SupportAPI docsProduct updatesSign up for free
Search…
Snyk User Documentation
Introducing Snyk
Implementing Snyk in your teams
Getting started
Snyk Web UI
Snyk CLI
Snyk API
Snyk for IDEs
Snyk Apps
Snyk Integrations
SNYK PRODUCTS
Snyk Open Source
Snyk Code
Snyk Container
Snyk Infrastructure as Code
USING SNYK
Snyk Broker
User and group management
Fixing and prioritizing issues
Reports
Snyk Tools
SNYK INFO
Disclosing vulnerabilities
How Snyk handles your data
Snyk Partner workshops
Atlassian Integrations
AWS Integrations
Snyk Integrations
Snyk Account
CircleCI
Docker
Dynatrace
GCP
GitHub
Microsoft Azure
Oracle Cloud Infrastructure
Red Hat
SpringOne
Workshop Overview
Create Github Repository
Configure Snyk for DevSecOps
Developer Environment and Snyk
Clone SPC Repository
Authenticate with Snyk
Snyk Test using CLI
Snyk test using Maven
Validate Kubernetes files with Snyk
CI/CD Pipeline
Snyk Open-Source (SCA)
Snyk CI/CD
Snyk Containers
Snyk Infrastructure as Code (IaC)
Workshop Wrap Up
Powered By GitBook
Snyk Test using CLI

Testing your SPC applications

From the root directory of the SPC application, execute the Snyk command below. The Snyk test command will test your dependencies for vulnerabilities and tell you how many vulnerabilities are found.
1
snyk test
Copied!
Snyk CLI offers a number of switches for specific use cases and formatting of output.
Since we did not build the application the scan will take longer. This will take ~2 mins. If we packaged the application the scan will take 30 seconds.

Results of running Snyk test

Snyk test displays a list of vulnerabilities grouped by fixable and non-fixable issues followed by license compliance issues. Take a minute to review the output, similar to the results below. Snyk provides fixG advice for fixable vulnerabilities.
1
Tested 83 dependencies for known issues, found 22 issues, 22 vulnerable paths.
2
​
3
​
4
Issues to fix by upgrading:
5
​
6
Upgrade org.webjars:[email protected] to org.webjars:[email protected] to fix
7
✗ Cross-site Scripting (XSS) [Medium Severity][https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARS-451160] in org.webjars:[email protected]
8
✗ Cross-site Scripting (XSS) [Medium Severity][https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARS-451162] in org.webjars:[email protected]
9
✗ Cross-site Scripting (XSS) [Medium Severity][https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARS-451164] in org.webjars:[email protected]
10
✗ Cross-site Scripting (XSS) [Medium Severity][https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARS-451168] in org.webjars:[email protected]
11
✗ Cross-site Scripting (XSS) [Medium Severity][https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARS-479505] in org.webjars:[email protected]
Copied!

Additional Examples of using Snyk Test

Testing a Container image

Tests a local container image. If the image is not available locally, Snyk will try to pull it from Docker Hub.
1
snyk test --docker openjdk:8
Copied!
This scan takes about 30 seconds as the image is downloaded.

Test public repositories before use

To test a public Github, BitBucket or GitLab repository, run snyk test and include the Github URL to the repo.
1
snyk test https://github.com/snyk/goof
Copied!
The following git URL formats are supported:
  • git://github.com/user/project.git#commit-ish
  • https://github.com/user/project#commit-ish
  • user/project#commit-ish
Previous
Authenticate with Snyk
Next
Snyk test using Maven
Last modified 8d ago
Export as PDF
Copy link
Edit on GitHub
Contents
Testing your SPC applications
Results of running Snyk test
Additional Examples of using Snyk Test
Testing a Container image
Test public repositories before use