Snyk Fix Pull or Merge Requests
For the basic steps in fixing vulnerabilities, see Fix your vulnerabilities. To be sure your language is supported, see Languages supported for Fix Pull Requests or Merge Requests and Supported browsers.
Snyk provides actionable fix advice for vulnerabilities in your Open Source libraries through the following:
Snyk fix PRs: automatic pull and merge requests (PRs and MRs)
Snyk fix merge requests: manual pull and merge requests
Automated Snyk fix PRs
For Projects imported through an SCM integration, Snyk offers the following types of automated pull and merge requests:
Manual Snyk fix merge requests
Follow these steps to generate a PR or MR directly from your Project in the Snyk Web UI:
Navigate to your Project from the Project list
Select the Project.
Select Open a Fix PR/MR or Fix this vulnerability A preview screen appears, showing you what fixes will be applied.
Click Open a Fix PR on this screen to generate the pull request.
PRs use a branch naming convention based on the issues that they fix. When a PR already exists for a specific change, Snyk does not create a new one, even if the original PR is closed. If you try to create a fix PR that duplicates an existing one, an error may be displayed. If this happens, check to see if the branch already exists and re-open it.
Snyk SCM webhooks
To track pull request events, Snyk adds webhooks to your imported repositories. For more information, see the GitHub and Git repository integrations.
Snyk uses these webhooks to:
Track the state of Snyk pull requests: when PRs are triggered, created, updated, merged, and so on.
Send push events to trigger PR checks
Last updated
