Introduction to PR Checks
Use the Snyk PR Checks feature to prevent new security issues from entering your codebase, by automatically scanning code changes in real-time, as soon as a developer submits a PR (Pull Request).

Snyk PR Checks allows developers to auto-scan their PRs for issues, before merging their code. Snyk acts as an automated pseudo-team member (an “expert security reviewer”), to find any potential issues, leaving review notes on your PR, before the code is committed.
PRs are the points in the development process where code reviews happen. So PR Checks allows security scanning to meet the developers in their native environment, seamlessly integrating with developer workflows, empowering your dev teams, and helping to prevent security issues occurring in deployed code.
The PR Checks feature is available for Snyk Open Source and Snyk Code.

Snyk PR Checks allows you to test a change to the current codebase - to see if that change introduces a problem. This change testing makes it easier to maintain the security of your codebase, on an ongoing basis.
For developers, change-related flaws are naturally far more relevant and easy to fix, making secure code much easier to roll out. You can detect security issues at an early stage in the development process, see the test results immediately after you write new code, and find and fix issues as they emerge, all in your native workflow.
You can also use Snyk products such as Snyk Open Source to scan the overall state of your current codebase - finding problems in your current repos, regardless of where the problem came from originally. This state testing helps address your backlog of vulnerabilities in your existing code.

Snyk PR checks runs live tests of the “before and after” branch with the PR, and fails only if the new branch has more issues. This allows you to cater for problems that occurred externally since the last scan (for example, new vulnerabilities introduced externally); Snyk PR Checks only identifies problems with your specific code change.

Snyk PR Checks automatically scans your source code PRs after you create them, including each additional commit you make to that PR. PR Checks display scan results in the SCM (either passed or failed).
If security vulnerabilities are found, Snyk PR Checks automatically fails the scanned PRs, preventing new security issues from entering into your codebase.

Export as PDF
Copy link
Edit on GitHub
On this page
How it works
More details