JetBrains plugins
Use this documentation to get started with the JetBrains plugin.
Snyk offers IDE integrations that allow you to use the functionality of Snyk in your Integrated Development Environment. This page describes the Snyk JetBrains plugins. For information about all of the IDE plugins and their use, see Snyk for IDEs in the docs.
Snyk supports JetBrains plugins from version 2020.2 for IntelliJ IDEA and WebStorm as well as Android Studio, AppCode, GoLand, PhpStorm, PyCharm, Rider, and RubyMine.
The Snyk JetBrains plugins provide analysis of your code, containers, and Infrastructure as Code configurations. The plugin is based on the Snyk CLI and also uses Snyk APIs. The plugin supports product features in the CLI for Snyk Open Source and Snyk Container as well as for Snyk Code and Snyk IaC with some limitations.
Snyk scans for vulnerabilities and misconfigurations and returns results with security issues categorized by issue type and severity.
For open source, you receive automated algorithm-based fix suggestions for both direct and transitive dependencies. For containers, you can automate upgrades to the most secure base image to quickly resolve numerous vulnerabilities. This single plugin provides a Java vulnerability scanner, a custom code vulnerability scanner, an open-source security scanner, and an application security plugin.
Snyk scans for the following types of issues:
Open Source Security - security vulnerabilities and license issues in both direct and in-direct (transitive) open-source dependencies pulled into the Snyk Project. See also the Open Source docs.
Code Security and Code Quality - security vulnerabilities and quality issues in your code. See also the Snyk Code docs.
Container Security - security vulnerabilities in your base images. See also the Snyk Container docs.
Infrastructure as Code (IaC) Security - configuration issues in your IaC templates: Terraform, Kubernetes, CloudFormation, and Azure Resource Manager. See also the Snyk Infrastructure as Code docs.
The JetBrains plugins also provide the Open Source Advisor to help you find the best package for your next project. Information is provided on the package health of the direct dependencies you are using including popularity, maintenance, risk, and community insights.
After you complete the installation steps on this page and the configuration and authentication steps on the next two pages**,** you will continue by following the instructions in the other JetBrains plugins docs:
- For Snyk Open Source, the JetBrains plugin supports the languages and package managers supported by Snyk Open Source and the CLI. See Open Source - Supported languages and package managers.
- For Snyk Container: the JetBrains plugin supports all the operating system distributions supported by Snyk Container.
- For Snyk IaC, the Eclipse plugin supports the following IaC templates: Terraform, Kubernetes, CloudFormation, and Azure Resource Manager.
Install using the IDE plugins library:
- 1.Open the Preferences window in the IDE.
- 2.Navigate to the Plugins tab.
- 3.In the Plugins tab, search for Snyk.
- 4.Select the Snyk vulnerability scanning plugin.
- 5.Click on the Install button.
- 6.When the installation is complete, restart the IDE.
%20(1)%20(1)%20(1)%20(1)%20(1)%20(1)%20(1)%20(1)%20(1)%20(1)%20(2).png?alt=media&token=cfd0fc28-e443-47e4-bfb6-3ce12b4de9b3)
Select the Snyk vulnerability scanning plugin