Please note that we're currently working on an improved solution that will automatically scan for multiple files in the CLI. Currently, when a user tries to test a project that contains several manifest files in the CLI by using
snyk test OR snyk monitor
Snyk will only pick the first manifest file and run the test on it. Snyk will not scan the entire project.
The user needs to specify every target file to cover all the project dependencies.
You can use a command such as the following to pull all the relevant manifest files in a project:
for i in $(find . -name "<manifest file>"); do snyk monitor --file="$i"; done
*Replace <manifest file> with an appropriate filename such as pom.xml, Gemfile, etc. You can replace `monitor` with `test` as well.
For an advanced example, you can use the following command to test all Maven, NodeJS and Pip manifest files at once:
for i in $(find . -name "pom.xml" -o -name "package.json" -o -name "requirements.txt"); do snyk monitor --file=$i"; doneList of all the manifest files that Snyk support:
Maven - pom.xml
Gradle - build.gradle
Kotlin - build.gradle or build.gradle.kts
Pip - requirements.txt
pipenv - Pipfile or Pipfile.lock
NodeJs - package.json or package-lock.json or yarn.lock
SBT - build.sbt
.Net - packages.config
.NET Framework - .csproj file
.NET Core - project.json
Golang - Gopkg.lock or vendor/vendor.json
Composer - composer.lock
Ruby - Gemfile.lock
Go - Go.mod
Comments
1 comment
You might want to edit this post a little bit. using this command as entered:
snyk test $(find . -name "pom.xml" -o -name "package.json" -o -name "requirements.txt" -exec dirname {} \\;)You'll get this error (at least on Mac OS):
You don't need to escape the backslash at the end, so you can just enter the command with a single backlash like:
snyk test $(find . -name "pom.xml" -o -name "package.json" -o -name "requirements.txt" -exec dirname {} \;)Then it runs without complaint.
A great way to find and monitor all the manifests in a complex project structure, though!
Please sign in to leave a comment.