search
SupportSnyk LearnAPI referenceProduct updatesSign up for free
githubEdit

Fix code issues automatically with Snyk IDE plugin (beta)

circle-exclamation

Snyk Code Fix Suggestions is in Open Beta and fully supports Javascript frameworks.

🔗 See Enable Snyk Code Fix Suggestions.

Fix the source code's security issues and quality flaws through an automated flow. Snyk Code Fix Suggestions calculates the most suitable solution for your issues and applies it automatically.

hashtag
Why use Fix Suggestions

Fix Suggestions combines the power of a thorough program analysis engine with the abilities of an in-house deep learning-based large language model. This merger allows for compiling large amounts of unstructured language information from open source code.

Two key features set Fix Suggestions apart. Firstly, it has a neural network trained on millions of lines of code, allowing for greater versatility and creativity. Secondly, the Snyk Code engine rigorously checks the network's suggestions, ensuring all automated fixes are small and targeted to each vulnerability or code issue.

hashtag
What issues can you fix automatically

You can address a range of issues detected by the Snyk Code engine, both in terms of quality, promoting best code practices, and security vulnerabilities such as SQL Injectionarrow-up-right or SSRFarrow-up-right.

hashtag
How Fix Suggestions works

A representation of information flow involved in fixing one issue is presented in the table below.

Stage
Subsystem
Details

Code scan and discovery of issues

Static Code Analysis Engine

Corresponds to a normal flow of scanning the code from IDE.

Code preprocessing and minimization w.r.t. the data flow of the particular issue I\mathcal{I}

Static Code Analysis Engine

Data flow of I\mathcal{I} is analyzed and code is minimized, keeping the relevant context only.

Generating kk candidate fixes for the given issue I\mathcal{I}

Neural Network (Generative LLM)

Here, kk is an implementation parameter.

Candidate fixes ranking and self-assessment

Static Code Analysis Engine

Each of the k k fixes is assessed by the Code Engine, filtering out those rendering invalid code or failing to fix the issue (issue persists).

Returning the best candidate fix

The system has finished.

hashtag
Requirements

hashtag
Language support

Fix Suggestions supports only Javascript.

hashtag
Enable Snyk Code Fix Suggestions

Enable Snyk Code Fix Suggestions for your Organization in Snyk Web UI by navigating to Settings > Snyk Preview.

Enabling Snyk Code Fix Suggestions in Snyk Preview.
Snyk Code Fix Suggestions settings in Snyk Preview

hashtag
Example: Fix code issue automatically

Consider the following scenario where an insecure WebSocket protocol is fixed using Snyk Code Fix Suggestions.

  1. When selecting the code, Snyk reveals the ws protocol to be insecure, with detailed information about the vulnerability.

Discovering a vulnerability in the code.
Discovering a vulnerability in the code

  1. Clicking the💡 lightbulb in the IDE shows the Quick Fix dropdown, where Attempt to fix issue with Snyk Code Fix is selected.

Attempting to fix issue with Snyk Code Fix.
Attempting to fix issue with Snyk Code Fix

  1. The insecure protocol is replaced by wss, a secure version of the WebSocket protocol.

Fix applied with Snyk Code Fix.
Fix applied with Snyk Code Fix

You can follow through the entire sequence in this short (13-second) video.

Fixing WebSocket protocol vulnerability using Snyk Code Fix

hashtag
What data does Snyk Code Fix Suggestions collect

The Large Language Model (LLM) is trained exclusively on public repositories with permissive licenses. If a repository's license changes after the initial scrape, it is immediately excluded from the training data.

During the inference, Snyk Code Fix Suggestions does not collect the the client data, neither it sends it to third parties.

The data collection process is thorough and includes the following:

  • Static analysis

  • Automated assessment of the suggested fix qualities

  • Partial in-house labeling by humans

The training data is ensured to be of the highest quality to optimize the performance of the LLM.

🔗See How Snyk handles your data.

PreviousUsing Snyk Code via the IDENextDeployment options for Snyk Code

Last updated

Was this helpful?