Support
API docs
Product updates Sign up for free

View Snyk Code CLI results

The Snyk CLI enables you to perform the following actions on the results of the snyk code test command:

You can also display the CLI results in HTML format using the Snyk-to-HTML feature.

Analyze Snyk Code CLI results

After you run the snyk code test command in the CLI, the results of the test are displayed:

Note that if you ignored issues on the Snyk Web UI, these issues would still appear in the CLI results. Each section on this page explains one section of the results displayed.

List of vulnerability issues detected by Snyk Code

The list of issues discovered in the Snyk Code test is organized by the severity level of the issues, from low to high.

For each detected issue, the following information is provided:

  • Header: The severity level and vulnerability type of the issue.

  • Path: The file name and the line in the file where the issue was found. These location details refer to the Sink of the issue, meaning where the vulnerability may be executed in the tested repository.

  • Info: A description of the data flow of the issue.

The message that appears in the Info section is the same as the one in the Data flow section on the Web UI:

General information about the test results

The general information about the test results includes the following details:

  • Test success: Whether the test was completed or not.

  • Organization: The Snyk ID or internal name of the Organization under which the test run. For more information, see Set the Snyk Organization for the CLI tests.

  • Test type: The type of test command that generated the results. For Snyk Code, it is always Static code analysis.

  • Project path: The path of the tested repository.

Summary of the test findings

The summary of the test findings includes the following details:

  • The number of vulnerability issues that Snyk Code discovered in the tested repository.

  • The number of discovered issues at each severity level.

The snyk code test command has exit codes. See the help for definitions of these codes. To see the exit code, run snyk code test -d.

For a summary of exit codes for all CLI commands, see the CLI commands and options summary.

Filter results by severity level

You can filter the test results that are shown in the CLI terminal and display only issues with a specific severity level and higher.

To display only issues above a specific severity level, enter the following:

snyk code test <path/to/folder> --severity-threshold=<low|medium|high|critical>

The results will include only issues with the specified severity level and issues with a higher severity level.

For example, in the snyk-goof-master folder, eight issues were found, four with a High severity level and four with Medium:

To display only issues with a High severity level and above, enter the following:

snyk code test /Users/username/Documents/Repositories/snyk-goof-master --severity-threshold=high

The results show four issues, all with a High severity level. Issues with a lower severity level are not displayed:

Severity levels in JSON and SARIF files

The severity levels of the issues discovered by running snyk code test are displayed differently in JSON and SARIF files. The severity levels in the JSON and SARIF results are as follows:

  • High = error

  • Medium = warning

  • Low = note/info

An example follows:

Output test results

You can output the snyk code test results to JSON or SARIF format in the terminal instead of displaying the results in the Snyk CLI format.

You can also export the test results to a JSON or SARIF format file.

SARIF is an open standard for the output of static analysis tools. For more information, see the SARIF site.

The severity levels of the issues discovered by running snyk code test are displayed differently in JSON and SARIF outputs. The severity levels in the JSON and SARIF results are as follows:

  • High = error

  • Medium = warning

  • Low = note/info

The designation Critical is not used in Snyk Code.

An example of medium level severity follows:

Output test results in JSON format

To output the test results to a JSON format, enter the following:

snyk code test <path/to/folder> --json

The test results appear in the terminal in JSON format.

For example, to output the test results of the snyk-goof-master folder in JSON format in the terminal, enter:

snyk code test /Users/username/Documents/Repositories/snyk-goof-master --json

The test results appear in the terminal in JSON format:

Output test results in SARIF format

To output the test results to SARIF format, enter the following:

snyk code test <path/to/folder> --sarif

The test results appear in the terminal in SARIF format.

For example, to output the test results of the snyk-goof-master folder in SARIF format, enter:

snyk code test /Users/username/Documents/Repositories/snyk-goof-master --sarif

The test results appear in the terminal in SARIF format:

Export test results

You can export the snyk code test results to a JSON or SARIF format file. When you export the results, you must provide a name for the new file.

You can also output the test results to JSON or SARIF format in the terminal.

The severity levels of the issues discovered by running snyk code test are displayed differently in JSON and SARIF files. For more information, see Severity levels in the JSON and SARIF files.

Export methods

You can use two methods to export the results, either to a JSON or SARIF file. The following instructions show a JSON file, but you can also export a SARIF file.

  • Export the results to a new file, without a result display in the terminal:

snyk code test --json > <path/to/new_file>

  • Export the results to a new file, with a standard result display in the terminal:

snyk code test --json-file-output=<path/to/new_file>

The snyk code test --json-file-output=<path/to/new_file> command is available in Snyk CLI v. 1.910.0 and higher. To update your Snyk CLI version, see Install or update the Snyk CLI.

Export test results to a JSON file

To export the test results to a JSON file, enter the following:

snyk code test --json-file-output=<path/to/new_json_file>

The test results appear in the terminal in the standard format, and a JSON file is created in the path you specified.

If you want to export the results to a JSON file without displaying the results in the terminal, enter:

snyk code test --json > <path/to/new_json_file>

For example, to export the test results of the snyk-goof-master folder to a JSON file called json, change the directory to the root folder of the repository, and enter the following:

snyk code test --json-file-output=json

In the terminal, the Code test results appear in the standard format:

In the repository folder, a JSON file is created:

Export test results to a SARIF file

To export the test results to a SARIF file, enter the following:

snyk code test --sarif-file-output=<path/to/new_sarif_file>

The test results appear in the terminal in the standard format, and a SARIF file is created in the path you specified.

If you want to export the results to a SARIF file without displaying the results in the terminal, enter:

snyk code test --sarif > <path/to/new_sarif_file>

For example, to export the test results of the snyk-goof-master folder to a SARIF file called sarif, change the directory to the root folder of the repository, and enter the following:

snyk code test --sarif-file-output=sarif

In the terminal, the test results appear in the standard format:

In the repository folder, a SARIF file is created:

PreviousExclude directories and files from Snyk Code CLI testsNextSnyk CLI for Snyk Container

Last updated

More information

Snyk privacy policy

© 2023 Snyk Limited | All product and company names and logos are trademarks of their respective owners.