gulp-snyk
gulp plugin for using Snyk
Install
$ npm install --save-dev gulp-snyk
Or
$ yarn add --dev gulp-snyk
Usage
To only break the build on vulnerabilities, use snyk without any options
const snyk = ;gulp;gulp;
A more feature-ful configuration might be
const snyk = ;gulp;gulp;gulp;gulp;
Note the dependency on auth
for the test
task -- Snyk now requires authentication, so we make sure
that the user is logged in before running the test. You will also need to add a Snyk token
as an environment variable to your CI server.
And then, in your package.json
"scripts": "prepublish": "gulp prepublish" "test": "gulp test"
You may also consider adding an npm alias for gulp auth
.
For a real-world use-case, check out the clefs plugin generator
API
snyk([options], cb)
options
A hash of options to configure snyk. If this is omitted, then it is the equivalent of passing the following options hash.
gulp;
command
Type: string
Default: test
Example:
gulp;
One of the snyk command-line commands. For instance: auth, test, wizard, protect, monitor, policy.
directory
Type: string
Default: process.cwd()
Example:
gulp;
The directory that contains the package on which to run the snyk command.
options
Type: object
Default: { dev: true }
Example:
gulp;
The options supported by the snyk command line.
debug
Type: boolean
Default: false
Example:
gulp;
Turns on debug logging
cb
The callback from the asynchronous gulp task, the function passed as the first argument to the gulp task callback. For example:
gulp;
License
MIT © Doug Wade