Consistent Ignores for Snyk Code

Snyk Code Consistent Ignores helps your teams focus on important tasks by filtering out distractions. It ensures that once an ignore is created, it is consistently respected regardless of how and where the test is run and what branch is being tested.

By filtering out false positives, inapplicable threats, and accepted risks, your security teams can prioritize fixing real problems, and developers can code without interruptions.

From Project to asset-scoped ignores

Snyk is transitioning from ignores tied to specific issues within a Project to ignores tied to a finding within a repository. This change enables consistency across Projects and where Projects aren't present while reducing ignore management complexity.

Enable Snyk Code Consistent Ignores

Enable Snyk Code Consistent Ignores for your Group or Organization in the Snyk Web UI by navigating to Group/Organization > Settings > Ignores across the repository for Snyk Code. See Snyk Preview.

Review the Known limitations before enabling this feature in your environment.

Disable Snyk Code Consistent Ignores

Any ignores created or converted with the feature enabled will not be automatically converted back to Project-based ignores. You can recreate them manually after disabling the feature.

User roles

To create, edit and remove ignores, you need to have a user role assigned with Ignore management permissions. Only Group Admins can set these permissions (see User role management).

1. Log in to the Snyk Web UI and navigate to your Group and Organization.

2. Navigate to Members > Manage Roles and select one or more permissions.

Manage ignores at the Group level through security policies

You can manage ignores proactively using group-level Snyk Code security policies. As a general rule, you can apply ignore policies when you identify a recurring need to apply similar individual ignores.

To manage the ignores through security policies, Snyk Code Consistent Ignores need to be enabled at the Group level by your Snyk team. You do not require conversion for any previously applied Group level policy ignores.

Policies configured to ignore-based Project attributes do not result in ignores being applied in Snyk CLI and IDE settings where a Snyk Project is not available.

Manage ignores in Snyk Projects

You can take action from Project issues, but Snyk will apply any ignores to the underlying asset-scoped findings that can span across Snyk Projects, integrations, and branches.

When you create, modify, or delete an ignore, you must retest the Project to update the issue status.

An indicator at the top of the Project page will notify you if a retest is needed to capture policy or ignore updates.

Project retests typically occur on a nightly or weekly basis, but you can also retest manually.

Create ignore

1. Log in to the Snyk Web UI and navigate to your Group and Organization.

2. Open a Project and find an issue card.

   
3. Select Ignore across repository on an issue card to create an ignore.

4. Fill in the ignore information and confirm its creation. The issue will be updated and moved from Open to Ignored. If anyone loads the page before a retest, an indicator will appear and encourage retesting to capture policy or ignore changes.

Modify ignore

Delete ignore

1. Log in to the Snyk Web UI and navigate to your Group and Organization.

2. Open a Project and find an issue card.

3. Select Unignore to set all future tests to show the associated finding or issue as open.

Edit ignore details

1. Log in to the Snyk Web UI and navigate to your Group and Organization.

2. Open a Project and find an issue card.

3. Select Edit Ignore, change the values, and then Confirm.