{"id":19478110,"url":"https://github.com/snyk/artifactory-snyk-security-plugin","last_synced_at":"2026-01-16T23:26:30.432Z","repository":{"id":38240303,"uuid":"189742652","full_name":"snyk/artifactory-snyk-security-plugin","owner":"snyk","description":"Allow Artifactory users to test their applications against the Snyk vulnerability database","archived":false,"fork":false,"pushed_at":"2026-01-15T15:46:06.000Z","size":919,"stargazers_count":23,"open_issues_count":5,"forks_count":10,"subscribers_count":90,"default_branch":"main","last_synced_at":"2026-01-15T18:59:49.172Z","etag":null,"topics":["artifactory","security"],"latest_commit_sha":null,"homepage":"https://docs.snyk.io/features/integrations/private-registry-gatekeeper-plugins/artifactory-gatekeeper-plugin-overview","language":"Java","has_issues":false,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"apache-2.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/snyk.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":"CONTRIBUTING.md","funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":".github/CODEOWNERS","security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null,"notice":null,"maintainers":null,"copyright":null,"agents":null,"dco":null,"cla":null}},"created_at":"2019-06-01T14:32:06.000Z","updated_at":"2026-01-15T15:43:19.000Z","dependencies_parsed_at":"2023-02-13T00:30:30.355Z","dependency_job_id":"6f13140d-55b3-4172-a62b-284c9c851582","html_url":"https://github.com/snyk/artifactory-snyk-security-plugin","commit_stats":null,"previous_names":[],"tags_count":31,"template":false,"template_full_name":null,"purl":"pkg:github/snyk/artifactory-snyk-security-plugin","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/snyk%2Fartifactory-snyk-security-plugin","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/snyk%2Fartifactory-snyk-security-plugin/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/snyk%2Fartifactory-snyk-security-plugin/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/snyk%2Fartifactory-snyk-security-plugin/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/snyk","download_url":"https://codeload.github.com/snyk/artifactory-snyk-security-plugin/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/snyk%2Fartifactory-snyk-security-plugin/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":28487586,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-01-16T22:54:02.790Z","status":"ssl_error","status_checked_at":"2026-01-16T22:50:10.344Z","response_time":107,"last_error":"SSL_connect returned=1 errno=0 peeraddr=140.82.121.6:443 state=error: unexpected eof while reading","robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":false,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["artifactory","security"],"created_at":"2024-11-10T19:47:10.184Z","updated_at":"2026-01-16T23:26:30.414Z","avatar_url":"https://github.com/snyk.png","language":"Java","funding_links":[],"categories":[],"sub_categories":[],"readme":"# Artifactory Gatekeeper plugin\n\nFor information about the Artifactory Gatekeeper plugin, see the Snyk user\ndocs, [Artifactory Gatekeeper plugin](https://docs.snyk.io/integrations/private-registry-gatekeeper-plugins/artifactory-gatekeeper-plugin-overview).\n\n## Local development\n\n## Running artifactory locally\nYou can run artifactory pro with docker compose. There are a few steps needed to set it up:\n\n### Step 1: Initialise the file system\nStart up the containers:\n\n```shell\ndocker compose up\n```\n\nThat will initialise the system files at `distribution/docker`.\n\n### Step 2: Point Artifactory to the DB\nCtrl+C out of the containers and edit the DB configuration in\n`distribution/docker/etc/system.yaml`:\n\n```yaml\n    database:\n        type: postgresql\n        driver: org.postgresql.Driver\n        url: \"jdbc:postgresql://postgres/artifactory\"\n        username: artifactory\n        password: password\n```\n\nRun `docker compose up` again. The application should start at [localhost:8082](http://localhost:8082),\nyou can log in with username `admin` and password `password`.\n\n### Step 3: Enable the license\nArtifactory pro license is required to run the plugin. You can get a trial one\nfor free by signing up at [JFrog website](https://jfrog.com/start-free/).\nPaste the license in you artifactory.\n\nThere! You have an artifactory pro running locally. Time to install the Snyk plugin.\n\n## Installing the plugin\nBuild the plugin first with `mvn install -DskipTests`.\nThen unpack the release into artifactory's plugins folder:\n\n```shell\nunzip -o distribution/target/artifactory-snyk-security-plugin-LOCAL-SNAPSHOT.zip -d distribution/docker/etc/artifactory/\n```\n\nSet your Snyk org ID and API token inside `distribution/docker/etc/artifactory/plugins/snykSecurityPlugin.properties`\nand restart Artifactory. Check [the logs](http://localhost:8082/ui/admin/artifactory/advanced/system_logs)\nto confirm the plugin gets loaded.\n\nAfter making changes to the plugin, repeat `mvn install` and extract the jar file but without touching your config:\n\n```shell\nunzip -p distribution/target/artifactory-snyk-security-plugin-LOCAL-SNAPSHOT.zip plugins/lib/artifactory-snyk-security-core.jar \u003e distribution/docker/etc/artifactory/plugins/lib/artifactory-snyk-security-core.jar\nunzip -p distribution/target/artifactory-snyk-security-plugin-LOCAL-SNAPSHOT.zip plugins/snykSecurityPlugin.groovy \u003e distribution/docker/etc/artifactory/plugins/snykSecurityPlugin.groovy\n```\n\n## Inspecting plugin logs\nIn order to see the logs, set the log level for Snyk by inserting this line: `\u003clogger name=\"io.snyk\" level=\"debug\"/\u003e`\ninto this file: `distribution/docker/etc/artifactory/logback.xml`.\n\n## Testing supported ecosystems\nHere are some tips for pointing local dev tools to Artifactory in order to try out the plugin.\n\n### NPM\n1. In the Artifactory UI, create a remote NPM repository using Repository Key `npm`.\n2. Authenticate your NPM client: `npm login --registry=http://localhost:8081/artifactory/api/npm/npm/ --auth-type=web`.\n3. Install a package `npm add jest-get-type@30.0.0-alpha.5 --registry=http://localhost:8081/artifactory/api/npm/npm/ --cache /tmp/npm-cache \u0026\u0026 rm -rf /tmp/npm-cache`\n\n### Maven\nThis actually uses a Gradle project to test:\n1. In the Artifactory UI, create a remote Maven repository using Repository Key `maven`.\n2. Drop repository coords in `settings.gradle.kts` of your Gradle project (see the snippet below).\n```kotlin\npluginManagement {\n\trepositories {\n\t\tmaven {\n\t\t\turl = uri(\"http://localhost:8082/artifactory/maven/\")\n\t\t\tisAllowInsecureProtocol = true\n\t\t\tcredentials {\n\t\t\t\tusername = \"admin\"\n\t\t\t\tpassword = \"password\"\n\t\t\t}\n\t\t}\n\t\tgradlePluginPortal()\n\t}\n}\n```\n3. Make sure the `repositories` block only includes your Artifactory in `build.gradle.kts` (see the second snippet below).\n```kotlin\nrepositories {\n\tmaven {\n\t\turl = uri(\"http://localhost:8082/artifactory/maven/\")\n\t\tisAllowInsecureProtocol = true\n\t\tcredentials {\n\t\t\tusername = \"admin\"\n\t\t\tpassword = \"password\"\n\t\t}\n\t}\n}\n```\n4. Install your project's dependencies.\n\n\n### PyPi\n1. In the Artifactory UI, create a remote Pypi repository using Repository Key `pypi`.\n2. `pip3 install --index-url http://localhost:8082/artifactory/api/pypi/pypi/simple libdev`\n\n### Ruby Gems\n1. In the Artifactory UI, create a remote Gems repository using Repository Key `rubygems`.\n2. Still in the Artifactory UI, navigate to the artifacts view and hit the `Set me up` option.\n3. Choose the `rubygems` repository and generate an access token.\n4. `gem source -a http://admin:ACCESS_TOKEN_FROM_PREVIOUS_STEP@localhost:8081/artifactory/api/gems/rubygems/`\n5. `gem install openssl`\n\n### Cocoapods\n1. In the Artifactory UI, create a remote CocoaPods repository using Repository Key `cocoapods`.\n2. Create a `Podfile`:\n```\nsource \"http://localhost:8081/artifactory/api/pods/cocoapods\"\nproject 'project/test/test.xcodeproj'\nplatform :ios, '10.0'\ntarget 'test' do\n  use_frameworks!\n  pod 'Alamofire', '~\u003e 5.10'\n  pod 'Bolts', '~\u003e 1.9'\nend\n```\n3. `pod install`\n\n### Nuget\n1. In the Artifactory UI, create a remote Nuget repository using Repository Key `nuget`.\n2. `nuget sources Add -Name Artifactory -Source http://localhost:8081/artifactory/api/nuget/nuget`\n3. Disable the default source: `nuget sources disable -Name nuget.org`.\n4. Verify only Artifactory is enabled: `nuget sources List`.\n5. `nuget install Newtonsoft.Json -Version 13.0.1`\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fsnyk%2Fartifactory-snyk-security-plugin","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fsnyk%2Fartifactory-snyk-security-plugin","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fsnyk%2Fartifactory-snyk-security-plugin/lists"}