LinuxCommandLibrary

snyk

Find and fix vulnerabilities in dependencies

TLDR

Log in to your Snyk account

$ snyk auth
copy

Test your code for any known vulnerabilities
$ snyk test
copy

Test a local Docker image for any known vulnerabilities
$ snyk test --docker [docker_image]
copy

Record the state of dependencies and any vulnerabilities on snyk.io
$ snyk monitor
copy

Auto patch and ignore vulnerabilities
$ snyk wizard
copy

SYNOPSIS

snyk [options]

PARAMETERS

auth
    Authenticates the Snyk CLI with your Snyk account.

test
    Tests your projects for vulnerabilities.

monitor
    Monitors your projects for vulnerabilities in production.

code test
    Tests your code for security vulnerabilities.

code monitor
    Monitors your code for security vulnerabilities.

iac test
    Tests your Infrastructure as Code for misconfigurations.

iac monitor
    Monitors your Infrastructure as Code for misconfigurations.

container test
    Tests your containers for vulnerabilities.

container monitor
    Monitors your containers for vulnerabilities.

--help
    Displays help information.

--version
    Displays the Snyk CLI version.

DESCRIPTION

The snyk command is a powerful CLI tool that helps developers find, fix, and prevent vulnerabilities in their applications and infrastructure. It integrates with various package managers (npm, yarn, maven, pip, etc.) and container registries to scan dependencies, code, and infrastructure-as-code (IaC) configurations for known security flaws.
It provides actionable insights, prioritization based on exploitability and severity, and automated fix suggestions like patch applications or dependency upgrades.
snyk supports various workflows, including local development, CI/CD pipelines, and cloud environments, enabling continuous security monitoring and remediation throughout the software development lifecycle.

CAVEATS

Requires a Snyk account and authentication. Results depend on the accuracy of Snyk's vulnerability database.

EXIT CODES

0: Success. 1: General error. 2: Vulnerabilities found (when testing). Specific exit codes may vary depending on the command and configuration.

CONFIGURATION

Snyk CLI can be configured via environment variables (e.g., SNYK_TOKEN) and a .snyk configuration file.

HISTORY

Snyk was founded to address the growing need for developer-centric security tools. The CLI has evolved to support a wider range of languages, frameworks, and infrastructure technologies.

Copied to clipboard