{"id":8522,"library":"pysnyk","title":"pysnyk: Snyk API Python Client","description":"pysnyk is a Python client library for interacting with the Snyk API, enabling programmatic access to Snyk's security analysis and vulnerability management capabilities. It provides an object-oriented interface to various Snyk resources like organizations, projects, and issues. The library is currently at version 0.9.19 and maintains a frequent release cadence, often with patch versions addressing bug fixes and minor enhancements.","status":"active","version":"0.9.19","language":"en","source_language":"en","source_url":"https://github.com/snyk-labs/pysnyk","tags":["snyk","api client","security","vulnerability management","devsecops"],"install":[{"cmd":"pip install pysnyk","lang":"bash","label":"Install with pip"}],"dependencies":[],"imports":[{"note":"While 'import pysnyk' works, the primary class is exposed directly under the 'snyk' namespace, making 'from snyk import SnykClient' the idiomatic import.","wrong":"import pysnyk","symbol":"SnykClient","correct":"from snyk import SnykClient"}],"quickstart":{"code":"import os\nfrom snyk import SnykClient\n\n# It's recommended to set SNYK_TOKEN as an environment variable\n# and avoid hardcoding API tokens in your code.\nsnyk_token = os.environ.get('SNYK_TOKEN', 'YOUR_SNYK_API_TOKEN')\nif not snyk_token or snyk_token == 'YOUR_SNYK_API_TOKEN':\n    raise ValueError(\"SNYK_TOKEN environment variable not set or is default value.\")\n\ntry:\n    client = SnykClient(snyk_token)\n    print(\"Successfully initialized SnykClient.\")\n\n    # Fetch all organizations you have access to\n    organizations = client.organizations.all()\n    print(f\"Found {len(organizations)} organizations:\")\n    for org in organizations:\n        print(f\"  - {org.name} (ID: {org.id})\")\n\n    if organizations:\n        # Get the first organization and list its projects\n        first_org = organizations[0]\n        print(f\"\\nProjects in {first_org.name} (ID: {first_org.id}):\")\n        projects = first_org.projects.all()\n        for project in projects:\n            print(f\"  - {project.name} (ID: {project.id})\")\n\nexcept Exception as e:\n    print(f\"An error occurred: {e}\")","lang":"python","description":"This quickstart initializes the SnykClient using an API token, preferably from the `SNYK_TOKEN` environment variable. It then fetches and prints all accessible Snyk organizations and, for the first organization found, lists its associated projects."},"warnings":[{"fix":"Review any code that makes assumptions about the number of items per page or the total API calls for `.all()` methods. If a specific page size is required, explicitly pass the `per_page` argument (e.g., `client.organizations.all(per_page=50)`).","message":"The default page size for `.all()` methods in pysnyk changed from a smaller, implicit value to 100 in version 0.9.18. This can alter the number of API calls made and potentially impact existing pagination logic or performance expectations in client applications.","severity":"breaking","affected_versions":"0.9.18+"},{"fix":"Set the `SNYK_TOKEN` environment variable with your Snyk API token (e.g., `export SNYK_TOKEN='your_api_token'`). The `SnykClient` constructor will automatically pick it up. Alternatively, pass it explicitly `SnykClient(os.environ.get('SNYK_TOKEN'))`.","message":"Authentication requires a Snyk API token. Hardcoding this token is a security risk. It's best practice to use environment variables.","severity":"gotcha","affected_versions":"All versions"},{"fix":"Catch potential exceptions when calling `project.dependency_graph` and verify the project type beforehand if possible. Refer to Snyk API documentation for supported project types for dependency graph retrieval.","message":"When fetching dependency graphs for projects, the underlying Snyk API only supports specific package managers. Attempting to get a dependency graph for an unsupported project type (e.g., Dockerfile-based projects without a recognized manifest) can lead to exceptions.","severity":"gotcha","affected_versions":"All versions"}],"env_vars":null,"last_verified":"2026-04-16T00:00:00.000Z","next_check":"2026-07-15T00:00:00.000Z","problems":[{"fix":"Ensure you are using a Python version between 3.7 and 3.9 (inclusive for minor versions) and that the package name `pysnyk` is spelled correctly. Upgrade Python if necessary.","cause":"The Python version being used is incompatible with `pysnyk` (which requires Python >=3.7,<4.0), or there is a typo in the package name.","error":"ERROR: Could not find a version that satisfies the requirement pysnyk (from versions: none)\\nERROR: No matching distribution found for pysnyk"},{"fix":"Verify that your `SNYK_TOKEN` environment variable is correctly set and contains a valid, non-expired Snyk API token with the appropriate scopes. Generate a new token if unsure.","cause":"The provided Snyk API token is missing, expired, or invalid. This can also occur if the token lacks the necessary permissions for the requested operation.","error":"snyk.exceptions.SnykHTTPError: 401 Unauthorized"},{"fix":"Upgrade `pysnyk` to the latest version. If the issue persists with the latest version, consider accessing the raw data via `obj.data` or `obj.json` properties (if available for the specific object) and parsing the JSON manually, or report the issue to the `pysnyk` maintainers.","cause":"The Snyk API response structure might have evolved, introducing new fields or changing existing ones that are not yet reflected in the `pysnyk` client's internal models. This commonly happens with composite objects like `IssueData` or `Project` attributes.","error":"AttributeError: 'Project' object has no attribute 'issueCountsBySeverity' or similar 'InvalidFieldValue' errors for model attributes."}]}