Support Snyk Learn API reference Product updates Sign up for free

Ignore vulnerabilities using the Snyk CLI

For Snyk Open Source, these options work by default.

For Snyk Container, these options also work, but after registering an ignore, when you call snyk test or snyk monitor, you must use the --policy-path= option, for example: snyk container test node --policy-path=.snyk.

For Snyk Infrastructure as Code, see IaC ignores using the snyk policy file.

For Snyk Code, see Excluding directories and files from the Snyk Code CLI test.

Sometimes, Snyk alerts you to a vulnerability that has no update or Snyk patch available, or that you do not believe to be currently exploitable in your application. When this happens you may want to tell Snyk to ignore the vulnerability for a certain period of time.

You can ignore a specific vulnerability in a project using the snyk ignore command.

snyk ignore --id=<ISSUE_ID> [--expiry=<EXPIRY>] [--reason=<REASON>] [--policy-path=<PATH_TO_POLICY_FILE>] [<OPTIONS>]

The snyk ignore command updates the .snyk file and supports the following options:

PreviousAutomatic fixing with snyk fixNextInvalid string length error when scanning projects

Last updated

More information

Snyk privacy policy

© 2024 Snyk Limited | All product and company names and logos are trademarks of their respective owners.