# Xygeni CLI Error Codes

## Xygeni CLI Error Codes

The scanner command-line interface (CLI) `xygeni` returns exit codes in the following ranges:

* **0**: `OK`, zero exit code when it completes successfully.
* **1 …​ 127**: `ERROR`, used for a non-recoverable error in the scan.
  * 3, 4: REPORT ERROR
  * 13: TIMEOUT ERROR
  * 114: TOKEN REQUIRED (by codetamper)
  * 125: UPLOAD ERROR
  * 127: LICENSE ERROR
* **128 …​ 254**: `WARNING`, at least one security issue was detected.
  * 128: issues detected in deps or secrets
  * 130: issues detected in misconf
  * 132: issues detected in suspectdeps or compliance
  * 134: issues detected in iac, sast or malware
  * 136: issues detected in codetamper
* **255**: reserved for an unknown ERROR.

There are different causes of ERROR conditions:

* Invalid arguments, like using an unknown command or not having a required argument in the command line.
* Fatal error during setting up the scanner. For example, when configuration cannot be loaded.
* Post-processing error, typically with `--diff` option but no valid baseline.
* Error while generating output, for example when writing report files or uploading results to Xygeni service.
* A generic fatal error, typically due to a bug that leads to an uncaught error.

{% hint style="info" %}
The `--never-fail` forces the scanner to end with a zero error code, even with fatal error. This is useful to avoid breaking the build when the scan fails.
{% endhint %}

<br>