The Snyk action in CodePipeline automates detecting and fixing security vulnerabilities in your open source code. You can use Snyk with application source code in your third-party repository, such as GitHub or Bitbucket Cloud, or with images for container applications. Your action will scan and report on vulnerability levels and alerts that you configure.
Note
Action type ID
-
Category:
Invoke -
Owner:
ThirdParty -
Provider:
Snyk -
Version:
1
Example:
{
"Category": "Invoke",
"Owner": "ThirdParty",
"Provider": "Snyk",
"Version": "1"
},Input artifacts
-
Number of artifacts:
1 -
Description: The files that make up the input artifact for the invoke action.
Output artifacts
-
Number of artifacts:
1 -
Description: The files that make up the output artifact for the invoke action.
See also
The following related resources can help you as you work with this action.
-
For more information about using Snyk actions in CodePipeline, refer to Automate vulnerability scanning in CodePipeline with Snyk
.
