Password Parameter Guidelines

Forces the signature scanner to prompt for the password associated with the user account that has the code scanner role. Here’s how to use it:

Without a Value: Specifying the --password parameter without a password value prompts the user for the password.
With a Value: If you provide a password value, a warning will appear indicating that passing the password on the command line will not be supported in future versions, and the scan will proceed.

It’s recommended to set the BD_HUB_PASSWORD environment variable with the server password instead of using the --password parameter:

If BD_HUB_PASSWORD is set:
- With --password: The scanner prompts for the password and ignores the environment variable value.
- Without --password: The scanner uses the environment variable without prompting.
If BD_HUB_PASSWORD is not set: The scanner will prompt for the password regardless of the --password parameter.

Important:

If the --password parameter is the last parameter before <scan_path>, include -- to indicate the end of parameters:

--password -- <scan_path>

Otherwise, the scanner may interpret <scan_path> as the password.