Comment on page
Run PR Checks
Use the Snyk PR Checks feature to prevent new security issues from entering your codebase by automatically scanning code changes in real time as soon as you submit a pull request (PR) in your source code manager (SCM).
Benefits | Details |
|---|---|
Automatically scanned pull request | Scan code changes in real-time as soon as a pull request is submitted, to catch potential issues before they go into production. |
Results displayed in your source code manager | Make use of security reviews and notes left by Snyk on your pull requests. |
Code change testing for security issues | Test changes to your codebase for any security issues, ensuring that your code stays secure over time. |
Branch testing | Test branches before and after implementing changes to fail only if the new branch has introduced issues. Prevent merging pull requests with failed security issues.
Note that Snyk monitors all pull requests made to the monitored repository. |
You can analyze PR Checks results in your SCM to test for dependency and licensing issues using Snyk Open Source and code security using Snyk Code.
The following diagram explains how Snyk Checks PRs in your development workflow.
Where Snyk checks for pull requests in the development workflow
PR checks proceed as follows:
- 1.A developer creates a pull request (PR) in an SCM integrated with Snyk.
- 2.A webhook is triggered from the SCM to Snyk
- 3.Snyk automatically scans the code changes in the PR for issues.
- 4.Snyk leaves security reviews and notes on the PR.
- 5.The developer can view the PR Checks results and fix identified issues before merging the code.
- 6.The PR Checks results appear as Passed or Failed directly in the SCM, preventing PRs from being merged with security issues.
For more information on how PR Checks work, see Introduction to automated security scans with PR Checks.
For more information on working with PR Checks, see the following pages: