3rd party & deprecation notice
In the past 3 years I was able to fill the gap by providing this extension to add Snyk to your Azure Pipeline. Snyk has now officially released their own extension. This task will be maintained for a little while longer, but please do upgrade to the official extension.
Snyk provides a quick and simple way to detect insecure package dependencies and optionally enables you to patch/upgrade the vulnerabilities in place.
This task supports:
You can supply your snyk API-token through a service connection (recommended) or a text input.
Find the task in the Utility category of both Build and Release.
If you have ideas or improvements, don't hestitate to leave feedback or file an issue.