This tool is used to count contributors with commits in the last 90 days in repositories matching the following criteria:
- Repo name XYZ (single repo mode if available for SCM command - see help)
- All repos in given projects/org/group (ex: Bitbucket Server project(s))
- All repos in given projects/org/group (ex: Bitbucket Server project(s)) AND monitored by Snyk
- All repos in SCM (varies a little depending on SCM)
- All repos in SCM (varies a little depending on SCM) AND monitored by Snyk
I want to know the countributors count for Snyk monitored projects in bitbucket server project key AN.
Require node 14 !
npm i -g snyk-scm-contributors-count
or use corresponding binaries in the release page
For Azure, Bitbucket Cloud and Bitbucket Server, you need to export your Snyk Token or apply the --skipSnykMonitoredRepos flag:
export SNYK_TOKEN=<YOUR-SNYK-TOKEN>
snyk-scm-contributors-count <command> <command-options>
If using binaries,
chmod +x snyk-scm-contributors-count-<env>to allow execution If you can't typesnyk-scm-contributors-countin your terminal, then add you bin folder to the PATH in ~/.bash_profile or equivalent. If using nvm, make sure the bin folder for your node version is also in the PATH.
snyk-scm-contributors-count bitbucket-server --token BITBUCKET-TOKEN --url http://bitbucket-server.mycompany.com --projectKeys Key1,Key2 --exclusionFilePath=./snyk.exclude
snyk-scm-contributors-count bitbucket-cloud --user USERNAME --password PASSWORD --workspaces Workspace1,Workspace2 --repo Repo --skipSnykMonitoredRepos
snyk-scm-contributors-count azure-devops --token AZURE-TOKEN --org AZURE-ORG --projectKeys ProjectKey1 --json
snyk-scm-contributors-count gitlab --token TOKEN --url URL --exclusionFilePath PATH_TO_FILE --json
snyk-scm-contributors-count github --token TOKEN --orgs ORG --repo REPO
snyk-scm-contributors-count github-enterprise --token TOKEN --orgs ORG1,ORG2
--exclusionFilePathpointing to snyk.exclude file, simple text file containing emails of committers to exclude (i.e [email protected], etc...)--jsonoutput JSON
Additional options might be available depending on the command
--skipSnykMonitoredReposto skip checking with repos that are monitored by Snyk (useful for sizing before Snyk rollout). In that case the SNYK_TOKEN is not required (This flag is auto-applied to the Gitlab command)
Use DEBUG=snyk* env var before your command, for example:
DEBUG=snyk* snyk-scm-contributors-count bitbucket-server --token BITBUCKET-TOKEN --url http://bitbucket-server.mycompany.com --projectKeys Key1,Key2 --exclusionFilePath=./snyk.exclude
-
Create a new ts file under cmds (duplicate cmds/bitbucket-server.ts)
-
Fill out command, desc, and builder options, leaving in:
- exclusionFilePath
- json
- skipSnykMonitoredRepos
-
The handler function will be called with argv which should match the builder options
-
Create a class with your command name extending SCMHandlerClass. It'll require you to implement the abstract method
fetchSCMContributorsexpecting aPromise<ContributorMap>in return
- types can be function in src/lib/types.ts
-
Once create and asbtract function implemented, in handler, instantiate the class you just created
-
Call
<classInstance>.scmContributorCount(argv.url,SourceType["YOUR-SOURCE"],argv.skipSnykMonitoredRepos,argv.exclusionFilePath,argv.json)
- profit.
npm run build
or in watch mode
npm run build-watch
- Most SCMs have paginated results, fetch all the relevant pages, only what's useful
- Be gentle with rates against SCM. Use client or throttling libs like bottleneck
- Snyk API interaction is using snyk-api-ts-client with built-in throttling and retries
- Please be aware that all the SCMs have an API rate limit control. The tool takes that into account.