diff options
| author | nick-y-snyk <nikita.yasnohorodskyi@snyk.io> | 2026-01-26 16:09:33 +0100 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2026-01-26 10:09:33 -0500 |
| commit | 83102210cfb6299bc7aa6b440e5fe415ffe4dcf2 (patch) | |
| tree | bd15f568af0ae5e52f22285bfd0e2f6ad3ba1898 | |
| parent | fix(biome): include deno in biome #4288 (diff) | |
| download | nvim-lspconfig-83102210cfb6299bc7aa6b440e5fe415ffe4dcf2.tar nvim-lspconfig-83102210cfb6299bc7aa6b440e5fe415ffe4dcf2.tar.gz nvim-lspconfig-83102210cfb6299bc7aa6b440e5fe415ffe4dcf2.tar.bz2 nvim-lspconfig-83102210cfb6299bc7aa6b440e5fe415ffe4dcf2.tar.lz nvim-lspconfig-83102210cfb6299bc7aa6b440e5fe415ffe4dcf2.tar.xz nvim-lspconfig-83102210cfb6299bc7aa6b440e5fe415ffe4dcf2.tar.zst nvim-lspconfig-83102210cfb6299bc7aa6b440e5fe415ffe4dcf2.zip | |
feat(snyk_ls): use snyk CLI, update filetypes, misc improvements #4287
- Change cmd from 'snyk-ls' to 'snyk language-server' to use unified CLI
- Add all Snyk-supported language filetypes: apex, apexcode, c, cpp, cs,
dart, dockerfile, elixir, eelixir, groovy, java, kotlin, objc, objcpp,
php, ruby, rust, scala, swift
- Update integrationVersion to use tostring(vim.version()) for automatic
version reporting instead of hardcoded '0.10.0'
- Add integrationName field for better telemetry (with capital 'N')
- Handle nil token with vim.NIL to fix type mismatch warning
- Add comprehensive user documentation covering authentication, trusted
folders, and advanced configuration options
- Update init_options with all scan types (Open Source, Code, IaC)
Co-authored-by: Nick Yasnogorodskyi <nikyasnogorodskyi@gmail.com>
| -rw-r--r-- | lsp/snyk_ls.lua | 84 |
1 files changed, 77 insertions, 7 deletions
diff --git a/lsp/snyk_ls.lua b/lsp/snyk_ls.lua index 32d0183d..75a121c6 100644 --- a/lsp/snyk_ls.lua +++ b/lsp/snyk_ls.lua @@ -2,28 +2,98 @@ --- --- https://github.com/snyk/snyk-ls --- ---- LSP for Snyk Open Source, Snyk Infrastructure as Code, and Snyk Code. +--- **[Snyk](https://snyk.io)** is a developer security platform that helps you find and fix +--- vulnerabilities in your code, open source dependencies, containers, and infrastructure as code. +--- +--- The Snyk Language Server provides real-time security scanning for: +--- - **Snyk Open Source**: Find and fix vulnerabilities in open source dependencies +--- - **Snyk Code**: Find and fix security vulnerabilities in your code +--- - **Snyk Infrastructure as Code**: Find and fix security issues in Kubernetes, Terraform, and other IaC files +--- +--- ## Authentication +--- +--- **Note**: Currently, only token-based authentication is supported in Neovim. +--- +--- 1. Get your API token from https://app.snyk.io/account +--- 2. Set the `SNYK_TOKEN` environment variable: +--- ```sh +--- export SNYK_TOKEN="your-token-here" +--- ``` +--- +--- ## Trusted Folders +--- +--- Snyk requires you to trust directories before scanning them. To avoid being prompted every time: +--- +--- ```lua +--- vim.lsp.config('snyk_ls', { +--- init_options = { +--- trustedFolders = { +--- '/Users/yourname/projects', -- Trust your projects directory +--- '/path/to/another/trusted/dir', +--- }, +--- }, +--- }) +--- ``` +--- +--- **Important**: Trust the top-level directory where you store your repositories, not individual repos. +--- For example, if you work on `/Users/yourname/projects/my-app`, trust `/Users/yourname/projects`. +--- Only trust directories containing code you trust to scan. +--- +--- ## Configuration +--- +--- Full configuration options available at https://github.com/snyk/snyk-ls#configuration-1 +--- +--- ### Advanced Configuration +--- +--- For **non-default multi-tenant or single-tenant setups**, you may need to specify: +--- +--- - `endpoint`: Custom Snyk API endpoint (e.g., `https://api.eu.snyk.io` for EU, or your single-tenant URL) +--- ``` ---@type vim.lsp.Config return { - cmd = { 'snyk-ls' }, + cmd = { 'snyk', 'language-server', '-l', 'info' }, root_markers = { '.git', '.snyk' }, filetypes = { + 'apex', + 'apexcode', + 'c', + 'cpp', + 'cs', + 'dart', + 'dockerfile', + 'elixir', + 'eelixir', 'go', 'gomod', + 'groovy', + 'helm', + 'java', 'javascript', - 'typescript', 'json', + 'kotlin', + 'objc', + 'objcpp', + 'php', 'python', 'requirements', - 'helm', - 'yaml', + 'ruby', + 'rust', + 'scala', + 'swift', 'terraform', 'terraform-vars', + 'typescript', + 'yaml', }, settings = {}, - -- Configuration from https://github.com/snyk/snyk-ls#configuration-1 init_options = { - activateSnykCode = 'true', + activateSnykOpenSource = 'true', -- Scan open source dependencies + activateSnykCode = 'false', -- Scan your code for vulnerabilities + activateSnykIac = 'true', -- Scan infrastructure as code + integrationName = 'Neovim', + integrationVersion = tostring(vim.version()), + token = os.getenv('SNYK_TOKEN') or vim.NIL, + trustedFolders = {}, -- Add your trusted directories here to avoid being prompted every time }, } |