Import a Project
Recap You have created a Snyk account, and integrated with your source code (Git) repository to allow access to your code for scanning. You can now run the scans.

Introduction

Snyk Projects are items that Snyk can scan for issues; for example, a manifest file listing your open source dependencies.
When you import a Project, Snyk scans that imported project and displays the results for you to review.

Import a Project

Video demonstration of importing projects via the Snyk Web UI
To import a Projects to scan, from the Snyk Web UI:
  • Select Projects > Add Project, and select where to import the Project from (for example GitHub), or click CLI to use the Snyk CLI tool locally:
  • Select the repositories to use, then click Add selected repositories to import the selected repositories into your projects:
Imported projects are indicated by a ✔ next to the repo name.

Project import settings

In Settings, optionally choose to:
  • Add custom file location to add any additional dependencies from custom paths.
  • Exclude folders to list up to 10 folders to exclude from scanning during the import; for example, to shorten scanning time.

Import progress

A progress bar appears during import: click View last import log to see log results.
During the import, Snyk starts scanning the selected repos for relevant files (for example, package.json files listing dependencies) in the entire directory tree, and imports these files as Snyk Projects.

Import results

Project import completes, with a status message:
You have now successfully imported and scanned the selected Project.
Importing a Project will also:
  • Set Snyk to run a regular scan on that Project for issues (daily by default).
  • Create a Webhook, so when you change code, Snyk tests your pull / merge requests, to check that new dependencies do not introduce more vulnerabilities.
If you see any errors during import, see Project import errors.

What's next?

Export as PDF
Copy link
Edit on GitHub