> ## Documentation Index
> Fetch the complete documentation index at: https://docs.pylva.com/llms.txt
> Use this file to discover all available pages before exploring further.

# pylva validate (CLI)

> Scan a repository for LLM and non-LLM cost sources, gate coverage in CI, and declare non-LLM sources to Pylva.

`pylva validate` scans a repository's dependency manifests for known LLM providers and non-LLM cost-source packages, so you can see what Pylva will track automatically and what needs a declaration.

## Install

The CLI ships inside the TypeScript SDK - there is no separate install:

```bash theme={null}
npm install @pylva/sdk   # or: pnpm add @pylva/sdk
npx pylva validate
```

In this repository's development environment it is also available as `pnpm exec pylva validate`.

## What it does

* Scans dependency manifests in the working tree for known LLM providers and known non-LLM cost-source packages (search APIs, speech, vector databases, workflow tools).
* The plain scan and `--ci` mode are **local-only**: no network calls, no API key needed.
* LLM providers are tracked automatically at ingest; only non-LLM sources you author need to be declared with `--approve`.

## Flags

| Flag                                    | Effect                                                                                                                                                              |
| --------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
| `--json`                                | Machine-readable output.                                                                                                                                            |
| `--ci`                                  | Compare detected sources against `.pylva/approved-sources.json`; exit `1` if a new, unapproved source is detected.                                                  |
| `--approve`                             | Interactive flow (requires a TTY): declare non-LLM sources, submit each to `POST /api/v1/cost-sources`, and write `.pylva/approved-sources.json`. Commit that file. |
| `--include <glob>` / `--exclude <glob>` | Narrow or widen the scanned paths. Repeatable.                                                                                                                      |
| `-h`, `--help`                          | Usage.                                                                                                                                                              |

Exit codes: `0` success, `1` `--ci` found unapproved sources, `2` error.

## Environment variables

Only `--approve` talks to the API:

| Variable         | Purpose                                                                                |
| ---------------- | -------------------------------------------------------------------------------------- |
| `PYLVA_API_KEY`  | Your Pylva API key. Preferred for `--approve`.                                         |
| `PYLVA_CLI_KEY`  | Legacy fallback for older scripts; universal-key releases also accept `PYLVA_API_KEY`. |
| `PYLVA_ENDPOINT` | Override `https://api.pylva.com` for self-hosted deployments.                          |

## Approving and pricing sources

During `--approve` you choose a pricing template per source: flat rate, volume discount, free tier, or advanced (up to 5 tiers). Approved sources appear in the dashboard under **Cost Sources**, where pricing can be adjusted later.

In CI, run `pylva validate --ci` so a newly added cost-source dependency fails the build until someone approves or ignores it - see [Cost Source Discovery](/concepts/cost-source-discovery) for the full workflow.
