Product
Introducing License Enforcement in Socket
Ensure open-source compliance with Socket’s License Enforcement Beta. Set up your License Policy and secure your software!
snyk-tags tag
snyk-tags tag alltargets --contains-name=
snyk-tags target tag
or from a csv/json file with snyk-tags fromfile target-tag
snyk-tags target attributes
or from a csv/json file with snyk-tags fromfile target-attributes
snyk-tags target github owners
snyk-tags target remove
or listing all tags using snyk-tags list tags
(also in bulk or from a csv/json file with snyk-tags fromfile
)snyk-tags component tag
.snyk-tags tag
is a CLI tool that uses the Snyk Project Tag API to assign tags in bulk to Snyk projects based on the product.
snyk-tags tag
will update all projects of the specified product within a Snyk Group or Organization with the product's tag.
You can also specify a custom tag for the specific project types.
snyk-tags target
goes through a target (repo, container, CLI import) to assign tags, attributes and assign GitHub metadata. Targets in snyk can be varied like:
You can use:
snyk-tags target tag
to add tags to a targetsnyk-tags target attributes
to add attributes to a targetsnyk-tags target github
for specific GitHub metadata. The GitHub repo must include the GitHub Organization e.g. snyk-labs/nodejs-goofTo import GitHub metadata such as CODEOWNERS or Topics, you can use this command.
Requirements:
read:org
permissionsUsage:
snyk-tags target github owners
to add the CODEOWNERS file information as tags (limited to GitHub handles for now)snyk-tags target github topics
to add the GitHub Topics as tagsOnce you run snyk-tags
, go into the UI, naviagate to the projects page and find the tags filter or attribute filter options on the left-hand menu. Select the tag/attribute you have applied and you will see all projects associated.
snyk-tags component tag
automates tagging software components at scale for Snyk, based on powerful regular-expression based rules. Read more about this feature in components.
Requires Python version above 3.8
To install the simplest way is to use pip:
pip install snyk-tags
Alternatively you can clone the repo and then run the following commands:
poetry install # To install dependencies
python -m snyk-tags # To run snyk-tags
For the following examples you will need a Snyk API token, this can either be a personal Snyk Group/Org admin or a service account, here is more information on how to generate a Snyk API token. You can then pass this token as part of the command through --snyktkn=abc
or as an environment variable SNYK_TOKEN
I want to filter all my Snyk Code projects to the whole Snyk Group:
snyk-tags tag sast --group-id=abc --snyktkn=abc
I want to filter all my npm
Snyk Open Source projects within a specific Snyk Organization:
snyk-tags tag sca --scatype=npm --org-id=abc --snyktkn=abc
I want to filter all my Snyk projects sharing a common project name substring
snyk-tags tag alltargets --contains-name=microservice --group-id=abc --org-id=abc --snyktkn=abc --tagkey=app --tagvalue=microservice
I want to filter all projects within my snyk-labs/nodejs-goof
repo by project:snyk
snyk-tags target tag --target=snyk-labs/nodejs-goof --org-id=abc --snyktkn=abc --tagkey=project --tagvalue=snyk
I want to add attributes to all projects within my snyk-labs/python-goof
repo. The attributes are critical, production, backend
snyk-tags target attributes --target=snyk-labs/python-goof --org-id=abc --snytkn=abc --criticality=critical --environment=backend --lifecycle=production
I want mark with the repo owners all projects of the repo snyk-labs/nodejs-goof
so I can filter by owner e.g.Owner:EricFernandezSnyk
(to use a private GitHub instance, use --gh-base-url=<your instance's API baseurl>
. Example: --gh-base-url=https://gh.local/api/v3
)
snyk-tags target github owners --target=snyk-labs/nodejs-goof --org-id=abc --snyktkn=abc --githubtkn=abc
I want add my GitHub Topics to all projects of the repo snyk-labs/nodejs-goof
so I can filter by topics e.g.GitHubTopic:python3
(to use a private GitHub instance, use --gh-base-url=<your instance's API baseurl>
. Example: --gh-base-url=https://gh.local/api/v3
)
snyk-tags target github topics --target=snyk-labs/nodejs-goof --org-id=abc --snyktkn=abc --githubtkn=abc
I want to remove the tag project:snyk from the repo snyk-labs/nodejs-goof
snyk-tags remove tag-from-target --target=snyk-labs/nodejs-goof --group-id=abc --snyktkn=abc --tagkey=project --tagkey=snyk
I want to remove the tag app:microservice from all targets within a specific Snyk Organization
snyk-tags remove tag-from-alltargets --contains-name=apps-demo --org-id=abc --tagkey=app --tagvalue=microservice
I want to filter all projects within snyk-labs/nodejs-goof
and snyk-labs/goof
repo by project:snyk
so I use a csv in the format org-id,target,key,value
snyk-tags fromfile target-tag --file=path/to/file.csv --snyktkn
Snyk IaC | Snyk Open Source | Snyk Container | Snyk Code |
---|---|---|---|
terraformconfig | maven | dockerfile | sast |
terraformplan | npm | apk | |
k8sconfig | nuget | deb | |
helmconfig | gradle | rpm | |
cloudformationconfig | pip | linux | |
armconfig | yarn | ||
gomodules | |||
rubygems | |||
composer | |||
sbt | |||
golangdep | |||
cocoapods | |||
poetry | |||
govendor | |||
cpp | |||
yarn-workspace | |||
hex | |||
paket | |||
golang |
Criticality | Environment | Lifecycle |
---|---|---|
critical | frontend | production |
high | backend | development |
medium | internal | sandbox |
low | external | |
mobile | ||
saas | ||
onprem | ||
hosted | ||
distributed |
FAQs
CLI tool designed to manage tags and attributes at scale
We found that snyk-tags demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Product
Ensure open-source compliance with Socket’s License Enforcement Beta. Set up your License Policy and secure your software!
Product
We're launching a new set of license analysis and compliance features for analyzing, managing, and complying with licenses across a range of supported languages and ecosystems.
Product
We're excited to introduce Socket Optimize, a powerful CLI command to secure open source dependencies with tested, optimized package overrides.