Page MenuHomeDevCentral

Evaluate Snyk
Open, Needs TriagePublic


Snyk is a closed source tool to "continuously find and fix vulnerabilities for npm, Maven, NuGet, RubyGems, PyPI and much more".

Evaluation process first steps would be:

  • setup to link to our code
  • document how to add new repos

Event Timeline

One of the problem is the lack of integration with Phabricator.

For example, it allows to interact with GitHub and open a PR there when it founds an issue:

The PR is closed, when the branch is restored, it's autodeleted.

The commit message doesn't respect imperative mode:

I've created the snyk user on phab and allowed commits to bypass review on phab first.