To test your project for known vulnerabilities, browse to your project’s folder and run snyk test
:
cd ~/projects/myproj/
snyk test
takes stock of all the local dependencies and queries the Snyk service for known vulnerabilities. It displays the found issues along with additional information. For Node.js, Ruby, Java projects, it also suggests remediation steps.
Many package managers allow calling out separately dependencies which are to be used only in a development/test context (i.e don't get eventually shipped to production). By default Snyk does not scan these dependencies. If you want your dev dependencies to be included in the scan use the dev flag:
$ snyk test --dev
Note
Additional and more specific details are provided per language, in Language support.
Note
For more information about our CLI commands, see Our full CLI reference