

See CHANGELOG.md for version history and updates.