Import a Project

Recap You have created a Snyk account and integrated with your source code (Git) repository to allow access to your code for scanning. You can now run scans.

Snyk Projects are items that Snyk scans for issues, for example, a manifest file listing your open-source dependencies.

When you import a Project, Snyk scans that imported Project, and displays the results for you to review.

The following video shows how to import a Snyk Project:

The steps to import a Project are as follows:

  • Select Projects > Add Project, and select where to import the Project from, for example, select GitHub to import from your GitHub repository, or select CLI to use the Snyk CLI locally:

  • Select the repositories to use; then click Add selected repositories to import the selected repositories into your Project. You can choose optional Settings for the Project you are importing: Add custom file location and Exclude folders, supported only for Snyk Open Source and Snyk Container. For details, see Adding custom file locations and excluding folders in the documentation for Azure repositories integrations,

Project import settings

In Settings, optionally choose to:

  • Add custom file location to add any additional dependencies from custom paths.

  • Exclude folders to list up to ten folders to exclude from scanning during the import, for example, to shorten scanning time. Each folder name must not exceed 100 characters. This feature is supported for Snyk Open Source and Snyk Container.

Import progress

A progress bar appears during import. Select View last import log to see log results.

During the import, Snyk starts scanning the selected repos for relevant files, such as package.json files listing dependencies, in the entire directory tree and imports these files as Snyk Projects.

Import results

Project import completes, with a status message:

You have now successfully imported and scanned the selected Project.

If you see any errors during import, see Project import errors.

Additional benefits of importing a Project

Importing a Project also does the following:

  • Sets Snyk to run a regular scan on that Project for issues; see Test frequency settings for the defaults.

  • Initiates some automation, especially default Snyk tests on pull and merge requests, which help prevent vulnerabilities from being added to the Project. This automation fails builds according to your conditions and can be disabled or customized in your integration settings.

For training on best practices in using automation, visit the Snyk course Source Code Manager Configurations.

What's next?

You can now view Snyk scan results.

Last updated

More information

Snyk privacy policy

© 2023 Snyk Limited | All product and company names and logos are trademarks of their respective owners.