1. Snyk
  2. Snyk CLI
  3. Our full CLI reference

Our full CLI reference

Follow

Articles in this section

Rachel Cheyfitz
  • Updated
Follow

Snyk’s CLI helps you find and fix known vulnerabilities in your dependencies, both ad hoc and as part of your CI (Build) system.

The Snyk CLI requires you to authenticate with your account before using it. See our Language Support page for info about package managers and languages that the CLI supports.

The following sections cover:

CLI command structure

CLI commands full list

CLI options list

CLI command structure

Following is the Snyk CLI tool command structure:

snyk [options] [command] [package]

The package argument is optional.

If no package is indicated, Snyk runs the command against the current working directory, allowing you test your non-public applications.

CLI commands full list

Following is the complete list of commands available from the Snyk AppSec CLI tool.

auth [api-token].....Sign into Snyk.

test ............... Test for any known vulnerabilities.

wizard ............. Configure your policy file to update, auto patch and ignore vulnerabilities.

Note: Node.js only.

protect ............ Protect your code from vulnerabilities and optionally suppress specific vulnerabilities.

Note: Node.js only.

monitor ............ Record the state of dependencies and any vulnerabilities on snyk.io.

policy ............. Display the Snyk policy for a package. 

ignore ............. Ignore an issue. For more help run `snyk help ignore`.

help [topic] ....... Display detailed help about commands and options.

config ............. Manage Snyk's configuration, note that this configuration is stored on your machine and applies to all Snyk CLI calls.

CLI options list

Following is a partial list of the options available to you when running commands from our CLI tool:

--dev Include devDependencies.

--file Sets package file. For more help run `snyk help file`.

--org Associate a snapshot (or wizard snapshot) with a specific

organization. For more help run `snyk help orgs`.

--ignore-policy Ignores and resets the state of your policy file.

--trust-policies Applies and uses ignore rules from your dependencies' Snyk policies,

otherwise ignore policies are only shown as a suggestion.

--show-vulnerable-paths Display the dependency paths from the top level

dependencies, down to the vulnerable packages (defaults to true). Applicable to `snyk test`.

--dry-run Don't apply updates or patches during protect.

--severity-threshold = low/medium/high

Only report vulnerabilities of provided level or higher.

-q, --quiet Silence all output.

-h, --help This help information.

-v, --version The CLI version.

Note

Run snyk help to view the complete list of commands and options directly from the terminal.

Examples of real Snyk CLI commands

$ snyk test
$ snyk test ionic@1.6.5
$ snyk monitor --org=my-team
$ snyk test --show-vulnerable-paths=false

Use snyk test in your test scripts. If a vulnerability is found, the process exits with a non-zero code.

Comments

0 comments

Article is closed for comments.