Snyk helps you find, fix, and monitor known vulnerabilities in your dependencies--both on an ad hoc basis and as part of your CI (build) system.
This repository is in maintenance mode, no new features are being developed. Bug & security fixes will continue to be delivered. Open source contributions are welcome for small features & fixes (no breaking changes)
Convert the Snyk CLI output to SPDX format. Note: This repository is not in active developemnt and critical bug fixes only will be considered.
snyk2spdx does not support using the --all-projects
flag with snyk test
. Please use only snyk test
-
Basic
snyk test --json | snyk2spdx
-
With output file:
snyk test --json | snyk2spdx --output=spdx.json
Commands:
snyk2spdx snyk:test Convert `snyk test --json` output to SPDX SBOM [default]
Options:
--version Show version number [boolean]
--help Show help [boolean]
--output Save the output to the specified file name. Defaults to stdout