Snyk - Overview
- The Snyk plug-in works with existing GitHub, GitLab, and BitBucket plug-in to scan and link against known repositories. It's recommended to install and configure the existing GitHub, GitLab, or BitBucket plug-in before you install the Snyk plug-in.
- Snyk scan should be performed on the repositories and should have separate projects. Automated pull requests generated by Snyk will be also visible in the Value Stream .
- The Snyk plug-in imports repository vulnerability data from Snyk server into DevOps Velocity.
- It scans for existing GitHub, Gitlab, or BitBucket integrations and retrieves data only for those particular repositories.
- The plug-in works on organisational level and imports data for entire organisation . It can import data from multiple organisations.
Compatibility
This plug-in requires DevOps Velocity version 2.4.0 or later.
Versions
DevOps Velocity plug-in images are located in DockerHub. To view available versions, see the UrbanCode DockerHub.
History
Version 1.0.1
- Imports Snyk vulnerability data
- Works with GitHub, GitLab, and BitBucket integrations
- Vulnerabilities will be displayed as Application vulnerabilities in metrics bar