Automatic and manual PRs with Snyk Open Source
Snyk provides actionable fix advice for vulnerabilities in your Open Source libraries, using:
For Projects imported via an SCM (Source Code Manager), Snyk offers the following types of automated pull / merge requests:
To generate a PR / MR directly from your Project using the Snyk UI:
- 1.Navigate to your Project from the Project list
- 2.Select the file
- 3.Select Open a Fix PR/MR or Fix this vulnerability
- 4.A preview screen appears, showing you what fixes will be applied
- 5.Click Open a Fix PR on this screen to generate the pull request
Open Fix PR to fix Open Source Project vulnerabilities
PRs use a branch naming convention based on the issues that they fix. When a PR already exists for a specific change, Snyk doesn't create a new one, even if that original PR is closed. If you try to create a Fix PR which duplicates an existing one, an error may be displayed. If this happens, check if the branch already exists and re-open it.
Snyk uses these webhooks to:
- Track the state of Snyk pull requests: when PRs are created, updated, triggered, merged, and so on.
- Send push events to trigger PR checks