snyk-disallow

Snyk Disallow tool

Usage no npm install needed!

<script type="module">
  import snykDisallow from 'https://cdn.skypack.dev/snyk-disallow';
</script>

README

snyk-disallow

Snyk Disallow tool

oclif Version CircleCI Downloads/week License

Pre-requisites

  • Paid plan.
    snyk-disallow uses Snyk APIs, only available in paid plans.

  • Dep Graph API enabled for your account (contact us/your Customer Success Manager)

Installation

$ npm install -g snyk-disallow

or

Download binary

Setup

  • Create an org Disallow in your Snyk group.
  • Have your Snyk CLI configured or export SNYK_TOKEN env var with your token (export SNYK_TOKEN=token / set SNYK_TOKEN=token)

Usage

asciicast

Read-only usage

Get a viewer token for the Snyk Group to get a read|test-only token for CI or similar systems. (Ask your Customer Success Manager)

Typical flow

  • create disallow list for corresponding package manager
  • add package name + version to the list of your choice
  • check projects|org against disallow list(s)

Commands

  • snyk-disallow help [COMMAND]
  • snyk-disallow list
  • snyk-disallow create [LISTNAME] [PACKAGEMANAGER]
  • snyk-disallow add [DEP] [VERSION] [LISTNAME]
  • snyk-disallow view [LISTNAME]
  • snyk-disallow check-project [ORGID] [PROJECTID] [LISTNAME (optional)]
  • snyk-disallow check-org [ORGID] [LISTNAME (optional)]
  • snyk test --print-deps --json | snyk-disallow test-project [ORGID] [LISTNAME (optional)]
  • snyk-disallow rm [DEP] [VERSION] [LISTNAME]
  • snyk-disallow delete [LISTNAME]