For Snyk Container, these commands also work, but after registering an ignore, when you call snyk test or snyk monitor, you must use the --policy-file= argument: for example: snyk container test node --policy-file=.snyk
For Snyk Infrastructure as Code and Snyk Code, these commands are not yet implemented.
Sometimes, Snyk may alert you to a vulnerability that has no update or Snyk patch available, or that you do not believe to be currently exploitable in your application. In this case, you may want to tell Snyk to ignore the vulnerability for a certain period of time.
You can ignore a specific vulnerability in a project, using snyk ignore:
snyk ignore --id=IssueID [--expiry=expiry] [--reason='reason for ignoring']
Options
snyk ignore accepts three options:
|
OPTION |
DESCRIPTION |
DEFAULT |
REQUIRED |
|
--id |
The Snyk ID for the issue to ignore. Found by running Example: For the vulnerability found at https://snyk.io/vuln/npm:tough-cookie:20160722, you would use: --id=npm:tough-cookie:20160722 |
None |
Yes |
|
--expiry |
The expiry date string, according to RFC2822. Example: --expiry=2017-04-30 |
30 days |
No |
|
--reason |
The reason for ignoring the issue. Example: --reason='Not currently exploitable.' |
None given |
No |