Snyk’s new vulnerability cards – fix issues fast with a new look and feel
One of our missions at Snyk is a simple one: help developers fix things easily. We further our mission by releasing features and improvements as quickly as possible, but it’s also just as important that developers have an experience which helps them gain as much value from Snyk as possible. This includes being able to quickly understand what needs to be fixed, and making that task incredibly easy. The focal point of a lot of this information in Snyk is in the issue card within the project details page.
With that, I’m very proud to say that we’ve redesigned the card to significantly improve its usability and value. It’s more than a fresh coat of paint and we haven’t taken anything out, but we’ve added value and feng shui’d the card considerably.
As you can immediately see, we’ve done a lot of work to decongest the contents of the card by keeping the information you need to know quickly at the top of the card, and hiding the rest. What defines the information that you need to know quickly? Things that help drive actions.
We’ve pulled out key details about how vulnerabilities and license issues are introduced and fixed, if they’re reachable, and whether they have an exploit. This information should help drive actions at a glance for developers. Further details about paths, remediation, and an overview of the vulnerability which lived on the original cards are still incredibly valuable, so we’ve kept them in the card but we’ve hidden them to help developers get to remediation quicker.
Speaking of getting to remediation quicker, you can get to the Snyk vuln DB directly from the card, and we’ve also added the ability to fix a specific vulnerability. Having direct access to the Snyk vulnerability database means you can get to critical data faster than you can say “severity”, and having a single button to fix a vulnerability enables developers to be more clinical in their remediation.
Seeing a project with dozens or hundreds of vulnerabilities can be disheartening for anyone, (regardless of how easy it is to navigate an issue card), which can result in lower rates of remediation. To help prioritise what to fix, we’ve added an extra filter and a sorting capability.
To help focus efforts, you can filter by vulnerability or license issue in conjunction with your other filters. Prioritising what to fix is a key component in getting to remediation quicker, so being able to sort issues by the priority score or severity should help make a project details page easier to navigate and remediate through.
More details are available in our docs.
We’re always trying to improve the experience of all of our users so if you have any feedback on the issue card, we’d love to hear it. Happy remediating!