Skip to main content
Skip table of contents

Mend CLI Versioning - Manage your versions of the Mend CLI

Note: This feature is only available to customers with Mend.io Platinum Support

Overview

The centralized CLI versioning is a UI configuration that allows you to dictate for your entire organization which specific version of the Mend CLI to use or, alternatively, to enable Mend CLI auto-updates for every Mend user in your organization.

It addresses the following needs:

  • Stability: With the CLI versioning, you can make sure to stay on a specific version that was properly tested by your organization, even when Mend.io releases new versions.

  • Visibility & Consistency: In comparison to setting the CLI version within each pipeline, having a UI configuration at a single location provides visibility and ensures the same Mend CLI version is used for all scanned projects. 

Prerequisites

  • Administration Access to the Mend Platform (for single organizations)

  • Account Manager Access (to manage all organizations)

Getting it done

Configure a Version

Organization Level

The version of the Mend CLI, that is used for a specific organization will be displayed in the Administration section of this organization:

Step 1 - Click the cogwheel icon → Administration

image-20240418-202436.png

Step 2 - The CLI version is displayed under General Configuration:

image-20240329-114012.png

Step 3 - To edit it, click on the Pencil icon next to it. This will open a dialog where you can either:

  • Enable auto-update to always run with the latest version of the Mend CLI

  • Disable auto-update and select a specific version of the Mend CLI. All scans against this organization will be using this version. If a different version is already installed in an environment, it will automatically be updated or downgraded to the selected version.

image-20240329-114848.png

Note that the ‘Apply’ button at the bottom-right will become grayed out whenever you reselect your organization's current setting and become clickable whenever you choose a different setting.

Once the CLI Version has been changed, an indication of that will pop-up at the bottom-left corner of the UI:

image-20240329-125421.png

Account Level

For customers with multiple organizations, the configuration on an organization level does not scale. The Account Management view shows a list of all of your organizations, together with the configured version number of the Mend CLI. This easily allows one to verify that all organizations use the desired version and to update the version for multiple organizations at once with a bulk action:

Step 1 - Navigate to the Account Management screen, by clicking on the cogwheel icon at the top-right and selecting Account Management

image-20240329-121613.png

Step 2 - Check the boxes located to the left of the organizations you would like to change the CLI version for

image-20240329-115702.png

At this point, repeat the steps listed above in the Organization Level section.

The behavior itself is the same as if the version was set for a single organization.

image-20240329-114848.png

If you desire, in the Account Management screen you can also set the version for a single organization:

image-20240329-120147.png

 

Mend CLI

Requirements

To check the version configuration of an organization, it is necessary to authenticate first. Without the authentication, the CLI can not access the organization to check which version should be used.

This also includes the execution of the help command, which will only be available for the mend command itself, but not for any sub-command like mend code or mend deps. This is in order to prevent misleading help information.

Changes

Since the version of the Mend CLI is controlled in a centralized way from the UI as soon as the feature is activated, from that point the configuration of auto-update that could be changed via mend config becomes obsolete and is therefore removed.

Scanning with the Mend CLI

Whenever a scan is triggered with either mend code, mend dep or mend image, the Mend CLI will automatically check the configuration of the organization for which the scan is performed and automatically update or downgrade the CLI to the desired version, as needed.

The organization can either be selected through an environment variable, in the interactive setup or via the
--scope parameter. A detailed description of how to log into an organization and the available Mend CLI parameters can be found here.

 

Limitations

Repository Integrations

The configuration of the Mend CLI version only affects scans that are directly executed through the Mend CLI. The configuration has no impact on the scans triggered from the repository.

Unified Agent

The versioning feature is currently only controlling the version of the Mend CLI, it does not affect the Unified Agent.

JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.

Contact Support Close