snyk-disallow v1.2.0

snyk-disallow

Snyk Disallow tool

This repository is in maintenance mode, no new features are being developed. Bug & security fixes will continue to be delivered. Open source contributions are welcome for small features & fixes (no breaking changes)

Pre-requisites

• Paid plan.\ snyk-disallow uses Snyk APIs, only available in paid plans.

• Dep Graph API enabled for your account (contact us/your Customer Success Manager)

Installation

$ npm install -g snyk-disallow

or

Download binary

Setup

• Create an org Disallow in your Snyk group.
• Have your Snyk CLI configured or export SNYK_TOKEN env var with your token (export SNYK_TOKEN=token / set SNYK_TOKEN=token)

Usage

Read-only usage

Get a viewer token for the Snyk Group to get a read|test-only token for CI or similar systems. (Ask your Customer Success Manager)

Typical flow

• create disallow list for corresponding package manager
• add package name + version to the list of your choice
• check projects|org against disallow list(s)

Commands

• snyk-disallow help [COMMAND]
• snyk-disallow list
• snyk-disallow create [LISTNAME] [PACKAGEMANAGER]
• snyk-disallow add [DEP] [VERSION] [LISTNAME]
• snyk-disallow view [LISTNAME]
• snyk-disallow check-project [ORGID] [PROJECTID] [LISTNAME (optional)]
• snyk-disallow check-org [ORGID] [LISTNAME (optional)]
• snyk test --print-deps --json | snyk-disallow test-project [ORGID] [LISTNAME (optional)]
• snyk-disallow rm [DEP] [VERSION] [LISTNAME]
• snyk-disallow delete [LISTNAME]