tessl/npm-snyk
Developer-first, cloud-native security tool to scan and monitor your software development projects for security vulnerabilities
—
Pending
configuration.mddocs/
Configuration
System for managing authentication, organization settings, scan preferences, and CLI behavior through configuration files, environment variables, and command-line options.
Capabilities
Config Object
Programmatic access to configuration settings and user preferences.
/**
* Access to configuration settings
*/
const config = snyk.config;
interface Config {
/** API token for authentication */
api?: string;
/** Default organization ID */
org?: string;
/** API endpoint URL */
endpoint?: string;
/** Disable usage analytics */
'disable-analytics'?: boolean;
/** HTTP proxy URL */
proxy?: string;
/** HTTPS proxy URL */
'https-proxy'?: string;
/** CA certificate bundle path */
ca?: string;
/** Reject unauthorized certificates */
'reject-unauthorized'?: boolean;
/** Request timeout in milliseconds */
timeout?: number;
}
// Configuration access patterns
console.log(snyk.config.api); // Get API token
snyk.config.org = 'my-org-id'; // Set organizationCLI Configuration Commands
Command-line interface for managing configuration settings.
# View configuration
snyk config # Show all configuration values
snyk config get <key> # Get specific configuration value
snyk config get api # Get API token
snyk config get org # Get default organization
# Set configuration
snyk config set <key>=<value> # Set configuration value
snyk config set api=<token> # Set API token
snyk config set org=<org-id> # Set default organization
snyk config set endpoint=<url> # Set custom API endpoint
snyk config set disable-analytics=true # Disable analytics
# Remove configuration
snyk config unset <key> # Remove configuration value
snyk config unset api # Remove API token
snyk config unset org # Remove default organizationAuthentication Configuration
Settings for API access and authentication management.
interface AuthConfig {
/** Snyk API token */
api: string;
/** API endpoint URL (default: https://api.snyk.io) */
endpoint?: string;
/** Organization ID for API requests */
org?: string;
}
// Authentication methods
// 1. Environment variable: SNYK_TOKEN
// 2. Config file: snyk config set api=<token>
// 3. CLI argument: snyk auth <token>
// 4. Interactive login: snyk auth# Authentication setup
snyk auth # Interactive OAuth login
snyk auth <api-token> # Direct token authentication
export SNYK_TOKEN=<token> # Environment variable
snyk config set api=<token> # Persistent configuration
# Verify authentication
snyk config get api # Check stored token
snyk test --org=<org-id> # Test with organization accessNetwork Configuration
Settings for proxy, SSL, and network connectivity.
interface NetworkConfig {
/** HTTP proxy URL */
proxy?: string;
/** HTTPS proxy URL */
'https-proxy'?: string;
/** Custom CA certificate bundle */
ca?: string;
/** Reject unauthorized SSL certificates */
'reject-unauthorized'?: boolean;
/** Request timeout in milliseconds */
timeout?: number;
/** Allow insecure connections */
insecure?: boolean;
}# Proxy configuration
snyk config set proxy=http://proxy.company.com:8080
snyk config set https-proxy=https://proxy.company.com:8080
export SNYK_HTTP_PROXY=http://proxy.company.com:8080
export SNYK_HTTPS_PROXY=https://proxy.company.com:8080
# SSL configuration
snyk config set ca=/path/to/ca-bundle.pem
snyk config set reject-unauthorized=false
snyk test --insecure # Allow insecure connections
# Timeout configuration
snyk config set timeout=300000 # 5 minute timeoutAnalytics and Privacy Settings
Configuration for usage analytics and data collection preferences.
interface AnalyticsConfig {
/** Disable usage analytics collection */
'disable-analytics'?: boolean;
/** Disable error reporting */
'disable-error-reporting'?: boolean;
}# Analytics configuration
snyk config set disable-analytics=true # Disable analytics
export SNYK_DISABLE_ANALYTICS=true # Environment variable
snyk test --disable-analytics # One-time disable
# Privacy controls
snyk config get disable-analytics # Check current setting
snyk config unset disable-analytics # Re-enable analyticsOrganization and Project Defaults
Default settings for organization and project identification.
interface ProjectDefaults {
/** Default organization ID */
org?: string;
/** Default project naming pattern */
'project-name-pattern'?: string;
/** Default target reference */
'target-reference'?: string;
/** Default remote repository URL pattern */
'remote-repo-url-pattern'?: string;
}# Organization defaults
snyk config set org=<org-id> # Set default organization
export SNYK_ORG=<org-id> # Environment variable
# Project defaults
snyk test # Uses default org
snyk test --org=<other-org> # Override default
snyk monitor --project-name="MyApp" # Custom project nameConfiguration Files
Global Configuration
System-wide configuration file locations and formats.
# Configuration file locations
# Linux/macOS: ~/.config/configstore/snyk.json
# Windows: %APPDATA%/configstore/snyk.json
# Example configuration file content
{
"api": "your-api-token-here",
"org": "your-org-id",
"disable-analytics": true,
"endpoint": "https://api.snyk.io"
}Project-Specific Configuration
Project-level configuration and policy files.
# .snyk policy file (project root)
# Controls vulnerability ignores and patches
version: v1.0.0
ignore:
'SNYK-JS-LODASH-567746':
- '*':
reason: Risk accepted
expires: '2024-12-31T23:59:59.999Z'
# .snykignore file (for IaC scanning)
# Ignore specific files or directories
**/node_modules/**
dist/
build/
*.test.jsEnvironment-Specific Configuration
Configuration patterns for different deployment environments.
# Development environment
export SNYK_TOKEN=dev-token
export SNYK_ORG=dev-org-id
export SNYK_DISABLE_ANALYTICS=true
# Staging environment
export SNYK_TOKEN=staging-token
export SNYK_ORG=staging-org-id
export SNYK_CI=1
# Production environment
export SNYK_TOKEN=prod-token
export SNYK_ORG=prod-org-id
export SNYK_CI=1
export SNYK_TIMEOUT=600000Advanced Configuration
API Endpoint Configuration
Custom API endpoint configuration for enterprise installations.
interface EndpointConfig {
/** API base URL */
endpoint: string;
/** Custom API version */
version?: string;
/** Additional headers */
headers?: Record<string, string>;
}# Custom endpoint configuration
snyk config set endpoint=https://api.custom.snyk.io
export SNYK_API=https://api.custom.snyk.io
# Enterprise endpoint
snyk config set endpoint=https://app.eu.snyk.io/api
snyk config set ca=/path/to/enterprise-ca.pemFeature Flag Configuration
Configuration for experimental and beta features.
# Enable experimental features
export SNYK_EXPERIMENTAL=true
snyk test --experimental
# Feature-specific flags
export SNYK_CODE_ENABLED=true # Enable code analysis
export SNYK_IAC_ENABLED=true # Enable IaC scanning
export SNYK_CONTAINER_ENABLED=true # Enable container scanningDebug and Logging Configuration
Settings for debug output and logging preferences.
# Debug configuration
export DEBUG=snyk* # Enable all Snyk debug output
export DEBUG=snyk:find-files # Specific debug namespace
export DEBUG=snyk-test # Test command debug
# Logging levels
snyk test --debug # Enable debug for single command
snyk test --quiet # Suppress output
snyk test -d # Short debug flagConfiguration Validation
// Configuration validation and error handling
try {
const result = await snyk.test('./project');
} catch (error) {
if (error.code === 'AUTH_ERROR') {
console.log('Authentication failed. Run: snyk auth');
} else if (error.code === 'INVALID_ORG') {
console.log('Invalid organization. Check: snyk config get org');
} else if (error.code === 'NETWORK_ERROR') {
console.log('Network error. Check proxy settings.');
}
}# Configuration validation commands
snyk config # Verify all settings
snyk auth # Test authentication
snyk test --org=invalid # Test organization access
snyk test --debug # Debug configuration issuesTypes
Configuration Types
interface SnykConfig {
/** API authentication token */
api?: string;
/** Default organization identifier */
org?: string;
/** API endpoint URL */
endpoint?: string;
/** Disable usage analytics */
'disable-analytics'?: boolean;
/** HTTP proxy URL */
proxy?: string;
/** HTTPS proxy URL */
'https-proxy'?: string;
/** CA certificate bundle path */
ca?: string;
/** Reject unauthorized SSL certificates */
'reject-unauthorized'?: boolean;
/** Request timeout in milliseconds */
timeout?: number;
/** Allow insecure HTTPS connections */
insecure?: boolean;
}
interface PolicyConfig {
/** Policy file version */
version: string;
/** Ignored vulnerabilities */
ignore?: Record<string, IgnoreRule[]>;
/** Patch configuration */
patch?: Record<string, PatchRule>;
/** Language-specific settings */
language?: LanguageSettings;
}
interface IgnoreRule {
/** Vulnerability paths to ignore */
[path: string]: {
/** Reason for ignoring */
reason: string;
/** Expiration date (ISO string) */
expires?: string;
/** Created timestamp */
created?: string;
};
}
interface EnvironmentConfig {
/** Snyk API token */
SNYK_TOKEN?: string;
/** Default organization */
SNYK_ORG?: string;
/** API endpoint */
SNYK_API?: string;
/** CI mode flag */
SNYK_CI?: '1' | '0';
/** Disable analytics */
SNYK_DISABLE_ANALYTICS?: 'true' | 'false';
/** HTTP proxy */
SNYK_HTTP_PROXY?: string;
/** HTTPS proxy */
SNYK_HTTPS_PROXY?: string;
/** Debug namespaces */
DEBUG?: string;
}
interface LanguageSettings {
/** Additional command line arguments */
additionalArguments?: string[];
/** Include development dependencies */
includeDevelopmentDependencies?: boolean;
/** Skip unresolved dependencies */
skipUnresolved?: boolean;
/** Custom command for package manager */
command?: string;
/** Working directory */
workingDirectory?: string;
}Install with Tessl CLI
npx tessl i tessl/npm-snyk