From 2faf2d16338b7d7b67e6faa116db6e4408864d15 Mon Sep 17 00:00:00 2001 From: adrobuta Date: Thu, 19 Dec 2024 16:38:23 +0200 Subject: [PATCH] fix: add container test doc info for --exclude-node-modules --- help/cli-commands/container-test.md | 6 ++++++ src/lib/types.ts | 1 + 2 files changed, 7 insertions(+) diff --git a/help/cli-commands/container-test.md b/help/cli-commands/container-test.md index 5daf638161..40d31f018e 100644 --- a/help/cli-commands/container-test.md +++ b/help/cli-commands/container-test.md @@ -116,6 +116,12 @@ Allow disabling scans for app vulnerabilities; in CLI versions 1.1090.0 (2023-01 In earlier releases, cannot be used with `--app-vulns`. +### `--exclude-node-modules` + +Allow disabling the scan of node_modules directories inside node.js container images; in CLI versions v1.1292.0 and higher, node_modules scanning is enabled by default. + +When the node_modules scan is disabled, snyk will report vulnerabilities for npm projects sourced from application file pairs: [package.json, package-lock.json], [package.json, yarn.lock]. + ### `--nested-jars-depth` When `app-vulns` is enabled, use the `--nested-jars-depth=n` option to set how many levels of nested jars Snyk is to unpack. Depth must be a number. diff --git a/src/lib/types.ts b/src/lib/types.ts index 33e6b7cea9..f83bca08fa 100644 --- a/src/lib/types.ts +++ b/src/lib/types.ts @@ -75,6 +75,7 @@ export interface Options { // Used with the Docker plugin only. Allows application scanning. 'app-vulns'?: boolean; 'exclude-app-vulns'?: boolean; + 'exclude-node-modules'?: boolean; debug?: boolean; sarif?: boolean; 'group-issues'?: boolean;