No project description provided
Project description
snyk-threadfix
| develop | |
|---|---|
| CI Status |  |
The ThreadFix / Snyk integration allows you to view open source vulnerabilities identified by Snyk on the ThreadFix platform and direct you to comprehensive information and remediation guidance.
snyk-threadfix allows you to generate a .threadfix file from Snyk project data. It outputs JSON data in the ThreadFix file format - printing to standard out or a specified filename. It does not upload directly to ThreadFix at present but there is a ThreadFix API endpoint that you can use: ThreadFix Upload Scan API.
Installation
pip install snyk-threadfix
Configuration
You must first obtain a Snyk API token from your Snyk account. Once you have a token you must either install the Snyk CLI and run snyk auth <your-token> or simply run:
export SNYK_TOKEN=<your-token>
Usage
You must first identify your Snyk org ID. This is easy - simply log into your Snyk account, click on Settings, and find your Organization ID there. If you have multiple orgs in your Snyk account, make sure to first choose the one you want.
You must also identify the Snyk project ID's for which you would like to generate ThreadFix data. You can do this using the Snyk API, for example, using the List all projects endpoint. See also the pysnyk SDK. Another way of identifying the project IDs you want to use is simply by browsing to the desired project(s) with the Snyk UI and grabbing the UUID from the address bar of your browser.
Once you have a project ID or list of project IDs that you would like to generate a threadfix file for, run the following:
For a single project ID:
snyk-threadfix --org-id=<your-snyk-org-id> --project-ids=<snyk-project-id>
For multiple IDs:
snyk-threadfix --org-id=<your-snyk-org-id> --project-ids=<snyk-project-id-0>,<snyk-project-id-1>,<snyk-project-id-2>,...
ThreadFix JSON data will be output to standard out. If you would like to save the JSON to a file you can either pipe it to a file or use the --output parameter, for example:
snyk-threadfix --output=<your-desired-output-filename>.threadfix --org-id=<your-snyk-org-id> --project-ids=<snyk-project-id>
Additional input parameters are available:
snyk-threadfix --help
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
File details
Details for the file snyk-threadfix-0.0.6.tar.gz.
File metadata
- Download URL: snyk-threadfix-0.0.6.tar.gz
- Upload date:
- Size: 6.4 kB
- Tags: Source
- Uploaded using Trusted Publishing? No
- Uploaded via: poetry/1.1.12 CPython/3.7.12 Linux/5.11.0-1027-aws
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 | b1946f2931b0cd34c32f6edb1025b9ebddb266a202a473445dd45c8f8cb292a2 |
|
| MD5 | 47012bffb4b5b862dc399e85fabf43e4 |
|
| BLAKE2b-256 | 89bb3210933fe203ea9e50b076afc72ddbaf0e6cc670c340adc63619220f2a6f |
File details
Details for the file snyk_threadfix-0.0.6-py3-none-any.whl.
File metadata
- Download URL: snyk_threadfix-0.0.6-py3-none-any.whl
- Upload date:
- Size: 7.0 kB
- Tags: Python 3
- Uploaded using Trusted Publishing? No
- Uploaded via: poetry/1.1.12 CPython/3.7.12 Linux/5.11.0-1027-aws
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 | 91a74995455ead237e8e090aa050259dcfcc956388f16af631344f7e9ac7c1f8 |
|
| MD5 | ec0f3d6b7af2712d21bb180f594b4cfc |
|
| BLAKE2b-256 | 214e4e35dbf1dde09cddedc9c6426b0692df01c48ce36f67d975ffb77da49e6e |
