When running a snyk command, you may want to pass additional arguments to the package manager. Two hyphens (--) indicate to snyk that the arguments that follow are to be passed through to the underlying command that is sent to the package manager.
Usage:
snyk <COMMAND> [<OPTIONS>] -- [<ARGUMENTS>]
For example, you may want to tell a Maven project to use a specific settings.xml file:
snyk test -- -s settings.xml
The snyk commands supported for this functionality are snyk test and snyk monitor.
Note: Do not use double quotes in the -- [<ARGUMENTS>].
Why did we make this change ?
This was due to a recent change that addressed CVE-2022-22984. To patch this vulnerability we have changed how we handle context specific options in the CLI, as a result wrapping these in quotes is no longer supported.
For example, command should now be:
snyk test --org=myorg -- -s settings.xml instead of snyk test --org=myorg -- "-s settings.xml"
You will now need to remove the quotes for the context specific options