npm Teams and npm Enterprise integration
Feature availability This feature is available only with Enterprise plans. For more information, see plans and pricing.
This guide is relevant for Snyk Web UI integrations only. The Snyk CLI already supports Yarn and npm projects with private npm Teams and npm Enterprise registries.
Snyk can use custom npm Teams and npm Enterprise repositories with npm and Yarn Projects.
This enables Snyk to resolve all direct and transitive dependencies of packages hosted on the custom registry and calculate a more complete, accurate dependency graph and related vulnerabilities.
After configuration, Snyk will also use this information to access private dependencies when creating Pull/Merge Requests, by allowing npm and yarn to reach those dependencies in order to regenerate the lockfile.
You can add configuration to tell Snyk where your private npm Teams and npm Enterprise Node.js packages are hosted and under what scope..
This is the same information you would normally add in your .yarnrc
or .npmrc
JavaScript language settings
Navigate to Settings > Languages > JavaScript and either the npm or Yarn settings, depending on your Project type. Yarn is shown in the screenshot.
If you have not previously connected to npm Teams or npm Enterprise, you will be asked to configure an integration first. See npm Teams and npm Enterprise registry settings.
After you have set up the integration, select Add registry configuration.
Select npm as the Package source.
If you want to configure this registry as the default registry url, leave the scope blank.
If you want to configure only scoped packages to use this registry, add a scope.
If you want to add a mix of default registry url and scoped packages, add multiple configurations, one for the default and one per scope.
When you have added all the registries and scopes you want, click Update settings.
To test the integration, open a Pull/Merge Request on a Project that contains private dependencies to see a lockfile updated and included in the Snyk Fix Pull Request where previously none was generated.
npm Teams and npm Enterprise registry settings
You can configure token-based authentication for npm Teams and npm Enterprise integrations.
Navigate to Settings > Integrations > Package Repositories > npm. You should see the Credentials screen at the beginning.
Enter Public URL and Token values.
Click Save.
Last updated