# General usage ## How to use #### Installation Download the `sasha` script from [here](https://raw.githubusercontent.com/MeterianHQ/sasha-scanner/refs/heads/main/sasha) and make it executable. A later invocation of the script will ensure, through Docker, that the scanner image [`meterian/sasha:latest`](https://hub.docker.com/r/meterian/cs-engine) is pulled. Subsequent invocations of the script will not ensure this, so newer versions of the image can be accessed through docker pull. #### Executing a scan To execute a scan, from the directory of the codebase that you are interested to analyse, run the sasha script. ``` $ sasha ``` Before doing so it is important that you set the `METERIAN_API_TOKEN` environment variable on your system as scans require authentication. ```bash export METERIAN_API_TOKEN=12345678-90ab-cdef-1234-567890abcdef ``` Once you're set supported files in your codebase will analysed and results will be available to view and manage on a report on the [Meterian Dashboard](https://www.meterian.com/dashboard/) that you can reach via a URL provided at the end of the analysis. ``` Meterian SASHA v1.0.13 © 2017-2026 Meterian Ltd - All rights reserved Authorizing the client... Successfull authorization performed. Account: "ACME TEAM" - Minimum scores: - security: 90 - Analysis scopes: - security: packaged components Folder WebGoat contains supported files! Analyzing source code for defects... Running RoslynAnalyzers locally... - generating SARIF report(s)... - loading SARIF report(s)... Done. Running OpenGrep locally... - generating SARIF report(s)... - loading SARIF report(s)... Done. Defects detected: 223 Starting analysis on Meterian... Creating project acme-team/WebGoat Project information: - url: git@github.com:acme-team/WebGoat.git - branch: master - commit: 657ebea7264cf20824fcd85a2de3c19c4699d3e5 Analyzing... Done. Final results: - security: 0 (minimum: 90) Full report available at: https://www.meterian.com/sasha/?pid=12345678-xxxx-xxxx-xxx-71433629bb37&branch=master&mode=eli Scan outcome: FAIL ``` --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://docs.meterian.io/sast-scanner/general-usage.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.