CI / CDGeneric shell

Generic shell CI

Any CI system can run Pencheff — it’s just a pip install + CLI call.

pip install pencheff
 
pencheff scan \
  --target "https://staging.example.com" \
  --profile cicd \
  --fail-on high \
  --format json,docx \
  --output ./reports/
 
# Non-zero exit code when findings ≥ fail-on are detected.

For policy-driven runs:

pencheff run-policy policies/examples/ci_gate.yaml

Return codes:

CodeMeaning
0Scan completed and no finding at/above the fail threshold
1Scan completed but threshold tripped (fail the build)
2Scan failed to start (network / config error)
3Invalid arguments