severity other than low does not fail the snyk-test task

Question

severity other than low does not fail the snyk-test task

Opened this issue 3 years ago · 1 comments

given a build.gradle snippet:

plugins {
...
    id "io.snyk.gradle.plugin.snykplugin" version "0.4"
---
}

snyk {
    arguments = '--all-sub-projects'
    severity = 'high'
    autoDownload = true
    autoUpdate = true
}

given that a high or critical vulnerability exists in my java11 project
when I run ./gradlew snyk-test
then the task should fail
but instead I get the following

Starting a Gradle Daemon, 1 incompatible and 2 stopped Daemons could not be reused, use --status for details

> Task :snyk-check-binary
look for standalone binary
Using Snyk CLI version: 1.821.0 (standalone)

> Task :snyk-test


Testing /home/laurent/workspace/whitepaw...

Organization:      lpicquet
Package manager:   gradle
Target file:       build.gradle
Project name:      whitepaw
Open source:       no
Project path:      /home/laurent/workspace/whitepaw
Licenses:          enabled

✔ Tested 203 dependencies for known issues, no vulnerable paths found.

Next steps:
- Run `snyk monitor` to be notified about new related vulnerabilities.
- Run `snyk test` as part of your CI/test.



BUILD SUCCESSFUL in 2m 44s

Answer 1 · 2022-01-11T08:18:19.000Z

If I set the severity to 'low', the task fails as expected