Use Snyk PR Checks to prevent new security issues from entering your codebase by automatically scanning code changes in real time as soon as you submit a pull request (PR) in your source code manager (SCM).
The following diagram explains how Snyk Checks PRs in your development workflow.
Where Snyk checks for pull requests in the development workflow
PR checks proceed as follows:
- 1.A developer creates a pull request (PR) in an SCM integrated with Snyk.
- 2.A webhook is triggered from the SCM to Snyk
- 3.Snyk automatically scans the code changes in the PR for issues.
- 4.Snyk leaves security reviews and notes on the PR.
- 5.The developer can view the PR Checks results and fix identified issues before merging the code.
- 6.The PR Checks results appear as Passed or Failed directly in the SCM, preventing PRs from being merged with security issues.
For more information on working with PR Checks, see the following pages: