README
snyk-disallow
Snyk Disallow tool
Pre-requisites
Paid plan.
snyk-disallow uses Snyk APIs, only available in paid plans.Dep Graph API enabled for your account (contact us/your Customer Success Manager)
Installation
$ npm install -g snyk-disallow
or
Setup
- Create an org
Disallow
in your Snyk group. - Have your Snyk CLI configured or export SNYK_TOKEN env var with your token (export SNYK_TOKEN=token / set SNYK_TOKEN=token)
Usage
Read-only usage
Get a viewer token for the Snyk Group to get a read|test-only token for CI or similar systems. (Ask your Customer Success Manager)
Typical flow
- create disallow list for corresponding package manager
- add package name + version to the list of your choice
- check projects|org against disallow list(s)
Commands
snyk-disallow help [COMMAND]
snyk-disallow list
snyk-disallow create [LISTNAME] [PACKAGEMANAGER]
snyk-disallow add [DEP] [VERSION] [LISTNAME]
snyk-disallow view [LISTNAME]
snyk-disallow check-project [ORGID] [PROJECTID] [LISTNAME (optional)]
snyk-disallow check-org [ORGID] [LISTNAME (optional)]
snyk test --print-deps --json | snyk-disallow test-project [ORGID] [LISTNAME (optional)]
snyk-disallow rm [DEP] [VERSION] [LISTNAME]
snyk-disallow delete [LISTNAME]