{"library":"snyk-to-html","title":"Snyk JSON to HTML Report Generator","type":"library","description":"snyk-to-html is a Node.js utility designed to convert the JSON output from various Snyk CLI commands (e.g., `snyk test --json`, `snyk code test --json`, `snyk iac test --json`, `snyk container test --json`) into a human-readable, static HTML vulnerability report. The current stable version is 3.7.1, released in April 2026. The package sees a relatively active release cadence, often featuring bug fixes, security updates, and new features like adding support for exploit maturity, reachability signals, and risk scores. A key differentiator is its ability to accept custom Handlebars templates, allowing users to tailor the report's appearance and included data fields. It is primarily used as a CLI tool but also exposes a programmatic API for integration into automated workflows.","language":"javascript","status":"active","last_verified":"Tue Apr 21","install":{"commands":["npm install snyk-to-html"],"cli":{"name":"snyk-to-html","version":null}},"imports":["import { convertToHtml } from 'snyk-to-html';","import type { SnykToHtmlOptions } from 'snyk-to-html';","snyk-to-html -i input.json -o report.html"],"auth":{"required":false,"env_vars":[]},"links":{"homepage":"https://snyk.io","github":"https://github.com/snyk/snyk-to-html","docs":null,"changelog":null,"pypi":null,"npm":"https://www.npmjs.com/package/snyk-to-html","openapi_spec":null,"status_page":null,"smithery":null},"quickstart":{"code":"import { convertToHtml } from 'snyk-to-html';\nimport * as fs from 'fs';\n\nconst mockSnykJsonOutput = {\n  \"vulnerabilities\": [\n    {\n      \"id\": \"SNYK-JS-LODASH-590135\",\n      \"title\": \"Prototype Pollution\",\n      \"severity\": \"high\",\n      \"description\": \"The 'merge' function in lodash is vulnerable to prototype pollution via the 'assignValue' function.\",\n      \"packageManager\": \"npm\",\n      \"packageName\": \"lodash\",\n      \"version\": \"4.17.15\",\n      \"fixedIn\": [\"4.17.21\"],\n      \"exploitMaturity\": \"mature\"\n    }\n  ],\n  \"vulnerabilities\": [],\n  \"dependencyCount\": 1,\n  \"org\": \"my-org\",\n  \"policy\": \"Snyk Security Policy\",\n  \"isPrivate\": true,\n  \"summary\": \"No vulnerabilities found.\",\n  \"uniqueCount\": 0,\n  \"filesystemPolicy\": false,\n  \"licensesPolicy\": null\n};\n\nasync function generateReport() {\n  try {\n    const htmlReport = await convertToHtml(JSON.stringify(mockSnykJsonOutput), {\n      title: 'Snyk Security Report',\n      // template: fs.readFileSync('./custom-template.hbs', 'utf8') // Optional: use a custom Handlebars template\n    });\n    fs.writeFileSync('snyk-report.html', htmlReport);\n    console.log('HTML report generated: snyk-report.html');\n  } catch (error) {\n    console.error('Failed to generate report:', error);\n  }\n}\n\ngenerateReport();\n","lang":"typescript","description":"Demonstrates programmatic conversion of Snyk JSON output into an HTML report using the `convertToHtml` function.","tag":null,"tag_description":null,"last_tested":null,"results":[]},"compatibility":null}