Snyk helps you find, fix and monitor known vulnerabilities in Node.js npm, Ruby and Java dependencies, both on an ad hoc basis and as part of your CI (Build) system.
- Find known vulnerabilities by running snyk test on a project either as a one-off or as part of your CI process.
- Fix vulnerabilities using snyk wizard and snyk protect.
- snyk wizard walks you through finding and fixing known vulnerabilities in your project. Remediation options include configuring your policy file to update, auto patch and ignore vulnerabilities. (npm only)
- snyk protect your code from vulnerabilities by applying patches and optionally suppressing specific vulnerabilities.
- Alert snyk monitor records the state of dependencies and any vulnerabilities on snyk.io so you can be alerted when new vulnerabilities or updates/patches are disclosed that affect your repositories.
- Prevent new vulnerable dependencies from being added to your project by running snyk test as part of your CI to fail tests when vulnerable Node.js or Ruby dependencies are added.
- handle dependency cycles in Gradle projects (95bd1e6)
- Install the Snyk utility using npm install -g snyk.
- Once installed you will need to authenticate with your Snyk account: snyk auth
For more detail on how to authenticate take a look at the CLI authentication section of the Snyk documentation.
The package argument is optional. If no package is given, Snyk will run the command against the current working directory allowing you test you non-public applications.
Copyright 2015 Snyk Ltd.