Skip to content
forked from snyk/cli

Snyk CLI scans and monitors your projects for security vulnerabilities.

License

Notifications You must be signed in to change notification settings

candrews/snyk-cli

 
 

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 
 
 
 
 
 
 
 
 

Repository files navigation

@candrewsintegralblue/snyk

@candrewsintegralblue/snyk is a fork of snyk that adds a new subcommand, client-sbom, that creates an SBOM (Software Bill of Material) of the project being scanned entirely client side - there is no communication with the Snyk API, therefore no Snyk credentials are required and no network access is required.

The SBOM creation feature has been submitted via merge request to Snyk for inclusion in the official package, but so far, it hasn't been merged or included in any releases.

Snyk added an sbom command in v1.1071.0. However, this command generates the sbom on the Snyk server and requires an Enterprise plan to use. Therefore, this client side approach to generating the sbom is still valuable.

For background on why this improvement is a very useful enhancement to Snyk, see Creating SBOMs with the Snyk CLI.

For more information on how to use this feature, see the built in help: npx @candrewsintegralblue/snyk client-sbom --help

About

Snyk CLI scans and monitors your projects for security vulnerabilities.

Resources

License

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published