CodeSecCodeSecDevelopers
Get API Key

SDKs

Official client libraries handle authentication, retries, and polling so you can integrate CodeSec in a few lines. Pick your language to get started.

JavaScript / TypeScript

Node 18+ · ESM & CJS

Install

npm install @codesec/sdk

Usage

import { CodeSec } from class="tok-str">"@codesec/sdk";

const client = new CodeSec({
  apiKey: process.env.CODESEC_API_KEY,
});

const scan = await client.scan({
  target: class="tok-str">"https://example.com",
});

// Poll until the scan finishes
const results = await client.scans.waitForResults(scan.id);
console.log(results.score, results.findings);

Python

Python 3.9+

Install

pip install codesec

Usage

from codesec import CodeSec

client = CodeSec(api_key=class="tok-str">"YOUR_API_KEY")

scan = client.scan(class="tok-str">"https://example.com", scan_type=class="tok-str">"full")

results = client.scans.wait_for_results(scan.id)
print(results.score, results.findings)

cURL

Any environment

Install

# No install required — just curl

Usage

curl https://api.codesec.me/v1/scans \
  -H "Authorization: Bearer YOUR_API_KEY"

Use in CI/CD

Run a security scan on every deploy and fail the pipeline if the score drops. Store your key as the CODESEC_API_KEY secret.

GitHub Actions

name: Security Scan
on: [deployment_status]

jobs:
  codesec:
    runs-on: ubuntu-latest
    steps:
      - name: Run CodeSec scan
        env:
          CODESEC_API_KEY: ${{ secrets.CODESEC_API_KEY }}
        run: |
          SCAN=$(curl -s -X POST https://api.codesec.me/v1/scans \
            -H "Authorization: Bearer $CODESEC_API_KEY" \
            -H "Content-Type: application/json" \
            -d '{"target":"https://example.com","scan_type":"full"}')
          echo "Started scan: $SCAN"

Shell script (any CI)

# Poll until the scan completes, then gate on the score
SCAN_ID=$(curl -s -X POST https://api.codesec.me/v1/scans \
  -H "Authorization: Bearer $CODESEC_API_KEY" \
  -d '{"target":"https://example.com"}' | jq -r .scan_id)

while true; do
  STATUS=$(curl -s https://api.codesec.me/v1/scans/$SCAN_ID \
    -H "Authorization: Bearer $CODESEC_API_KEY")
  STATE=$(echo "$STATUS" | jq -r .status)
  [ "$STATE" = "completed" ] && break
  [ "$STATE" = "failed" ] && exit 1
  sleep 10
done

SCORE=$(echo "$STATUS" | jq -r .score)
echo "Security score: $SCORE"
[ "$SCORE" -lt 70 ] && { echo "Score below threshold"; exit 1; } || true
Looking for another language? The API is plain REST — see the documentation or import the OpenAPI spec into your generator of choice.