Tool: snyk-filter
The snyk-filter tool provides custom filtering for Snyk CLI output. snyk-filter takes the JSON-formatted output from the Snyk CLI, for example, snyk test --json and applies custom filtering of the results, as well as options to fail your build.

Clone and install snyk-filter

First, clone the repo. Then run:
npm install -g
snyk-filter uses the node-jq library, which requires that a jq binary be installed. This typically happens transparently via npm install -g, but on some systems jq is not properly installed locally. If you receive an error after installation regarding node-jq, then install jq manually to avoid this error.
1
# install jq ahead of time (ubuntu example)
2
sudo apt-get install -y jq
3
4
# tell node-jq to skip trying to install it on its own
5
export NODE_JQ_SKIP_INSTALL_BINARY=true
6
7
# tell node-jq where the existing jq binary is
8
export JQ_PATH=$(which jq)
9
10
# finally, install snyk-filter (does not work with node version > 12)
11
sudo npm install -g
Copied!

Usage

  1. 1.
    Implement your custom jq filters in a .snyk-filter/snyk.yml file relative to your current working directory where you are running snyk test. See sample-filters and tweak things from there; use JQPlay
  2. 2.
    Then pipe your snyk test --json output into snyk-filter or use the -i argument to input a JSON file. Use the -f argument to point to the yml file containing your custom filters if you are not using the default location (.snyk-filter/snyk.yml).
  3. 3.
    The return code from snyk-filter is 0 for pass (no issues) and 1 for fail (issues found).

Example with Snyk CLI (using .snyk-filter/snyk.yml by default)

snyk test --json | snyk-filter

Example with Snyk CLI and custom yml file location

snyk test --json | snyk-filter -f /path/to/example-cvss-9-or-above.yml

Example to input a JSON file

snyk-filter -i snyk_results.json

Example with custom yml file location

snyk-filter -i snyk_results.json -f /path/to/example-high-upgradeable-vulns.yml

Options

--json to output JSON

License

License: Apache License, Version 2.0