CLI Reference

Complete reference for all dotset commands.

Installation

npm install -g @dotsetlabs/cli

Core Commands

`dotset init`

Initialize a new dotset project.

dotset init [options]

Option	Description
`--name <name>`	Project name
`--cloud`	Create cloud project immediately
`--axion`	Enable Secrets module
`--gluon`	Enable Security module
`--hadron`	Enable Local CI module
`--tachyon`	Enable Tunnels module

`dotset run`

Run a command with secrets injected and security monitoring enabled.

dotset run [options] -- <command>

Option	Description
`--scope <env>`	Environment scope: development, staging, production
`-s, --service <name>`	Service to scope secrets to
`--no-secrets`	Disable secret injection
`--no-monitor`	Disable security monitoring
`--mode <mode>`	Protection mode: detect, redact, block

Authenticate with the dotset cloud.

dotset login

`dotset logout`

Clear stored credentials.

dotset logout

`dotset status`

Show project and authentication status.

dotset status

Secrets Commands

`dotset secrets set`

Set a secret value.

dotset secrets set <key> [value] [options]

Option	Description
`--scope <env>`	Environment scope (default: development)
`-s, --service <name>`	Service to scope the secret to

`dotset secrets get`

Get a secret value.

dotset secrets get <key> [options]

`dotset secrets list`

List all secrets.

dotset secrets list [options]

Option	Description
`--scope <env>`	Environment scope
`--show-values`	Show secret values (use with caution)

`dotset secrets delete`

Delete a secret.

dotset secrets delete <key> [options]

Security Commands

`dotset scan`

Run static security analysis.

dotset scan [options]

Option	Description
`--fix`	Attempt to fix issues automatically
`--json`	Output results as JSON

`dotset sbom`

Generate a Software Bill of Materials.

dotset sbom [options]

Option	Description
`--format <format>`	Output format: cyclonedx, spdx
`-o, --output <file>`	Output file path
`--static`	Generate from package.json

CI Commands

`dotset ci`

Run GitHub Actions jobs locally.

dotset ci [jobs...] [options]

Option	Description
`--workflow <path>`	Path to workflow file
`--scope <env>`	Environment scope for secrets
`--mode <mode>`	Protection mode: detect, redact, block
`--list`	List available workflows and jobs
`--dry-run`	Preview without executing
`--no-secrets`	Disable secret injection
`--no-monitor`	Disable leak monitoring

Tunnel Commands

Share localhost via secure tunnel.

dotset share <port> [options]

Option	Description
`--subdomain <name>`	Request specific subdomain
`--inspect`	Enable request inspector
`--auth`	Require authentication
`--project <id>`	Link to a specific project

`dotset tunnels`

List active tunnels.

dotset tunnels

Getting Started

​CLI Reference

​Installation

​Core Commands

​dotset init

​dotset run

​dotset login

​dotset logout

​dotset status

​Secrets Commands

​dotset secrets set

​dotset secrets get

​dotset secrets list

​dotset secrets delete

​Security Commands

​dotset scan

​dotset sbom

​CI Commands

​dotset ci

​Tunnel Commands

​dotset share

​dotset tunnels