docs: synchronizing help from snyk/user-docs (#4820)

Co-authored-by: PeterSchafer <[email protected]>

help/cli-commands/code-test.md

@@ -8,9 +8,9 @@
 
 The `snyk code test` command tests for any known security issues using Static Code Analysis.
 
-For more information see [Using Snyk Code via the CLI](../../scan-applications/snyk-code/using-snyk-code-from-the-cli/).
+For more information see [Using Snyk Code via the CLI](../../scan-application-code/snyk-code/using-snyk-code-from-the-cli/).
 
-For instructions on ignoring issues with `snyk code test` see [Excluding directories and files from the Snyk Code CLI test](../../scan-applications/snyk-code/using-snyk-code-from-the-cli/excluding-directories-and-files-from-the-snyk-code-cli-test.md).
+For instructions on ignoring issues with `snyk code test` see [Excluding directories and files from the Snyk Code CLI test](../../scan-application-code/snyk-code/cli-for-snyk-code/excluding-directories-and-files-from-the-snyk-code-cli-test.md).
 
 ## Exit codes
 

help/cli-commands/iac-test.md

@@ -194,7 +194,7 @@ Note: This option supersedes`--remote-repo-url`, if both options are used togeth
 
 This can be used in combination with the `--report` option.
 
-Specify a reference which differentiates this project, for example, a branch name or version. Projects having the same reference can be grouped based on that reference.
+Specify a reference that differentiates this project, for example, a branch name or version. Projects having the same reference can be grouped based on that reference.
 
 Example, setting to the current Git branch:
 

help/cli-commands/monitor.md

@@ -141,8 +141,6 @@ For C++ only, scan all files for known open source dependencies.
 
 For options you can use with `--unmanaged` see [Options for scanning using `--unmanaged`](https://docs.snyk.io/snyk-cli/commands/monitor#options-for-scanning-using-unmanaged)
 
-For more information see [Snyk for C/C++](https://docs.snyk.io/products/snyk-open-source/language-and-package-manager-support/snyk-for-c-c++)
-
 ### `--ignore-policy`
 
 Ignore all set policies, the current policy in the `.snyk` file, org level ignores, and the project policy on snyk.io.
@@ -159,9 +157,9 @@ Example: `$ snyk monitor --project-name=my-project`
 
 ### `--target-reference=<TARGET_REFERENCE>`
 
-Specify a reference which differentiates this project, for example, a branch name or version. Projects having the same reference can be grouped based on that reference. Supported for Snyk Open Source and use with `--unmanaged`.
+Specify a reference that differentiates this project, for example, a branch name or version. Projects having the same reference can be grouped based on that reference. Supported for Snyk Open Source and use with `--unmanaged`.
 
-For more information see [Separating projects by branch or version](https://docs.snyk.io/snyk-cli/secure-your-projects-in-the-long-term/grouping-projects-by-branch-or-version)
+For more information see [Group projects by branch or version](https://docs.snyk.io/snyk-cli/secure-your-projects-in-the-long-term/grouping-projects-by-branch-or-version)
 
 ### `--policy-path=<PATH_TO_POLICY_FILE>`
 
@@ -213,8 +211,6 @@ This is an alias for `--project-tags`
 
 ## Options for Maven projects
 
-For more information about Maven CLI options see [Snyk for Java and Kotlin](https://docs.snyk.io/products/snyk-open-source/language-and-package-manager-support/snyk-for-java-gradle-maven)
-
 **Note**: The `--dev` option can be used with Maven projects. See also the [`--dev` option help](https://docs.snyk.io/snyk-cli/commands/monitor#dev)
 
 ### `--maven-aggregate-project`
@@ -247,8 +243,6 @@ Auto-detect Maven, JAR, WAR, and AAR files recursively from the current folder.&
 
 ## Options for Gradle projects
 
-For more information about Gradle CLI options see [Snyk for Java and Kotlin](https://docs.snyk.io/products/snyk-open-source/language-and-package-manager-support/snyk-for-java-gradle-maven)
-
 ### `--sub-project=<NAME>`, `--gradle-sub-project=<NAME>`
 
 For Gradle "multi project" configurations, monitor a specific sub-project.
@@ -405,8 +399,6 @@ Use this option to see what files contributed to each dependency identified.
 
 To see how confident Snyk is about the identified dependency and its version, use the `--print-deps` or `--print-dep-paths` option.
 
-For more information on uses of CLI options for C/C++ projects see [Snyk for C / C++](https://docs.snyk.io/products/snyk-open-source/language-and-package-manager-support/snyk-for-c-c++)
-
 ## Options for build tools
 
 ### `-- [<CONTEXT-SPECIFIC_OPTIONS>]`

help/cli-commands/sbom.md

@@ -10,7 +10,7 @@ The `snyk sbom` feature requires an internet connection.
 
 ## Usage
 
-`$ snyk sbom --format=<cyclonedx1.4+json|cyclonedx1.4+xml|spdx2.3+json> [--file=<FILE>] [--unmanaged] [--org=<ORG_ID>] [--dev] [--all-projects] [--name=<NAME>] [--version=<VERSION>] [--exclude=<NAME>[,<NAME>...]] [--detection-depth=<DEPTH>] [--prune-repeated-subdependencies|-p] [--json-file-output=<OUTPUT_FILE_PATH>] [<TARGET_DIRECTORY>]`
+`$ snyk sbom --format=<cyclonedx1.4+json|cyclonedx1.4+xml|spdx2.3+json> [--file=<FILE>] [--unmanaged] [--org=<ORG_ID>] [--dev] [--all-projects] [--name=<NAME>] [--version=<VERSION>] [--exclude=<NAME>[,<NAME>...]] [--detection-depth=<DEPTH>] [--prune-repeated-subdependencies|-p] [--maven-aggregate-project] [--scan-unmanaged] [--scan-all-unmanaged] [--sub-project=<NAME>] [--gradle-sub-project=<NAME>] [--all-sub-projects] [--configuration-matching=<CONFIGURATION_REGEX>] [--configuration-attributes=<ATTRIBUTE>[,<ATTRIBUTE>]] [--init-script=<FILE>] [--json-file-output=<OUTPUT_FILE_PATH>] [<TARGET_DIRECTORY>]`
 
 ## Description
 
@@ -126,6 +126,64 @@ Optional. Instruct the CLI to autodetect a package manager manifest file to use
 
 Optional. Save the SBOM output as a JSON data structure directly to the specified file. This requires the SBOM `--format` to include `+json`.
 
+## Options for Maven projects
+
+### `--maven-aggregate-project`
+
+Use `--maven-aggregate-project` instead of `--all-projects` when scanning Maven aggregate projects, that is, ones that use modules and inheritance.
+
+When scanning these types of projects, Snyk performs a compile to ensure all modules are resolvable by the Maven reactor.
+
+Be sure to run the scan in the same directory as the root pom.xml file.
+
+### `--scan-unmanaged`
+
+To scan individual JAR, WAR, or AAR files, use the following:
+
+`--scan-unmanaged --file=<JAR_FILE_NAME>`
+
+### `--scan-all-unmanaged`
+
+Auto-detect Maven, JAR, WAR, and AAR files recursively from the current folder.&#x20;
+
+**Note**: Custom-built JAR files, even with open-source dependencies, are not supported.
+
+## Options for Gradle projects
+
+### `--sub-project=<NAME>`, `--gradle-sub-project=<NAME>`
+
+For Gradle "multi project" configurations, scan a specific sub-project.
+
+### `--all-sub-projects`
+
+For "multi project" configurations, scan all sub-projects.
+
+### `--all-projects`
+
+See also the `--all-projects` option information in the Options section of this help.
+
+Use for monorepos. This detects all supported manifests.
+
+For Gradle monorepos Snyk looks only for root level `build.gradle` and `build.gradle.kts` files and applies the same logic as `--all-sub-projects` behind the scenes.
+
+This option is designed to be run in the root of your monorepo.
+
+### `--configuration-matching=<CONFIGURATION_REGEX>`
+
+Resolve dependencies using only configuration(s) that match the specified Java regular expression.
+
+Example: `^releaseRuntimeClasspath$`
+
+### `--configuration-attributes=<ATTRIBUTE>[,<ATTRIBUTE>]...`
+
+Select certain values of configuration attributes to install and resolve dependencies.
+
+Example: `buildtype:release,usage:java-runtime`
+
+### `--init-script=<FILE>`
+
+Use for projects that contain a Gradle initialization script.
+
 ## Examples for the snyk sbom command
 
 ### Create a CycloneDX JSON document for a local software project

help/cli-commands/test.md

@@ -138,8 +138,6 @@ For C++ only, scan all files for known open source dependencies.
 
 For options you can use with `--unmanaged` see [Options for scanning using `--unmanaged`](https://docs.snyk.io/snyk-cli/commands/test#options-for-scanning-using-unmanaged)
 
-For more information see [Snyk for C/C++](https://docs.snyk.io/products/snyk-open-source/language-and-package-manager-support/snyk-for-c-c++)
-
 ### `--ignore-policy`
 
 Ignore all set policies, the current policy in the `.snyk` file, org level ignores, and the project policy on snyk.io.
@@ -162,9 +160,9 @@ Specify a custom Snyk project name.
 
 ### `--target-reference=<TARGET_REFERENCE>`
 
-Specify a reference which differentiates this project, for example, a branch name or version. Projects having the same reference can be grouped based on that reference. Supported for Snyk Open Source except for use with `--unmanaged`.
+Specify a reference that differentiates this project, for example, a branch name or version. Projects having the same reference can be grouped based on that reference. Supported for Snyk Open Source except for use with `--unmanaged`.
 
-For more information see [Separating projects by branch or version](https://docs.snyk.io/snyk-cli/secure-your-projects-in-the-long-term/grouping-projects-by-branch-or-version)
+For more information see [Group projects by branch or version](https://docs.snyk.io/snyk-cli/secure-your-projects-in-the-long-term/grouping-projects-by-branch-or-version)
 
 You can use `--target-reference=<TARGET_REFERENCE>` when running tests to apply the same ignores and policies as for a monitored target.
 
@@ -220,8 +218,6 @@ To fail on any vulnerability (the default behavior), do not use the `--fail-on`
 
 ## Options for Maven projects
 
-For more information see [CLI help for Maven Projects: Aggregate projects](https://docs.snyk.io/scan-application-code/snyk-open-source/language-and-package-manager-support/snyk-for-java-gradle-maven#cli-help-for-maven-projects-aggregate-projects)
-
 **Note**: The `--dev` option can be used with Maven projects. See also the [`--dev` option help](https://docs.snyk.io/snyk-cli/commands/test#dev)
 
 ### `--maven-aggregate-project`
@@ -252,8 +248,6 @@ Auto-detect Maven, JAR, WAR, and AAR files recursively from the current folder.&
 
 **Note:** If you see the invalid string length error, refer to [Invalid string length error when scanning projects](https://docs.snyk.io/snyk-cli/test-for-vulnerabilities/invalid-string-length-error-when-scanning-projects)
 
-For more information see [CLI help for Gradle projects](https://docs.snyk.io/scan-application-code/snyk-open-source/language-and-package-manager-support/snyk-for-java-gradle-maven#cli-help-for-gradle-projects)
-
 ### `--sub-project=<NAME>`, `--gradle-sub-project=<NAME>`
 
 For Gradle "multi project" configurations, test a specific sub-project.
@@ -296,7 +290,7 @@ When you are monitoring a .NET project using NuGet `PackageReference` uses the p
 
 ### `--file=<filename>.sln`
 
-Test all .NET projects included in the given `.sln` file. Projects referred to must have supported manifests. See [Snyk for .NET](https://docs.snyk.io/scan-application-code/snyk-open-source/snyk-open-source-supported-languages-and-package-managers/snyk-for-.net#snyk-cli-for-.net-projects)
+Test all .NET projects included in the given `.sln` file. Projects referred to must have supported manifests.
 
 Example: `snyk test --file=myApp.sln`
 
@@ -454,8 +448,6 @@ Use this option to see what files contributed to each dependency identified.
 
 To see how confident Snyk is about the identified dependency and its version, use the `--print-deps` or `--print-dep-paths` option.
 
-For more information on uses of CLI options for C/C++ projects see [Snyk for C / C++](https://docs.snyk.io/products/snyk-open-source/language-and-package-manager-support/snyk-for-c-c++)
-
 ## Options for build tools
 
 ### `-- [<CONTEXT-SPECIFIC_OPTIONS>]`
@@ -472,8 +464,6 @@ Example: Use `snyk test --org=myorg -- -s settings.xml`
 
 NOT `snyk test --org=myorg -- "-s settings.xml"`
 
-See also [Examples of how you can use Maven arguments with the Snyk CLI](https://docs.snyk.io/scan-application-code/snyk-open-source/language-and-package-manager-support/snyk-for-java-gradle-maven#examples-of-how-you-can-use-maven-arguments-with-the-snyk-cli)
-
 ## Examples for the snyk test command
 
 Test a project in the current folder for known vulnerabilities: