Configurable Rules for Automatic Fix Pull Requests

New

We are excited to announce a significant enhancement to Snyk Automatic Fix Pull Requests, furthering our mission in designing workflows that match different projects needs.

Starting December 5th, you will be able to set Fix Pull Requests thresholds by either severity or score. We understand in some projects, fixing all vulnerabilities constantly is extremely important, whereas in others focusing on specific types boosts velocity. That's why, you'll be able to configure two types of rules for the Automatic Fix Pull Requests:

  • by score (priority or risk score) - set a threshold from 0 to 1000

  • by severity - select among critical, high, medium or low

Snyk will take into account your preferences and raise Automatic Fix Pull Requests only for the issues matching your preferences. Please keep in mind that this option will not influence our Backlog PR capability at the moment.

New organizations created in Snyk will experience a default score of 700 for this capability, which will also represent our default starting June 5th 2025 for all organizations that do not set a specific preference by that point.

Enjoy Snyk Fix PRs!

Automatic fix PRs settings with the threshold set to Severity and the Critical and high severities selected
Automatic fix PRs settings with threshold set to Risk Score

Headshot of Costin Busioc

Costin Busioc | Senior Product Manager