Skip to content
/ snyk-python-plugin Public

Basic Snyk CLI plugin for Python support

License

View license
18 stars 24 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

snyk/snyk-python-plugin

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

254 Commits
.circleci
.circleci
 
 
.github
.github
 
 
lib
lib
 
 
pysrc
pysrc
 
 
test
test
 
 
.eslintignore
.eslintignore
 
 
.eslintrc
.eslintrc
 
 
.gitignore
.gitignore
 
 
.npmignore
.npmignore
 
 
.npmrc
.npmrc
 
 
.nvmrc
.nvmrc
 
 
.pre-commit-config.yaml
.pre-commit-config.yaml
 
 
.prettierignore
.prettierignore
 
 
.prettierrc.json
.prettierrc.json
 
 
.releaserc
.releaserc
 
 
.snyk
.snyk
 
 
Contributor-Agreement.md
Contributor-Agreement.md
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
appveyor.yml
appveyor.yml
 
 
catalog-info.yaml
catalog-info.yaml
 
 
dev-requirements.txt
dev-requirements.txt
 
 
jest.config.js
jest.config.js
 
 
package.json
package.json
 
 
setup.py
setup.py
 
 
tox.ini
tox.ini
 
 
tsconfig-test.json
tsconfig-test.json
 
 
tsconfig.json
tsconfig.json
 
 

Repository files navigation

Snyk logo

Snyk helps you find, fix and monitor for known vulnerabilities in your dependencies, both on an ad hoc basis and as part of your CI (Build) system.

ℹ️ This repository is only a plugin to be used with the Snyk CLI tool. To use this plugin to test and fix vulnerabilities in your project, install the Snyk CLI tool first. Head over to snyk.io to get started.

Support

  • ❌ Not supported
  • ❓ No issues expected but not regularly tested
  • ✅ Supported and verified with tests

Supported OS

OS Supported
Windows
Linux
OSX ️✅

Supported Node versions

Node Supported
12
14
16

Supported Pip & Python versions (requirements.txt)

Pip / Python 2.7 3.6 3.7 3.8 3.9 3.10 3.11 3.12
10.0.0
18.1.0

Supported Poetry versions (pyproject.toml and poetry.lock)

All known versions are expected to be supported (current latest version is 1.1.6)

Snyk Python CLI Plugin

This plugin provides dependency metadata for Python projects that use one of the following dependency management methods:

  • pip with a requirements.txt file
  • pipenv with a Pipfile file
  • poetry with pyproject.toml and poetry.lock

There's a special only-provenance mode that allows extracting of top-level dependencies with their corresponding positions in the original manifest file.

Contributing

Guide

Developing and Testing

Prerequisites:

  • Node.js 10+
  • Python 2.7 or 3.6+
  • Installed outside of any virtualenv:
    • pip
    • the contents of dev-requirements.txt: 
      pip install --user -r dev-requirements.txt
  • if in linux, python-dev installed with apt, or see here.

Tests can be run against multiple python versions by using tox:

pip install tox
tox

Linting and testing:

npm i
npm run lint
npm run test

About

Basic Snyk CLI plugin for Python support

Resources

Readme

License

View license
Activity
Custom properties

Stars

18 stars

Watchers

103 watching

Forks

24 forks
Report repository

Releases 97

v2.2.1 Latest
Aug 2, 2024
+ 96 releases

Packages

No packages published

Contributors 35

+ 21 contributors

Languages