Keyboard shortcuts

Press or to navigate between chapters

Press S or / to search in the book

Press ? to show this help

Press Esc to hide this help

reptr build

Parse all findings, validate them, and render every output format configured in reptr.toml.

Usage

reptr build [PATH]

PATH defaults to the current directory.

What it does

  1. Parse — reads reptr.toml, client.toml, and every *.md file under findings/
  2. Validate — runs all validation rules (see below); fails fast if any error is found
  3. Render — writes one file per format to output/<slug>.<ext>

Example output

✓ Parsed 3 findings
✓ Rendered HTML  → output/acme-webapp-2026.html
✓ Rendered JSON  → output/acme-webapp-2026.json
Done in 8ms.

Validation rules

RuleError
Unique finding IDsDuplicate id across two files
Non-empty titletitle field is blank or missing
Valid CVSS scorecvss (if present) must parse as a number between 0.0 and 10.0
Valid CVSS vectorcvss_vector (if present) must be a well-formed CVSS 3.x string
Score/vector agreementIf both are present, the stated score must match the vector’s computed value (±0.05)
Non-empty slugslug in reptr.toml must not be blank
Severity thresholdsOpen finding counts must not exceed configured limits

If validation fails, reptr build prints each error and exits non-zero:

✗ Validation failed:
  • finding `findings/002-sqli.md` CVSS score `2.0` does not match 9.8
    computed from vector `CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H`
    — update the score or correct the vector
error: 1 validation error(s)

Output formats

Configure which formats to render in reptr.toml:

[output]
formats   = ["html", "json", "docx", "pdf"]
directory = "output"
FormatNotes
htmlSelf-contained HTML. Uses the embedded default template unless you override it.
jsonMachine-readable engagement snapshot. Schema matches the Engagement struct.
docxLibreOffice-compatible Word document. Referenced images are embedded.
pdfRequires typst CLI on $PATH.

CVSS auto-derivation

If a finding has cvss_vector but no cvss score, reptr build derives the score automatically:

# In the finding front matter:
cvss_vector: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"
# cvss is derived as "7.5" — no need to compute it yourself

The derived score is written into all output formats (JSON, HTML, DOCX, PDF).