Installation
Install the Oculum CLI to scan your code for security vulnerabilities. Oculum runs locally and supports multiple package managers.
Prerequisites
- Node.js 18+ (LTS recommended)
- npm, pnpm, or bun (for installation)
- GitHub account (optional, for authenticated features)
Install with npm
Install the Oculum CLI globally:
npm install -g @oculum/cli
Verify installation:
oculum --version
Install with pnpm
pnpm add -g @oculum/cli
Install with bun
bun add -g @oculum/cli
Run without Installing
Use npx to run Oculum without a global installation:
npx @oculum/cli scan
This downloads and runs the latest version each time.
Shorthand Command
After installation, you can use oc as a shorthand for oculum:
oc scan
oc --version
Updating
To update to the latest version:
npm update -g @oculum/cli
Or reinstall:
npm install -g @oculum/cli@latest
Supported File Types
Oculum scans these file types:
| Category | Extensions |
|---|---|
| JavaScript/TypeScript | .js, .jsx, .ts, .tsx |
| Python | .py |
| Go | .go |
| Java | .java |
| Ruby | .rb |
| PHP | .php |
| C# | .cs |
| Config | .json, .yaml, .yml, .toml |
| Special | Dockerfile, .env*, package.json |
Verifying Installation
Run a quick test to verify everything works:
oculum --help
You should see a list of available commands including scan, watch, login, and more.
Next Steps
- Your First Scan — Run your first security scan
- Understanding Results — Learn to interpret findings
- CI/CD Setup — Integrate into your pipeline