diff --git a/poetry.lock b/poetry.lock
new file mode 100644
index 0000000..7bf9b83
--- /dev/null
+++ b/poetry.lock
@@ -0,0 +1,155 @@
+[[package]]
+name = "certifi"
+version = "2022.9.14"
+description = "Python package for providing Mozilla's CA Bundle."
+category = "main"
+optional = false
+python-versions = ">=3.6"
+
+[[package]]
+name = "charset-normalizer"
+version = "2.0.12"
+description = "The Real First Universal Charset Detector. Open, modern and actively maintained alternative to Chardet."
+category = "main"
+optional = false
+python-versions = ">=3.5.0"
+
+[package.extras]
+unicode_backport = ["unicodedata2"]
+
+[[package]]
+name = "click"
+version = "8.1.3"
+description = "Composable command line interface toolkit"
+category = "main"
+optional = false
+python-versions = ">=3.7"
+
+[package.dependencies]
+colorama = {version = "*", markers = "platform_system == \"Windows\""}
+importlib-metadata = {version = "*", markers = "python_version < \"3.8\""}
+
+[[package]]
+name = "colorama"
+version = "0.4.5"
+description = "Cross-platform colored terminal text."
+category = "main"
+optional = false
+python-versions = ">=2.7, !=3.0.*, !=3.1.*, !=3.2.*, !=3.3.*, !=3.4.*"
+
+[[package]]
+name = "configparser"
+version = "5.3.0"
+description = "Updated configparser from stdlib for earlier Pythons."
+category = "main"
+optional = false
+python-versions = ">=3.7"
+
+[package.extras]
+docs = ["sphinx", "jaraco.packaging (>=9)", "rst.linker (>=1.9)", "jaraco.tidelift (>=1.4)"]
+testing = ["pytest (>=6)", "pytest-checkdocs (>=2.4)", "pytest-flake8", "flake8 (<5)", "pytest-cov", "pytest-enabler (>=1.3)", "types-backports", "pytest-black (>=0.3.7)", "pytest-mypy (>=0.9.1)"]
+
+[[package]]
+name = "idna"
+version = "3.4"
+description = "Internationalized Domain Names in Applications (IDNA)"
+category = "main"
+optional = false
+python-versions = ">=3.5"
+
+[[package]]
+name = "importlib-metadata"
+version = "4.12.0"
+description = "Read metadata from Python packages"
+category = "main"
+optional = false
+python-versions = ">=3.7"
+
+[package.dependencies]
+typing-extensions = {version = ">=3.6.4", markers = "python_version < \"3.8\""}
+zipp = ">=0.5"
+
+[package.extras]
+docs = ["sphinx", "jaraco.packaging (>=9)", "rst.linker (>=1.9)"]
+perf = ["ipython"]
+testing = ["pytest (>=6)", "pytest-checkdocs (>=2.4)", "pytest-flake8", "pytest-cov", "pytest-enabler (>=1.3)", "packaging", "pyfakefs", "flufl.flake8", "pytest-perf (>=0.9.2)", "pytest-black (>=0.3.7)", "pytest-mypy (>=0.9.1)", "importlib-resources (>=1.3)"]
+
+[[package]]
+name = "python-magic"
+version = "0.4.27"
+description = "File type identification using libmagic"
+category = "main"
+optional = false
+python-versions = ">=2.7, !=3.0.*, !=3.1.*, !=3.2.*, !=3.3.*, !=3.4.*"
+
+[[package]]
+name = "requests"
+version = "2.27.1"
+description = "Python HTTP for Humans."
+category = "main"
+optional = false
+python-versions = ">=2.7, !=3.0.*, !=3.1.*, !=3.2.*, !=3.3.*, !=3.4.*, !=3.5.*"
+
+[package.dependencies]
+certifi = ">=2017.4.17"
+charset-normalizer = {version = ">=2.0.0,<2.1.0", markers = "python_version >= \"3\""}
+idna = {version = ">=2.5,<4", markers = "python_version >= \"3\""}
+urllib3 = ">=1.21.1,<1.27"
+
+[package.extras]
+socks = ["PySocks (>=1.5.6,!=1.5.7)", "win-inet-pton"]
+use_chardet_on_py3 = ["chardet (>=3.0.2,<5)"]
+
+[[package]]
+name = "typing-extensions"
+version = "4.3.0"
+description = "Backported and Experimental Type Hints for Python 3.7+"
+category = "main"
+optional = false
+python-versions = ">=3.7"
+
+[[package]]
+name = "urllib3"
+version = "1.22"
+description = "HTTP library with thread-safe connection pooling, file post, and more."
+category = "main"
+optional = false
+python-versions = "*"
+
+[package.extras]
+secure = ["pyOpenSSL (>=0.14)", "cryptography (>=1.3.4)", "idna (>=2.0.0)", "certifi", "ipaddress"]
+socks = ["PySocks (>=1.5.6,!=1.5.7,<2.0)"]
+
+[[package]]
+name = "zipp"
+version = "3.8.1"
+description = "Backport of pathlib-compatible object wrapper for zip files"
+category = "main"
+optional = false
+python-versions = ">=3.7"
+
+[package.extras]
+docs = ["sphinx", "jaraco.packaging (>=9)", "rst.linker (>=1.9)", "jaraco.tidelift (>=1.4)"]
+testing = ["pytest (>=6)", "pytest-checkdocs (>=2.4)", "pytest-flake8", "pytest-cov", "pytest-enabler (>=1.3)", "jaraco.itertools", "func-timeout", "pytest-black (>=0.3.7)", "pytest-mypy (>=0.9.1)"]
+
+[metadata]
+lock-version = "1.1"
+python-versions = ">=3.7"
+content-hash = "d295c2f3348660b5c0d0dce7124182d7c51ad6b8c9ff9a3b842ac56072398aa1"
+
+[metadata.files]
+certifi = []
+charset-normalizer = []
+click = []
+colorama = []
+configparser = []
+idna = []
+importlib-metadata = []
+python-magic = []
+requests = []
+typing-extensions = []
+urllib3 = [
+    {file = "urllib3-1.22-py2.py3-none-any.whl", hash = "sha256:06330f386d6e4b195fbfc736b297f58c5a892e4440e54d294d7004e3a9bbea1b"},
+    {file = "urllib3-1.22.tar.gz", hash = "sha256:cc44da8e1145637334317feebd728bd869a35285b93cbb4cca2577da7e62db4f"},
+]
+zipp = []
diff --git a/src/cli.py b/src/cli.py
index 317becf..0bb721c 100644
--- a/src/cli.py
+++ b/src/cli.py
@@ -10,9 +10,7 @@
 
 try:
     import click
-    import requests
-    import json
-    from typing import List, Dict, Any
+    from typing import Dict
     from datetime import datetime
 except ImportError:
     import sys
@@ -20,10 +18,7 @@
     print("Missing dependencies. Please reach @jboursier if needed.")
     sys.exit(255)
 
-from click.exceptions import ClickException
-from requests.exceptions import Timeout
-
-from ghas_cli.utils import repositories, network, vulns
+from ghas_cli.utils import repositories, vulns
 
 
 def main() -> None:
diff --git a/src/ghas_cli/utils/export.py b/src/ghas_cli/utils/export.py
index 1f75553..e470ce8 100644
--- a/src/ghas_cli/utils/export.py
+++ b/src/ghas_cli/utils/export.py
@@ -1,8 +1,6 @@
 # -*- coding: utf-8 -*-
 #!/usr/bin/env python3
 
-from typing import List, Any
-import requests
 import json
 
 
diff --git a/src/ghas_cli/utils/network.py b/src/ghas_cli/utils/network.py
index da609c8..7449a19 100644
--- a/src/ghas_cli/utils/network.py
+++ b/src/ghas_cli/utils/network.py
@@ -1,9 +1,7 @@
 # -*- coding: utf-8 -*-
 #!/usr/bin/env python3
 
-from typing import List, Any
-import requests
-import json
+from typing import Any
 
 
 def check_rate_limit(response: Any) -> bool:
diff --git a/src/ghas_cli/utils/repositories.py b/src/ghas_cli/utils/repositories.py
index 31006d1..755dd12 100644
--- a/src/ghas_cli/utils/repositories.py
+++ b/src/ghas_cli/utils/repositories.py
@@ -3,8 +3,6 @@
 
 from typing import List
 import requests
-import json
-
 from . import network
 
 
diff --git a/src/ghas_cli/utils/vulns.py b/src/ghas_cli/utils/vulns.py
index 7b9202b..d0bb4f8 100644
--- a/src/ghas_cli/utils/vulns.py
+++ b/src/ghas_cli/utils/vulns.py
@@ -1,9 +1,8 @@
 # -*- coding: utf-8 -*-
 #!/usr/bin/env python3
 
-from typing import List, Any, Dict
+from typing import Dict
 import requests
-import json
 
 from . import network