code-client
Typescript consumer of the Snyk Code public API
This package is published using:
Installation
$ npm install --save @snyk/code-client
Usage
Creates and initializes an instance
import codeClient from '@snyk/code-client';
const baseURL = 'https://www.snyk.io';
Requests the creation of a new login session
const loginResponse = await codeClient.startSession({
baseURL,
source: 'atom',
});
if (loginResponse.type === 'error') {
}
const { sessionToken, loginURL } = loginResponse.value;
Checks status of the login process
const sessionResponse = await codeClient.checkSession({ baseURL, sessionToken });
if (sessionResponse.type === 'error') {
}
const isLoggedIn = sessionResponse.value;
Subscribe to events.
codeClient.emitter.on('scanFilesProgress', (processed: number) => {
console.log(`Indexed ${processed} files`);
});
codeClient.emitter.on('uploadBundleProgress', (processed: number, total: number) => {
console.log(`Upload bundle progress: ${processed}/${total}`);
});
codeClient.emitter.on('sendError', error => {
console.log(error);
});
codeClient.emitter.on('apiRequestLog', message => {
console.log(message);
});
Complete list of events:
- supportedFilesLoaded: uploading supported file extensions, can be also used for instantiating file watcher
- scanFilesProgress: emits a number of files being found
- createBundleProgress: emits a progress in instantiating packages for analysis
- uploadBundleProgress: emits a progress in uploading files
- analyseProgress: emits a progress in analysis job
- error: emits in case of an error
Run analysis
const results = await codeClient.analyzeFolders({
connection: { baseURL, sessionToken, source },
analysisOptions: {
severity: 1,
},
fileOptions: {
paths: ['/home/user/repo'],
symlinksEnabled: false,
},
});
Run analysis only for specific file, the one just changed for example
const results = await codeClient.analyzeFolders({
connection: { baseURL, sessionToken, source },
analysisOptions: {
severity: 1,
limitToFiles: ['recently-changed-file.js'],
},
fileOptions: {
paths: ['/home/user/repo'],
symlinksEnabled: false,
},
});
Run analysis and report results to platform
const results = await codeClient.analyzeFolders({
connection: { baseURL, sessionToken, source },
analysisOptions: {
severity: 1,
},
fileOptions: {
paths: ['/home/user/repo'],
symlinksEnabled: false,
},
reportOptions: {
enabled: true,
projectName: 'example-project',
},
});
Creates a new bundle based on a previously uploaded one
const results = await codeClient.extendAnalysis({
...previousAnalysisResults,
files: {
'/home/user/repo/main.js',
'/home/user/repo/app.js',
},
});
Run analysis on an existing SCM project and report results to platform
const results = await codeClient.analyzeScmProject({
connection: { baseURL, sessionToken, source },
analysisOptions: {
severity: 1,
},
reportOptions: {
projectId: '<Snyk Project UUID>',
commitId: '<Commit SHA to scan>',
},
});
Errors
If there are any errors the result of every call will contain the following:
const { error, statusCode, statusText } = result;
CLI
There is a way to run separate calls using a CLI
Create bundle
Help manifest: time npm run cli -- help bundle:create
Usage: CLI bundle:create [options]
create a new bundle and return its ID with meta info
Options:
--patterns [string...] supported file patterns
--ignore [path...] ignored path glob
--path [path...] source code dir
--url <url> service URL
--token <hash> user token
--org <string> organization
--source <string> source identifier (default: "code-client")
-H, --headers [string...] custom headers e.g. "X-Custom-Header: some value". Can have multiple values diveded by space
--debug enable debug mode
-h, --help display help for command
Example call:
npm run cli -- bundle:create --url="<service url>" --token="<snyk token>" --headers="<extra>" --patterns=".*" --path="<absolute path>"