Install the Canvass for Security (CFS) Client - Canvass Labs

Download and configure the Canvass for Security Client.


To use all of the features of the Canvass for Security client, you will need a Canvass Labs account.

The Canvass for Security (CFS) client is natively supported on Linux (x86_64), and available for Windows and MacOS through the use of Docker.

CFS relies on the OSS Review Toolkit (ORT) to read declared software dependency information from common package managers. Thus, ORT will need to be downloaded and installed.

Download the zipped client

Download the zipped client from the Canvass for Security Download page.

Downloads Folder

On most Linux systems, you should be able to find the zipped file in your Downloads folder after downloading it. Opening your file manager and clicking on the link should decompress the program.

You can also manually decompress the program by opening a terminal window, changing to your Downloads directory, and typing:


Add Canvass for Security to PATH

Once unzipped, the Canvass for Security client can be placed in any location that is referenced by a PATH variable. Add the location of CanvassForSecurity to your environment’s PATH variable: One way to do this is to add the following to your .bashrc (or equivalent) session configuration file. Don’t forget to replace PATH_TO_YOUR_CFS_DOWNLOAD with the actual path where you downloaded and decompressed the CFS zip file.


Store your Account Credentials

You will need to create a file called .lian_credentials in your home directory, using a text editor like nano. This is where the Canvass for Security client looks for your credentials. Inside the file, you can store your credentials in two different ways:

  1. You can store the email and password of your Canvass Labs account:
    { "email": "", "password": "somepassword" }
  2. You can store your Personal Access Token (PAT):
    { "token": ".eJwViksOwiAQQO8ya2P....." }
    Your PAT can be found at Account->Manage Tokens.

Alternatively, you can store these credentials as environment variables in lieu of a .lian_credentials file using the pair of variables CL_API_EMAIL and CL_API_PASSWORD, or just the variable CL_API_TOKEN.