How ignores work for Projects imported using an SCM and the CLI
Last updated
Last updated
More information
Snyk privacy policy© 2024 Snyk Limited | All product and company names and logos are trademarks of their respective owners.
When you ignore an issue, you must consider the following factors:
How was the Project imported: Through an SCM? Through the CLI?
What Snyk product scanned the Project: Snyk Open Source, Snyk Code, or another?
How was the ignore created: In a policy? Through the UI from the Project page? Using an API? In a .snyk
file?
For ignores created in a policy, ignoring an issue on the Organization level will ensure the issues are ignored for Projects imported using an SCM and Projects imported using the CLI.
Ignoring for a particular Project or attribute will ensure the issue is ignored only for the specific Project and only for Projects imported using an SCM.
For more information, see Ignore issues in the Snyk Web UI, Security policies, and The .snyk
file.
Depending on these factors, the ignore is respected for testing in different places. Where will the ignore be respected testing?
In the UI and an SCM PR test?
In a CLI test, either local or in a build pipeline, and in an IDE test?
For information about deciding to ignore issues and setting ignores, see Ignore Issues.
Test results are the same for an ignore set by policy and an ignore set by the .snyk
file, whether you have imported the Project through an SCM or the CLI.
If you added an ignore in the UI, support for ignores and the test results differ from support and results for Projects imported through an SCM and through the CLI.
The following table summarizes how an ignore will be respected for testing depending on the way you set the ignore for Projects imported through an SCM.
* For Snyk Code, ignores by policy is in Closed Beta. Ignoring Code issues by policy is limited to CWE issues only, that is, limited to ignoring that type of issue, rather than ignoring a specific issue by Issue ID as you can with Snyk Open Source. For Snyk Code, ignores by policy can be useful if the ignore is part of a policy that is applied to a Project Attribute or Tag, but less useful when a policy is assigned to an Organization.
The following table summarizes how an ignore will be respected for testing depending on the way you set the ignore for Projects imported through the CLI.
Only a limited number of customers can Import through the CLI for Snyk Code, because this feature is in Closed Beta.
* For Snyk Code, ignores by policy is in Closed Beta. Ignoring Code issues by policy is limited to CWE issues only, that is, limited to ignoring that type of issue, not ignoring a specific issue. Ignores by policy can be useful in Snyk Code if the ignore is part of a policy that is applied to a Project Attribute or Tag, but less useful when a policy is assigned to an Organization.
Import through an SCM and set ignore by available methods
Ignore respected in UI for testing
Ignore respected in CLI and IDE tests
Ignore by policy (add ignore commands to your security policies)
Open Source: ✅
Code: ⚠️ *
Open Source: ✅
Code: ❌
Ignore by UI or API
Open Source: ✅
Code: ✅
Open Source: ❌
Code: ❌
Ignore by .snyk
file (add the issue to a .snyk
file in the repostory; for Open Source, the .snyk
file must be in the same folder as the manifest file)
Open Source: ✅
Code: ❌
Open Source: ✅
Code: ❌
Import through the CLI and set ignore by available methods
Ignore respected in UI for testing
Ignore respected in CLI and IDE tests
Ignore by policy (add ignore commands to your security policies) For an IDE and the CLI the testing must be done in the relevant Organization in order for the policies to be used.
Open Source: ✅
Code: ⚠️ *
Open Source: ✅
Code: ❌
Ignore by UI or API
Open Source: ✅
[Early Access] Code: ✅
Open Source: ✅
[Early Access] Code: ✅ CLI ❌ IDE
Ignore by .snyk
file (add the issue to a .snyk
file in the repostory; for Open Source; the .snyk
file must be in the same folder as the manifest file; applies to the snyk test
and snyk monitor
commands)
Open Source: ✅
Code: ❌
Open Source: ✅
Code: ❌