Enables TeamCity integration with Snyk and allows users to test their applications against the Snyk vulnerability database.

• Overview
• Installation
• Usage
• Contributions
• License

Plugin supports following operations:

• test projects for known vulnerabilities
• take an application dependencies snapshot for continuous monitoring by Snyk
• create an HTML report displaying the vulnerabilities discovered

You can download the plugin and install it as an additional plugin for TeamCity 2018.2+.

Add Snyk Security step to build configuration and adjust parameters you need

Available configuration parameters:

• Severity threshold - Only report vulnerabilities of provided level or higher.
• Monitor project on build - Take a current application dependencies snapshot for continuous monitoring by Snyk.
• File - The path to the application manifest file to be scanned by Snyk.
• Organisation - The Snyk organisation in which this project should be tested and monitored.
• Project name - A custom name for the Snyk project created for this TeamCity project on every build.
• Additional parameters - Refer to the Snyk CLI help page for information on additional parameters.
• Snyk API token - The ID for the API token to be used to authenticate with Snyk.
• Snyk version - The bundled Snyk CLI version.
• Custom build tool path - Specify the path to the build tool used for the project if the checkbox Use custom build tool path is selected. Otherwise, auto-discover mode will be activated.

We appreciate all kinds of feedback, so please feel free to send a PR or submit an issue. Read our Contributors' Guide for details.

This project is licensed under the Apache License, Version 2.0.