Fix vulnerabilities using the Snyk CLI

The Snyk CLI provides support for fixing vulnerabilities found by using the snyk test command. For information about fixes in the Web UI, see Fix your vulnerabilities. For general information about patches, see Snyk patches to fix vulnerabilities.

If you are using snyk container test, see Understanding Snyk Container CLI results for information about resolving vulnerabilities found in a scan. If you are using snyk code test, see View Snyk Code CLI results. If you are using snyk iac test, see Understanding the IaC CLI test results.

Upgrade and patch results from the CLI

From the CLI, for each list (upgrade and patch), results are displayed in groups based on the packages Snyk recommends that you fix. The results include the following:

details for all vulnerabilities introduced per package; to view all dependency paths affected, use --show-vulnerable-paths=all when running snyk test or snyk monitor
links to full descriptions of each vulnerability

Upgrade and patch results appear similar to the following:

Patch recommendations appear similar to the following:

Snyk patches to fix vulnerabilities using the CLI

The protect command was replaced by @snyk/protect: https://github.com/snyk/snyk/tree/master/packages/snyk-protect; npm package for snyk-protect command. These pages have instructions for using the package and migrating from snyk protect.

PreviousCLI test results NextCLI commands and options summary

Last updated 9 months ago