Troubleshoot PR Checks

If you use ### in the description of the PR , it will be blocked and the PR check will not take place

General troubleshooting for PR Checks

The following table lists general issues with PR Checks and how to address them.

Scenario	Description	Action
PR Check not triggered.	The repository is imported to Snyk, but when a PR is raised it does not trigger a PR Check.	Check the Project and Integration settings to make sure PR checks are configured. Check the Project Settings integration page for a banner advising you that a webhook is absent. Double-check integration permission scopes (see Git repositories). If you still cannot create a webhook, contact support.
PR Check is expected but does not run.	The PR check is listed in the Git repository (SCM) as expected but never completes.	This issue is generally caused by a Branch Protection rule requiring the PR check. If the Project has been disabled or removed from Snyk, the PR check will not run, but the branch protection rule is still in force until removed or edited. Check for Branch Protection rules and confirm that the Project is imported and active.
Multiple Security and Licence PR Checks run on a single Pull Request.	When a PR is submitted, multiple Snyk PR Checks of the same type run against it, possibly with different results.	If a repository is imported into multiple Snyk Organizations, PR checks will run on the repository for any configured Organization. Check the name of the PR check as it includes the Organization name against which the check is run. Alternatively, selecting the PR Check details will take you to the results for the relevant Organization.

Scenario

Description

Action

PR Check not triggered.

The repository is imported to Snyk, but when a PR is raised it does not trigger a PR Check.

Check the Project and Integration settings to make sure PR checks are configured.
Check the Project Settings integration page for a banner advising you that a webhook is absent. Double-check integration permission scopes (see Git repositories). If you still cannot create a webhook, contact support.

PR Check is expected but does not run.

The PR check is listed in the Git repository (SCM) as expected but never completes.

This issue is generally caused by a Branch Protection rule requiring the PR check. If the Project has been disabled or removed from Snyk, the PR check will not run, but the branch protection rule is still in force until removed or edited. Check for Branch Protection rules and confirm that the Project is imported and active.

Multiple Security and Licence PR Checks run on a single Pull Request.

When a PR is submitted, multiple Snyk PR Checks of the same type run against it, possibly with different results.

If a repository is imported into multiple Snyk Organizations, PR checks will run on the repository for any configured Organization. Check the name of the PR check as it includes the Organization name against which the check is run. Alternatively, selecting the PR Check details will take you to the results for the relevant Organization.

Open-source and licensing checks

If you come across false positive or false negative results, you can take action to diagnose and report the issue.

Scenario	Description	Action
False positive	The result is marked as Failed by Snyk because it has identified an issue that does not actually exist.	Contact support to update the dependency version if Snyk has misidentified an issue for a package version. If you want to push the changes forward, you can mark the result as successful. For more einformaiton, see Example: fix dependency issues with PR Checks).
False negative	The result is marked as Passed by Snyk because it failed to detect an issue that actually exists.	To address the issue, you can submit a vulnerability disclosure. If Snyk did not detect the vulnerability due to a misidentified package or the absence of code trace, contact support.

Scenario

Description

Action

False positive

The result is marked as Failed by Snyk because it has identified an issue that does not actually exist.

Contact support to update the dependency version if Snyk has misidentified an issue for a package version.

If you want to push the changes forward, you can mark the result as successful. For more einformaiton, see Example: fix dependency issues with PR Checks).

False negative

The result is marked as Passed by Snyk because it failed to detect an issue that actually exists.

To address the issue, you can submit a vulnerability disclosure. If Snyk did not detect the vulnerability due to a misidentified package or the absence of code trace, contact support.

Code analysis checks

The following table lists code analysis errors and how to address them.

Error	Description	Action
Failed to start code analysis.	Error causes: The PR Checks cannot be created in the database. The commit status cannot be sent.	Wait a few minutes, then try again.
Could not complete the PR analysis.	The PR Checks result has an unexpected status.	Wait a few minutes, then try again or mark as successful.
Failed to analyze code.	Error causes: The analysis cannot be completed. The commit status cannot be sent.	Wait a few minutes, then try again or mark as successful.
Upstream rate limit triggered while analyzing code.	The Git server rate limit has been reached and the repository cannot be read.	Wait a few minutes, then try again or mark as successful.
No valid credentials to perform code analysis.	The personal access token or OAuth is not recognized or the user access is not provisioned.	Revise your configuration on the Git repository side for any credential issues.

Error

Description

Action

Failed to start code analysis.

Error causes:

The PR Checks cannot be created in the database.
The commit status cannot be sent.

Wait a few minutes, then try again.

Could not complete the PR analysis.

The PR Checks result has an unexpected status.

Wait a few minutes, then try again or mark as successful.

Failed to analyze code.

Error causes:

The analysis cannot be completed.
The commit status cannot be sent.

Wait a few minutes, then try again or mark as successful.

Upstream rate limit triggered while analyzing code.

The Git server rate limit has been reached and the repository cannot be read.

Wait a few minutes, then try again or mark as successful.

No valid credentials to perform code analysis.

The personal access token or OAuth is not recognized or the user access is not provisioned.

Revise your configuration on the Git repository side for any credential issues.

What to do if there are errors

Re-run PR Checks results

To re-run PR Checks results:

Create an empty commit for example with git commit –allow-empty
Create a new commit with a fix or additional capability
Close and re-open the pull request in your connected Git repository (for example, GitHub).

Mark as successful

Provide specific users or roles with the capability to pass the PR Check when errors happen. This can be done through the Snyk link in the PR Check and Marking as successful.

PreviousAnalyze PR Checks results NextSnyk Open Source

Last updated 9 months ago