Synchronizing CLI help from user-docs

help/cli-commands/README.md

@@ -8,9 +8,9 @@ For details see the [CLI documentation](https://docs.snyk.io/features/snyk-cli)
 
 ## How to get started
 
-1. Authenticate by running `snyk auth`
-2. Test your local project with `snyk test`
-3. Get alerted for new vulnerabilities with `snyk monitor`
+1. Authenticate by running `snyk auth`.
+2. Test your local project with `snyk test`.
+3. Get alerted for new vulnerabilities with `snyk monitor`.
 
 ## Available commands
 
@@ -24,25 +24,25 @@ Authenticate Snyk CLI with a Snyk account.
 
 ### [`snyk test`](test.md)
 
-Test a project for open source vulnerabilities and license issues.
+Test a project for open-source vulnerabilities and license issues.
 
-**Note**: Use `snyk test --unmanaged` to scan all files for known open source dependencies (C/C++ only).
+**Note**: Use `snyk test --unmanaged` to scan all files for known open-source dependencies (C/C++ only).
 
 ### [`snyk monitor`](monitor.md)
 
-Snapshot and continuously monitor a project for open source vulnerabilities and license issues.
+Snapshot and continuously monitor a project for open-source vulnerabilities and license issues.
 
 ### [`snyk container`](container.md)
 
-Test container images for vulnerabilities.
+These commands test and continuously monitor container images for vulnerabilities and generate an SBOM for a container image.
 
 ### [`snyk iac`](iac.md)
 
-Commands to find and manage security issues in Infrastructure as Code files.
+These commands find and report security issues in Infrastructure as Code files; detect, track, and alert on infrastructure drift and unmanaged resources; and create a .driftigore file.
 
 ### [`snyk code`](code.md)
 
-Find security issues using static code analysis.
+The `snyk code test` command finds security issues using Static Code Analysis.
 
 ### [`snyk sbom`](sbom.md)
 

help/cli-commands/code.md

@@ -1,17 +1,13 @@
 # Code
 
-## Usage
-
-`snyk code [<COMMAND>] [<OPTIONS>] [<PATH>]`
-
 ## Description
 
-The `snyk code` command finds security issues using Static Code Analysis.
+The `snyk code test` command finds security issues using Static Code Analysis.
 
-For more information see [CLI for Snyk Code](https://docs.snyk.io/snyk-code/cli-for-snyk-code)
+For more information, see [CLI for Snyk Code](https://docs.snyk.io/snyk-code/cli-for-snyk-code)
 
 ## `snyk code` command and the help docs
 
-The `snyk code` command is identified here with the help options:
+The single`snyk code` command is identified here with the help options:
 
 [`code test`](code-test.md); `code test --help`: tests for any known security issues using Static Code Analysis

help/cli-commands/container.md

@@ -1,18 +1,15 @@
 # Container
 
-## Usage
-
-`snyk container <COMMAND> [<OPTIONS>] [<IMAGE>]`
-
 ## Description
 
-The `snyk container` commands test and continuously monitor container images for vulnerabilities.
+The `snyk container` commands test and continuously monitor container images for vulnerabilities and generate an SBOM for a container image.
 
-For more information see [Snyk CLI for container security](https://docs.snyk.io/products/snyk-container/snyk-cli-for-container-security)
+For more information, see [Snyk CLI for container security](https://docs.snyk.io/products/snyk-container/snyk-cli-for-container-security)
 
 ## `snyk container` commands and the help docs
 
 The `snyk container` commands are listed here with the help options:
 
 - [`container test`](container-test.md), `container test --help`: tests for any known vulnerabilities
 - [`container monitor`](container-monitor.md), `container monitor --help`: captures the container image layers and dependencies and monitors for vulnerabilities on [snyk.io](https://snyk.io)
+- [`container sbom`](container-sbom.md), `container sbom --help`: generates an SBOM for a container image

help/cli-commands/sbom.md

@@ -47,7 +47,7 @@ Use this option when your default organization does not have API entitlement.
 
 If this option is omitted, the default organization for your account will be used.
 
-This is the `<ORG_ID>` that is the current preferred organization in your [Account settings](https://app.snyk.io/account)&#x20;
+This is the `<ORG_ID>` that is the current preferred organization in your [Account settings](https://app.snyk.io/account)
 
 Set a default to ensure all newly tested projects are tested under your default organization. If you need to override the default, use the `--org=<ORG_ID>` option.
 
@@ -61,7 +61,7 @@ For more information see the article [How to select the organization to use in t
 
 ### `[--file=<file>] or [--f=<file>]`
 
-Specify the desired manifest file on which the SBOM will be based.&#x20;
+Specify the desired manifest file on which the SBOM will be based.
 
 By default, the `sbom` command detects a supported manifest file in the current working directory.
 
@@ -73,13 +73,13 @@ Generate an SBOM for unmanaged software projects.
 
 Include development-only dependencies in the SBOM output.
 
-Applicable only for some package managers, for example, `devDependencies` in npm or `:development` dependencies in Gemfile.&#x20;
+Applicable only for some package managers, for example, `devDependencies` in npm or `:development` dependencies in Gemfile.
 
 When `--dev` is used with the SPDX format, the development-only dependencies are included in the `DEV_DEPENDENCY_OF` relationship.
 
 When `--dev` is used with the CycloneDX format, development-only dependencies are not labeled differently from non-development dependencies.
 
-**Note**: This option can be used with Maven, npm, and Yarn projects.&#x20;
+**Note**: This option can be used with Maven, npm, and Yarn projects.
 
 ### `[--all-projects]`
 
@@ -144,7 +144,7 @@ To scan individual JAR, WAR, or AAR files, use the following:
 
 ### `--scan-all-unmanaged`
 
-Auto-detect Maven, JAR, WAR, and AAR files recursively from the current folder.&#x20;
+Auto-detect Maven, JAR, WAR, and AAR files recursively from the current folder.
 
 **Note**: Custom-built JAR files, even with open-source dependencies, are not supported.
 
@@ -184,6 +184,98 @@ Example: `buildtype:release,usage:java-runtime`
 
 Use for projects that contain a Gradle initialization script.
 
+## Options for NuGet projects
+
+### `--assets-project-name`
+
+When you are monitoring a .NET project using NuGet `PackageReference`, use the project name in `project.assets.json` if found.
+
+### `--file=<filename>.sln`
+
+Test all .NET projects included in the given `.sln` file. Projects referred to must have supported manifests.
+
+### `--file=packages.config`
+
+Test an individual .NET project.
+
+### `--packages-folder`
+
+Specify a custom path to the packages folder.
+
+This is the folder in which your dependencies are installed, provided you are using `packages.config`. If you have assigned a unique name to this folder, then Snyk can find it only if you enter a custom path.
+
+Use the absolute or relative path, including the name of the folder where your dependencies reside.
+
+## Options for npm projects
+
+### `--strict-out-of-sync=true|false`
+
+Prevent testing out-of-sync lockfiles.
+
+If there are out-of-sync lockfiles in the project, the `sbom` command fails when `--strict-out-of-sync=true`.
+
+Default: true
+
+## Options for Yarn projects
+
+### `--strict-out-of-sync=true|false`
+
+Prevent testing out-of-sync lockfiles.
+
+If there are out-of-sync lockfiles in the project, the `sbom` command fails when `--strict-out-of-sync=true`.
+
+Default: true
+
+### `--yarn-workspaces`
+
+Detect and scan Yarn Workspaces only when a lockfile is in the root.
+
+You can specify how many sub-directories to search using `--detection-depth`.
+
+You can exclude directories and files using `--exclude`.
+
+Default: `--all-projects` automatically detects and scans Yarn Workspaces with other projects.
+
+## Options for Python projects
+
+### `--command=<COMMAND>`
+
+Indicate which specific Python commands to use based on the Python version.
+
+Snyk uses Python in order to scan and find your dependencies. If you are using multiple Python versions, use this parameter to specify the correct Python command for execution.
+
+Default: `python` This executes your default python version. Run `python -V` to find out what your default version is.
+
+Example: `snyk sbom --command=python3`
+
+### `--skip-unresolved=true|false`
+
+Skip packages that cannot be found in the environment, for example, private packages that cannot be accessed from the machine running the scan.
+
+### `--file=<filename>`
+
+For a Python project, specify a particular file to test.&#x20;
+
+Default: Snyk scans the `requirements.txt` file at the top level of the project.
+
+When setting this option for Python values, it is required to also set the `--package-manager` option. See below.
+
+### `--package-manager=<package manager>`
+
+Add `--package-manager=pip` to your command if the file name is not `requirements.txt`.
+
+This option is mandatory if you specify a value for the `--file` parameter that is not to a `requirements.txt` file. The SBOM generation fails without this parameter. Specify this parameter with the value `pip`.
+
+## Options for scanning using `--unmanaged`
+
+### `--max-depth`
+
+Specify the maximum level of archive extraction.
+
+Usage: `--max-depth=1`
+
+Use `0` (zero, the default) to disable archive extraction completely.
+
 ## Examples for the snyk sbom command
 
 ### Create a CycloneDX JSON document for a local software project