Early Access of Reachability for JavaScript & TypeScript

We are pleased to announce that Reachability for JavaScript & TypeScript is now available in Early Access, bringing you another signal for evaluating risk across your npm and Yarn projects in Snyk.

Snyk’s Reachability will analyze your source code to determine whether or not a path can be found to the vulnerable function of an identified vulnerability, helping you better understand the likelihood of your project being exploited.

Whether used on its own or as part of a more holistic Risk-Based prioritization strategy using Risk Score, Reachability helps identify and prioritize higher risk vulnerabilities in your backlog of issues.

With this release, Reachability data for npm and Yarn is now available across several product surfaces:

• Projects: Filter results by Reachability to focus your list of Issues, or look for the Reachability badge to check an Issue’s reachability status at a glance.

• Risk Score: When a vulnerability is reachable, Snyk’s Risk Score will increase based on Reachability as a contextual factor.

• Reporting: View Group-level or Org-level Issue Details report to better understand your risk across a wider range of applications.

• API: Snyk’s Issues API now returns Reachability level where applicable.

To enable this feature, please see Snyk Preview.