To use all of the features of the Canvass for Security client, you will need a Canvass Labs account.

The Canvass for Security (CFS) client is natively supported on Linux (x86_64), and available for Windows and MacOS through the use of Docker.

CFS relies on the OSS Review Toolkit (ORT) to read declared software dependency information from common package managers. Thus, ORT will need to be downloaded and installed.

Download the zipped client from the Canvass for Security Download page.

You can also manually decompress the program by opening a terminal window, changing to your Downloads directory, and typing:

unzip CanvassForSecurity.zip

Once unzipped, the Canvass for Security client can be placed in any location that is referenced by a PATH variable. Add the location of CanvassForSecurity to your environment’s PATH variable: One way to do this is to add the following to your .bashrc (or equivalent) session configuration file. Don’t forget to replace PATH_TO_YOUR_CFS_DOWNLOAD with the actual path where you downloaded and decompressed the CFS zip file.

export PATH=PATH_TO_YOUR_CFS_DOWNLOAD/bin:$PATH

You will need to create a file called .lian_credentials in your home directory, using a text editor like nano. This is where the Canvass for Security client looks for your credentials. Inside the file, you can store your credentials in two different ways:

Alternatively, you can store these credentials as environment variables in lieu of a .lian_credentials file using the pair of variables CL_API_EMAIL and CL_API_PASSWORD, or just the variable CL_API_TOKEN.