When does a GitHub fix pull request get generated?

When do GitHub fix pull requests get opened?

Snyk submits a pull request proactively when a fix is available for a vulnerability within one of your dependencies. This will either be a patch or an upgrade for the dependency.

Snyk will also open a fix pull request when there is a better way to fix an issue that wasn't available previously. For example, there may have been a patch available for a vulnerability in a dependency, but once there is an upgrade available we will open a fix pull request to prompt you to start using the upgrade instead.

If you don't want Snyk to open pull requests automatically, you can disable them by going to 

  1. Settings
  2. Integrations
  3. Edit settings for the GitHub Integration
  4. Deselect the 'Enable automatic pull requests for all projects in this organisation' setting and click 'update settings'

null

null

You can also open a fix pull request at any point in time by clicking 'Open a fix PR' from a project page. You will be able to select which vulnerabilities are fixed before opening the pull request.