Tool to extract dependencies from a Snyk group. Initial version, updates may come.
The tool uses 5 threads to process the organizations inside the group, and 4 threads for each org to process the deps. This way we can avoid slowing ourselves (mostly) by throttling on huge orgs.
- Free software: GNU General Public License v3.0
- Extract all dependencies from a Snyk group into a csv in the local folder
- Enable multiple output formats, json/parquet
- Pypi package
- CLI command
- Proper docs/testing
- Pipeline
- Filtering for orgs
- Analytics and data deduplication
Use pip
for install:
pip install snyk-depxtractor
export SNYK_TOKEN=xxxxxxx-xxxxxx-xxxx
sde dump-group-deps [tsv,json,parquet,all]
# all means tsv, json, parquet 🤓
If you want to setup for development:
# Install poetry using pipx
python -m pip install pipx
python -m pipx ensurepath
pipx install poetry
# Clone repository
git clone https://github.com/zsolt-halo/snyk-depxtractor.git
cd snyk-dependency-extractor/
$ # Install dependencies and hooks
$ poetry install
$ poetry run pre-commit install
Pokemon exception handling, we catch them all.
Will fix it eventually :)