Python

Applicability

Snyk supports Python for code analysis and Python for open source.

For specific information about the use of versions and package managers, See Snyk CLI for Python and Git repositories and Python.

Check the language availability to be imported as an application, tested, or monitored using the Snyk products.

Available functions:

  • SCM import, available for Snyk Open Source and Snyk Code. For Python used with Snyk Open Source, the SCM import is available for Pip, pipenv, and Poetry.

  • Test or monitor your app through CLI and IDE, available for Snyk Open Source and Snyk Code.

  • Test your app's SBOM using pkg:pypi

  • Test your app's packages using pkg:pypi

Package managers and supported file extensions

Snyk for Python supports Pip, Poetry, pipenv, and setup.py as package managers. For the list of supported Python versions, check the Git repositories and Python page.

As a package registry, pypi.org is supported.

Snyk for Python supports the following file formats:

  • Snyk Open Source:

    • For poetry: pyproject.toml, poetry.lock

    • For pip: requirements.txt

    • For pipenv: pipfile, pipfile.lock

    • For setup.py: setup.py

  • Snyk Code: .py

Frameworks and libraries

The following frameworks and libraries are supported in Snyk for Python:

  • AioHTTP - Comprehensive

  • iopg - Comprehensive

  • argparse - Comprehensive

  • anthropic - Comprehensive

  • bottle - Comprehensive

  • CherryPy - Comprehensive

  • Django - Comprehensive

  • defusedxml - Comprehensive

  • fastapi - Partial

  • flask - Comprehensive

  • flask_pymongo - Comprehensive

  • google.cloud.bigquery - Comprehensive

  • google_generativeai - Comprehensive

  • huggingface_hub - Comprehensive

  • httpx - Comprehensive

  • ldap3 - Comprehensive

  • libxml - Comprehensive

  • lxml - Comprehensive

  • mistralai - Comprehensive

  • mongoengine - Comprehensive

  • openai - Comprehensive

  • pandas - Partial

  • paramiko - Comprehensive

  • peewee - Comprehensive

  • pickle - Comprehensive

  • pilyaml - Comprehensive

  • pyca/cryptography - Comprehensive

  • pymongo - Comprehensive

  • pymssql - Comprehensive

  • pyramid - Comprehensive

  • psycopg - Comprehensive

  • python-ldap - Comprehensive

  • Python Standard Library - Comprehensive

  • requests - Comprehensive

  • sqlite3 (or pysqlite2) - Comprehensive

  • sqlalchemy - Comprehensive

  • turboGears - Comprehensive

  • urllib - Comprehensive

  • werkzeug - Comprehensive

Features

The following features are supported in Snyk for Python:

Snyk Open Source
Snyk Code
  • Fix PRs

  • License scanning

  • Reports

  • Reports

  • Custom rules

  • Interfile analysis

Python version support

Some Python Projects may contain dependencies that require specific versions of Python. Therefore, the version of Python used when scanning can affect the dependency tree that Snyk generates.

You can specify the version of Python that Snyk uses to scan dependencies in both the CLI and Git integration.

See Snyk CLI for Python for information about the Python version and installation and use information for Pip, Poetry, Pipevn, and setup.py.

See Git repositories and Python for information about the Python version and installation and use for Python and pip and use of Poetry and pipenv.

Pipenv and Python versions supported

Supported Python versions are 3.8, 3.9, 3.10, 3.11, 3.12.

Snyk uses Python version information specified in each Pipfile to choose the major and minor versions to use in scanning, for example:

[requires]
python_version = "3.6"

Specific patch versions are ignored; Snyk uses a recent patch version from each series.

Snyk defaults to Python 3.10 if the Pipfile contains:

  • No Python version information

  • Only a major version