Usage: $ snyk [options] [command] [package] The package argument is optional. If no package is given, Snyk will run the command against the current working directory allowing you test you non-public applications. Commands: auth [api-token] ... Sign into Snyk. test ............... Test for any known vulnerabilities. wizard ............. Configure your policy file to update, auto patch and ignore vulnerabilities in npm & yarn projects. protect ............ Protect your code from vulnerabilities and optionally suppress specific vulnerabilities. Note: Node.js only. monitor ............ Record the state of dependencies and any vulnerabilities on snyk.io. policy ............. Display the Snyk policy for a package. ignore ............. Modifies the .snyk policy to ignore stated issues. For more information run `snyk help ignore`. help [topic] ....... Display detailed help about commands and options. Options: --dev .............. Include devDependencies (defaults to production only). --file= ...... Sets package file. For more help run `snyk help file`. --org= ... Run snyk with a specific organisation. For more help run `snyk help orgs`. --ignore-policy .... Ignores and resets the state of your policy file. --trust-policies ... Applies and uses ignore rules from your dependencies's Snyk policies, otherwise ignore policies are only shown as a suggestion. --show-vulnerable-paths= Display the dependency paths from the top level dependencies, down to the vulnerable packages (defaults to true). Applicable to `snyk test`. --project-name= Specify a custom Snyk project name (`snyk monitor` only). --docker ........... Test or monitor a local docker image for Linux vulnerabilities. Can be used alongside `--file` and a path to the image's Dockerfile for more detailed remediation advice. --policy-path....... Manually pass a path to a policy file. --insecure ......... Ignore unknown certificate authorities. --json ............. Return results in JSON format. --dry-run .......... Don't apply updates or patches during protect. --severity-threshold= Only report vulnerabilities of provided level or higher. --gradle-sub-project= For Gradle "multi project" configurations, test a specific sub-project. -q, --quiet ........ Silence all output. -h, --help ......... This help information. -v, --version ...... The CLI version. Examples: $ snyk test $ snyk test ionic@1.6.5 $ snyk test --show-vulnerable-paths=false $ snyk monitor --org=my-team $ snyk monitor --project-name=my-project $ snyk test --docker ubuntu:18.04 --org=my-team $ snyk test --docker app:latest --file=Dockerfile --policy-path=.snyk Pro tip: use `snyk test` in your test scripts, if a vulnerability is found, the process will exit with a non-zero exit code. For more information see https://snyk.io