JetBrains IDE Plugins

Supported IDEs and Ecosystems

• Android Studio
• AppCode
• GoLand
• IntelliJ
• PhpStorm
• PyCharm
• Rider
• RubyMine
• WebStorm

As the plugin is based on CLI, it supports all the ecosystems that are supported within the CLI.

How to install the plugin

The installation is done via the IDE:

1. Open the Preferences window from the IDE
2. Navigate to the Plugins tab
3. In the Plugins tab, search for Snyk
4. Select the Snyk Vulnerability Scanning plugin
5. Click on the Install button
6. Once installed, restart the IDE

How the plugin works?

• The plugin is based on Snyk CLI
• The plugin will automatically download the CLI in the background.
• If the CLI is already installed on the machine, the plugin will use the token provided to it, otherwise, you’ll need to provide the authentication token via the plugin configuration

Scanning your projects

To scan your projects, you need to follow the above steps:

1. Make sure your project file (i.e. requirements.txt) is saved
2. Open up the Snyk plugin from the bottom bar (see 1)
3. Click on the Run scan link (see 2) / the play button

Once the scan is done, the plugins shows a list of vulnerabilities and license issues found in the manifest file. For more details, you can select a vulnerability / license issue:

Plugin Configuration

Once the plugin is installed, you can set the following configurations for the plugin, via Preferences → Tools → Snyk:

• Token: the token that should be used for authentication with Snyk (can be generated via the Account Settings in Snyk App)
• Custom endpoint: custom endpoint for Snyk app to allow to use the plugin with Snyk on-prem
• Ignore unknown CA: for ignoring the SSL cert, when using the plugin with Snyk on-prem
• Organization: the org you’d like to run Snyk test against (similarly to the --org param in the CLI)
• Additional parameters: additional CLI snyk test params, you’d like to run the test with