Skip to content

snyk-labs/snyk-java-jar-test

Repository files navigation

snyk-java-jar-test

Getting Started

You will need Python 3.7 and pipenv.

git clone https://github.com/snyk-samples/snyk-java-jar-test.git
cd snyk-java-jar-test
pipenv install
pipenv shell

You will need to authorize your Snyk CLI.

Usage

After activating an appropriate Python shell, you can do things like:

Test a single JAR in the local directory:

python snykjar.py gson-2.3.1.jar

Test a multiple specific JARs in the local directory:

python snykjar.py gson-2.3.1.jar commons-collections-3.2.1.jar jackson-core-2.9.8.jar

Test a single JAR in an arbitrary directory:

python snykjar.py /path/to/jars/gson-2.3.1.jar

Test multiple JARs in arbitrary directories:

python snykjar.py /path/to/jars/gson-2.3.1.jar /path/to/jars/commons-collections-3.2.1.jar /some/other/path/to/jars/jackson-core-2.9.8.jar

Test all the JARs in the current directory:

python snykjar.py .

Test a directory full of JARs:

python snykjar.py /path/to/jars

Additional Parameters

--jsonOutput=<output-file.json> - this will save the output in a JSON file which is ideal for parsing.

--orgId - you only need to use this if your default organization in Snyk is not an organization that has API access. In most cases you won't need to use this. You can see your default Snyk organization by going to Account Settings->Preferred Organization.

--outputPom=<path/to/output/pom.xml> - use this if you just want to get a pom.xml generated as output with all the detected Java packages. If you use this option, you the detected packages will not be tested and you will not get JSON output even if you use the --jsonOutput option. You might want to use this option to generate a pom.xml and then either test it with the snyk CLI (ex snyk test --file=pom.xml) or push the list of detected Java packages into Snyk and test monitor them there using snyk monitor --file=pom.xml --project-name=<my-java-jars-test>. For this to work, the filename needs to be pom.xml.

About

Test Java JARs using Snyk

Resources

License

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published

Languages