Usage:

  $ snyk [options] [command] [package]

The package argument is optional. If no package is given, Snyk will
run the command against the current working directory allowing you
to test your non-public applications.

Commands:

  auth [api-token] ... Sign into Snyk.
  test ............... Test for any known vulnerabilities.
  wizard ............. Configure your policy file to update, auto patch and
                       ignore vulnerabilities in npm & yarn projects.
  protect ............ Protect your code from vulnerabilities and
                       optionally suppress specific vulnerabilities.
                       Note: Node.js only.
  monitor ............ Record the state of dependencies and any
                       vulnerabilities on snyk.io.
  policy ............. Display the Snyk policy for a package.
  ignore ............. Modifies the .snyk policy to ignore stated issues.
                       For more information run `snyk help ignore`.
  help [topic] ....... Display detailed help about commands and options.
  config ............. Manage Snyk's configuration, note that this configuration is stored
                       on your machine and applies to all Snyk CLI calls.

Options:

  --dev .............. Include devDependencies (defaults to production only).
  --file=<File> ...... Sets package file. For more help run `snyk help file`.
  --org=<org-name> ... Specify the org machine-name to run Snyk with a specific
                       organization. For more help run `snyk help orgs`.
  --ignore-policy .... Ignores the current policy in .snyk file, org level ignores and project policy on snyk.io.
  --trust-policies ... Applies and uses ignore rules from your dependencies's
                       Snyk policies, otherwise ignore policies are only
                       shown as a suggestion.
  --show-vulnerable-paths=<none|some|all>
                       (test command only)
                       Display the dependency paths from the top level
                       dependencies, down to the vulnerable packages.
                       Defaults to "some" (a few example paths).
                       "false" is an alias for "none".
                       Doesn't affect output in JSON mode.
  --project-name=<string>
                       Specify a custom Snyk project name.
  --policy-path ...... Manually pass a path to a policy file.
  --insecure ......... Ignore unknown certificate authorities.
  --json ............. Return results in JSON format.
  --dry-run .......... Don't apply updates or patches during protect.
  --severity-threshold=<low|medium|high>
                       Only report vulnerabilities of provided level or higher.
  -q, --quiet ........ Silence all output.
  -h, --help ......... This help information.
  -v, --version ...... The CLI version.
  --print-deps ....... (test and monitor commands only)
                       Print the dependency tree before sending it for analysis.
  --prune-repeated-subdependencies
                       (test and monitor command only)
                       Prune dependency trees, removing duplicate sub-dependencies.
                       Will still find all vulnerabilities, but potentially not all
                       of the vulnerable paths.
  --remote-repo-url=<string>
                       (monitor command only)
                       Set or override the remote URL for the repository that you would like to monitor.

Gradle options:
  --sub-project=<string> (alias: --gradle-sub-project)
                       For Gradle "multi project" configurations,
                       test a specific sub-project.
  --all-sub-projects   For "multi project" configurations, test all
                       sub-projects.
  --configuration-matching=<string>
                       Resolve dependencies using only configuration(s) that
                       match the provided Java regular expression, e.g.
                       '^releaseRuntimeClasspath$'.
  --configuration-attributes=<string>
                       Select certain values of configuration attributes to
                       resolve the dependencies. E.g.:
                       'buildtype:release,usage:java-runtime'
  More information: https://snyk.io/docs/cli-advanced-gradle-testing/

.Net (Nuget) options:
  --assets-project-name
                       When monitoring a .NET project using NuGet
                       PackageReference use the project name in
                       project.assets.json, if found.
  --packages-folder    Custom path to packages folder

npm options:
  --strict-out-of-sync=<true|false>
                       Prevent testing out of sync lockfiles. Defaults to true.

Yarn options:
  --strict-out-of-sync=<true|false>
                       Prevent testing out of sync lockfiles. Defaults to true.

Python options:
  --command=<string>   Python interpreter to use. Default: "python", set to
                       "python2" or "python3" to use a specific version.

Docker options:
  --docker ........... Test or monitor a local docker image for Linux
                       vulnerabilities. Can be used alongside `--file` and a
                       path to the image's Dockerfile for more detailed
                       remediation advice.
  --exclude-base-image-vulns
                       Exclude from display Docker base image vulnerabilities.


Examples:

  $ snyk test
  $ snyk test ionic@1.6.5
  $ snyk test --show-vulnerable-paths=false
  $ snyk monitor --org=my-team
  $ snyk monitor --project-name=my-project
  $ snyk test --docker ubuntu:18.04 --org=my-team
  $ snyk test --docker app:latest --file=Dockerfile --policy-path=.snyk

Possible exit statuses and their meaning:

  - 0: success, no vulns found
  - 1: action_needed, vulns found
  - 2: failure, try to re-run command

Pro tip: use `snyk test` in your test scripts, if a vulnerability is
found, the process will exit with a non-zero exit code.

For more information see https://snyk.io