Links

Import a Project

Recap You have created a Snyk account and integrated with your source code (Git) repository to allow access to your code for scanning. You can now run scans.
Snyk Projects are items that Snyk scans for issues, for example, a manifest file listing your open-source dependencies.
When you import a Project, Snyk scans that imported Project, and displays the results for you to review.
The following video shows how to import a Snyk Project:
Video demonstration of importing projects via the Snyk Web UI
The steps to import a Project are as follows:
  • Select Projects > Add Project, and select where to import the Project from, for example, select GitHub to import from your GitHub repository, or select CLI to use the Snyk CLI locally:
Add Project choices
Add Project choices
  • Select the repositories to use, then choose Add selected repositories to import the selected repositories into your project:
Add selected repositories
Projects you select to import are shown with a
Check mark
. Projects previously imported are marked by a ✔.

Project import settings

In Settings, optionally choose to:
  • Add custom file location to add any additional dependencies from custom paths.
  • Exclude folders to list up to 10 folders to exclude from scanning during the import; for example, to shorten scanning time.

Import progress

A progress bar appears during import. Select View last import log to see log results.
Import Projects progress and option to view import log
Import Projects progress and option to view import log
During the import, Snyk starts scanning the selected repos for relevant files (such as package.json files listing dependencies) in the entire directory tree, and imports these files as Snyk Projects.

Import results

Project import completes, with a status message:
Project import success message
Project import success message
You have now successfully imported and scanned the selected Project.
If you see any errors during import, see Project import errors.

Additional benefits of importing a Project

Importing a Project also does the following:
  • Sets Snyk to run a regular scan on that Project for issues (daily by default).
  • Initiates some automations, especially default Snyk tests on pull and merge requests, which help prevent vulnerabilities from being added to the Project. This automation fails builds according to your conditions and can be disabled or customized in your integration settings.
For training on best practices using automations, visit the Snyk Training course: Source Code Manager Configurations.

What's next?

© 2023 Snyk Limited | All product and company names and logos are trademarks of their respective owners.