pysnyk: Snyk API Python Client

0.9.19 · active · verified Thu Apr 16

pysnyk is a Python client library for interacting with the Snyk API, enabling programmatic access to Snyk's security analysis and vulnerability management capabilities. It provides an object-oriented interface to various Snyk resources like organizations, projects, and issues. The library is currently at version 0.9.19 and maintains a frequent release cadence, often with patch versions addressing bug fixes and minor enhancements.

Common errors

```
ERROR: Could not find a version that satisfies the requirement pysnyk (from versions: none)\nERROR: No matching distribution found for pysnyk
```
cause The Python version being used is incompatible with `pysnyk` (which requires Python >=3.7,<4.0), or there is a typo in the package name.

fix Ensure you are using a Python version between 3.7 and 3.9 (inclusive for minor versions) and that the package name `pysnyk` is spelled correctly. Upgrade Python if necessary.
```
snyk.exceptions.SnykHTTPError: 401 Unauthorized
```
cause The provided Snyk API token is missing, expired, or invalid. This can also occur if the token lacks the necessary permissions for the requested operation.

fix Verify that your `SNYK_TOKEN` environment variable is correctly set and contains a valid, non-expired Snyk API token with the appropriate scopes. Generate a new token if unsure.
```
AttributeError: 'Project' object has no attribute 'issueCountsBySeverity' or similar 'InvalidFieldValue' errors for model attributes.
```
cause The Snyk API response structure might have evolved, introducing new fields or changing existing ones that are not yet reflected in the `pysnyk` client's internal models. This commonly happens with composite objects like `IssueData` or `Project` attributes.

fix Upgrade `pysnyk` to the latest version. If the issue persists with the latest version, consider accessing the raw data via `obj.data` or `obj.json` properties (if available for the specific object) and parsing the JSON manually, or report the issue to the `pysnyk` maintainers.

Warnings

breaking The default page size for `.all()` methods in pysnyk changed from a smaller, implicit value to 100 in version 0.9.18. This can alter the number of API calls made and potentially impact existing pagination logic or performance expectations in client applications.
Fix: Review any code that makes assumptions about the number of items per page or the total API calls for `.all()` methods. If a specific page size is required, explicitly pass the `per_page` argument (e.g., `client.organizations.all(per_page=50)`).
gotcha Authentication requires a Snyk API token. Hardcoding this token is a security risk. It's best practice to use environment variables.
Fix: Set the `SNYK_TOKEN` environment variable with your Snyk API token (e.g., `export SNYK_TOKEN='your_api_token'`). The `SnykClient` constructor will automatically pick it up. Alternatively, pass it explicitly `SnykClient(os.environ.get('SNYK_TOKEN'))`.
gotcha When fetching dependency graphs for projects, the underlying Snyk API only supports specific package managers. Attempting to get a dependency graph for an unsupported project type (e.g., Dockerfile-based projects without a recognized manifest) can lead to exceptions.
Fix: Catch potential exceptions when calling `project.dependency_graph` and verify the project type beforehand if possible. Refer to Snyk API documentation for supported project types for dependency graph retrieval.

Install

pip install pysnyk Install with pip

Imports

SnykClient
wrong:
```
import pysnyk
```
correct:
```
from snyk import SnykClient
```
While 'import pysnyk' works, the primary class is exposed directly under the 'snyk' namespace, making 'from snyk import SnykClient' the idiomatic import.

Quickstart

This quickstart initializes the SnykClient using an API token, preferably from the `SNYK_TOKEN` environment variable. It then fetches and prints all accessible Snyk organizations and, for the first organization found, lists its associated projects.

import os
from snyk import SnykClient

# It's recommended to set SNYK_TOKEN as an environment variable
# and avoid hardcoding API tokens in your code.
snyk_token = os.environ.get('SNYK_TOKEN', 'YOUR_SNYK_API_TOKEN')
if not snyk_token or snyk_token == 'YOUR_SNYK_API_TOKEN':
    raise ValueError("SNYK_TOKEN environment variable not set or is default value.")

try:
    client = SnykClient(snyk_token)
    print("Successfully initialized SnykClient.")

    # Fetch all organizations you have access to
    organizations = client.organizations.all()
    print(f"Found {len(organizations)} organizations:")
    for org in organizations:
        print(f"  - {org.name} (ID: {org.id})")

    if organizations:
        # Get the first organization and list its projects
        first_org = organizations[0]
        print(f"\nProjects in {first_org.name} (ID: {first_org.id}):")
        projects = first_org.projects.all()
        for project in projects:
            print(f"  - {project.name} (ID: {project.id})")

except Exception as e:
    print(f"An error occurred: {e}")

view raw JSON →