Running tests
You can use Snyk to test your code in different ways:
- Run tests automatically: after Project import or using the
snyk monitor
CLI command or using PR Checks to scan new PRs
- Scan open-source code with
snyk test
. - Scan application code with
snyk code test
. - Scan container images with
snyk container test
. - Scan Infrastructure as Code (IaC) files with
snyk iac test
.
A test is run when you import a Snyk Project (see Import a Project) or click the Retest now button on a Project in the Overview tab. During retests, Snyk fetches the assets that need to be scanned for Snyk to find any new issues.
Tests are counted when calls are made to the https://snyk.io/api/v1/test endpoint.
After you import a Project, Snyk automatically runs periodic scans on that Project, to see if your code is affected by newly disclosed vulnerabilities.
The default test frequency and available test frequencies vary depending on the type of Project: Open Source, Code analysis, Container, or IaC. For more information, see Usage page details (Set test frequency). You can also set test frequency in the Project Settings (see View project settings) or use theSnyk REST API: Updates project by project ID.
Use the
snyk monitor
CLI command to create a snapshot of a project on the Snyk website that will be continuously monitored for new vulnerabilities.Projects are tested at the test frequency you select in your settings; the default is daily. After using
snyk monitor
, you will have recurring tests. Recurring tests are scheduled retests that run on monitored projects.Snyk can scan every new Pull Request (PR) submitted on your monitored repositories to help prevent new vulnerabilities from being added to your codebase.
Last modified 1mo ago