gulp-snyk

gulp plugin for using Snyk

Install

$ npm install --save-dev gulp-snyk

Or

$ yarn add --dev gulp-snyk

Usage

To only break the build on vulnerabilities, use snyk without any options

const snyk = require('gulp-snyk');
gulp.task('protect', function(cb) {
  return snyk({ command: 'protect' }, cb);
});
gulp.task('prepare', 'protect');

A more feature-ful configuration might be

const snyk = require('gulp-snyk');
gulp.task('protect', function(cb) {
  return snyk({ command: 'protect' }, cb);
});
gulp.task('auth', function() {
  return snyk({ command: 'auth' }, cb);
});
gulp.task('test', ['auth'], function() {
  return snyk({ command: 'test' }, cb);
});
gulp.task('prepare', 'protect');

Note the dependency on auth for the test task -- Snyk now requires authentication, so we make sure that the user is logged in before running the test. You will also need to add a Snyk token as an environment variable to your CI server.

And then, in your package.json

{
  "scripts": {
    "prepublish": "gulp prepublish",
    "test": "gulp test"
  }
}

You may also consider adding an npm alias for gulp auth.

For a real-world use-case, check out the clefs plugin generator

API

snyk([options], cb)

options

A hash of options to configure snyk. If this is omitted, then it is the equivalent of passing the following options hash.

gulp.task('snyk-test', function(cb) {
    return snyk({command: 'test', directory: process.cwd(), debug: false, options: { dev: true }}, cb);
});

command

Type: string
Default: test Example:

gulp.task('protect', function(cb) {
    return snyk({command: 'protect'}, cb);
});

One of the snyk command-line commands. For instance: auth, test, wizard, protect, monitor, policy.

directory

Type: string
Default: process.cwd() Example:

gulp.task('snyk-test', function(cb) {
    return snyk({command: 'test', directory: path.join(process.cwd(), 'packages', 'my-package')}, cb);
});

The directory that contains the package on which to run the snyk command.

options

Type: object
Default: { dev: true } Example:

gulp.task('snyk-wizard', function(cb) {
    return snyk({command: 'wizard', options: {help: true}}, cb);
});

The options supported by the snyk command line.

debug

Type: boolean
Default: false Example:

gulp.task('snyk-help', function(cb) {
    return snyk({command: 'test', debug: true}, cb);
});

Turns on debug logging

cb

The callback from the asynchronous gulp task, the function passed as the first argument to the gulp task callback. For example:

gulp.task('protect', function(cb) {
  return snyk({ command: 'protect' }, cb);
});

License

MIT © Doug Wade