Links

Viewing the PR Checks in your SCM

After you enabled the Automatic PR Checks feature on the Organization or Project level, you can view the status of your new PRs in your integrated SCM. In the SCM, the PR Check results for Snyk Code are grouped together in a single security check, called “code/snyk”.
PR Checks for Snyk Open Source are grouped and displayed in another row, called security/snyk.
The following statuses can appear on your Snyk Code checks in the integrated SCM:
  • Passed/successful - no issues were discovered, and all the checks have passed. Note: If you selected to manually pass failed checks via the Web UI, the checks will be displayed as “passed” in the SCM, but there will be an indication that the PR check was Skipped, and that a specific Snyk user forced this result change. For more information, see Marking failed PR checks as successful.
  • Pending - this status appears until the Snyk Code test is completed.
  • Failed – security issues were identified in the PR. These issues must be fixed in order to pass the PR check.
To view the PR checks in your SCM:
Note: The instructions below use GitHub as the integrated SCM, but they apply to all supported SCMs with some small differences depending on the SCM workflow and platform. For more information, see Exploring the display of the PR Checks on different integrated SCMs.
1. In your SCM, after you finished creating a new PR, click the Create pull request button. Snyk Code automatically checks the PR you created, and displays the results of the check – either Failed or Passed – in your SCM:
2. To view the details of the issues that were found in the PR on the Snyk Web UI, click the Details link on the left:
The Snyk Web UI opens, displaying the details of the issues that were found in the PR:

Exploring the display of the PR Checks on different integrated SCMs

The Automatic PR Checks feature works in a similar way on all supported SCMs. However, due to the differences between the various SCMs, the results of the PR Checks will be displayed differently on each SCM.
Note: The screenshots in this section show the aggregated results of the PR Checks for both Snyk Code and Snyk Open Source.

GitHub and GitHub Enterprise

Notes:
  • The PR Check results appear in the same way on GitHub and GitHub Enterprise integration.
  • The instructions in this entire PR Checks section include screenshots from GitHub integration.
The results of the PR Checks appear on GitHub and GitHub Enterprise integrations as follows:
To open the Snyk Web UI to view additional details on the PR Check results:
  • On the results area, click the Details link on the code/snyk (organization name) row.

GitLab

The results of the PR Checks appear on GitLab first as an indication of the Pipeline status:
When you click the pipeline link, the PR Checks results are displayed:
To open the Snyk Web UI to view additional details on the PR Check results:
  • On the results area, click the code/snyk (organization name) link:

Bitbucket Cloud

The results of the PR Checks appear on Bitbucket Cloud as follows:
To open the Snyk Web UI to view additional details on the PR Check results:
  • On the results area, click the code/snyk (organization name) link:

Azure Repos

The results of the PR Checks appear on Azure Repos as follows:
To view additional details on all the PR checks in Azure Repos platform:
1. Click the View 2 checks link:
The details of the results appear in a separate pane:
2. To open the Snyk Web UI to view additional details on the PR Check results, click the SAST issue link on the Checks pane.