🐛 Simple Unix CLI to show security issues from Snyk for projects for your organisation.
| What | Details |
|---|---|
| OS | Unix (tested on Mac) |
| curl | The Unix command line tool to download from a URL |
| jq | The Unix command line to process JSON |
-
Install the dependencies, if they are missing
-
Create a file
api_token.txtthat contains your Snyk API key -
Create a file
org_id.txtthat contains the ID of your Snyk 'organisation'. Note: you may have many such 'organisations', depending on how you use Snyk.
You can get a list of your Snyk organisation IDs using curl:
curl --include \
--header "Content-Type: application/json; charset=utf-8" \
--header "Authorization: token <API_KEY>" \
'https://snyk.io/api/v1/orgs'
- Create a file
jq_project_filter.txtthat contains a jq filter on your Snyk project names.
Example:
contains("MyProject1") or contains("Project2")
go.sh
Example output:
src/my-project(master):my-app/My.Project.One/My.Project.One.csproj
"Vulnerability: Remote Code Execution (RCE) in System.Text.Encodings.Web@4.6.0 - https://snyk.io/vuln/SNYK-DOTNET-SYSTEMTEXTENCODINGSWEB-1253267"
---------
src/my-project(release/1.1):my-app/My.Project.One.View/My.Project.One.View.csproj
"Vulnerability: Regular Expression Denial of Service (ReDoS) in RestSharp@106.6.9 - https://snyk.io/vuln/SNYK-DOTNET-RESTSHARP-1316436"
---------
src/my-project(release/1.1):modeler/My.Project.One/My.Project.One.csproj
"Vulnerability: Regular Expression Denial of Service (ReDoS) in RestSharp@105.0.1 - https://snyk.io/vuln/SNYK-DOTNET-RESTSHARP-1316436"
"Vulnerability: Denial of Service (DoS) in RestSharp@105.0.1 - https://snyk.io/vuln/SNYK-DOTNET-RESTSHARP-1316436"