Snyk Documentation

Enable automatic dependency upgrade PRs for a specific project

Enable Snyk to regularly check your dependency health, recommend dependency upgrades and automatically submit PRs for upgrades on your behalf for a specific project.

Once configured, Snyk automatically creates PRs for all necessary dependencies as upgrades become available for the specific project.

Notes: These settings override any settings configured at the Integration level.

To configure automatic upgrade PRs for a specific project:

  1. Navigate to the organization for which you would like to enable automatic upgrade PRs and then click Projects.
  2. Navigate to the relevant project and click the Settings cog .
  3. From the Settings area, click GitHub integration from the left panel menu.
  4. From settings that load, scroll to the Automatic dependency upgrade pull requests and click Disabled.
  5. From the options that appear:
    • Snyk opens a maximum of 10 upgrade PRs simultaneously. To limit this number further, select the maximum number of PRs from the dropdown list.
    • In the Dependencies to ignore field, enter the exact name of any dependencies that should not be handled as part of the automatic functionality. This field accepts only lower case letters.
  6. Click .
  7. Settings are saved. Every time Snyk scans this project now, it automatically submits upgrade PRs based on results. If a newer version is released for an existing Snyk upgrade PR or for an existing fix PR, the existing PR must be closed or merged before Snyk can raise a new PR.