search
SupportSnyk LearnAPI referenceProduct updatesSign up for free
githubEdit

View Snyk Code CLI results

The Snyk CLI enables you to perform the following actions on the results of the snyk code test command:

circle-info

For snyk code test, the JSON and SARIF formats are the same; thus, examples are shown in only one format.

You can also display the CLI results in HTML format using snyk-to-html.

hashtag
Analyze Snyk Code CLI results

After you run the snyk code test command in the CLI, the results of the test are displayed:

Snyk Code test restuls from the CLI
Snyk Code test restuls from the CLI

Note that if you ignored issues on the Snyk Web UI, these issues would still appear in the CLI results. Each section on this page explains one section of the displayed results.

hashtag
List of vulnerability issues detected by Snyk Code

The list of issues discovered in the Snyk Code test is organized by the severity level of the issues, from low to high.

For each detected issue, the following information is provided:

CLI test information for each Snyk Code issue
CLI test information for each Snyk Code issue

  • Header: The severity level and vulnerability type of the issue.

  • Path: The file name and the line in the file where the issue was found. These location details refer to the sink of the issue, meaning where the vulnerability may be executed in the tested repository.

  • Info: A description of the data flow of the issue.

The message that appears in the Info section is the same as the one in the Data flow section on the Web UI:

CLI test Info for Snyk Code issue in the Data flow section
CLI test Info for Snyk Code issue in the Data flow section

hashtag
General information about the test results

The general information about the test results includes the following details:

Details in general information about the CLI test results
Detals in general information about the CLI test results

  • Test success: Whether the test was completed or not.

  • Organization: The Snyk ID or internal name of the Organization under which the test run. For more information, see Set the Snyk Organization for the CLI tests.

  • Test type: The type of test command that generated the results. For Snyk Code, it is always Static code analysis.

  • Project path: The path of the tested repository.

hashtag
Summary of the test findings

The summary of the test findings includes the following details:

Summary ot CLI test findings for Snyk Code issues
Summary ot CLI test findings for Snyk Code issues

  • The number of vulnerability issues that Snyk Code discovered in the tested repository.

  • The number of discovered issues at each severity level.

circle-info

The snyk code test command has exit codes. See the help for definitions of these codes. To see the exit code, run snyk code test -d.

For a summary of exit codes for all CLI commands, see the CLI commands and options summary.

hashtag
Filter results by severity level

You can filter the test results that are shown in the CLI terminal and display only issues with a specific severity level and higher.

To display only issues above a specific severity level, enter the following:

The results will include only issues with the specified severity level and issues with a higher severity level.

For example, in the snyk-goof-master folder, eight issues were found, four with a High severity level and four with Medium:

CLI test results for Snyk Code with High and Medium severity
CLI test results for Snyk Code with High and Medium severity

To display only issues with a High severity level and above, enter the following:

The results show four issues, all with a High severity level. Issues with a lower severity level are not displayed:

CLI test results for Snyk Code with High severity

hashtag
Severity levels in JSON and SARIF files

The severity levels of the issues discovered by running snyk code test are displayed differently in JSON and SARIF files. The severity levels in the JSON and SARIF results are as follows:

  • High = error

  • Medium = warning

  • Low = note/info

The designation Critical is not used in Snyk Code.

An example of medium-level severity displayed in the terminal follows:

Medium severity in JSON or SARIF output
Medium severity in JSON or SARIF output

The following shows examples of high-level and low-level severity in a file:

High and low severity levels in JSON or SARIF file
High and low severity levels in JSON or SARIF file

hashtag
Output test results

You can output the snyk code test results to JSON or SARIF format in the terminal instead of displaying the results in the Snyk CLI format.

You can also export the test results to a JSON or SARIF format file. SARIF is an open standard for the output of static analysis tools. For more information, see the SARIF sitearrow-up-right.

The severity levels of the issues discovered by running snyk code test and reported in JSON and SARIF files are displayed differently from the results in the terminal. For more information, see Severity levels in the JSON and SARIF files.

To output the test results to JSON format, enter the following:

To output the test results to SARIF format, enter the following:

The test results appear in the terminal in JSON or SARIF format.

Because JSON and SARIF are the same for snyk code test, only a JSON example is shown here. The example shows how to output the test results of the snyk-goof-master folder in JSON format in the terminal by using the following command:

The test results appear in the terminal in JSON format:

snyk code test results in JSON format
snyk code test results in JSON format

hashtag
Export test results

You can export the snyk code test results to a JSON or SARIF format file. When you export the results, you must provide a name for the new file.

You can also output the test results to JSON or SARIF format in the terminal.

The severity levels of the issues discovered by running snyk code test and reported in JSON and SARIF files are displayed differently from the results in the terminal. For more information, see Severity levels in the JSON and SARIF files.

You can use two methods to export the results to either a JSON or SARIF file. The following instructions show a JSON file, but you can also export a SARIF file.

hashtag
Export test results to a new file with a standard display of results in the terminal

The snyk code test --json-file-output=<path/to/new_file> command is available in the Snyk CLI v. 1.910.0 and higher. To update your Snyk CLI version, see Install or update the Snyk CLI.

To export the results to a new JSON file, with a standard display of results in the terminal, use the following command:

To export the test results to a new SARIF file, use the following command:

The test results appear in the terminal in the standard format, and a JSON or SARIF file is created in the path you specified.

Because JSON and SARIF are the same for snyk code test, only a JSON example is shown here. To export the test results of the snyk-goof-master folder to a JSON file called json, change the directory to the root folder of the repository, and enter the following:

In the terminal, the Code test results appear in the standard format:

snyk code test results in the terminal
snyk code test results in the terminal

In the repository folder, a JSON file is created:

JSON file in repository
JSON file in repository

hashtag
Export the results to a new file without a display of results in the terminal

To export the results to a new JSON file without displaying the results in the terminal, use the following command:

To export the results to a SARIF file without displaying the results in the terminal, use the following command:

PreviousExclude directories and files from Snyk Code CLI testsNextSnyk CLI for Snyk Container

Last updated

Was this helpful?