When does Github fix pull requests get opened?
Snyk submits a pull request proactively when a fix is available for a vulnerability within one of your dependencies. This will either be a patch or an upgrade for the dependency.
Snyk will also open a fix pull request when there is a better way to fix an issue that wasn't available previously. For example, there may have been a patch available for a vulnerability in a dependency, but once there is an upgrade available we will open a fix pull request to prompt you to start using the upgrade instead.
If you do not want Snyk to open pull requests automatically, you can disable them by going to
- Click on Settings > Integrations.
- Click Edit settings for the GitHub Integration OR click GitHub under the Integrations list.
- In the Automatic fix PRs and Automatic dependency upgrade PRs sections, disable the feature by unticking the available options or clicking Enable to gray it out.
- Click Save.