Links

Fix vulnerabilities with Snyk Open Source

See Fix your vulnerabilities for more details of general fix functions.
Snyk provides actionable fix advice for vulnerabilities in your open source libraries, using:

Automatic pull / merge requests

For projects imported via an SCM (Source Code Manager), Snyk offers the following types of automated pull / merge requests:

Manual pull / merge requests for a project code

To generate a PR / MR directly from your project, using the Snyk UI:
  1. 1.
    Navigate to your project from the project list
  2. 2.
    Select the file
  3. 3.
    Select Open a Fix PR/MR or Fix this vulnerability
  4. 4.
    A preview screen appears, showing you what fixes will be applied
  5. 5.
    Click Open a Fix PR on this screen to generate the pull request

Snyk SCM webhooks

Snyk adds Source Control Manager (SCM) webhooks to your imported repositories for the relevant GitHub and Bitbucket integrations.
Snyk uses these webhooks to:
  • Track the state of Snyk pull requests (when PRs are created, updated triggered, merged, and so on)
  • Send push events to trigger PR checks
© 2022 Snyk Limited