Snyk Documentation

CLI - Ignore

Ignore

Sometimes, Snyk may alert you to a vulnerability that you either has no patches or updates available, or that you do not believe to be currently exploitable in your application. In this case, you may want to tell Snyk to ignore the vulnerability for a certain period of time.

If you're using snyk wizard (only available on Node.js projects), the wizard will give you the option of ignoring the vulnerability for a period of 30 days. If you're using Ruby or Java, or if you want to specify a different duration, you can use the snyk ignore command.

snyk ignore --id=IssueID [--expiry=expiry] [--reason='reason for ignoring']

Options

snyk ignore accepts three options:

OPTION DESCRIPTION DEFAULT REQUIRED
--id The Snyk ID for the issue to ignore. Found by running snyk test and grabbing the last segment of the URL for a given vulnerability.
Example: For the vulnerability found at https://dev.snyk.io/vuln/npm:tough-cookie:20160722, you would use:
--id=npm:tough-cookie:20160722
None Yes
--expiry The expiry date string, according to RFC2822.

Example: --expiry=2017-04-30

30 days No
--reason The reason for ignoring the issue.

Example: --reason='Not currently exploitable.'

"None Given" No