How ignores work for Projects imported using an SCM and the CLI

When you ignore an issue, you must consider the following factors:

  • How was the Project imported: Through an SCM? Through the CLI?

  • What Snyk product scanned the Project: Snyk Open Source, Snyk Code, or another?

  • How was the ignore created: In a policy? Through the UI from the Project page? Using an API? In a .snyk file?

    • For ignores created in a policy, ignoring an issue on the Organization level will ensure the issues are ignored for Projects imported using an SCM and Projects imported using the CLI.

    • Ignoring for a particular Project or attribute will ensure the issue is ignored only for the specific Project and only for Projects imported using an SCM.

Depending on these factors, the ignore is respected for testing in different places. Where will the ignore be respected testing?

  • In the UI and an SCM PR test?

  • In a CLI test, either local or in a build pipeline, and in an IDE test?

For information about deciding to ignore issues and setting ignores, see Ignore Issues.

Test results are the same for an ignore set by policy and an ignore set by the .snyk file, whether you have imported the Project through an SCM or the CLI.

If you added an ignore in the UI, support for ignores and the test results differ from support and results for Projects imported through an SCM and through the CLI.

Import through an SCM

The following table summarizes how an ignore will be respected for testing depending on the way you set the ignore for Projects imported through an SCM.

Import through an SCM and set ignore by available methods

Ignore respected in UI for testing

Ignore respected in CLI and IDE tests

Ignore by policy (add ignore commands to your security policies)

Open Source: ✅

Code: ⚠️ *

Open Source: ✅

Code: ❌

Ignore by UI or API

Open Source: ✅

Code: ✅

Open Source: ❌

Code: ❌

Ignore by .snyk file (add the issue to a .snyk file in the repostory; for Open Source, the .snyk file must be in the same folder as the manifest file)

Open Source: ✅

Code: ❌

Open Source: ✅

Code: ❌

* For Snyk Code, ignores by policy is in Closed Beta. Ignoring Code issues by policy is limited to CWE issues only, that is, limited to ignoring that type of issue, rather than ignoring a specific issue by Issue ID as you can with Snyk Open Source. For Snyk Code, ignores by policy can be useful if the ignore is part of a policy that is applied to a Project Attribute or Tag, but less useful when a policy is assigned to an Organization.

Import through the CLI

The following table summarizes how an ignore will be respected for testing depending on the way you set the ignore for Projects imported through the CLI.

Only a limited number of customers can Import through the CLI for Snyk Code, because this feature is in closed beta.

Import through the CLI and set ignore by available methods

Ignore respected in UI for testing

Ignore respected in CLI and IDE tests

Ignore by policy (add ignore commands to your security policies) For an IDE and the CLI the testing must be done in the relevant Organization in order for the policies to be used.

Open Source: ✅

Code: ⚠️ *

Open Source: ✅

Code: ❌

Ignore by UI or API

Open Source: ✅

[Early Access] Code: ✅

Open Source: ✅

[Early Access] Code: ✅ CLI ❌ IDE

Ignore by .snyk file (add the issue to a .snyk file in the repostory; for Open Source; the .snyk file must be in the same folder as the manifest file; applies to the snyk test and snyk monitor commands)

Open Source: ✅

Code: ❌

Open Source: ✅

Code: ❌

* For Snyk Code, ignores by policy is in Closed Beta. Ignoring Code issues by policy is limited to CWE issues only, that is, limited to ignoring that type of issue, not ignoring a specific issue. Ignores by policy can be useful in Snyk Code if the ignore is part of a policy that is applied to a Project Attribute or Tag, but less useful when a policy is assigned to an Organization.

Last updated

More information

Snyk privacy policy

© 2024 Snyk Limited | All product and company names and logos are trademarks of their respective owners.