Snyk Disallow tool
-
Paid plan.
snyk-disallow uses Snyk APIs, only available in paid plans. -
Dep Graph API enabled for your account (contact us/your Customer Success Manager)
$ npm install -g snyk-disallowor
- Create an org
Disallowin your Snyk group. - Have your Snyk CLI configured or export SNYK_TOKEN env var with your token (export SNYK_TOKEN=token / set SNYK_TOKEN=token)
Get a viewer token for the Snyk Group to get a read|test-only token for CI or similar systems. (Ask your Customer Success Manager)
- create disallow list for corresponding package manager
- add package name + version to the list of your choice
- check projects|org against disallow list(s)
snyk-disallow help [COMMAND]snyk-disallow listsnyk-disallow create [LISTNAME] [PACKAGEMANAGER]snyk-disallow add [DEP] [VERSION] [LISTNAME]snyk-disallow view [LISTNAME]snyk-disallow check-project [ORGID] [PROJECTID] [LISTNAME (optional)]snyk-disallow check-org [ORGID] [LISTNAME (optional)]snyk test --print-deps --json | snyk-disallow test-project [ORGID] [LISTNAME (optional)]snyk-disallow rm [DEP] [VERSION] [LISTNAME]snyk-disallow delete [LISTNAME]