CLI Reference

Overview

Usage: harden [OPTIONS] COMMAND [ARGS]...

  Harden (OSS) - Analyze, lock, and generate Dockerfile-only artifacts.

Options:
  --version  Show the version and exit.
  --help     Show this message and exit.

Commands:
  analyze   Run security analysis and print report.
  generate  Generate OSS hardening artifacts into <path>/.harden/
  lock      Lock dependencies to exact versions.

analyze

Usage: harden analyze [OPTIONS] [PATH]

  Run security analysis and print report.

  PATH: Path to the project directory (default: current directory)

Options:
  --help  Show this message and exit.

lock

Usage: harden lock [OPTIONS] [PATH]

  Lock dependencies to exact versions.

  Produces requirements.lock and build_report.json.

  PATH: Path to the project directory (default: current directory)

Options:
  --strategy [auto|uv|pip-compile|pip-freeze]
                                  Locking strategy
  --python-version TEXT           Target Python version (e.g. 3.12)
  --help                          Show this message and exit.

generate

Usage: harden generate [OPTIONS] [PATH]

  Generate OSS hardening artifacts into <path>/.harden/

  Produces: - .harden/Dockerfile - .harden/sbom.json - (optional)
  .dockerignore in project root if missing

Options:
  --fail-on-critical  Exit non-zero if critical CVEs are detected in
                      dependencies
  --help              Show this message and exit.

Overview​

analyze​

lock​

generate​

Overview

analyze

lock

generate