Snyk

Code Commands

Perform static application security testing (SAST) to find vulnerabilities in source code.

6 commands

Pro Tips

Snyk Code works offline and doesn't upload code

$ snyk code test

Run static code analysis (SAST).

$ snyk code test ./src

Scan specific directory.

$ snyk code test --json

Output code findings as JSON.

$ snyk code test --sarif

Output in SARIF for GitHub integration.

$ snyk code test --severity-threshold=high

Only report high or critical code issues.

$ snyk code test --exclude=test,dist,node_modules

Exclude directories from code analysis.