snyk test, you can specify the
--json flag and then use the
jq command to parse the output for the Common Vulnerability Scoring System (CVSS) score.
You can then change the
if statement to the CVSS score at which to break the build.
The following is an example of the command you can use to send an error code for a CVSS greater than 8.0:
snyk test --json | jq '.vulnerabilities |= if(.cvssScore) > 8.0 then "CVSS score \(.cvssScore) \(.id)"|halt_error(1) else "CVSS Score: \(.cvssScore) Vulnerability:\(.id)" end'