Use Snyk in your build
Snyk runs in the background and whenever a download is requested from the UI or from the CLI, Snyk automatically scans the artifact to evaluate vulnerabilities and license issues.
When the scan ends, results are displayed in the Artifactory UI, in the artifact details.
To view details about download status, open the System Logs:
When the scan fails, based on the configurations that were set during installation, the download request is blocked. By reviewing the results, you can evaluate the issues found in your artifact and determine a course of action, before ever using that artifact.
When your setup blocks downloads with issues, you can override this configuration at the artifact level—enabling downloads even when issues are identified, per artifact.