Remediation Advice

Remediate vulnerabilities

Snyk's knowledge of the transitive dependencies in your project make it easy for Snyk to offer remediation advice. Snyk can fix vulnerabilities in two ways. Snyk can upgrade the direct dependencies to a vulnerability free version or it can patch the vulnerability.

Snyk supports the following workflows to help developers remediate their vulnerabilities.

  1. Generating automatic git pull requests (PRs). This is a nightly process.

  2. Using the Open a fix PR feature in the Snyk UI

  3. Using the Fix this vulnerability feature on a specific issue card in the Snyk UI.

  4. Using the Snyk CLI wizard command to fix node.js applications.

For more details on remediation using Snyk please see the Snyk documentation‚Äč

Generating automatic pull requests

Snyk will generate automatic pull requests for your projects using the source control integration associated to your organization. To check the setting select the integrations tab at the top of the Snyk UI and select your source control repository. Click the gear icon for your source control and review the settings. This setting can be configured on our per project basis or for an entire organization.

This setting should be set from our initial configuration of GitHub

Snyk will issues PRs for your projects when they are ready. You can view the PR in GitHub by select the Pull Request tab at the top of the GitHub Repository. Keep in mind, PRs are generated overnight and multiple pull request might exist for different dependencies.

Goof will generate a PR given enough time.

Open a fix PR

The Snyk UI offers the ability to create Pull Requests directly from the project. To generate the a PR find your Goof project from the list of projects and select the package.json file.

Select the Open a fix PR and Snyk will start with workflow to generate a PR for Goof. Prior to sending the PR to GitHub, the Snyk UI will show you what will be fixed by the PR, any partial fixes, and anything that will not be fixed. Submit the PR to GitHub and visit your GitHub repository Pull Request tab to view the Pull Request.

Determine if Snyk will send 2 PRs for the exercise???????? SNYK SENDS 1 PR - PAUL

Fix this vulnerability

Snyk's fix this vulnerability workflow is the same as the open a PR fix workflow. When the PR is generated, only the specified vulnerability issue is selected in the PR as shown below.