How it works
Note: For Broker see this How it works instead.
Use the Snyk plugin with your Eclipse projects to test your manifest files for vulnerabilities and license issues as you work.
- The user installs the plugin within the local Eclipse installation via the Eclipse Marketplace.
- The user authenticates Snyk directly from within Eclipse Preferences with a Snyk API token.
- When the user runs the plugin, Snyk analyzes all projects currently open, automatically detecting the manifest files based on package manager and language types to find direct and transitive dependencies and test your project against the Snyk vulnerability database for known vulnerabilities and license issues.
- The test results are displayed in Eclipse in the Snyk Results tab, summarizing the results, the path to the package with the issue, and recommended remediation when relevant.