Run STAR Locally

STAR is designed to run in CI — see Running STAR in CI for the supported setup. The same binary can also be run directly on a machine, which is useful for debugging a run outside of CI.

The download links, per-platform binary names, and the exact download/run commands are maintained in the bright-agent-dist README — follow it rather than copying commands from here, so you always get the current instructions.

What a local run does

  1. Download the binary for your platform from the releases page and verify its .sha256 checksum, per the README.
  2. Run it from inside a checkout of the repository you want to scan. STAR runs against the working copy you already have on disk — it does not clone. LOCAL_REPO_PATH defaults to the current directory.
  3. STAR detects the tech stack, builds and starts the app, scans it, and opens (or updates) a pull request with any verified fixes.

The minimum environment is BRIGHT_TOKEN, REPO_ACCESS_TOKEN, and an inference token (INFERENCE_TOKEN or OPENAI_API_KEY). See Configuration for the full list, and Prerequisites for the required tools (Docker, Docker Compose, Git).

The diagnostic log is written to ~/.bright-agent/logs/run-<timestamp>.log; set BRIGHT_DEBUG=1 to also mirror it to the console. See Logging & Troubleshooting.