snyk-report

Assists in generating human readable snyk reports for CI integration

Usage no npm install needed!

<script type="module">
  import snykReport from 'https://cdn.skypack.dev/snyk-report';
</script>

README

snyk-report

This module was created to allow for snyk.io integration into CI workflow.

It is a WIP. Long term goals are to allow failure of build depending on rulesets, which will be dependent upon various factors, such as..

  • Date of oldest vulnerability
  • Count of high / medium / low vulnerabilities

Getting Started

This module can be installed with npm.

npm install snyk-report --save-dev

Before this module can be used authentication with the Snyk API will need to be setup. For more details see Snyk CLI Authentication.

Alternatively this module allows the environment variable SNYK_API_TOKEN to be set containing the correct authentication token.

An example script has been included, which demonstrates snyk-report being run against either a directory pointed to by the REPO_DIR environment variable, or the current directory if it is not defined.

var report = require('snyk-report');
var targetDir = process.env.REPO_DIR || '.';
report(targetDir, function(err, output) {
  if (err) throw new Error(err);
  console.log(output.text);
});

To run the example script use the following command:

npm start

Running the tests

To run all the unit tests use:

npm test

 Linting

Linting for the project can be run with the following command.

npm run lint