snyk
Find and fix vulnerabilities in dependencies
TLDR
Log in to your Snyk account
Test your code for any known vulnerabilities
Test a local Docker image for any known vulnerabilities
Record the state of dependencies and any vulnerabilities on snyk.io
Auto patch and ignore vulnerabilities
SYNOPSIS
snyk
PARAMETERS
auth
Authenticates the Snyk CLI with your Snyk account.
test
Tests your projects for vulnerabilities.
monitor
Monitors your projects for vulnerabilities in production.
code test
Tests your code for security vulnerabilities.
code monitor
Monitors your code for security vulnerabilities.
iac test
Tests your Infrastructure as Code for misconfigurations.
iac monitor
Monitors your Infrastructure as Code for misconfigurations.
container test
Tests your containers for vulnerabilities.
container monitor
Monitors your containers for vulnerabilities.
--help
Displays help information.
--version
Displays the Snyk CLI version.
DESCRIPTION
The snyk command is a powerful CLI tool that helps developers find, fix, and prevent vulnerabilities in their applications and infrastructure. It integrates with various package managers (npm, yarn, maven, pip, etc.) and container registries to scan dependencies, code, and infrastructure-as-code (IaC) configurations for known security flaws.
It provides actionable insights, prioritization based on exploitability and severity, and automated fix suggestions like patch applications or dependency upgrades.
snyk supports various workflows, including local development, CI/CD pipelines, and cloud environments, enabling continuous security monitoring and remediation throughout the software development lifecycle.
CAVEATS
Requires a Snyk account and authentication. Results depend on the accuracy of Snyk's vulnerability database.
EXIT CODES
0: Success. 1: General error. 2: Vulnerabilities found (when testing). Specific exit codes may vary depending on the command and configuration.
CONFIGURATION
Snyk CLI can be configured via environment variables (e.g., SNYK_TOKEN) and a .snyk configuration file.
HISTORY
Snyk was founded to address the growing need for developer-centric security tools. The CLI has evolved to support a wider range of languages, frameworks, and infrastructure technologies.