or run

npx @tessl/cli init
Log in

Version

Tile

Overview

Evals

Files

tessl/npm-snyk

Developer-first, cloud-native security tool to scan and monitor your software development projects for security vulnerabilities

Workspace
tessl
Visibility
Public
Created
Last updated
Describes
npmpkg:npm/snyk@1.1299.x

To install, run

npx @tessl/cli install tessl/npm-snyk@1.1299.0
0
# Snyk CLI
1


2
Snyk CLI is a comprehensive developer-first, cloud-native security tool that scans and monitors software development projects for security vulnerabilities. It provides both command-line interface and programmatic API access for vulnerability scanning across multiple content types including open-source dependencies, application code, container images, and infrastructure-as-code configurations.
3


4
## Package Information
5


6
- **Package Name**: snyk
7
- **Package Type**: npm
8
- **Language**: JavaScript/TypeScript
9
- **Installation**: `npm install -g snyk` or `npm install snyk`
10


11
## Core Imports
12


13
### Programmatic API
14


15
```javascript
16
const snyk = require('snyk');
17
```
18


19
### ES Module (if available)
20


21
```javascript
22
import snyk from 'snyk';
23
```
24


25
### CLI Usage
26


27
```bash
28
npx snyk <command> [options]
29
```
30


31
## Basic Usage
32


33
### CLI Testing
34


35
```bash
36
# Test current project for vulnerabilities
37
snyk test
38


39
# Test with specific options
40
snyk test --severity-threshold=high --json
41


42
# Monitor project for continuous scanning
43
snyk monitor
44


45
# Test Docker container
46
snyk container test nginx:latest
47


48
# Test Infrastructure as Code
49
snyk iac test ./terraform/
50
```
51


52
### Programmatic Usage
53


54
```javascript
55
const snyk = require('snyk');
56


57
// Test a project programmatically (main API function)
58
snyk.test('/path/to/project', {
59
  org: 'my-org',
60
  json: true
61
}).then(result => {
62
  console.log('Vulnerabilities found:', result);
63
}).catch(error => {
64
  console.error('Test failed:', error);
65
});
66


67
// Access configuration
68
console.log('API token:', snyk.api);
69
snyk.config.set('org', 'my-organization');
70


71
// Note: Monitor functionality is CLI-only, not available in programmatic API
72
```
73


74
## Architecture
75


76
Snyk CLI is built around several key components:
77


78
- **CLI Interface**: Full-featured command-line interface with 15+ commands for vulnerability scanning and management
79
- **Programmatic API**: Node.js library providing test(), config, and other core functions for integration
80
- **Plugin System**: Extensible architecture supporting 25+ package managers and ecosystems
81
- **Multi-Content Scanning**: Support for open-source dependencies, source code (SAST), containers, and IaC
82
- **Policy Engine**: Configurable rules and ignore patterns for customizing vulnerability reporting
83
- **Monitoring System**: Continuous monitoring capabilities with webhook notifications
84
- **Output Formats**: Human-readable, JSON, and SARIF output formats for integration with CI/CD systems
85


86
## Capabilities
87


88
### Vulnerability Testing
89


90
Core vulnerability scanning functionality for detecting security issues in projects and dependencies. Supports multiple scan types and package managers.
91


92
```javascript { .api }
93
function test(root: string, options?: TestOptions, callback?: Function): Promise<TestResult>;
94


95
interface TestOptions {
96
  org?: string;
97
  file?: string;
98
  docker?: boolean;
99
  iac?: boolean;
100
  code?: boolean;
101
  json?: boolean;
102
  severityThreshold?: 'low' | 'medium' | 'high' | 'critical';
103
  showVulnPaths?: 'none' | 'some' | 'all';
104
  allProjects?: boolean;
105
  yarnWorkspaces?: boolean;
106
}
107
```
108


109
[Vulnerability Testing](./vulnerability-testing.md)
110


111
### Project Monitoring
112


113
Continuous monitoring system for tracking security posture over time with automated alerts and notifications. **Note: Monitor functionality is only available via CLI commands, not through the programmatic API.**
114


115
```bash { .api }
116
snyk monitor [path]                     # Monitor project continuously
117
snyk monitor --org=<org-id>             # Monitor with specific organization
118
snyk monitor --project-name=<name>      # Set custom project name
119
snyk monitor --target-reference=<ref>   # Set target reference (e.g., branch name)
120
```
121


122
[Project Monitoring](./project-monitoring.md)
123


124
### CLI Commands
125


126
Complete command-line interface providing access to all Snyk functionality through terminal commands.
127


128
```bash { .api }
129
# Core commands
130
snyk auth                    # Authentication management
131
snyk test                   # Test for vulnerabilities
132
snyk monitor                # Monitor project continuously
133
snyk fix                    # Auto-fix vulnerabilities
134
snyk protect                # Apply patches and protections
135


136
# Specialized commands  
137
snyk container test         # Container scanning
138
snyk iac test              # Infrastructure as Code scanning
139
snyk code test             # Source code analysis (SAST)
140
snyk config               # Configuration management
141
snyk policy               # Policy management
142
snyk ignore               # Manage vulnerability ignores
143
```
144


145
[CLI Commands](./cli-commands.md)
146


147
### Configuration Management
148


149
System for managing authentication, organization settings, and scan preferences.
150


151
```javascript { .api }
152
interface Config {
153
  api: string;
154
  org?: string;
155
  'disable-analytics'?: boolean;
156
}
157


158
// Access configuration
159
const config = snyk.config;
160
```
161


162
[Configuration](./configuration.md)
163


164
### Container Security
165


166
Specialized scanning capabilities for Docker containers, including base image vulnerabilities and application layer scanning.
167


168
```bash { .api }
169
snyk container test <image>                 # Scan container image
170
snyk container test <image> --file=Dockerfile  # Include Dockerfile analysis
171
snyk container monitor <image>              # Monitor container continuously
172
```
173


174
[Container Security](./container-security.md)
175


176
### Infrastructure as Code (IaC)
177


178
Security scanning for infrastructure configuration files including Terraform, Kubernetes, CloudFormation, and ARM templates.
179


180
```bash { .api }
181
snyk iac test <path>                        # Scan IaC files
182
snyk iac test --detection-depth=<number>    # Control scan depth
183
snyk iac describe --only-managed            # Drift detection
184
```
185


186
[Infrastructure as Code](./infrastructure-as-code.md)
187


188
### Source Code Analysis
189


190
Static Application Security Testing (SAST) for identifying security vulnerabilities in application source code.
191


192
```bash { .api }
193
snyk code test                              # Scan source code
194
snyk code test --org=<org-id>               # Scan with specific organization
195
```
196


197
[Source Code Analysis](./source-code-analysis.md)
198


199
## Types
200


201
### Core Types
202


203
```typescript { .api }
204
interface TestResult {
205
  vulnerabilities: Vulnerability[];
206
  dependencyCount: number;
207
  licensesPolicy: LicensesPolicy;
208
  packageManager: string;
209
  platform: string;
210
  path: string;
211
  projectName: string;
212
  summary: string;
213
}
214


215
interface Vulnerability {
216
  id: string;
217
  title: string;
218
  description: string;
219
  severity: 'low' | 'medium' | 'high' | 'critical';
220
  packageName: string;
221
  version: string;
222
  fixedIn?: string[];
223
  patches?: Patch[];
224
  upgradePath?: string[];
225
}
226


227
interface MonitorResult {
228
  id: string;
229
  uri: string;
230
  path: string;
231
  projectName: string;
232
}
233


234
interface Patch {
235
  id: string;
236
  urls: string[];
237
  version: string;
238
  modificationTime: string;
239
  comments: string[];
240
}
241
```
242


243
### Error Types
244


245
```typescript { .api }
246
class UnsupportedPackageManagerError extends Error {
247
  constructor(packageManager: string);
248
}
249


250
class MissingOptionError extends Error {
251
  constructor(option: string, requiredOptions: string[]);
252
}
253


254
class ConnectionTimeoutError extends Error {
255
  constructor(message: string);
256
}
257
```
258


259
### Package Manager Support
260


261
```typescript { .api }
262
type SupportedPackageManagers = 
263
  | 'npm' | 'yarn' | 'pnpm'           // JavaScript
264
  | 'maven' | 'gradle' | 'sbt'        // Java/Scala
265
  | 'pip' | 'poetry'                  // Python
266
  | 'rubygems'                        // Ruby
267
  | 'composer'                        // PHP
268
  | 'nuget' | 'paket'                 // .NET
269
  | 'gomodules' | 'golangdep'         // Go
270
  | 'cocoapods' | 'swift'             // iOS/macOS
271
  | 'hex'                             // Elixir
272
  | 'Unmanaged (C/C++)';              // C/C++
273
```