{"id":7743304,"name":"awshole/snyk-python","ecosystem":"actions","description":"This action leverages Snyk Open Source to scan dependencies for known license issues and vulnerabilities.","homepage":"","licenses":null,"normalized_licenses":[],"repository_url":"https://github.com/awshole/snyk-python","keywords_array":["github-actions","snyk"],"namespace":"awshole","versions_count":2,"first_release_published_at":"2022-05-30T00:38:23.000Z","latest_release_published_at":"2022-06-26T16:04:38.000Z","latest_release_number":"v1.1.0","last_synced_at":"2026-04-17T00:32:47.669Z","created_at":"2023-05-17T08:44:16.285Z","updated_at":"2026-04-17T00:32:47.669Z","registry_url":"https://github.com/awshole/snyk-python","install_command":null,"documentation_url":null,"metadata":{"name":"snyk-python","branding":{"icon":"alert-circle","color":"purple"},"description":"This action leverages Snyk Open Source to scan dependencies for known license issues and vulnerabilities.","inputs":{"snyk_api_key":{"description":"Expects a string value corresponding to the API key to use when accessing the Snyk organization.","required":true},"path_to_dependency_file":{"description":"Expects the relative GitHub path to the dependency file to test.","required":true},"integrate_with_snyk_platform":{"description":"If this is true, the repository will be integrated with the Snyk platform.","required":false,"default":false},"snyk_org_id":{"description":"Expects a string value corresponding to the Snyk organization ID. It expects a GUID format. This is required if 'integrate_with_snyk_platform' is 'true'.","required":false},"snyk_integration_id":{"description":"Expects a string value corresponding to the Integration ID for a source control provider. This is required if 'integrate_with_snyk_platform' is 'true'.","required":false},"repository":{"description":"Expects the GitHub repository to import to the Snyk platform or post a GitHub Issue to. This is required if either 'integrate_with_snyk_platform' or 'create_github_issues' is 'true'.","required":false},"branch_name":{"description":"Expects the GitHub repository branch name that should be imported into Snyk. This is required if 'integrate_with_snyk_platform' is 'true'.","required":false},"upload_sarif":{"description":"If this is true, details of the Snyk scan will be uploaded as a SARIF file to the Security tab of a repository.","required":false,"default":false},"create_github_issues":{"description":"If this is true, details of the Snyk scan will be posted to the Issues tab of a repository.","required":false,"default":false},"github_issue_assignee":{"description":"Expects a string value corresponding to the GitHub user to assign issues to if 'create_github_issues' is 'true'.","required":false},"security_issues_labels":{"description":"The labels that should be applied to security-related GitHub Issues if 'create_github_issues' is 'true'.","required":false},"license_issues_labels":{"description":"The labels that should be applied to license compliance-related GitHub Issues if 'create_github_issues' is 'true'.","required":false},"snyk_github_integration_token":{"description":"GitHub token to use for posting issues. This is required if 'create_github_issues' is 'true'.","required":false}},"runs":{"using":"composite","steps":[{"name":"Checkout private tools","run":"git clone --branch main https://github.com/awshole/power-snyk.git","shell":"pwsh"},{"name":"Import to Snyk platform","run":"if ('${{ inputs.integrate_with_snyk_platform }}' -like 'true' ) {\n    Write-Output \"Importing repository into the Snyk platform.\"\n    $splat = @{\n      dotSourceFilePath = 'power-snyk/functions/functions.ps1'\n      snykApiKey = '${{ inputs.snyk_api_key }}'\n      snykOrgId = '${{ inputs.snyk_org_id }}'\n      integrationId = '${{ inputs.snyk_integration_id }}'\n      repository = '${{ inputs.repository }}'\n      branchName = '${{ inputs.branch_name }}'\n    }\n    power-snyk/scripts/Set-SnykProject.ps1 @splat\n  }\n","shell":"pwsh"},{"name":"Install dependencies","run":"python -m pip install --upgrade pip\ncat ${{ inputs.path_to_dependency_file }} | sed -e '/^\\s*#.*$/d' -e '/^\\s*$/d' | xargs -n 1 pip install || true\n","shell":"bash"},{"name":"Install Snyk","run":"npm install snyk -g","shell":"bash"},{"name":"Authenticate and run Snyk test","run":"snyk auth ${{ inputs.snyk_api_key }}\nsnyk test --file=${{ inputs.path_to_dependency_file }} --packageManager=pip --skip-unresolved=true --json-file-output=snyk.json || true\n","shell":"bash"},{"name":"Create GitHub Issues","run":"if ('${{ inputs.create_github_issues }}' -like 'true' ) {\n  $headReference = '${{github.head_ref}}' # This is the source branch of the pull request in a workflow run. This property is only available when the event that triggers a workflow run is a pull_request\n  if ($headReference -ne '') {\n    $reference = $headReference \n  } else {\n    $reference = '${{github.ref}}'\n  }\n  $splat = @{\n      dotSourceFilePath = 'power-snyk/functions/functions.ps1'    \n      pathToSnykIssues = 'snyk.json'\n      pathToDependencyFile = '${{ inputs.path_to_dependency_file }}'\n      gitHubToken = '${{ inputs.snyk_github_integration_token }}'\n      repository = '${{ inputs.repository }}'\n      branch = $reference\n      runId = '${{ github.run_id }}'\n    }\n    if ('${{ inputs.github_issue_assignee }}' -notlike '' ) {\n      $splat.Add('githubIssueAssignee', '${{ inputs.github_issue_assignee }}')\n    }\n    if ('${{ inputs.security_issues_labels }}' -notlike '' ) {\n      [array]$securityLabels = '${{ inputs.security_issues_labels }}'.Split(',').Trim()\n      $splat.Add('securityLabels', $securityLabels)\n    }\n    if ('${{ inputs.license_issues_labels }}' -notlike '' ) {\n      [array]$licenseLabels = '${{ inputs.license_issues_labels }}'.Split(',').Trim()\n      $splat.Add('licenseLabels', $licenseLabels)\n    }\n  power-snyk/scripts/Set-SnykGitHubIssues.ps1 @splat\n}\nif ('${{ inputs.upload_sarif }}' -like 'true') {\n  $headReference = '${{github.head_ref}}' # This is the source branch of the pull request in a workflow run. This property is only available when the event that triggers a workflow run is a pull_request\n  if ($headReference -ne '') {\n    $reference = $headReference \n  } else {\n    $reference = '${{github.ref}}'\n  }\n  $splat = @{\n      language = 'python'    \n      pathToSnykIssues = 'snyk.json'\n      pathToDependencyFile = '${{ inputs.path_to_dependency_file }}'\n      gitHubToken = '${{ inputs.snyk_github_integration_token }}'\n      repository = '${{ inputs.repository }}'\n      branch = $reference\n    }\n  power-snyk/scripts/Set-SnykSarifOutput.ps1 @splat\n}\n","shell":"pwsh"}]},"default_branch":"main","path":null},"repo_metadata":{"uuid":"496338989","full_name":"awshole/snyk-python","owner":"awshole","description":null,"archived":false,"fork":false,"pushed_at":"2022-12-04T01:07:43.000Z","size":7,"stargazers_count":0,"open_issues_count":1,"forks_count":0,"subscribers_count":1,"default_branch":"main","last_synced_at":"2023-07-14T08:40:39.845Z","etag":null,"topics":["github-actions","snyk"],"latest_commit_sha":null,"homepage":"","language":null,"has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/awshole.png","metadata":{},"created_at":"2022-05-25T18:02:20.000Z","updated_at":"2022-05-25T21:38:43.000Z","dependencies_parsed_at":"2023-01-13T15:43:28.680Z","dependency_job_id":null,"html_url":"https://github.com/awshole/snyk-python","commit_stats":null,"previous_names":[],"tags_count":2,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/awshole%2Fsnyk-python","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/awshole%2Fsnyk-python/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/awshole%2Fsnyk-python/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/awshole%2Fsnyk-python/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/awshole","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":152925309,"owners_count":7127201,"icon_url":"https://github.com/github.png","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"},"owner_record":{"login":"awshole","name":"David Wiggs","uuid":"61592126","kind":"user","description":"Power$hell nerd ","email":"","website":"https://awshole.com","location":"Chicago, IL","twitter":null,"company":null,"icon_url":"https://avatars.githubusercontent.com/u/61592126?u=85f24dcb6adb1d37fef81ee2782ddb9990da7618\u0026v=4","repositories_count":6,"last_synced_at":"2023-03-10T07:05:18.843Z","metadata":{"has_sponsors_listing":false},"html_url":"https://github.com/awshole","created_at":"2022-11-20T03:11:27.381Z","updated_at":"2023-03-10T07:05:18.904Z","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/awshole","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/awshole/repositories"},"tags":[{"name":"v1.1.0","sha":"2cbb83b782b85ea12066e5133cc76e5ea7c07071","kind":"commit","published_at":"2022-06-26T16:04:38.000Z","download_url":"https://codeload.github.com/awshole/snyk-python/tar.gz/v1.1.0","html_url":"https://github.com/awshole/snyk-python/releases/tag/v1.1.0","dependencies_parsed_at":"2023-06-01T12:56:31.962Z","dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/awshole%2Fsnyk-python/tags/v1.1.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/awshole%2Fsnyk-python/tags/v1.1.0/manifests"},{"name":"v1","sha":"5b2c669e9da4e58dc6fc182691ba2ed1a706e1ea","kind":"commit","published_at":"2022-05-30T00:38:23.000Z","download_url":"https://codeload.github.com/awshole/snyk-python/tar.gz/v1","html_url":"https://github.com/awshole/snyk-python/releases/tag/v1","dependencies_parsed_at":"2023-06-01T12:56:32.123Z","dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/awshole%2Fsnyk-python/tags/v1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/awshole%2Fsnyk-python/tags/v1/manifests"}]},"repo_metadata_updated_at":"2023-08-15T15:02:39.067Z","dependent_packages_count":0,"downloads":null,"downloads_period":null,"dependent_repos_count":1,"rankings":{"downloads":null,"dependent_repos_count":24.788464585644114,"dependent_packages_count":0.0,"stargazers_count":48.334653779115826,"forks_count":35.1386468071621,"docker_downloads_count":null,"average":27.06544129298051},"purl":"pkg:githubactions/awshole/snyk-python","advisories":[],"docker_usage_url":"https://docker.ecosyste.ms/usage/actions/awshole/snyk-python","docker_dependents_count":null,"docker_downloads_count":null,"usage_url":"https://repos.ecosyste.ms/usage/actions/awshole/snyk-python","dependent_repositories_url":"https://repos.ecosyste.ms/api/v1/usage/actions/awshole/snyk-python/dependencies","status":null,"funding_links":[],"critical":null,"issue_metadata":null,"versions_url":"https://packages.ecosyste.ms/api/v1/registries/github%20actions/packages/awshole%2Fsnyk-python/versions","version_numbers_url":"https://packages.ecosyste.ms/api/v1/registries/github%20actions/packages/awshole%2Fsnyk-python/version_numbers","dependent_packages_url":"https://packages.ecosyste.ms/api/v1/registries/github%20actions/packages/awshole%2Fsnyk-python/dependent_packages","related_packages_url":"https://packages.ecosyste.ms/api/v1/registries/github%20actions/packages/awshole%2Fsnyk-python/related_packages","codemeta_url":"https://packages.ecosyste.ms/api/v1/registries/github%20actions/packages/awshole%2Fsnyk-python/codemeta","maintainers":[]}