Patched-cli is a command-line interface that generates vulnerability patches for your codebase. It can be used in your local terminal, IDE or as part of a CICD pipeline.

Step 1. Install patched-cli.

pip install patched-cli

Step 2. Run patched-cli with your git repository as its argument or working directory.

When the working directory is the git repository


When the argument is the git repository

patched-cli /path/to/my/git/repository

Step 3. If this is the first time running patched-cli, you will be redirected to patched’s generate a token. Copy the token and paste it to the prompt. If this is not the first time running patched-cli an application directory should already exist under your user’s home directory (if you are using a Unix-based operating system) or AppData folder (if you are using a windows based operating system).

Alternatively you can set the environment variable PATCHED_ACCESS_TOKEN before running patched-cli.

export PATCHED_ACCESS_TOKEN=your-patched-access-token-here patched-cli

Step 4. To create a pull request you can set the —create-pr flag.

patched-cli --create-pr

Step 5. f is not installed in your GitHub repository you can give patched-cli your GitHub Personal Access Token via the option —github-access-token or set the environment variable PATCHED_GITHUB_TOKEN.

export PATCHED_GITHUB_TOKEN="" patched-cli --create-pr

patched-cli only supports Windows using WSL(Windows Subsystem for Linux). Please check WSL documentation for more information.