diff --git a/developer-tools/cli-ide-and-ci-cd-integrations/snyk-cli/configure-the-snyk-cli/configure-snyk-cli-to-connect-to-snyk-api.md b/developer-tools/cli-ide-and-ci-cd-integrations/snyk-cli/configure-the-snyk-cli/configure-snyk-cli-to-connect-to-snyk-api.md
index e44b0a0648fb..72ffa931de8e 100644
--- a/developer-tools/cli-ide-and-ci-cd-integrations/snyk-cli/configure-the-snyk-cli/configure-snyk-cli-to-connect-to-snyk-api.md
+++ b/developer-tools/cli-ide-and-ci-cd-integrations/snyk-cli/configure-the-snyk-cli/configure-snyk-cli-to-connect-to-snyk-api.md
@@ -6,7 +6,7 @@ By default, the Snyk CLI connects to `https://api.snyk.io/`. You can use the fol
`SNYK_API`
-Specifying this variable sets the API host that will be used for Snyk requests. This is useful for [regional hosting](https://app.gitbook.com/s/ELvljsaLKPkSpffOkmsQ/regional-hosting-and-data-residency#cli-and-ci-pipeline-urls), on-premise instances, or when you are using a proxy server. If this variable is set with the `http` protocol, the CLI upgrades the requests to `https` unless `SNYK_HTTP_PROTOCOL_UPGRADE` is set to `0`.
+Specifying this variable sets the API host used for Snyk requests. This is useful for [regional hosting](https://app.gitbook.com/s/ELvljsaLKPkSpffOkmsQ/regional-hosting-and-data-residency#cli-and-ci-pipeline-urls), on-premise instances, or when you are using a proxy server. If this variable is set with the `http` protocol, the CLI upgrades the requests to `https` unless `SNYK_HTTP_PROTOCOL_UPGRADE` is set to `0`.
`SNYK_HTTP_PROTOCOL_UPGRADE=0`
@@ -24,7 +24,7 @@ Specifying this variable disables all Snyk CLI analytics.
`SNYK_TOKEN`
-Specifying this variable allows you to override the token that may be available in your Snyk configuration settings (`~/.config/configstore/snyk.json`). Use `SNYK_TOKEN` in a CI/CD environment. After setting `SNYK_TOKEN` you can [get started](../../../snyk-cli/getting-started-with-the-snyk-cli.md) using the CLI.
+Specifying this variable lets you override the token available in your Snyk configuration settings (`~/.config/configstore/snyk.json`). Use `SNYK_TOKEN` in a CI/CD environment. After setting `SNYK_TOKEN` you can [get started](../../../snyk-cli/getting-started-with-the-snyk-cli.md) using the CLI.
For information on how to get your account token see [Authenticate the CLI with your account](../../../snyk-cli/authenticate-to-use-the-cli.md). You can also use a service account to authenticate; for more information see [Service accounts](https://app.gitbook.com/s/IgtgtomLQ2TUgSKOMSAm/service-accounts/service-accounts). For additional information, see [Authentication for third-party tools](../../../implementation-and-setup/enterprise-setup/authentication-for-third-party-tools.md).
diff --git a/developer-tools/implementation-and-setup/enterprise-setup/authentication-for-third-party-tools.md b/developer-tools/implementation-and-setup/enterprise-setup/authentication-for-third-party-tools.md
index 726c843d9feb..6b025e427507 100644
--- a/developer-tools/implementation-and-setup/enterprise-setup/authentication-for-third-party-tools.md
+++ b/developer-tools/implementation-and-setup/enterprise-setup/authentication-for-third-party-tools.md
@@ -1,6 +1,6 @@
# Authentication for third-party tools
-When you work with Snyk from within any third-party tool, Snyk requires authentication in order to initiate its processes.
+When you work with Snyk from within any third-party tool, Snyk requires authentication to initiate its processes.
Snyk offers API tokens to enable integrations with third-party developer tools. You can authenticate through your personal account using your personal token or through a [service account](https://app.gitbook.com/s/IgtgtomLQ2TUgSKOMSAm/service-accounts/service-accounts) using the token associated with that account. When you authenticate through a service account, you do not use any personal token.
diff --git a/developer-tools/integrations/event-forwarding/README.md b/developer-tools/integrations/event-forwarding/README.md
index 9fe1f29189b2..4e278976d68d 100644
--- a/developer-tools/integrations/event-forwarding/README.md
+++ b/developer-tools/integrations/event-forwarding/README.md
@@ -1,13 +1,13 @@
# Event forwarding
-Snyk event forwarding integrations allow you to push Snyk platform events directly to certain products on other platforms, enabling you to set up custom alerting, build your own reporting, trigger automation, and more.
+Snyk event forwarding integrations let you push Snyk platform events directly to certain products on other platforms, so you can set up custom alerting, build your own reporting, trigger automation, and more.
## Event types
Snyk supports sending two different types of events:
1. **Snyk issue events** - these events are sent when new issues are discovered in a Snyk Project, or when an issue is updated. Each event contains information about the vulnerability or other problem found, including whether a remediation is available.
-2. **Snyk platform audit events** - these events are sent every time a Snyk user performs an action within the Snyk platform. For more information, see [Audit logs](https://app.gitbook.com/s/IgtgtomLQ2TUgSKOMSAm/user-management/user-management-with-the-api/retrieve-audit-logs-of-user-initiated-activity-by-api-for-an-org-or-group).
+2. **Snyk platform audit events** - these events are sent every time a Snyk user performs an action in the Snyk platform. For more information, see [Audit logs](https://app.gitbook.com/s/IgtgtomLQ2TUgSKOMSAm/user-management/user-management-with-the-api/retrieve-audit-logs-of-user-initiated-activity-by-api-for-an-org-or-group).
{% hint style="info" %}
The **Snyk issue** event type does not include Snyk Cloud issues.
diff --git a/developer-tools/integrations/event-forwarding/amazon-eventbridge.md b/developer-tools/integrations/event-forwarding/amazon-eventbridge.md
index 44d944c1d5bb..4a9b2153c3ac 100644
--- a/developer-tools/integrations/event-forwarding/amazon-eventbridge.md
+++ b/developer-tools/integrations/event-forwarding/amazon-eventbridge.md
@@ -1,13 +1,13 @@
# Amazon EventBridge
-The [Amazon EventBridge](https://aws.amazon.com/eventbridge/) integration sends Snyk platform events to EventBridge, allowing you to integrate Snyk events into your existing AWS environments. The integration can be configured to send two different types of events:
+The [Amazon EventBridge](https://aws.amazon.com/eventbridge/) integration sends Snyk platform events to EventBridge, so you can integrate Snyk events into your existing AWS environments. You can configure the integration to send two different types of events:
* **Snyk issue events**: These events are sent when new issues are discovered in a Snyk Project, or when an issue is updated. Each event contains information about the vulnerability or other problem found, including whether a remediation is available.
-* **Snyk platform audit events**: These events are sent every time a Snyk user performs an action within the Snyk platform. For more information, see [Retrieve audit logs of user-initiated activity by API for an Org or Group](https://app.gitbook.com/s/IgtgtomLQ2TUgSKOMSAm/user-management/user-management-with-the-api/retrieve-audit-logs-of-user-initiated-activity-by-api-for-an-org-or-group). This event type is available with Snyk Enterprise plans. For more information, see this page about [trials](https://app.gitbook.com/s/L7HyJj9FsK1W4pNt8Gzl/implementation-guides/enterprise-implementation-guide/trial-limitations) and [Plans and pricing](https://snyk.io/plans/).
+* **Snyk platform audit events**: These events are sent every time a Snyk user performs an action in the Snyk platform. For more information, see [Retrieve audit logs of user-initiated activity by API for an Org or Group](https://app.gitbook.com/s/IgtgtomLQ2TUgSKOMSAm/user-management/user-management-with-the-api/retrieve-audit-logs-of-user-initiated-activity-by-api-for-an-org-or-group). This event type is available with Snyk Enterprise plans. For more information, see this page about [trials](https://app.gitbook.com/s/L7HyJj9FsK1W4pNt8Gzl/implementation-guides/enterprise-implementation-guide/trial-limitations) and [Plans and pricing](https://snyk.io/plans/).
To set up the integration, there are two steps:
-1. Configure an EventBridge integration in the Snyk dashboard. This will create a Snyk **Partner Event Source** in your AWS account, which you can see in the EventBridge dashboard.
+1. Configure an EventBridge integration in the Snyk dashboard. This creates a Snyk **Partner Event Source** in your AWS account, which you can see in the EventBridge dashboard.
2. Configure the Snyk integration in Amazon EventBridge. This step involves associating the Snyk event source created in step one with an EventBridge **Event Bus**.
After you complete these steps, Snyk immediately starts sending events to the configured event bus.
@@ -26,19 +26,19 @@ When the form is completed, click **Add integration**. After this step is done,
## Snyk App authorization
-If this is the first time you have set up an Amazon EventBridge integration for your Organization, you will be prompted to complete the Snyk App authorization flow.
+If this is the first time you have set up an Amazon EventBridge integration for your Organization, Snyk prompts you to complete the Snyk App authorization flow.
-After completing the authorization flow, you will be redirected to the settings page for the integration.
+After completing the authorization flow, Snyk redirects you to the settings page for the integration.
## Configure the integration in Amazon EventBridge
-After configuring the EventBridge integration on the Snyk side, you should see a new **Partner Event Source** in the EventBridge console. Navigate to the EventBridge console and navigate to the **Partner event sources** page under the **Integration** section.
+After configuring the EventBridge integration on the Snyk side, a new **Partner Event Source** appears in the EventBridge console. Navigate to the EventBridge console and navigate to the **Partner event sources** page under the **Integration** section.
Partner event sources
-Snyk-generated event sources will have a naming pattern like this:
+Snyk-generated event sources have a naming pattern like this:
`aws.partner/snyk.io/org_/`\
\
@@ -53,14 +53,14 @@ Navigate to the [EventBridge integration settings page](https://app.snyk.io/mana
Clicking on the name of the integration opens the integration settings page, which displays configuration information for the integration.
{% hint style="info" %}
-Because EventBridge integrations create an external resource that depends on the configured AWS Account ID, Region, and event type, it is not possible to edit these configuration fields. If you need to change one of these fields, delete the integration and create a new one. This deletes the existing **partner event source** in AWS and creates a new one, which you will need to associate with an **event bus** as described above.
+Because EventBridge integrations create an external resource that depends on the configured AWS Account ID, Region, and event type, it is not possible to edit these configuration fields. If you need to change one of these fields, delete the integration and create a new one. This deletes the existing **partner event source** in AWS and creates a new one, which you must associate with an **event bus** as described in the preceding steps.
{% endhint %}
-To delete an integration, scroll to the bottom of the page and click the **Remove integration** button, then confirm the deletion.
+To delete an integration, scroll to the bottom of the page and click **Remove integration**, then confirm the deletion.
Remove integration
-This deletes the integration configuration on the Snyk side and the **Partner Event Source** associated with this integration in AWS. You can verify that the event source has been deleted in the EventBridge console.
+This deletes the integration configuration on the Snyk side and the **Partner Event Source** associated with this integration in AWS. You can verify that Snyk deleted the event source in the EventBridge console.
## Understanding event data
diff --git a/developer-tools/integrations/event-forwarding/aws-cloudtrail-lake.md b/developer-tools/integrations/event-forwarding/aws-cloudtrail-lake.md
index fdc94afe065f..227742da5055 100644
--- a/developer-tools/integrations/event-forwarding/aws-cloudtrail-lake.md
+++ b/developer-tools/integrations/event-forwarding/aws-cloudtrail-lake.md
@@ -5,7 +5,7 @@
The AWS CloudTrail Lake integration is available only with Snyk Enterprise plans. For more information, see [plans and pricing](https://snyk.io/plans/).
{% endhint %}
-The AWS CloudTrail Lake integration allows you to forward [Snyk audit logs](https://app.gitbook.com/s/IgtgtomLQ2TUgSKOMSAm/user-management/user-management-with-the-api/retrieve-audit-logs-of-user-initiated-activity-by-api-for-an-org-or-group) to AWS CloudTrail Lake, which lets you run SQL-based queries on your logs and retain them for up to seven (7) years.
+The AWS CloudTrail Lake integration lets you forward [Snyk audit logs](https://app.gitbook.com/s/IgtgtomLQ2TUgSKOMSAm/user-management/user-management-with-the-api/retrieve-audit-logs-of-user-initiated-activity-by-api-for-an-org-or-group) to AWS CloudTrail Lake, which lets you run SQL-based queries on your logs and retain them for up to seven years.
This integration can be configured to forward audit logs for a single Snyk Organization, or for a Snyk Group and all of its child Organizations. In either case, there are two steps required to set up the integration:
@@ -20,18 +20,18 @@ This integration sends logs beginning when you enable it. Logs generated before
Audit logs are captured when Snyk users perform actions on the Snyk platform, such as making changes to settings, adding other users, or accessing protected APIs. When you are setting up this integration, it is important to understand how audit logs are captured, based on how a customer's Snyk account is set up:
-* For customers using Snyk with a single Snyk Organization (or with multiple disconnected Organizations), all audit logs are captured within the scope of the single Organization.
+* For customers using Snyk with a single Snyk Organization (or with multiple disconnected Organizations), all audit logs are captured in the scope of the single Organization.
* For customers who have a Snyk Group with child Organizations, actions such as adding new Organizations to the group or adding users to the group are audited at the Group level, and are not typically associated with an Organization.
This integration supports both use cases:
1. Integrate CloudTrail Lake with a single Snyk Organization
- 1. All audit logs associated directly with that Organization will be sent to CloudTrail Lake.
+ 1. All audit logs associated directly with that Organization are sent to CloudTrail Lake.
2. If the Organization has a parent Group, actions taken on that Group **a**re not sent to CloudTrail Lake.
- 3. If the Organization has members who are also members of other Organizations and Groups, actions taken by those members will only be sent to CloudTrail Lake if they are directly associated with the Organization.
+ 3. If the Organization has members who are also members of other Organizations and Groups, actions taken by those members are sent to CloudTrail Lake only if they are directly associated with the Organization.
2. Integrate CloudTrail Lake with a Snyk Group and all of its child Organizations
- 1. All audit logs associated with the Group or any of its child Organizations will be sent to CloudTrail Lake.
- 2. When new Organizations are added to the Group, audit logs for those Organizations will be sent automatically to CloudTrail Lake.
+ 1. All audit logs associated with the Group or any of its child Organizations are sent to CloudTrail Lake.
+ 2. When new Organizations are added to the Group, audit logs for those Organizations are sent automatically to CloudTrail Lake.
## Add a Snyk integration in AWS CloudTrail Lake
@@ -43,7 +43,7 @@ During the setup, you must supply an **External ID** for the integration. The va
### External ID for a Single Snyk Organization
-If you are creating this integration for a single Snyk Organization, you will use your Snyk **Organization ID** as the **External ID.** You can find your Organization ID under Snyk **Organization Settings**.
+If you are creating this integration for a single Snyk Organization, use your Snyk **Organization ID** as the **External ID.** You can find your Organization ID under Snyk **Organization Settings**.
Organization ID on Snyk Organization settings page
@@ -51,7 +51,7 @@ Copy the value in the **Organization ID** field to the **External ID** field in
### External ID for a Snyk group
-If you are setting up this Organization for a Snyk Group, which will automatically include all child organizations, you will use your **Snyk Group ID** as the **External ID**. You can find your Group ID by clicking on the name of your Snyk group in the Snyk dashboard, and then navigating to the **Settings** page.
+If you are setting up this Organization for a Snyk Group, which automatically includes all child Organizations, use your **Snyk Group ID** as the **External ID**. You can find your Group ID by clicking on the name of your Snyk group in the Snyk dashboard, and then navigating to the **Settings** page.
Group settings page
@@ -59,7 +59,7 @@ Copy the value in the **Group ID** field to the **External ID** field in the AWS
### CloudTrail Lake Channel ARN
-When you are finished creating the Snyk integration in AWS CloudTrail Lake, copy the **Channel ARN** that is displayed on the integration page. You will need this for the next step.
+When you are finished creating the Snyk integration in AWS CloudTrail Lake, copy the **Channel ARN** displayed on the integration page. You need this for the next step.
## Configure the integration in Snyk (single Organization)
@@ -77,11 +77,11 @@ After this step is complete, Snyk immediately begins forwarding audit logs to AW
## Snyk App authorization
-If this is the first time you have set up an AWS CloudTrail Lake integration for your Organization, you will be prompted to complete the Snyk App authorization flow.
+If this is the first time you have set up an AWS CloudTrail Lake integration for your Organization, Snyk prompts you to complete the Snyk App authorization flow.
Snyk App authorization
-After completing the authorization flow you will be redirected to the settings page for the integration.
+After completing the authorization flow, Snyk redirects you to the settings page for the integration.
## Configure the integration in Snyk (Snyk Group and child Organizations)
@@ -132,7 +132,7 @@ Select **Remove integration** and confirm that you want to remove the integratio
Remove integration button
-This action removes Snyk’s configuration for this integration, which will prevent any further audit logs from being sent to AWS CloudTrail Lake. This does not remove the Snyk integration in AWS CloudTrail Lake. To do this, navigate to AWS CloudTrail Lake and delete the Snyk integration from the **Integration** list.
+This action removes the Snyk configuration for this integration, which prevents any further audit logs from being sent to AWS CloudTrail Lake. This does not remove the Snyk integration in AWS CloudTrail Lake. To do this, navigate to AWS CloudTrail Lake and delete the Snyk integration from the **Integration** list.
## Remove an AWS CloudTrail Lake integration (Snyk Group and child Organizations)
@@ -161,7 +161,7 @@ Replace `` with the ID of the event data store that is asso
## Understanding the log data
-There are three (3) key fields to note when using the Snyk audit log data in AWS CloudTrail Lake.
+There are three key fields to note when using the Snyk audit log data in AWS CloudTrail Lake.
`eventdata.useridentity`
@@ -173,4 +173,4 @@ This represents the type of audit event, for example, `api.access` or `org.cloud
`eventdata.additionaleventdata`
-This field contains a raw JSON payload with more detailed information about the audit event. The content of the payload depends on the type of the event. For example, an API access event will include the accessed URL, while a settings change event will include before and after values for the changed setting.
+This field contains a raw JSON payload with more detailed information about the audit event. The content of the payload depends on the type of the event. For example, an API access event includes the accessed URL, while a settings change event includes before and after values for the changed setting.
diff --git a/developer-tools/integrations/event-forwarding/aws-security-hub.md b/developer-tools/integrations/event-forwarding/aws-security-hub.md
index e5e28ae17d88..92a0557a5987 100644
--- a/developer-tools/integrations/event-forwarding/aws-security-hub.md
+++ b/developer-tools/integrations/event-forwarding/aws-security-hub.md
@@ -1,6 +1,6 @@
# AWS Security Hub
-The [AWS Security Hub](https://aws.amazon.com/security-hub/) integration sends Snyk issues to Security Hub, allowing you to centralize your security reporting, build custom alerting, and trigger automation. After it is configured, the integration automatically uploads Snyk issues to Security Hub as security findings. When issues are updated or new remediations become available, the corresponding Security Hub findings are automatically updated.
+The [AWS Security Hub](https://aws.amazon.com/security-hub/) integration sends Snyk issues to Security Hub, so you can centralize your security reporting, build custom alerting, and trigger automation. After it is configured, the integration automatically uploads Snyk issues to Security Hub as security findings. When issues are updated or new remediations become available, the corresponding Security Hub findings are automatically updated.
There are two steps required to configure the integration:
@@ -28,16 +28,16 @@ Enter a **name** for the integration, along with the **AWS Account ID** and **AW
After this step is complete, Snyk begins sending new issue events to Security Hub.
{% hint style="info" %}
-Issues on existing Projects will not be sent to Security Hub unless those issues are updated. To backfill issues from existing projects, you can delete and re-import them.
+Issues on existing Projects are not sent to Security Hub unless those issues are updated. To backfill issues from existing Projects, you can delete and re-import them.
{% endhint %}
## Snyk App authorization
-If this is the first time you have set up an AWS Security Hub integration for your Organization, you will be prompted to complete the Snyk App authorization flow.
+If this is the first time you have set up an AWS Security Hub integration for your Organization, Snyk prompts you to complete the Snyk App authorization flow.
Snyk App authorization
-After completing the authorization flow you will be redirected to the settings page for the integration.
+After completing the authorization flow, Snyk redirects you to the settings page for the integration.
## Managing and deleting a Security Hub integration
@@ -47,8 +47,8 @@ Navigate to the [Security Hub integration settings page](https://app.snyk.io/man
Clicking on the name of an integration opens the settings page for that integration, where you can view and update configuration information for the integration.
-To delete an integration, scroll to the bottom of the integration settings page and click the **Remove integration** button.
+To delete an integration, scroll to the bottom of the integration settings page and click **Remove integration**.
Remove integration
-After the integration is deleted, Snyk will no longer send issues to Security Hub. Issues that have already been sent to Security Hub will remain there until they are archived.
+After the integration is deleted, Snyk no longer sends issues to Security Hub. Issues already sent to Security Hub remain there until they are archived.
diff --git a/developer-tools/integrations/event-forwarding/crowdstrike-falcon-next-gen-siem.md b/developer-tools/integrations/event-forwarding/crowdstrike-falcon-next-gen-siem.md
index 507b9eb4a0fe..7bec740b70dc 100644
--- a/developer-tools/integrations/event-forwarding/crowdstrike-falcon-next-gen-siem.md
+++ b/developer-tools/integrations/event-forwarding/crowdstrike-falcon-next-gen-siem.md
@@ -24,21 +24,21 @@ The process for setting up this integration consists of:
To use the CrowdStrike NG-SIEM destination, you need to set up a Snyk Data Connector in your CrowdStrike NG-SIEM environment. To learn more, visit the [Snyk](https://falcon.us-2.crowdstrike.com/documentation/page/c7182a06/snyk) page in the CrowdStrike documentation. Select the **snyk-platform (Snyk Platform)** parser while configuring the data connector.
-When setting up the data connector, you receive an API key and URL, which you will use later to configure the Snyk Issue Forwarder.
+When setting up the data connector, you receive an API key and URL, which you use later to configure the Snyk Issue Forwarder.
## Configure Snyk Issue Forwarder
-This section configures Snyk to send issue data to the CrowdStrike connector you just created.
+This section configures Snyk to send issue data to the CrowdStrike connector you created.
* Open the **Integrations** menu.
-* Select the **Add integration** option.
+* Select **Add integration**.
* Select the **Issue Forwardin**g tag and search for CrowdStrike Issue Forwarding.
-* Click the **Add** button.
+* Click **Add**.
* Add the profile name for this integration.
* Add the **API URL** you copied earlier from your CrowdStrike Issue Forwarding account.
* Add the **API key** you copied earlier from your CrowdStrike Issue Forwarding account.
-* Click the **Done** button.
-* When the connection is established, the status of the CrowdStrike Issue Forwarding integration is changed to **Connected**.
+* Click **Done**.
+* When the connection is established, the status of the CrowdStrike Issue Forwarding integration changes to **Connected**.
## Verify the integration connection
diff --git a/developer-tools/integrations/event-forwarding/google-security-command-center.md b/developer-tools/integrations/event-forwarding/google-security-command-center.md
index e9b6243e6e7e..f6c732c160c4 100644
--- a/developer-tools/integrations/event-forwarding/google-security-command-center.md
+++ b/developer-tools/integrations/event-forwarding/google-security-command-center.md
@@ -6,7 +6,7 @@
The Google Cloud Security Command Center integration is in [Early Access](https://app.gitbook.com/s/L7HyJj9FsK1W4pNt8Gzl/snyk-release-process#early-access-features), and is available only with Snyk Enterprise plans. For more information, see [Plans and pricing](https://snyk.io/plans/).
{% endhint %}
-The Google Cloud Security Command Center (SCC) integration sends Snyk issues to SCC, enabling you to view and manage Snyk issues alongside cloud security findings from Google Cloud in a single viewpoint. Snyk issues are represented in SCC as code security findings. When Snyk issues are updated, corresponding SCC findings are automatically updated as well. All details are available at the Organization level in the Google Cloud Security Command Center (SCC) integration.
+The Google Cloud Security Command Center (SCC) integration sends Snyk issues to SCC, so you can view and manage Snyk issues alongside cloud security findings from Google Cloud in a single viewpoint. Snyk issues are represented in SCC as code security findings. When Snyk issues are updated, corresponding SCC findings are automatically updated as well. All details are available at the Organization level in the Google Cloud Security Command Center (SCC) integration.
Use the following instructions to set up the integration:
@@ -28,12 +28,12 @@ Service Accounts are not available at the Organization level in Google Cloud IAM
## Create the findings source using the Google Cloud SCC console
* In the SCC console, navigate to **Marketplace** and search for Snyk. Alternatively, navigate directly to the [Snyk for SCC marketplace listing](https://console.cloud.google.com/marketplace/product/snyk-marketplace/snyk-google-scc).
-* Click **SIGN UP WITH PARTNER** to install the Snyk for SCC integration. During this process, you will create a **Findings Source** for Snyk and a **Service Account** with [Security Center Findings Editor](https://cloud.google.com/security-command-center/docs/access-control-org#securitycenter.findingsEditor) permissions.
+* Click **SIGN UP WITH PARTNER** to install the Snyk for SCC integration. During this process, you create a **Findings Source** for Snyk and a **Service Account** with [Security Center Findings Editor](https://cloud.google.com/security-command-center/docs/access-control-org#securitycenter.findingsEditor) permissions.
{% hint style="warning" %}
**Important Identity and Access Management (IAM) Configuration for Security Command Center**
-The setup process will grant the Snyk Service Account the `Security Center Findings Editor` role on the Project you select. However, how you use Security Command Center determines if an additional step is needed.
+The setup process grants the Snyk Service Account the `Security Center Findings Editor` role on the Project you select. However, how you use Security Command Center determines if an additional step is needed.
* **If you use Google SCC at the Organization level** (most common for businesses):
* You must also add an IAM policy binding at the Organization level.
@@ -42,7 +42,7 @@ The setup process will grant the Snyk Service Account the `Security Center Findi
{% endhint %}
* Navigate to Google Cloud IAM and locate the **Service Accoun**t you created in the previous step, then [create a service account key](https://cloud.google.com/iam/docs/keys-create-delete#creating) in JSON format.
-* Make a note of the **Source ID** (Findings Source name) and the **Service Account Key**, as you will need to provide them to the Snyk Web UI.
+* Make a note of the **Source ID** (Findings Source name) and the **Service Account Key**, as you must provide them to the Snyk Web UI.
You can then set up the integration in Snyk using the Snyk Web UI.
@@ -60,7 +60,7 @@ You can then set up the integration in Snyk using the Snyk Web UI.
3. Enter the following information:
* Profile name for the integration
-* The **Org ID** for the for the Google Cloud project that holds the Kubernetes cluster
+* The **Org ID** for the Google Cloud project that holds the Kubernetes cluster
* The JSON Service Account Key File
* The **Source ID** (Findings Source Name)
diff --git a/developer-tools/integrations/integrate-with-snyk.md b/developer-tools/integrations/integrate-with-snyk.md
index 9eec5f1d5b6c..4e104cefa8d5 100644
--- a/developer-tools/integrations/integrate-with-snyk.md
+++ b/developer-tools/integrations/integrate-with-snyk.md
@@ -4,7 +4,7 @@
Agentic workflows transform software development by using AI assistants to automate tasks and write code, boosting productivity. But this speed poses security risks, as AI-generated code may have vulnerabilities.
-Snyk offers security guardrails through Snyk Studio, including its integration with the Model Context Protocol (MCP), an open standard enabling AI tools to communicate with the Snyk security platform. This allows AI assistants to run scans and check for vulnerabilities during code generation, embedding security early in AI-powered development for both human and AI-generated code.
+Snyk offers security guardrails through Snyk Studio, including its integration with the Model Context Protocol (MCP), an open standard enabling AI tools to communicate with the Snyk security platform. This lets AI assistants run scans and check for vulnerabilities during code generation, embedding security early in AI-powered development for both human and AI-generated code.
Snyk provides information about:
@@ -23,7 +23,7 @@ The Snyk MCP Server is designed as a local MCP server, running on your system us
## Integrations for Snyk
-Many integrations are available for using third-party functionality within Snyk and using Snyk with other tools. See [SCM, IDE, and CI/CD workflow and integrations](../scm-integrations/) for information on integrations and other methods of accomplishing that workflow.
+Many integrations are available for using third-party functionality in Snyk and using Snyk with other tools. See [SCM, IDE, and CI/CD workflow and integrations](../scm-integrations/) for information on integrations and other methods of accomplishing that workflow.
This page identifies additional Snyk integrations and where to find them.
@@ -34,7 +34,7 @@ Snyk provides plugins for repository gatekeepers and integrations to connect wit
There are integrations that support [Snyk Container](https://app.gitbook.com/s/BJO0IZx7zB6bOkotxQP2/scan-with-snyk/snyk-container/container-registry-integrations).
-Integrations for [event forwarding](event-forwarding/) allow you to push Snyk platform events directly to certain products on other platforms, enabling you to set up custom alerting, build your own reporting, trigger automation, and more.
+Integrations for [event forwarding](event-forwarding/) let you push Snyk platform events directly to certain products on other platforms, so you can set up custom alerting, build your own reporting, trigger automation, and more.
[Notification and ticketing systems integrations](jira-and-slack-integrations/) help you work with Snyk in Jira and Slack.
@@ -48,7 +48,7 @@ The **Integrations** page shows all active integrations, including any data auto
The following supported Snyk data are automatically synced: Snyk Open Source, Snyk Code, Snyk IaC, Snyk Container.
-Each connected integration enables you to pause data syncing, modify integration profiles and configurations, delete the integration, or check when the integration was last synced and when the next sync is scheduled.
+Each connected integration lets you pause data syncing, modify integration profiles and configurations, delete the integration, or check when the integration was last synced and when the next sync is scheduled.
### Integrations syncing time
@@ -67,9 +67,9 @@ After you finish setting up an integration, you can see the following connection
* Setup in progress
* Connected
* Connection failed
-* x profile(s) connected
-* x/y profile(s) connected
-* x profile(s) failed
+* x profiles connected
+* x/y profiles connected
+* x profiles failed
If you encounter any of the failed statuses, check the Connection failure details list available on the integration card.
@@ -115,7 +115,7 @@ You can add an integration by following these steps:
See the [Group-level integrations](../scm-integrations/group-level-integrations/) page for step-by-step details about how to set up an integration.
-After the integration is validated, a card is displayed on the Integrations page, allowing you to enable or disable the connection, edit the settings, or remove the connection from your configuration.
+After the integration is validated, a card is displayed on the Integrations page, so you can enable or disable the connection, edit the settings, or remove the connection from your configuration.
### Using Snyk Broker
diff --git a/developer-tools/integrations/jira-and-slack-integrations/jira-integration.md b/developer-tools/integrations/jira-and-slack-integrations/jira-integration.md
index b4c9b05780ac..b9b92be86693 100644
--- a/developer-tools/integrations/jira-and-slack-integrations/jira-integration.md
+++ b/developer-tools/integrations/jira-and-slack-integrations/jira-integration.md
@@ -6,7 +6,7 @@ For Snyk Infrastructure as Code, see [Jira Integration for IaC](https://app.gitb
## Set up your Jira integration
-Snyk Jira integration allows you to manually raise Jira issues in the Snyk UI for vulnerabilities or license issues. The Jira integration also includes the API endpoints [Create jira issue](../../snyk-api/reference/jira-v1.md#org-orgid-project-projectid-issue-issueid-jira-issue) and [List all jira issues](../../snyk-api/reference/jira-v1.md#org-orgid-project-projectid-jira-issues).
+The Snyk Jira integration lets you manually raise Jira issues in the Snyk UI for vulnerabilities or license issues. The Jira integration also includes the API endpoints [Create jira issue](../../snyk-api/reference/jira-v1.md#org-orgid-project-projectid-issue-issueid-jira-issue) and [List all jira issues](../../snyk-api/reference/jira-v1.md#org-orgid-project-projectid-jira-issues).
{% hint style="info" %}
If your Jira instance is private, use [the Snyk Broker deployment method](https://app.gitbook.com/s/IgtgtomLQ2TUgSKOMSAm/snyk-broker/classic-broker/install-and-configure-snyk-broker/jira-prerequisites-and-steps-to-install-and-configure-broker/jira-install-and-configure-using-docker).
@@ -15,7 +15,7 @@ If your Jira instance is private, use [the Snyk Broker deployment method](https:
## Prerequisites for Jira integration with Snyk
* Snyk supports Jira from version 5 to version 10.
-* The following [Jira permissions](https://confluence.atlassian.com/adminjiraserver073/managing-project-permissions-861253293.html) are required: **Browse Projects** and **Create Issues.**
+* You need the following [Jira permissions](https://confluence.atlassian.com/adminjiraserver073/managing-project-permissions-861253293.html): **Browse Projects** and **Create Issues.**
## How to set up your Jira integration
@@ -35,17 +35,17 @@ After entering the details into the integration, click **Save and continue**.
If the connection is not successful, check that the Base URL starts with exactly `https://` It must not have capitals or be http.
{% endhint %}
-If the connection is successful, you will see the connection details in orange at the top of the page.
+If the connection is successful, the connection details appear at the top of the page.
Fill in the following fields:
* Default Project (required) - Select a Jira Project from the list.
* Default Issue Type (required) - Select an issue type from the list. The list is populated from available issue types in your Project.
-* Ignored Fields (optional) - Specified fields will be excluded from the prompt users see when creating Jira issues in Snyk. For custom fields, use the [custom field id](https://confluence.atlassian.com/jirakb/find-my-custom-field-id-number-in-jira-744522503.html) in the format `customfield_XXXXXX`.
+* Ignored Fields (optional) - Snyk excludes the specified fields from the prompt users see when creating Jira issues in Snyk. For custom fields, use the [custom field id](https://confluence.atlassian.com/jirakb/find-my-custom-field-id-number-in-jira-744522503.html) in the format `customfield_XXXXXX`.
## Create a Jira issue
-After you set up the Jira integration connection, open one of your Snyk Projects in the Snyk Web UI. A new button, **Create an issue**, appears at the bottom of each vulnerability and license issue card. This button allows you to create a Jira issue.
+After you set up the Jira integration connection, open one of your Snyk Projects in the Snyk Web UI. A new button, **Create an issue**, appears at the bottom of each vulnerability and license issue card. This button lets you create a Jira issue.
Create an issue button
@@ -53,9 +53,9 @@ If the **Create an issue** button is not visible in the UI, ensure that **Group
When you select **Create an issue**, a Jira issue creation form appears. This form includes the Snyk issue details, which are copied into the associated fields. You can review and edit this form before creating the issue.
-Select the Jira project to which you want to send the issue. The fields in the example that follows are based on the fields that the specific Project has, so switching between Projects may show different options.
+Select the Jira project to which you want to send the issue. The fields in the example that follows are based on the fields that the specific Project has, so switching between Projects might show different options.
-
Create a Jira issue
+
Create a Jira issue
After you create a Jira issue, the Jira key with a link is displayed on the issue card. If you are using the Jira API, you can generate multiple Jira issues for the same issue in Snyk.
diff --git a/developer-tools/integrations/jira-and-slack-integrations/slack-app.md b/developer-tools/integrations/jira-and-slack-integrations/slack-app.md
index a3568905f250..963406760d65 100644
--- a/developer-tools/integrations/jira-and-slack-integrations/slack-app.md
+++ b/developer-tools/integrations/jira-and-slack-integrations/slack-app.md
@@ -38,23 +38,23 @@ To enable the Snyk app for Slack, you must do the following:
1. Authorize the app with Snyk to get new issues data that can be forwarded to your Slack workspace.
2. Authorize the app with your Slack workspace to allow Snyk to send notifications to your channels in the workspace.
-3. Configure the default notification settings in Snyk for all Projects in your Organization and add [Project-level notification overrides](slack-app.md#manage-project-level-notification-overrides) if you would like.
+3. Configure the default notification settings in Snyk for all Projects in your Organization and add [Project-level notification overrides](slack-app.md#manage-project-level-notification-overrides) if you want.
## Configure the Snyk app for Slack
Ensure the user performing this installation has the permission **Snyk Apps Management - Install Apps** before continuing. See [documentation for member roles](https://app.gitbook.com/s/IgtgtomLQ2TUgSKOMSAm/user-management/user-role-management).
1. Open the [Snyk integrations page](https://app.snyk.io/integrations), navigate to **Notifications**, and click the **Slack App** tile.
-2. You must give authorization for Snyk to access data from Slack by selecting **Authorize with Snyk**.
-3. Additional authorization is requested for Snyk to access the Snyk Slack workspace. This involves content and info about channels and conversations, as well as enabling Snyk to perform action in those channels and conversations. To proceed, select **Allow**.
+2. Authorize Snyk to access data from Slack by selecting **Authorize with Snyk**.
+3. Snyk requests additional authorization to access the Snyk Slack workspace. This involves content and info about channels and conversations, as well as enabling Snyk to perform actions in those channels and conversations. To proceed, select **Allow**.
{% hint style="info" %}
-If multiple Slack workspaces are available, a dropdown will be visible at the top right of the page. Select the desired Slack workspace.
+If multiple Slack workspaces are available, a dropdown appears at the top right of the page. Select the desired Slack workspace.
{% endhint %}
You can configure the integration to provide a Slack channel ID for the channel where issue notifications for the Organization are sent, and also filter by severity level.
-To find the channel ID of a Slack Channel, open Slack, right-click on the channel name, select **View channel details**, then scroll down to the bottom of the window where you will see the channel ID, for example, C2TB2222N.
+To find the channel ID of a Slack Channel, open Slack, right-click on the channel name, select **View channel details**, then scroll down to the bottom of the window where the channel ID appears, for example, C2TB2222N.
To add the Snyk for Slack app to a private channel, you must first add the app manually to the channel from within Slack and then select the channel within the Snyk integration. In the Private channel, select **Channel settings - Integrations**, and then **Add an app**. Search for **Snyk for Slack** and select **add**. After you have done this, the channel is displayed on the **Settings** page for the integration.
@@ -62,8 +62,8 @@ If you are a Slack Admin, you can manually add the Snyk for Slack app to a priva
## Issue notifications
-After the Slack app has been configured, new issue notifications are forwarded to the selected Slack channel according to the desired severity level threshold.\
-New issue notifications may take up to an hour to start propagating to your Slack workspace after it is configured.
+After you configure the Slack app, new issue notifications are forwarded to the selected Slack channel according to the desired severity level threshold.\
+New issue notifications can take up to an hour to start propagating to your Slack workspace after it is configured.
Example of a new critical vulnerability notification received in Slack
@@ -114,7 +114,7 @@ To interact with the Project-level notification customization endpoints, you mus
`GET /orgs/{org_id}/app_bots`
{% hint style="info" %}
-Ensure you apply the `expand=app` query string on your request. This enables you to find the Bot for the related Snyk App named **Slack App**.
+Ensure you apply the `expand=app` query string on your request. This lets you find the Bot for the related Snyk App named **Slack App**.
{% endhint %}
#### Find your Project ID
@@ -145,6 +145,6 @@ After retrieving the `org_id`, `bot_id`, and `project_id` values, you can use th
## Remove the Snyk app for Slack
-To remove the Snyk app for Slack, navigate to the settings page, locate **Remove Slack Snyk app** at the bottom of the page, and click the **Disconnect Slack** button:
+To remove the Snyk app for Slack, navigate to the settings page, locate **Remove Slack Snyk app** at the bottom of the page, and click **Disconnect Slack**:
Remove Slack App integration
diff --git a/developer-tools/integrations/jira-and-slack-integrations/slack-integration.md b/developer-tools/integrations/jira-and-slack-integrations/slack-integration.md
index 73a4e4efe0db..f8cf22db4493 100644
--- a/developer-tools/integrations/jira-and-slack-integrations/slack-integration.md
+++ b/developer-tools/integrations/jira-and-slack-integrations/slack-integration.md
@@ -4,10 +4,10 @@
Snyk recommends that all customers use the [Slack App](slack-app.md), as the Slack integration is outdated.
{% endhint %}
-You can set up Slack to receive Snyk’s alerts about new vulnerabilities that affect your Projects and new upgrades or patches that have become available.
+You can set up Slack to receive Snyk alerts about new vulnerabilities that affect your Projects and new upgrades or patches that have become available.
{% hint style="info" %}
-Vulnerabilities detected on initial import of projects are not sent to Slack immediately.
+Vulnerabilities detected on initial import of Projects are not sent to Slack immediately.
{% endhint %}
## Slack notification types
@@ -22,9 +22,9 @@ A new upgrade or patch is available for a vulnerability that you previously igno
## Set up the Slack integration
-To set up the integration, you must generate a Slack webhook. You can do this either via the [Incoming WebHooks app](https://slack.com/apps/A0F7XDUAZ-incoming-webhooks) or by [creating your own Slack app](https://api.slack.com/incoming-webhooks).
+To set up the integration, you must generate a Slack webhook. You can do this either using the [Incoming WebHooks app](https://slack.com/apps/A0F7XDUAZ-incoming-webhooks) or by [creating your own Slack app](https://api.slack.com/incoming-webhooks).
-Once you have generated your Slack Webhook URL, go to your **Manage Organization** settings and enter the URL.
+After you generate your Slack Webhook URL, navigate to your **Manage Organization** settings and enter the URL.
Enter URL of the Slack webhook
diff --git a/developer-tools/integrations/jira-and-slack-integrations/snyk-security-in-jira-cloud-integration.md b/developer-tools/integrations/jira-and-slack-integrations/snyk-security-in-jira-cloud-integration.md
index e592ca382bd7..89f512e97f85 100644
--- a/developer-tools/integrations/jira-and-slack-integrations/snyk-security-in-jira-cloud-integration.md
+++ b/developer-tools/integrations/jira-and-slack-integrations/snyk-security-in-jira-cloud-integration.md
@@ -22,7 +22,7 @@ To connect the Jira app to Snyk, you must be a [Snyk Organization administrator]
To activate Security in Jira Cloud in Jira, navigate to **Project Settings > Features > Development > Security** and toggle **Security** **ON**.
-Ensure you have the following permission scopes in Jira, which are required for the integration to operate.
+Ensure you have the following permission scopes in Jira, which the integration needs to operate.
Required scope in Jira
Purpose
Write data to the host application
Synchronize vulnerabilities in Snyk with Jira so they appear in the Security tab in Jira.
Read data from the host application
Read vulnerabilities from Jira to optimize the issues synchronization process.
Delete data from the host application
Remove vulnerabilities from Jira when a Snyk Organization is removed from Jira.
@@ -59,8 +59,8 @@ Typically research and development engineering managers do this task because the
{% endhint %}
1. In Jira, navigate to your **Project** and select the **Security** tab.
-2. Click the **Connect security containers** button.
-3. Click on the Snyk application and then select **Connect security containers**.
+2. Click **Connect security containers**.
+3. Click the Snyk application and then select **Connect security containers**.
Connect security containers in Jira via the Security tab and panels
4. Select your Snyk Organization from the list, and choose the Snyk Targets to connect to Jira.
@@ -70,11 +70,11 @@ Typically research and development engineering managers do this task because the
Developers can now use the security feature to view recent vulnerabilities found in the linked code repositories and start [creating Jira issues](snyk-security-in-jira-cloud-integration.md#create-a-jira-issue-from-a-vulnerability) from those vulnerabilities or [linking them to existing Jira issues](snyk-security-in-jira-cloud-integration.md#link-an-existing-jira-issue-to-a-vulnerability).
{% hint style="info" %}
-Issue syncing between Snyk and Jira happens asynchronously, meaning there may be a delay before issues appear in Jira.
+Issue syncing between Snyk and Jira happens asynchronously, meaning there might be a delay before issues appear in Jira.
{% endhint %}
{% hint style="info" %}
-Only **security vulnerabilities** will be shown on the Jira Security tab.
+Only **security vulnerabilities** are shown on the Jira Security tab.
{% endhint %}
### Deleting a target or repository
@@ -82,15 +82,15 @@ Only **security vulnerabilities** will be shown on the Jira Security tab.
To delete a target or repository from Snyk that you have connected to Jira, you must first delete the container code repository in Jira, through the **Security** panel in each Jira Project. Then you can remove the target or repository from Snyk:
1. In Jira, navigate to your **Project** and select the **Security** tab.
-2. Click on the **Connect security containers** button.
-3. Click on the Snyk application
+2. Click **Connect security containers**.
+3. Click the Snyk application
4. Select the security container you want to remove from the list using the **Remove connection** option
Remove connected security containers in the Jira Security panel
## Automate ticket creation in Jira
-The following steps describe how to use Jira automation to automatically create tickets for Snyk Vulnerabilities:
+The following steps describe how to use Jira automation to automatically create tickets for Snyk vulnerabilities:
1. In Jira, in your project, navigate to **Project Settings** and then **Automation**.
2. Click **Create Rule**.
@@ -126,7 +126,7 @@ Select the title of a column in the table to sort all vulnerabilities by that at
When triaging issues, you can add a Jira issue to the sprint or backlog to ensure the required work for resolving the vulnerability is planned and tracked.
-Snyk provides vulnerability information to Jira, enabling users to have comprehensive data for resolving issues.
+Snyk provides vulnerability information to Jira, giving users comprehensive data for resolving issues.
To add a Jira issue, navigate to the Snyk Security tab, find a vulnerability, and click **Create issue**.
@@ -141,7 +141,7 @@ If the vulnerability already has a Jira issue, you can link the vulnerability to
These steps describe how to use Jira automation and JQL to automatically close or change the status of tickets for vulnerabilities that are now in a closed state.
1. In Jira on your Project, navigate to **Project Settings** and then **Automation.**
-2. Click he **Create Rule** button.
+2. Click **Create Rule**.
3. Click **Scheduled** and then **Scheduled**.
Add Scheduled trigger
@@ -160,16 +160,16 @@ These steps describe how to use Jira automation and JQL to automatically close o
6. Now that the setup is complete, give it a name and click on **Turn on rule.**
-Now, according to your schedule, Jira will search for any issues for which the vulnerability is closed, but the issues are not closed, and close each Jira issue.
+Now, according to your schedule, Jira searches for any issues for which the vulnerability is closed but the issues are not closed, and closes each Jira issue.
## Uninstall Snyk Security in Jira Cloud
{% hint style="warning" %}
-Uninstalling Snyk Security in Jira Cloud will disconnect Snyk vulnerabilities from their associated Jira issues.\
+Uninstalling Snyk Security in Jira Cloud disconnects Snyk vulnerabilities from their associated Jira issues.\
\
To uninstall a Jira app, you must be an administrator in the site-admins, administrators, or jira-administrators groups.
{% endhint %}
1. In Jira, navigate to **Apps** in the main menu and select **Manage your apps.**
2. Select **Snyk Security in Jira.**
-3. Click the **Uninstall** button.
+3. Click **Uninstall**.
diff --git a/developer-tools/integrations/partner-integrations.md b/developer-tools/integrations/partner-integrations.md
index da31fdb3464b..62e7766d884f 100644
--- a/developer-tools/integrations/partner-integrations.md
+++ b/developer-tools/integrations/partner-integrations.md
@@ -129,7 +129,7 @@ To see the documentation for each integration, click on the integration name in
## Identity correlation
-Tracking SLDC workflows and vulnerabilities per developer/user.
+Tracking SDLC workflows and vulnerabilities per developer/user.
To see the documentation for each integration, click on the integration name in the table.
@@ -206,7 +206,7 @@ To see the documentation for each integration, click on the integration name in
| Integration | Description |
| ------------------------------------------------------------------------------------------------------------------------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------- |
-| [ServiceNow: Snyk Vulnerbility Intelligence for SBOM](https://store.servicenow.com/store/app/994d67e21b646a50a85b16db234bcb56) | Vulnerability Intelligence for ServiceNow SBOM allows you to efficiently prioritize and remediate vulnerabilities in the components identified in your SBOMs. |
+| [ServiceNow: Snyk Vulnerability Intelligence for SBOM](https://store.servicenow.com/store/app/994d67e21b646a50a85b16db234bcb56) | Vulnerability Intelligence for ServiceNow SBOM allows you to efficiently prioritize and remediate vulnerabilities in the components identified in your SBOMs. |
## Ticketing and workflow
diff --git a/developer-tools/scan-with-snyk/snyk-tools/README.md b/developer-tools/scan-with-snyk/snyk-tools/README.md
index 3363ba1734d3..ef25f0555700 100644
--- a/developer-tools/scan-with-snyk/snyk-tools/README.md
+++ b/developer-tools/scan-with-snyk/snyk-tools/README.md
@@ -2,7 +2,7 @@
## Scope of Snyk Tools
-Snyk Tools help with specific pain points that may not be addressed by Snyk product functionality, regardless of whether you use Snyk through the Web UI, CLI, API, or an integration. Snyk Tools extend the functions of the Snyk API and the Snyk CLI.
+Snyk Tools help with specific pain points that Snyk product functionality might not address, regardless of whether you use Snyk through the Web UI, CLI, API, or an integration. Snyk Tools extend the functions of the Snyk API and the Snyk CLI.
{% hint style="info" %}
You must have a [Snyk Account](https://snyk.io/login?cta=sign-up\&loc=nav\&page=support_docs_page) with populated Projects to use Snyk Tools.
@@ -32,7 +32,7 @@ Refer to the repositories for instructions on how to use the following additiona
* [snyk-user-sync-tool](https://github.com/snyk-tech-services/snyk-user-sync-tool): Add, remove, and sync user memberships.
* [snyk-licenses-texts](https://github.com/snyk-tech-services/snyk-licenses-texts): Provides Organization-level licenses used, copyrights (until January 8, 2024), and dependencies data.
* [snyk-request-manager](https://github.com/snyk-tech-services/snyk-request-manager): Rate-controlled and retry-enabled request manager to interact with Snyk APIs.
-* [snyk-repo-issue-tracker](https://github.com/snyk-tech-services/snyk-repo-issue-tracker): A python script/module that allows for generating a changeset of issues between runs against the Snyk Project issues API.
+* [snyk-repo-issue-tracker](https://github.com/snyk-tech-services/snyk-repo-issue-tracker): A python script/module that generates a changeset of issues between runs against the Snyk Project issues API.
* [snyk-repo-diff:](https://github.com/snyk-tech-services/snyk-repo-diff) Helps determine which repositories are not monitored by Snyk.
This works by retrieving a list of all Projects in a given Snyk Group, that is, all Projects in all Organizations belonging to the same Snyk Group, and associating them with a list of repositories found in a given GitHub Organization.
diff --git a/developer-tools/scan-with-snyk/snyk-tools/python-code-to-extract-issues-from-snyk-api.md b/developer-tools/scan-with-snyk/snyk-tools/python-code-to-extract-issues-from-snyk-api.md
index 0d80d8eb9e56..d34723e400ff 100644
--- a/developer-tools/scan-with-snyk/snyk-tools/python-code-to-extract-issues-from-snyk-api.md
+++ b/developer-tools/scan-with-snyk/snyk-tools/python-code-to-extract-issues-from-snyk-api.md
@@ -1,3 +1,3 @@
# Python code to extract issues from Snyk API
-Snyk has an unsupported Python client that can be used to get issues using the V1 API: [https://github.com/snyk-labs/pysnyk](https://github.com/snyk-labs/pysnyk).
+Snyk has an unsupported Python client you can use to get issues using the V1 API: [https://github.com/snyk-labs/pysnyk](https://github.com/snyk-labs/pysnyk).
diff --git a/developer-tools/scan-with-snyk/snyk-tools/tool-jira-tickets-for-new-vulns.md b/developer-tools/scan-with-snyk/snyk-tools/tool-jira-tickets-for-new-vulns.md
index f0115337eda1..2220d2479bdc 100644
--- a/developer-tools/scan-with-snyk/snyk-tools/tool-jira-tickets-for-new-vulns.md
+++ b/developer-tools/scan-with-snyk/snyk-tools/tool-jira-tickets-for-new-vulns.md
@@ -1,6 +1,6 @@
# Tool: jira-tickets-for-new-vulns
-`jira-tickets-for-new-vulns` provides the means to sync your Snyk-monitored projects and automatically open Jira tickets for new issues and existing issue(s) without ticket(s) already created.
+`jira-tickets-for-new-vulns` provides the means to sync your Snyk-monitored Projects and automatically open Jira tickets for new issues and existing issues without tickets already created.
Cron it every X minutes/hours and fix the issues. This tool is aimed to be executed at regular intervals or with a trigger of your choice (webhooks).
@@ -45,7 +45,7 @@ Use the binaries from [the release page](https://github.com/snyk-tech-services/j
## Restrictions
-The tool does not support infrastructure as code projects. It opens an issue only for code and open source projects and ignores all other project types.
+The tool does not support infrastructure as code Projects. It opens an issue only for code and open source Projects and ignores all other Project types.
**Priority is severity**
@@ -70,7 +70,7 @@ git clone the repo, build:
> `go run main.go jira.go jira_utils.go vulns.go snyk.go snyk_utils.go`
-Please report issues.
+Report issues.
## Dependencies
@@ -143,4 +143,4 @@ jira:
* The token is not expected to be present in the config file.
* Command line arguments override the config file. Example: Using the config file above, running `./snyk-jira-sync-macOs --Org=1234 --configFile=./path/to/folder --token=123` the org ID used by the tool will be 1234 and not a1b2c3de-99b1-4f3f-bfdb-6ee4b4990513.
* See 'Extended options' for default values.
-* Ensure you use the same issue type that is configured in your Jira. Default is Bug. Verify the type is use (or default) exists in your Jira configuration.
+* Ensure you use the same issue type that is configured in your Jira. Default is Bug. Verify the type in use (or default) exists in your Jira configuration.
diff --git a/developer-tools/scan-with-snyk/snyk-tools/tool-snyk-api-import/README.md b/developer-tools/scan-with-snyk/snyk-tools/tool-snyk-api-import/README.md
index e41fb3a5192f..3cfb59f35ea9 100644
--- a/developer-tools/scan-with-snyk/snyk-tools/tool-snyk-api-import/README.md
+++ b/developer-tools/scan-with-snyk/snyk-tools/tool-snyk-api-import/README.md
@@ -8,10 +8,10 @@ The Snyk API Project importer, `snyk-api-import`, is a script intended to help i
If you need to adjust concurrency, you can stop the script, change the concurrency variable, and start again. The tool skips previous repositories (Targets) that have been requested for import.
-To use `snyk-api-import` you must do the following in advance:
+To use `snyk-api-import` you must do the following first:
* Set up your Snyk Organizations (Orgs) before running an import.
-* Configure your Snyk Organizations with some connection to an SCM (GitHub, GitLab, Bitbucket, other) as you will need the `integrationId` to generate the import files.
+* Configure your Snyk Organizations with some connection to an SCM (GitHub, GitLab, Bitbucket, other) as you need the `integrationId` to generate the import files.
* Use the [Set notification settings](../../../snyk-api/reference/organizations-v1.md#org-orgid-notification-settings) API endpoint to disable notifications for emails and so on, to avoid receiving import notifications (recommended).
* Use the [Update](../../../snyk-api/reference/integrations-v1.md#org-orgid-integrations-integrationid-settings) (integration settings) endpoint to disable the fix PRs and PR checks until import is complete to avoid sending extra requests to SCMs (GitHub, GitLab, Bitbucket, and so on).
@@ -39,7 +39,7 @@ yarn global add snyk-api-import
## Usage
-By default the `import` command will run if no command is specified.
+By default the `import` command runs if no command is specified.
* `import` - kick off an API-powered import of repos (Targets) into existing Snyk Organizations defined in the import configuration file. All support available for all Project types is provided through the [Import](../../../snyk-api/reference/import-projects-v1.md) API endpoints, [Import targets](../../../snyk-api/reference/import-projects-v1.md#org-orgid-integrations-integrationid-import) and [Get Import job details](../../../snyk-api/reference/import-projects-v1.md#org-orgid-integrations-integrationid-import-jobid).
* `help` - show help and all available commands and their options.
@@ -70,9 +70,9 @@ The logs can be explored using the [Bunyan CLI](http://trentm.com/node-bunyan/bu
Error: ENFILE: file table overflow, open or Error: EMFILE, too many open files
-If you see these errors, you may need to bump **ulimit** to allow more open file operations. In order to keep the operations performing well, the tool logs as soon as it is convenient rather than waiting until the very end of a loop and logging a huge data structure. This means that depending on the number of concurrent imports set, the tool may exceed the system default **ulimit**.
+If you see these errors, you might need to bump **ulimit** to allow more open file operations. To keep the operations performing well, the tool logs as soon as it is convenient rather than waiting until the end of a loop and logging a huge data structure. This means that depending on the number of concurrent imports set, the tool might exceed the system default **ulimit**.
-Some of these resources may help you bump the **ulimit**:
+Some of these resources can help you bump the **ulimit**:
* [ss64.com](https://ss64.com/bash/ulimit.html)
* [StackOverflow](https://stackoverflow.com/questions/45004352/error-enfile-file-table-overflow-scandir-while-run-reaction-on-mac)
@@ -94,7 +94,7 @@ If your GitHub, GitLab, Bitbucket, or Azure instance is using a self-signed cert
Does this work with brokered integrations?
-Yes. Because Snyk reuses the existing integration with your SCM (Git) repository to perform the imports, the brokered connection will be used when configured.
+Yes. Because Snyk reuses the existing integration with your SCM (Git) repository to perform the imports, the brokered connection is used when configured.
diff --git a/developer-tools/scan-with-snyk/snyk-tools/tool-snyk-api-import/contributing-to-snyk-api-import.md b/developer-tools/scan-with-snyk/snyk-tools/tool-snyk-api-import/contributing-to-snyk-api-import.md
index a8912c47be52..6bfc65493008 100644
--- a/developer-tools/scan-with-snyk/snyk-tools/tool-snyk-api-import/contributing-to-snyk-api-import.md
+++ b/developer-tools/scan-with-snyk/snyk-tools/tool-snyk-api-import/contributing-to-snyk-api-import.md
@@ -2,7 +2,7 @@
## Contributor Agreement
-A pull-request will only be considered for merging into the upstream codebase after you have signed Snyk's contributor agreement, assigning to Snyk the rights to the contributed code and granting you a license to use it in return. If you submit a pull request, you will be prompted to review and sign the agreement with one click (Snyk uses [CLA assistant](https://cla-assistant.io/)).
+Snyk considers a pull request for merging into the upstream codebase only after you have signed the Snyk contributor agreement, assigning to Snyk the rights to the contributed code and granting you a license to use it in return. If you submit a pull request, Snyk prompts you to review and sign the agreement with one click (Snyk uses [CLA assistant](https://cla-assistant.io/)).
## Pull requests
@@ -16,7 +16,7 @@ fix: minified scripts being removed
Also includes tests
```
-This allows for the automatic change log to generate correctly.
+This lets the automatic change log generate correctly.
Commit types must be one of the following:
@@ -40,10 +40,10 @@ Ensure that your code adheres to the included `.eslintrc` config by running `npm
* New command line options are generally discouraged unless there's a _really_ good reason.
* Add tests for newly added code (and try to mirror directory and file structure if possible).
* Spell check.
-* PRs will not be code reviewed unless all tests are passing.
+* PRs are not code reviewed unless all tests are passing.
{% hint style="info" %}
-When fixing a bug, commit a failing test first so that CircleCI (or the approver) can show the code failing. Once that commit is in place, then commit the bug fix so that Snyk can test before and after.
+When fixing a bug, commit a failing test first so that CircleCI (or the approver) can show the code failing. After that commit is in place, commit the bug fix so that Snyk can test before and after.
{% endhint %}
-Remember that you're developing for multiple platforms and versions of Node.js, so if the tests pass on your Mac or Linux or Windows machine, the tests may not pass elsewhere.
+Remember that you're developing for multiple platforms and versions of Node.js, so if the tests pass on your Mac or Linux or Windows machine, the tests might not pass elsewhere.
diff --git a/developer-tools/scan-with-snyk/snyk-tools/tool-snyk-api-import/creating-import-targets-data-for-import-command.md b/developer-tools/scan-with-snyk/snyk-tools/tool-snyk-api-import/creating-import-targets-data-for-import-command.md
index d0b064dcbd1d..0fe42bcd213d 100644
--- a/developer-tools/scan-with-snyk/snyk-tools/tool-snyk-api-import/creating-import-targets-data-for-import-command.md
+++ b/developer-tools/scan-with-snyk/snyk-tools/tool-snyk-api-import/creating-import-targets-data-for-import-command.md
@@ -34,7 +34,7 @@ You need the organizations data in JSON as an input to this command to help map
}
```
-Note: the `"name`" of the GitHub or GitHub Enterprise Organization is required in order to list all repos belonging to that Organization using the GitHub API. The Snyk-specific data accompanying that Organization name will be used as the information to generate import data, assuming all repos in that Organization will be imported into a given Snyk Organization. This utility is opinionated. If you want to customize the import data, create it manually as described on [Kicking off an import](kicking-off-an-import.md).
+Note: the `"name`" of the GitHub or GitHub Enterprise Organization is required to list all repos belonging to that Organization using the GitHub API. Snyk uses the Snyk-specific data accompanying that Organization name to generate import data, assuming all repos in that Organization are imported into a given Snyk Organization. This utility is opinionated. If you want to customize the import data, create it manually as described on [Kicking off an import](kicking-off-an-import.md).
* You can list GitHub and GitHub Enterprise organizations using the GitHub [/orgs API](https://docs.github.com/en/free-pro-team@latest/rest/reference/orgs).
* You can list integrations using the Snyk API endpoint [List](../../../snyk-api/reference/integrations-v1.md#org-orgid-integrations-1) (integrations).
@@ -68,7 +68,7 @@ You need the organization's data in JSON as an input to this command to help map
}
```
-Note: the "name" of the GitLab Group is required in order to list all projects belonging to that group using the GitLab API. The Snyk-specific data accompanying that Group name will be used as the information to generate import data assuming all projects in that group will be imported into a given Snyk Organization. This utility is opinionated. If you want to customize the import data, create it manually as described on [Kicking off an import](kicking-off-an-import.md).
+Note: the "name" of the GitLab Group is required to list all projects belonging to that group using the GitLab API. Snyk uses the Snyk-specific data accompanying that Group name to generate import data, assuming all projects in that group are imported into a given Snyk Organization. This utility is opinionated. If you want to customize the import data, create it manually as described on [Kicking off an import](kicking-off-an-import.md).
* GitLab Groups can be listed using the GitLab [/groups API](https://docs.gitlab.com/ee/api/groups.html)
* You can list integrations using the Snyk API endpoint [List](../../../snyk-api/reference/integrations-v1.md#org-orgid-integrations-1) (integrations).
@@ -104,7 +104,7 @@ You need the organizations data in JSON as an input to this command to help map
}
```
-Note: the "name" of the Azure organization is required in order to list all projects and repos belonging to that organization using the Azure API. The Snyk-specific data accompanying that organization name will be used as the information to generate import data assuming all projects in that organization will be imported into a given Snyk Organization. This utility is opinionated. If you want to customize the import data, create it manually as described on [Kicking off an import](kicking-off-an-import.md).
+Note: the "name" of the Azure organization is required to list all projects and repos belonging to that organization using the Azure API. Snyk uses the Snyk-specific data accompanying that organization name to generate import data, assuming all projects in that organization are imported into a given Snyk Organization. This utility is opinionated. If you want to customize the import data, create it manually as described on [Kicking off an import](kicking-off-an-import.md).
* Your Org name in Azure is listed on the left pane in the [Azure-Devops-site](https://dev.azure.com/)
* You can list integrations using the Snyk API endpoint [List](../../../snyk-api/reference/integrations-v1.md#org-orgid-integrations-1) (integrations).
@@ -140,7 +140,7 @@ You need the organizations data in JSON as an input to this command to help map
}
```
-Note: the "name" of the Bitbucket server project is required in order to list all repos belonging to that project using the Bitbucket server API. The Snyk-specific data accompanying that project name will be used as the information to generate import data, assuming all repos in that project will be imported into a given Snyk Organization. If you want to customize the import data, create it manually as described on [Kicking off an import](kicking-off-an-import.md).
+Note: the "name" of the Bitbucket server project is required to list all repos belonging to that project using the Bitbucket server API. Snyk uses the Snyk-specific data accompanying that project name to generate import data, assuming all repos in that project are imported into a given Snyk Organization. If you want to customize the import data, create it manually as described on [Kicking off an import](kicking-off-an-import.md).
* Bitbucket Server Projects can be listed using the BitBucket [/projects API](https://docs.atlassian.com/bitbucket-server/rest/7.19.2/bitbucket-rest.html).
* You can list integrations using the Snyk API endpoint [List](../../../snyk-api/reference/integrations-v1.md#org-orgid-integrations-1) (integrations).
@@ -175,7 +175,7 @@ You need the organizations data in JSON as an input to this command to help map
}
```
-Note: the "name" of the Bitbucket Cloud workspace is required in order to list all repositories belonging to that workspace using the Bitbucket Cloud API. The Snyk-specific data accompanying that workspace name will be used as the information to generate import data assuming all repositories in that workspace will be imported into a given Snyk Organization. This utility is opinionated. If you want to customize the import data, create it manually as described on [Kicking off an import](kicking-off-an-import.md).
+Note: the "name" of the Bitbucket Cloud workspace is required to list all repositories belonging to that workspace using the Bitbucket Cloud API. Snyk uses the Snyk-specific data accompanying that workspace name to generate import data, assuming all repositories in that workspace are imported into a given Snyk Organization. This utility is opinionated. If you want to customize the import data, create it manually as described on [Kicking off an import](kicking-off-an-import.md).
* Bitbucket Cloud workspaces can be listed using the BItBucket [/workspaces API](https://developer.atlassian.com/cloud/bitbucket/rest/api-group-workspaces/#api-group-workspaces).
* You can list integrations using the Snyk API endpoint [List](../../../snyk-api/reference/integrations-v1.md#org-orgid-integrations-1) (integrations).
diff --git a/developer-tools/scan-with-snyk/snyk-tools/tool-snyk-api-import/creating-organizations-in-snyk.md b/developer-tools/scan-with-snyk/snyk-tools/tool-snyk-api-import/creating-organizations-in-snyk.md
index ad83639f9b7e..04603018acee 100644
--- a/developer-tools/scan-with-snyk/snyk-tools/tool-snyk-api-import/creating-organizations-in-snyk.md
+++ b/developer-tools/scan-with-snyk/snyk-tools/tool-snyk-api-import/creating-organizations-in-snyk.md
@@ -13,13 +13,13 @@ This page has instructions for creating Organizations (Orgs) in Snyk:
* [Using the `orgs:create` utility](creating-organizations-in-snyk.md#using-the-orgs-create-utility)
* [Recommendations](creating-organizations-in-snyk.md#recommendations)
-Before an import can begin you must set up Snyk with the Organizations you will populate with Projects.
+Before an import can begin, you must set up Snyk with the Organizations you populate with Projects.
-Snyk recommends that you have as many Organizations in Snyk as you have in the source you are importing from. For GitHub, this means mirroring the GitHub organizations in Snyk. The `snyk-api-import` tool provides a utility to use to make this simpler when using Groups and Organizations in Snyk.
+Snyk recommends that you have as many Organizations in Snyk as you have in the source you are importing from. For GitHub, this means mirroring the GitHub organizations in Snyk. The `snyk-api-import` tool provides a utility to make this simpler when using Groups and Organizations in Snyk.
## Generating the data required to create Organizations in Snyk with the `orgs:data` utility
-This utility helps generate data needed to mirror the GitHub.com, GitHub Enterprise, GitLab, Bitbucket Server, or Bitbucket Cloud organization structure in Snyk. This opinionated utility will assume every organization in GitHub.com, GitHub Enterprise, GitLab, Bitbucket Server, or Bitbucket Cloud should become an Organization in Snyk. If this is not what you are looking for, consider using the API endpoint [Create a new organization](../../../snyk-api/reference/organizations-v1.md#org) directly to create the structure you need.
+This utility helps generate data needed to mirror the GitHub.com, GitHub Enterprise, GitLab, Bitbucket Server, or Bitbucket Cloud organization structure in Snyk. This opinionated utility assumes every organization in GitHub.com, GitHub Enterprise, GitLab, Bitbucket Server, or Bitbucket Cloud should become an Organization in Snyk. If this is not what you are looking for, consider using the API endpoint [Create a new organization](../../../snyk-api/reference/organizations-v1.md#org) directly to create the structure you need.
### Options
diff --git a/developer-tools/scan-with-snyk/snyk-tools/tool-snyk-api-import/kicking-off-an-import.md b/developer-tools/scan-with-snyk/snyk-tools/tool-snyk-api-import/kicking-off-an-import.md
index 0e280b498ca5..9ae4af1265ad 100644
--- a/developer-tools/scan-with-snyk/snyk-tools/tool-snyk-api-import/kicking-off-an-import.md
+++ b/developer-tools/scan-with-snyk/snyk-tools/tool-snyk-api-import/kicking-off-an-import.md
@@ -1,8 +1,8 @@
# Kicking off an import
-`snyk-api-import` supports the same Project sources that you can import using the Snyk API: Git repositories, Docker images, containers, configuration files and much more. You can configure integrations using the Integrations settings on your Snyk Organization settings page. For more information, see the definition of [Target](https://app.gitbook.com/s/BJO0IZx7zB6bOkotxQP2/scan-with-snyk/snyk-projects#target) on the Snyk Projects documentation page.
+`snyk-api-import` supports the same Project sources that you can import using the Snyk API: Git repositories, Docker images, containers, configuration files, and much more. You can configure integrations using the Integrations settings on your Snyk Organization settings page. For more information, see the definition of [Target](https://app.gitbook.com/s/BJO0IZx7zB6bOkotxQP2/scan-with-snyk/snyk-projects#target) on the Snyk Projects documentation page.
-Note that any logs will be generated at `SNYK_LOG_PATH` directory.
+Note that Snyk generates any logs in the `SNYK_LOG_PATH` directory.
The steps to start an import follow.
@@ -40,9 +40,9 @@ Each **import target** has the following keys:
* `exclusionGlobs` - Comma-separated list of up to ten folder names to exclude from scanning (each folder name must not exceed 100 characters). If not specified, defaults to "fixtures, tests, tests, node\_modules". If an empty string is provided, no folders will be excluded.
* `files` - An object array. Each path must be the full relative path to the file from the root of the Target. Only those files found at that location will be imported.
-Note that for a repository that may have 200+ manifest files, Snyk recommends that you split the import into multiple imports by targeting specific files. Importing hundreds of files at once from one repository can cause the import to result in some errors or failures.
+Note that for a repository that has 200+ manifest files, Snyk recommends that you split the import into multiple imports by targeting specific files. Importing hundreds of files at once from one repository can cause the import to result in some errors or failures.
-Splitting the import to import some files or some folders only will benefit from the re-tries and produce a smaller load on the source control management system being used. Populate the `files` property to accomplish this in the import JSON.
+Splitting the import to import some files or some folders only benefits from the re-tries and produces a smaller load on the source control management system being used. Populate the `files` property to accomplish this in the import JSON.
If you have any tests or fixtures that should be ignored, set the `exclusionGLobs` property:
@@ -168,20 +168,20 @@ Download a binary from the [releases page](https://github.com/snyk/snyk-api-impo
### **Skip all previously imported targets**
-This utility can be used to skip previously imported Targets (repos), so only remaining Targets will be imported.
+You can use this utility to skip previously imported Targets (repos), so Snyk imports only the remaining Targets.
-The utility helps generate the `imported-targets.log` file by analyzing the Projects already in a given Snyk Group. When present in the logging path, this file is used to look up Targets that should be skipped during the import.
+The utility helps generate the `imported-targets.log` file by analyzing the Projects already in a given Snyk Group. When present in the logging path, this file looks up Targets to skip during the import.
### Example
-* All GitHub repositories have been imported into Snyk into their respective Organizations during initial onboarding.
+* All GitHub repositories are imported into Snyk into their respective Organizations during initial onboarding.
* New GitHub repositories have since been added and now need to be added to Snyk.
* To avoid importing everything again, you can use this utility and run `import` again to import only "new" GitHub repositories. This is much faster and removes unnecessary calls to Snyk and GitHub to fetch files and do the import for everything again.
### Importing the same Target
-* The same Target imported into a different Organization can be imported.
-* The same Target from a different source can be imported; for example, the same repository that is present in GitHub can now be imported through GitHub Enterprise into the same Organization.
+* You can import the same Target into a different Organization.
+* You can import the same Target from a different source. For example, you can now import the same repository that is present in GitHub through GitHub Enterprise into the same Organization.
### Command to run
diff --git a/developer-tools/scan-with-snyk/snyk-tools/tool-snyk-api-import/mirroring-bitbucket-cloud-organizations-and-repos-in-snyk.md b/developer-tools/scan-with-snyk/snyk-tools/tool-snyk-api-import/mirroring-bitbucket-cloud-organizations-and-repos-in-snyk.md
index 3ab074636f3b..b8b3a3d27304 100644
--- a/developer-tools/scan-with-snyk/snyk-tools/tool-snyk-api-import/mirroring-bitbucket-cloud-organizations-and-repos-in-snyk.md
+++ b/developer-tools/scan-with-snyk/snyk-tools/tool-snyk-api-import/mirroring-bitbucket-cloud-organizations-and-repos-in-snyk.md
@@ -14,7 +14,7 @@ Refer to individual documentation pages for detailed information. The general st
## Re-importing new repos and Orgs only while mirroring
-Once initial import is complete you can periodically check for new repos and make sure they are added into Snyk by following these steps, which are similar to the preceding steps to import repos.
+After the initial import is complete, you can periodically check for new repos and ensure they are added to Snyk by following these steps, which are similar to the preceding steps to import repos.
1. `export BITBUCKET_CLOUD_USERNAME=***`, `export BITBUCKET_CLOUD_PASSWORD=***` and `export SNYK_TOKEN=***`
2. Generate organization data in Snyk and skip any that do not have any repos by using `--skipEmptyOrg` `snyk-api-import orgs:data --source=bitbucket-cloud --groupId= --skipEmptyOrg` Full instructions: [Creating organizations in Snyk](creating-organizations-in-snyk.md)
diff --git a/developer-tools/scan-with-snyk/snyk-tools/tool-snyk-api-import/mirroring-bitbucket-server-organizations-and-repos-in-snyk.md b/developer-tools/scan-with-snyk/snyk-tools/tool-snyk-api-import/mirroring-bitbucket-server-organizations-and-repos-in-snyk.md
index 69bec2f95be7..645e31719757 100644
--- a/developer-tools/scan-with-snyk/snyk-tools/tool-snyk-api-import/mirroring-bitbucket-server-organizations-and-repos-in-snyk.md
+++ b/developer-tools/scan-with-snyk/snyk-tools/tool-snyk-api-import/mirroring-bitbucket-server-organizations-and-repos-in-snyk.md
@@ -1,6 +1,6 @@
# Mirroring Bitbucket Server organizations and repos in Snyk
-You can use four commands in the available utils to import the entirety of Bitbucket Server repos into Snyk. You must configure both the both the Bitbucket Server token and Snyk token as environment variables to proceed.
+You can use four commands in the available utils to import the entirety of Bitbucket Server repos into Snyk. You must configure both the Bitbucket Server token and Snyk token as environment variables to proceed.
## General steps to import Bitbucket Server repos
@@ -14,7 +14,7 @@ Refer to individual documentation pages for detailed information. The general st
## Re-importing new repos and Orgs only while mirroring
-Once initial import is complete you can periodically check for new repos and make sure they are added into Snyk by following these steps, which are similar to the preceding steps to import repos.
+After the initial import is complete, you can periodically check for new repos and ensure they are added to Snyk by following these steps, which are similar to the preceding steps to import repos.
1. `export BITBUCKET_SERVER_TOKEN=***` and `export SNYK_TOKEN=***`
2. Generate organization data in Snyk and skip any that do not have any repos by using `--skipEmptyOrg` `snyk-api-import orgs:data --source=bitbucket-server --groupId= --skipEmptyOrg` Full instructions: [Creating organizations in Snyk](creating-organizations-in-snyk.md)
diff --git a/developer-tools/scan-with-snyk/snyk-tools/tool-snyk-api-import/mirroring-gitlab-organizations-and-repos-in-snyk.md b/developer-tools/scan-with-snyk/snyk-tools/tool-snyk-api-import/mirroring-gitlab-organizations-and-repos-in-snyk.md
index d6a0a4b936d8..5962ad1feb38 100644
--- a/developer-tools/scan-with-snyk/snyk-tools/tool-snyk-api-import/mirroring-gitlab-organizations-and-repos-in-snyk.md
+++ b/developer-tools/scan-with-snyk/snyk-tools/tool-snyk-api-import/mirroring-gitlab-organizations-and-repos-in-snyk.md
@@ -14,7 +14,7 @@ Refer to individual documentation pages for detailed information. The general st
## Re-importing new repos and Orgs only while mirroring
-Once initial import is complete you can periodically check for new repos and make sure they are added into Snyk by following these steps, which are similar to the preceding steps to import repos.
+After the initial import is complete, you can periodically check for new repos and ensure they are added to Snyk by following these steps, which are similar to the preceding steps to import repos.
1. `export GITLAB_TOKEN=***` and `export SNYK_TOKEN=***`
2. Generate organization data in Snyk and skip any that do not have any repos by using `--skipEmptyOrg` `snyk-api-import orgs:data --source=gitlab --groupId= --skipEmptyOrg` Full instructions: [Creating organizations in Snyk](creating-organizations-in-snyk.md)
diff --git a/developer-tools/scm-integrations/README.md b/developer-tools/scm-integrations/README.md
index 12f857da9b6b..744691b1e415 100644
--- a/developer-tools/scm-integrations/README.md
+++ b/developer-tools/scm-integrations/README.md
@@ -1,8 +1,8 @@
# SCMs
-Snyk supports SCM integrations that allow you to implement security at each point in your workflow: importing a Project, writing your code, and building and deployment. Snyk can also [automatically create pull requests (PRs)](https://app.gitbook.com/s/BJO0IZx7zB6bOkotxQP2/fix/snyk-pull-or-merge-requests/enable-automatic-upgrade-prs-for-new-dependency-upgrades) on your behalf to upgrade your dependencies based on scan results, compatible with a variety of SCM integrations.
+Snyk supports SCM integrations that let you implement security at each point in your workflow: importing a Project, writing your code, and building and deployment. Snyk can also [automatically create pull requests (PRs)](https://app.gitbook.com/s/BJO0IZx7zB6bOkotxQP2/fix/snyk-pull-or-merge-requests/enable-automatic-upgrade-prs-for-new-dependency-upgrades) on your behalf to upgrade your dependencies based on scan results, compatible with a variety of SCM integrations.
-Snyk Source Control Manager (SCM) integrations allow you to:
+Snyk Source Control Manager (SCM) integrations let you:
* Continuously perform security scanning across all integrated repositories
* Detect vulnerabilities in your open-source components
@@ -25,7 +25,7 @@ If you have added the GitHub integration at Organizational and/or Group levels a
This feature is available for GitHub, GitHub Enterprise, GitHub Cloud App, GitLab, Bitbucket Server, Bitbucket Cloud App, Bitbucket Cloud (Legacy), and Azure Repos (TFS) integrations.
{% endhint %}
-The Workspaces feature enables Snyk to ingest a temporary snapshot of repository contents, and all commit metadata through your configured SCM integrations.
+The Workspaces feature enables Snyk to ingest a temporary snapshot of repository contents and all commit metadata through your configured SCM integrations.
For detailed information on this feature, including enablement steps, see [Workspaces for SCM integrations](workspaces.md).
@@ -35,7 +35,7 @@ If you are an Enterprise customer, see [Choose rollout integrations](https://app
### GitHub vs GitHub Enterprise
-As an Enterprise plan user, Snyk recommends using the GitHub Enterprise integration as it enables you to use a single GitHub service account personal access token (PAT) across your Snyk Organization rather than depending on a PAT for an individual user account. You can use this integration whether or not you have a GitHub Enterprise (GHE) license or subscription.
+As an Enterprise plan user, Snyk recommends using the GitHub Enterprise integration as it lets you use a single GitHub service account personal access token (PAT) across your Snyk Organization rather than depending on a PAT for an individual user account. You can use this integration whether or not you have a GitHub Enterprise (GHE) license or subscription.
Another benefit to using the GitHub Enterprise integration is that you can choose to clone integration settings when you are creating new Snyk Organizations. This means you can use one GitHub Enterprise integration for all Organizations in your Snyk Group.
@@ -55,9 +55,9 @@ See [Migrate to the Snyk Bitbucket Cloud App](organization-level-integrations/bi
#### Main capabilities unlocked by the new app integration
-* Allows using Snyk with Bitbucket's [allowlisting IP addresses](https://support.atlassian.com/bitbucket-cloud/docs/control-access-to-your-private-content/) premium tier feature.
+* Lets you use Snyk with the [allowlisting IP addresses](https://support.atlassian.com/bitbucket-cloud/docs/control-access-to-your-private-content/) premium tier feature in Bitbucket.
* Helps handle rate-limiting issues for companies who spread their repos across multiple workspaces in Bitbucket Cloud.
-* Supports the first-party interface in Bitbucket Cloud (Snyk's Security tab) out-of-the-box, meaning you need not install and maintain the first-party extension app to consume Snyk's security insights from Bitbucket Cloud.
+* Supports the first-party interface in Bitbucket Cloud (the Security tab in Snyk) out-of-the-box, meaning you need not install and maintain the first-party extension app to consume Snyk security insights from Bitbucket Cloud.
#### Limitations of the new app integration
@@ -67,6 +67,6 @@ See [Migrate to the Snyk Bitbucket Cloud App](organization-level-integrations/bi
#### Are there any plans for end-of-life for the Personal Access Token (PAT) integration?
-To improve security, the use of app passwords in Bitbucket Cloud is transitioning to API tokens. Existing integrations that use app passwords will continue to function temporarily until 9 June, 2026:
+To improve security, the use of app passwords in Bitbucket Cloud is transitioning to API tokens. Existing integrations that use app passwords continue to function temporarily until 9 June 2026.
To ensure continued support and functionality, update your Bitbucket Cloud integration in Snyk to use an API token.
diff --git a/developer-tools/scm-integrations/application-context-for-scm-integrations/README.md b/developer-tools/scm-integrations/application-context-for-scm-integrations/README.md
index 66b7cee69f96..ecf9f6e84655 100644
--- a/developer-tools/scm-integrations/application-context-for-scm-integrations/README.md
+++ b/developer-tools/scm-integrations/application-context-for-scm-integrations/README.md
@@ -4,7 +4,7 @@
The application context for SCM integrations provides a comprehensive and interconnected overview of application assets. This context is crucial for assessing security risks and their potential implications, as it outlines the entire structure and components of the applications involved.
-Use Application Context to integrate with Internal Developer Portals (IDPs) and service catalogs such as ServiceNow CMDB, Atlassian Compass, and others. These platforms allow Snyk to automate the collection of essential context, including asset type, ownership, and lifecycle.
+Use Application Context to integrate with Internal Developer Portals (IDPs) and service catalogs such as ServiceNow CMDB, Atlassian Compass, and others. These platforms let Snyk automate the collection of essential context, including asset type, ownership, and lifecycle.
The application context provides broader access to resources and services in an application. You can use it to:
@@ -12,7 +12,7 @@ The application context provides broader access to resources and services in an
* Gather relevant information to effectively assess and manage application security vulnerabilities and identify potential risks.
* Create a streamlined data flow by working cohesively with assets identified through Snyk Essentials SCM integrations
-By leveraging Application context, you can achieve a deeper understanding of your application's security posture. After the integration is set, use the application context that can be leveraged across Snyk to classify repositories, set Asset policies, or filter reports.
+By using Application context, you can achieve a deeper understanding of your application's security posture. After the integration is set, use the application context across Snyk to classify repositories, set Asset policies, or filter reports.
These are the available integrations that you can set up for the application context:
@@ -24,7 +24,7 @@ These are the available integrations that you can set up for the application con
* [Datadog Service Catalog](./#datadog-service-catalog)
{% hint style="info" %}
-The Application Context integrations on this page work in conjunction with assets found through Snyk Essentials SCM integrations. If there is no Snyk Essentials SCM integration configured at the Group level on the Integrations page, then data will not populate from these integrations.
+The Application Context integrations on this page work in conjunction with assets found through Snyk Essentials SCM integrations. If there is no Snyk Essentials SCM integration configured at the Group level on the Integrations page, then data does not populate from these integrations.
{% endhint %}
## Backstage file for SCM integrations
@@ -32,10 +32,10 @@ The Application Context integrations on this page work in conjunction with asset
{% hint style="info" %}
**Release status**
-The ackstage file integration is in Early Access and available with Snyk Enterprise plans.
+The Backstage file integration is in Early Access and available with Snyk Enterprise plans.
{% endhint %}
-Backstage is a service catalog that allows users to add metadata or annotations to their repositories, helping to organize and categorize the available resources for easier navigation and understanding. You can leverage your SCM integration to pull metadata associated with backstage catalog files into Snyk Essentials.
+Backstage is a service catalog that lets users add metadata or annotations to their repositories, helping to organize and categorize the available resources for easier navigation and understanding. You can use your SCM integration to pull metadata associated with backstage catalog files into Snyk Essentials.
You can use the backstage catalog file for GitHub, GitLab, Azure DevOps, BitBucket Cloud, and BitBucket on-prem SCM integrations.
@@ -88,7 +88,7 @@ The ServiceNow CMDB integration is in Early Access and available with Snyk Enter
5. Add the **CMDB field to map Repo URL** - Add the URL of the repository.
{% hint style="info" %}
-* The data gathered by Snyk from ServiceNow CMDB will be correlated with the Repository Assets.
+* Snyk correlates the data gathered from ServiceNow CMDB with the Repository Assets.
* The ServiceNow CMDB integration uses basic authentication and suggests enabling the "Web service access only" option for Service Accounts.
{% endhint %}
@@ -106,7 +106,7 @@ The ServiceNow CMDB integration is in Early Access and available with Snyk Enter
* Category: application\_type
* Owner: business\_unit
* Click **Done**.
-* When the connection is established, the status of the ServiceNow CMDB integration is changed to **Connected**.
+* When the connection is established, the status of the ServiceNow CMDB integration changes to **Connected**.
{% hint style="warning" %}
When you set up the catalog attributes, you can customize the name of the attribute but must ensure that the same name is used in the catalog and in the Integration setup.
@@ -138,7 +138,7 @@ The Atlassian Compass integration is in Early Access and available with Snyk Ent
4. Add your Atlassian Compass instance **Token**. Navigate to the [Manage API tokens for your Atlassian account](https://support.atlassian.com/atlassian-account/docs/manage-api-tokens-for-your-atlassian-account/) page for more details about creating an Atlassian API token.
{% hint style="info" %}
-The gathered data from Atlassian Compass will be correlated with the Repository Assets.
+Snyk correlates the gathered data from Atlassian Compass with the Repository Assets.
This feature is available only for the integration with Atlassian Compass.
{% endhint %}
@@ -159,7 +159,7 @@ This feature is available only for the integration with Atlassian Compass.
* **Owner** - the `ownerId` (finding owner name from ownerId).
* **Application** - the `typeId` (all component types, Application, Service, Library, and so on receive an ID).
9. Click **Done**.
-10. When the connection is established, the status of the Atlassian Compass integration is changed to **Connected**, and Snyk Essentials will start enriching repository assets with the data found in Atlassian Compass.
+10. When the connection is established, the status of the Atlassian Compass integration changes to **Connected**, and Snyk Essentials starts enriching repository assets with the data found in Atlassian Compass.
{% hint style="warning" %}
When you set up the catalog attributes, you must use the specific service-level attributes, for example `attribute.name.`
@@ -199,7 +199,7 @@ This integration is focused on [Harness’s](https://developer.harness.io/docs/i
* Owner - If you select this metadata, it is mandatory to add the **Owner key**.
* Application - If you select this metadata, it is mandatory to add the **Application key**.
8. Click **Done**.
-9. When the connection is established, the status of the Harness integration is changed to **Connected**, and Snyk Essentials will start enriching repository assets with the data found in Harness.
+9. When the connection is established, the status of the Harness integration changes to **Connected**, and Snyk Essentials starts enriching repository assets with the data found in Harness.
{% hint style="warning" %}
When you set up the catalog attributes, you can customize the name of the attribute but must ensure that the same name is used in the catalog and in the Integration setup.
@@ -234,7 +234,7 @@ The OpsLevel integration is in Early Access and available with Snyk Enterprise p
* Owner - Identified with `owner.name` in OpsLevel.
* Application - Identified with `product` in OpsLevel.
8. Click **Done**.
-9. When the connection is established, the status of the OpsLevel integration is changed to **Connected**, and Snyk Essentials will start enriching repository assets with the data found in OpsLevel.
+9. When the connection is established, the status of the OpsLevel integration changes to **Connected**, and Snyk Essentials starts enriching repository assets with the data found in OpsLevel.
{% hint style="warning" %}
When you set up the catalog attributes, you must use the specific service-level attributes, for example `attribute.name.`
@@ -271,7 +271,7 @@ The Datadog Service Catalog integration is in Early Access and available with Sn
* Owner - If you select this metadata, it is mandatory to add the **Owner key**.
* Application - If you select this metadata, it is mandatory to add the **Application key**.
9. Click **Done**.
-10. When the connection is established, the status of the Datadog Service Catalog integration is changed to **Connected**, and Snyk Essentials will start enriching repository assets collected by a Snyk Essentials SCM Integration with the data found in Datadog Service Catalog.
+10. When the connection is established, the status of the Datadog Service Catalog integration changes to **Connected**, and Snyk Essentials starts enriching repository assets collected by a Snyk Essentials SCM Integration with the data found in Datadog Service Catalog.
{% hint style="warning" %}
When you set up the catalog attributes, you can customize the name of the attribute but must ensure that the same name is used in the catalog and in the Integration setup.
diff --git a/developer-tools/scm-integrations/application-context-for-scm-integrations/backstage-file-in-asset-inventory-use-case.md b/developer-tools/scm-integrations/application-context-for-scm-integrations/backstage-file-in-asset-inventory-use-case.md
index c93c4ec60749..782466dcedb7 100644
--- a/developer-tools/scm-integrations/application-context-for-scm-integrations/backstage-file-in-asset-inventory-use-case.md
+++ b/developer-tools/scm-integrations/application-context-for-scm-integrations/backstage-file-in-asset-inventory-use-case.md
@@ -13,7 +13,7 @@ Components have several attributes and most of them are optional:
* `Metadata.name` (mandatory) - represents the name of the component.
* `Metadata.title` (optional) - represents the name of the component.
-The backstage data is dynamic and may change over time:
+The backstage data is dynamic and can change over time:
* If new commits or updates are made to the `catalog-info.yaml` file, then Snyk Essentials updates the asset attribute for that specific repository asset.
* If the`catalog-info.yaml` file is removed from the repository, then Snyk Essentials deletes the asset attribute from that specific repository assets.
diff --git a/developer-tools/scm-integrations/deployment-recommendations.md b/developer-tools/scm-integrations/deployment-recommendations.md
index fe3f679fab62..5f475a29f396 100644
--- a/developer-tools/scm-integrations/deployment-recommendations.md
+++ b/developer-tools/scm-integrations/deployment-recommendations.md
@@ -1,6 +1,6 @@
# Deployment recommendations
-If you try to implement all the SCM integration features at the same time, you risk causing friction in your software development life cycle ([SDLC](https://snyk.io/learn/secure-sdlc/)), which in turn leads to a poor developer experience.
+If you try to implement all the SCM integration features at the same time, you risk causing friction in your software development lifecycle ([SDLC](https://snyk.io/learn/secure-sdlc/)), which in turn leads to a poor developer experience.
To ensure a smooth rollout of Snyk across your organization, Snyk provides a suggested deployment timeline consisting of deployment stages, configuration steps, and the desired outcome for each stage.
@@ -8,7 +8,7 @@ To ensure a smooth rollout of Snyk across your organization, Snyk provides a sug
| ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
|
Stage 1: Set up an Organization-level SCM integration in your first Snyk Organization.
Set up a Group-level SCM integration in Snyk Essentials.
Snyk will scan your imported repositories to detect all supported files and create them as Projects where you can view the vulnerabilities detected.
Disabling these features removes potential blockers for your initial setup and use of Snyk. This way, you have scheduled scans and high visibility of reporting without blocking deployments.
|
-|
Stage 3: Build a fix plan using Snyk prioritization reporting capabilities.
| Learn more about [Snyk Priority Score](https://app.gitbook.com/s/BJO0IZx7zB6bOkotxQP2/fix/prioritize-issues-for-fixing/priority-score) and [Snyk Risk Score](https://app.gitbook.com/s/BJO0IZx7zB6bOkotxQP2/fix/prioritize-issues-for-fixing/risk-score) to understand how you can leverage these features to help prioritize which issues to fix. | Alignment between Developers and Security on what should be fixed and when to streamline the fix process. |
+|
Stage 3: Build a fix plan using Snyk prioritization reporting capabilities.
| Learn more about [Snyk Priority Score](https://app.gitbook.com/s/BJO0IZx7zB6bOkotxQP2/fix/prioritize-issues-for-fixing/priority-score) and [Snyk Risk Score](https://app.gitbook.com/s/BJO0IZx7zB6bOkotxQP2/fix/prioritize-issues-for-fixing/risk-score) to understand how you can use these features to help prioritize which issues to fix. | Alignment between Developers and Security on what should be fixed and when to streamline the fix process. |
|
Stage 4: Configure Snyk PR Checks and auto-fix PRs to alert developers to issues in real-time, with available fixes.
| Enable [Snyk PR status checks](https://app.gitbook.com/s/BJO0IZx7zB6bOkotxQP2/fix/pull-requests) so developers know whether their PR contains high-severity issues with available fixes. | Make it easy for your developers to see new issues before they are merged into the repository, decreasing the number of new vulnerabilities added and enabling them to make decisions on blocking a merge. |
|
Stage 5: Prevent developers from introducing any new vulnerabilities.
| Enable branch protection in your SCM tool so that PRs with failing Snyk PR status checks cannot be merged. | This change will prevent PRs from being merged into your repository if Snyk detects new vulnerabilities. Over time, you can adjust the sensitivity of the check to include all high or critical severity issues, regardless of whether a fix is available. |
|
Stage 6: Enable Snyk automated features to fix issues and keep dependencies up-to-date to reduce technical security debt.
| Snyk will automatically raise PRs to fix issues with the highest severity. Keeping your dependencies up to date helps to reduce future design headaches and hot fixes, which can be time consuming to research and address. |
@@ -27,11 +27,11 @@ For details on these permissions, see [User permissions and access scope require
### Change notification settings
-By default, Snyk emails every Org user when a new issue or fix in a Project’s dependencies is found, and provides each user with a weekly update of the security status across the Organization. If you plan to import many Projects to an Organization, to avoid sending multiple email notifications sent to users, consider disabling all the notifications for that Organization.
+By default, Snyk emails every Org user when it finds a new issue or fix in a Project’s dependencies, and provides each user with a weekly update of the security status across the Organization. If you plan to import many Projects to an Organization, to avoid sending multiple email notifications to users, consider disabling all the notifications for that Organization.
-To customize the emails your Org users receive, go to **Settings** > **Notifications** > **Notification Settings**. The changes you make here will affect all of your Organization’s members, although Org users can override these default settings in their user-level account settings.
+To customize the emails your Org users receive, navigate to **Settings** > **Notifications** > **Notification Settings**. The changes you make here affect all of your Organization’s members, although Org users can override these default settings in their user-level account settings.
-To disable notifications for all the users in an Org ahead of your import, deselect the appropriate notification boxes. See [Manage notifications](https://app.gitbook.com/s/IgtgtomLQ2TUgSKOMSAm/snyk-hierarchy/manage-notifications) for more details.
+To disable notifications for all the users in an Org before your import, deselect the appropriate notification boxes. See [Manage notifications](https://app.gitbook.com/s/IgtgtomLQ2TUgSKOMSAm/snyk-hierarchy/manage-notifications) for more details.
## Stage 2: Import Projects
@@ -44,7 +44,7 @@ Navigate to the **Projects** page in the Snyk UI, select **Add projects**, selec
After a Project is imported, it is continuously checked for vulnerabilities.
{% hint style="info" %}
-To confirm that a Project was imported, go to the **Add project** import page for the integration. Imported Projects are indicated by a checkmark next to the repository name.
+To confirm that a Project was imported, navigate to the **Add project** import page for the integration. A checkmark next to the repository name indicates imported Projects.
{% endhint %}
For details, see [Import a Project](https://app.gitbook.com/s/L7HyJj9FsK1W4pNt8Gzl/getting-started-guides/getting-started#import-a-project-to-scan-and-identify-issues).
@@ -89,7 +89,7 @@ When you first roll out your SCM integration, Snyk recommends that you start wit
## Stage 4: Enable Blocking PRs
-After you have embedded Snyk into your software development life cycle (SDLC), and have built good developer awareness, you can start to apply stricter policies to improve your overall security posture, for example:
+After you have embedded Snyk into your software development lifecycle (SDLC), and have built good developer awareness, you can start to apply stricter policies to improve your overall security posture, for example:
* Low-priority Projects: you can fail the PR only for new high-severity issues that are fixable.
* Medium-priority Projects: fail the PR only for high-severity issues.
diff --git a/developer-tools/scm-integrations/group-level-integrations/README.md b/developer-tools/scm-integrations/group-level-integrations/README.md
index 4b6ec19a0f59..35d754c34ebd 100644
--- a/developer-tools/scm-integrations/group-level-integrations/README.md
+++ b/developer-tools/scm-integrations/group-level-integrations/README.md
@@ -1,6 +1,6 @@
# Group-level integrations
-Group-level SCM integrations provide broader visibility into all the application assets for a given customer and pull in the additional application context and, or metadata, for example, information on developers, commits, and so on.
+Group-level SCM integrations provide broader visibility into all the application assets for a given customer and pull in the additional application context and metadata, for example, information on developers, commits, and so on.
At the Group level, you can set up and customize your Snyk Essentials integrations from the **Integrations** page, where the following SCMs are available:
@@ -18,7 +18,7 @@ The Integrations page at the Group-level shows all active integrations, includin
{% hint style="warning" %}
The SCM integrations use an incremental approach to retrieve repositories. This means that when a sync is initiated, it checks the last update time of the repository and only transfers the repositories that have been modified since then.
-If there have been changes to the scope of the user or PAT used for the integration, any repositories that are newly within scope will only be identified after either a change to trigger the incremental collection or a change to the integration configuration itself.
+If there have been changes to the scope of the user or PAT used for the integration, Snyk identifies any repositories that are newly in scope only after either a change to trigger the incremental collection or a change to the integration configuration itself.
{% endhint %}
The following supported Snyk data are automatically synced:
@@ -28,12 +28,12 @@ The following supported Snyk data are automatically synced:
* Snyk IaC
* Snyk Container
-Each connected integration enables you to:
+Each connected integration lets you:
* Pause data syncing
* Modify integration profiles and configurations
* Delete the integration
-* Check when the integration was last synced and when the next sync is scheduled.
+* Check when the integration was last synced and when the next sync is scheduled
See the [Integration syncing time](../../integrations/integrate-with-snyk.md#integrations-syncing-time) for more details about the time required to sync for each action.
@@ -43,7 +43,7 @@ To configure a Group-level integration, you must be a Group Admin or have a cust
### Wildcard SCM integration
-The wildcard integration allows you to use a special character to detect and integrate multiple SCM organizations simultaneously.
+The wildcard integration lets you use a special character to detect and integrate multiple SCM organizations simultaneously.
{% hint style="info" %}
The wildcard integration applies to the GitHub integration and offers support when you set it up using [Snyk Broker](https://app.gitbook.com/s/IgtgtomLQ2TUgSKOMSAm/snyk-broker/using-snyk-essentials-with-snyk-broker).
@@ -53,12 +53,12 @@ You can use the wildcards while setting up your integration using the **Integrat
* Navigate to **Integrations**.
* Select the **SCM** tag and search for GitHub or Azure DevOps.
-* Click the **Add** button.
+* Click **Add**.
* In the **Organizations** field, add the Organization details by using the `*` symbol. For example, using `*snyk` integrates all SCM Organizations that have Snyk in their name.
-* All the Organizations that match with the wildcard, `*` symbol will be added.
+* Snyk adds all the Organizations that match the wildcard `*` symbol.
{% hint style="info" %}
-The wildcard, `*` symbol is considered a living command and will be applied every time you are rescanning your repositories.
+The wildcard `*` symbol is considered a living command and applies every time you rescan your repositories.
{% endhint %}
### Snyk Essentials integrations ecosystem
diff --git a/developer-tools/scm-integrations/group-level-integrations/azure-devops-for-snyk-essentials.md b/developer-tools/scm-integrations/group-level-integrations/azure-devops-for-snyk-essentials.md
index e7fda2d8232e..1310d01c9f17 100644
--- a/developer-tools/scm-integrations/group-level-integrations/azure-devops-for-snyk-essentials.md
+++ b/developer-tools/scm-integrations/group-level-integrations/azure-devops-for-snyk-essentials.md
@@ -29,7 +29,7 @@ The following PAT token permissions requirements are for Snyk Essentials integra
## Generate a Personal access token from your Azure DevOps settings
{% hint style="warning" %}
-The user account that owns the PAT needs `Basic` access level on the Azure organisation.
+The user account that owns the PAT needs `Basic` access level on the Azure organization.
{% endhint %}
1. Open Azure DevOps and click the **Settings** menu for your profile.
diff --git a/developer-tools/scm-integrations/group-level-integrations/github-for-snyk-essentials.md b/developer-tools/scm-integrations/group-level-integrations/github-for-snyk-essentials.md
index 781bc49191ee..ae6f7db25de6 100644
--- a/developer-tools/scm-integrations/group-level-integrations/github-for-snyk-essentials.md
+++ b/developer-tools/scm-integrations/group-level-integrations/github-for-snyk-essentials.md
@@ -43,17 +43,17 @@ If you want to pull data from both organization and personal repositories, then
## Generate a Personal access token from your GitHub settings
-1. Open GitHub and click the Settings menu for your profile.
-2. Select Developer settings from the left sidebar.
-3. Select Personal access tokens and then Tokens (classic).
-4. Click Generate new token and, from the dropdown, select Generate new token (classic).
-5. Add a description for your token in the Note field.
+1. Open GitHub and click the **Settings** menu for your profile.
+2. Select **Developer settings**.
+3. Select **Personal access tokens** and then **Tokens (classic)**.
+4. Click **Generate new token** and, from the dropdown, select **Generate new token (classic)**.
+5. Add a description for your token in the **Note** field.
6. Select the required permissions:
* `repo`
* `read:org`
* `read:user`
* `user:email`.
-7. Click Generate token.
+7. Click **Generate token**.
8. Copy and store the displayed key.
{% hint style="info" %}
@@ -66,4 +66,4 @@ You can use the[ GitHub REST API](https://docs.github.com/en/rest?apiVersion=202
You can use as the host Address the IP/URL of the GitHub server. The default URL is [`https://api.github.com`](https://api.github.com).
-The user associated with the token needs to have write permissions on relevant repositories to collect a breakdown of scan issues.
+The user associated with the token must have write permissions on relevant repositories to collect a breakdown of scan issues.
diff --git a/developer-tools/scm-integrations/group-level-integrations/gitlab-for-snyk-essentials.md b/developer-tools/scm-integrations/group-level-integrations/gitlab-for-snyk-essentials.md
index 2ffc10cdcee5..7b2323719750 100644
--- a/developer-tools/scm-integrations/group-level-integrations/gitlab-for-snyk-essentials.md
+++ b/developer-tools/scm-integrations/group-level-integrations/gitlab-for-snyk-essentials.md
@@ -20,20 +20,20 @@ To configure a Group-level integration, you must be a Group Admin or have a cust
3. Broker Token (`mandatory`): Create and add your Broker token if you use Snyk Broker.
* Generate your Broker token by following the instructions from the [Obtain your Broker token for Snyk Broker](https://app.gitbook.com/s/IgtgtomLQ2TUgSKOMSAm/snyk-broker/classic-broker/prepare-snyk-broker-for-deployment/obtain-the-tokens-required-to-set-up-snyk-broker) page.
* Copy and paste the Broker token on the integration setup menu from the Integration Hub.
-4. Pull personal repositories (`optional`): Enable the option If you only want to pull the repositories you own.
+4. Pull personal repositories (`optional`): Enable the option if you only want to pull the repositories you own.
5. Add Backstage Catalog (`optional`): If you want to add your Backstage catalog, follow the instructions from the [Backstage file for SCM Integrations](../application-context-for-scm-integrations/) page.
## Generate a [Personal access token](../organization-level-integrations/gitlab.md#gitlab-access-tokens) from your GitLab settings
1. Navigate to your GitLab profile.
-2. Select Edit Profile.
-3. On the left sidebar, select Access Token.
-4. Select Add New Token.
+2. Select **Edit Profile**.
+3. Select **Access Token**.
+4. Select **Add New Token**.
5. Enter a name and expiry date for the token.
6. Ensure to enable this permission:
* `read_api` - Grants read access to the API, including all groups and projects, the container registry, and the package registry.
* `read_repository` - Grants read-only access to repositories on private projects using Git-over-HTTP or the Repository Files API.
-7. Click the Create personal access token button.
+7. Click **Create personal access token**.
8. Copy and store the displayed key.
## API version
diff --git a/developer-tools/scm-integrations/organization-level-integrations/README.md b/developer-tools/scm-integrations/organization-level-integrations/README.md
index caf2e95ec461..f128e0b0e166 100644
--- a/developer-tools/scm-integrations/organization-level-integrations/README.md
+++ b/developer-tools/scm-integrations/organization-level-integrations/README.md
@@ -1,8 +1,8 @@
# Organization-level integrations
-Snyk provides seamless integrations with various source control management systems such as GitHub, GitLab, Bitbucket, and Azure Repos at the Organizational level. These integrations enable you to automatically scan for vulnerabilities and receive actionable insights to enhance the security of your repositories. By integrating at this level, you can ensure comprehensive protection for all your Projects within the Organization.
+Snyk provides integrations with various source control management systems such as GitHub, GitLab, Bitbucket, and Azure Repos at the Organization level. These integrations let you automatically scan for vulnerabilities and receive actionable insights to enhance the security of your repositories. By integrating at this level, you can protect all your Projects in the Organization.
-Snyk can integrate with the following SCMs at the Organization-level to help you track, monitor, and fix the issues and vulnerabilities in your code:
+Snyk can integrate with the following SCMs at the Organization level to help you track, monitor, and fix the issues and vulnerabilities in your code:
* [GitHub](github.md)
* [GitHub Enterprise](github-enterprise.md)
diff --git a/developer-tools/scm-integrations/organization-level-integrations/azure-repositories-tfs.md b/developer-tools/scm-integrations/organization-level-integrations/azure-repositories-tfs.md
index 5868be1ddad1..0a1a1e0085d8 100644
--- a/developer-tools/scm-integrations/organization-level-integrations/azure-repositories-tfs.md
+++ b/developer-tools/scm-integrations/organization-level-integrations/azure-repositories-tfs.md
@@ -4,7 +4,7 @@
**Feature availability**\
Integration with Azure DevOps Server 2020 and above, also known as TFS, is available only with Enterprise plans. For more information, see [plans and pricing](https://snyk.io/plans/).
-Snyk supports only Git. Snyk does not currently support integration with Team Foundation Version Control (TFVC).
+Snyk supports only Git. Snyk does not support integration with Team Foundation Version Control (TFVC).
{% endhint %}
### Prerequisites for Azure Repositories (TFS) integration
@@ -46,7 +46,7 @@ Generate and copy a unique PAT to use for Snyk. For more information on the PAT
1. Log in to [your Snyk account](https://app.snyk.io) and navigate to **Integrations**.
2. On the **Azure Repos** tile, click the settings icon to open **Organization Settings** > **Integrations** > **Azure Repos** > **Account credentials**.
-3. Pay special attention to the instructions given on the **Account Credentials** page. Depending on your plan, you may need to enter just the Azure DevOps Organization, or you may need to enter the entire URL.
+3. Pay special attention to the instructions given on the **Account Credentials** page. Depending on your plan, you may need to enter only the Azure DevOps Organization, or you may need to enter the entire URL.
* **Set your organization**: Enter the slug for your Organization only.\
For example, enter `your-azure-devops-org`
* **Set your host**: enter the entire url.\
@@ -57,7 +57,7 @@ Generate and copy a unique PAT to use for Snyk. For more information on the PAT
Snyk tests the connection values and the page reloads, displaying the Azure Repos integration information. A message to confirm that the details were updated appears at the top of the screen.
{% hint style="info" %}
-If the connection to Azure fails, a notification will appear under the **Azure Repos** card title.
+If the connection to Azure fails, a notification appears under the **Azure Repos** card title.
{% endhint %}
### Add Projects to Snyk for Azure Repos
diff --git a/developer-tools/scm-integrations/organization-level-integrations/bitbucket-cloud-app.md b/developer-tools/scm-integrations/organization-level-integrations/bitbucket-cloud-app.md
index 45c9d6dff4bf..a66d844bea5b 100644
--- a/developer-tools/scm-integrations/organization-level-integrations/bitbucket-cloud-app.md
+++ b/developer-tools/scm-integrations/organization-level-integrations/bitbucket-cloud-app.md
@@ -1,13 +1,13 @@
# Bitbucket Cloud App
-The Bitbucket Cloud App is positioned to be the default Bitbucket Cloud integration
+The Bitbucket Cloud App is the default Bitbucket Cloud integration.
-The Bitbucket Cloud App integration lets you connect your Snyk Organization to a Bitbucket Cloud Workspace and get all Snyk's core SCM integration features:
+The Bitbucket Cloud App integration lets you connect your Snyk Organization to a Bitbucket Cloud Workspace and get all the core SCM integration features in Snyk:
* Continuously perform security scanning across all the integrated repositories
* Detect vulnerabilities in your Open Source components
* Provide automated fixes and upgrades
-* Provides developer teams with first-party visibility for security issues directly in the Bitbucket interface
+* Provide developer teams with first-party visibility for security issues directly in the Bitbucket interface
{% hint style="info" %}
Snyk recommends using the Bitbucket Cloud App integration for smoother integration and to ensure long-term support.
@@ -17,7 +17,7 @@ If you are using the [Bitbucket Cloud API token integration](bitbucket-cloud.md)
### Setting up a Bitbucket Cloud App
-To give Snyk access to your Bitbucket account, you need to install the Snyk App on your Bitbucket Cloud workspace.
+To give Snyk access to your Bitbucket account, you must install the Snyk App on your Bitbucket Cloud workspace.
{% hint style="info" %}
To install the Snyk App on your Bitbucket Cloud workspace, you must have **Admin** permissions for the Workspace in Bitbucket.
@@ -126,7 +126,7 @@ The first-party interface currently supports only the [Snyk Open Source](https:/
You can **associate a first-party interface with a different Snyk account or Organization**.
-During the first-time Bitbucket Cloud App onboarding process, the first-party interface is associated with a specific Snyk Organization. This is the Snyk Organization to which Bitbucket users will import repositories and for which they will view Snyk issues.
+During the first-time Bitbucket Cloud App onboarding process, the first-party interface is associated with a specific Snyk Organization. This is the Snyk Organization to which Bitbucket users import repositories and for which they view Snyk issues.
To change the Snyk Organization after onboarding, go to the workspace settings > **Security for Bitbucket Cloud** > **Integration Settings** and click **Connect via a different Snyk user/organization**.
@@ -154,5 +154,5 @@ To disable this integration, in **Organization settings** > **Integrations** > *
2. Scroll to the **Disconnect** section and click **Remove** to remove the integration.
{% hint style="info" %}
-Disconnecting the integration from the Snyk side does not uninstall the app from your workspace in Bitbucket Cloud. To uninstall the Bitbucket app, navigate to your workspace settings in Bitbucket.org --> Installed Apps and remove the Snyk Security for Bitbucket Cloud app.
+Disconnecting the integration from the Snyk side does not uninstall the app from your workspace in Bitbucket Cloud. To uninstall the Bitbucket app, navigate to your workspace settings in Bitbucket.org > **Installed Apps** and remove the Snyk Security for Bitbucket Cloud app.
{% endhint %}
diff --git a/developer-tools/scm-integrations/organization-level-integrations/bitbucket-cloud.md b/developer-tools/scm-integrations/organization-level-integrations/bitbucket-cloud.md
index b2e18f02fc1e..b8592360eb18 100644
--- a/developer-tools/scm-integrations/organization-level-integrations/bitbucket-cloud.md
+++ b/developer-tools/scm-integrations/organization-level-integrations/bitbucket-cloud.md
@@ -13,7 +13,7 @@ The Bitbucket Cloud API token integration lets you:
### How to set up the Bitbucket Cloud Integration
{% hint style="info" %}
-Admin permissions are required; however, Snyk's access is ultimately limited by the [permissions assigned to the API Token](https://support.atlassian.com/bitbucket-cloud/docs/create-an-api-token/).\
+Admin permissions are required. However, Snyk access is ultimately limited by the [permissions assigned to the API Token](https://support.atlassian.com/bitbucket-cloud/docs/create-an-api-token/).\
\
To improve security, the use of app passwords in Bitbucket Cloud is transitioning to API tokens. Existing integrations that use app passwords will continue to function temporarily until 9 June 2026.\
To ensure continued support and functionality, update your Bitbucket Cloud integration in Snyk to use an API token.
@@ -38,11 +38,11 @@ After you connect Snyk to your Bitbucket Cloud account, you can select repositor
After you add the selected repositories, Snyk scans them for dependency files in the entire directory tree, that is, `package.json`, `pom.xml`, and so on, and imports them to Snyk as Projects.
-The imported projects appear on your **Projects** page and are continuously checked for vulnerabilities.
+The imported Projects appear on your **Projects** page and are continuously checked for vulnerabilities.
### Bitbucket integration features
-After the integration is in place, you will be able to use capabilities such as:
+After the integration is in place, you can use capabilities such as:
* [Project-level security reports](bitbucket-cloud.md#project-level-security-reports)
* [Project monitoring and automatic fix pull requests](bitbucket-cloud.md#project-monitoring-and-automatic-fix-pull-requests)
diff --git a/developer-tools/scm-integrations/organization-level-integrations/bitbucket-data-center-server.md b/developer-tools/scm-integrations/organization-level-integrations/bitbucket-data-center-server.md
index f2251c356442..562593e5df87 100644
--- a/developer-tools/scm-integrations/organization-level-integrations/bitbucket-data-center-server.md
+++ b/developer-tools/scm-integrations/organization-level-integrations/bitbucket-data-center-server.md
@@ -1,6 +1,6 @@
# Bitbucket Data Center/Server
-The Bitbucket Data Center/Server integration allows you to continuously perform security scanning across all the integrated repositories, detect vulnerabilities in your open-source components, and use automated fixing. This integration supports Bitbucket Data Center/Server versions 4.0 and above.
+The Bitbucket Data Center/Server integration lets you continuously perform security scanning across all the integrated repositories, detect vulnerabilities in your open-source components, and use automated fixing. This integration supports Bitbucket Data Center/Server versions 4.0 and above.
For a quick reference, see the [Snyk and Bitbucket best practices cheat sheet](https://snyk.io/blog/snyk-bitbucket-best-practices-cheat-sheet/) on the Snyk blog.
@@ -8,7 +8,7 @@ For a quick reference, see the [Snyk and Bitbucket best practices cheat sheet](h
1. To give Snyk access to your Bitbucket DC/Server account, set up a dedicated service account in Bitbucket DC/Server with admin permissions.\
Visit [Bitbucket Server documentation ](https://confluence.atlassian.com/bitbucketserver/users-and-groups-776640439.html#Usersandgroups-Creatingauser)to learn more about creating users.\
- Ensure the newly-created user has **Admin** permissions to all the repositories you need to monitor with Snyk.
+ Ensure the newly created user has **Admin** permissions to all the repositories you need to monitor with Snyk.
2. In Snyk, navigate to the **Integrations** page and click on the **Bitbucket Server** card.
3. Enter your Bitbucket DC/Server URL and the username and password for the service account you created. Alternatively, you can create a [personal access token](https://confluence.atlassian.com/bitbucketserver075/personal-access-tokens-1018784848.html) and use it instead of a password.
1. If your Bitbucket DC/Server instance has Basic Auth disabled, you must use a personal access token.
@@ -24,7 +24,7 @@ To select the repositories for Snyk to monitor:
1. Click **Add your Bitbucket Server repositories to Snyk** to start importing repositories to Snyk.
2. When prompted, select the repositories to import to Snyk and click **Add selected repositories**.
-After they are added, Snyk scans the selected repositories for dependency files in the entire directory tree, (that is, `package.json`, `pom.xml`, and so on) and imports them to Snyk as projects.\
+After they are added, Snyk scans the selected repositories for dependency files in the entire directory tree, (that is, `package.json`, `pom.xml`, and so on) and imports them to Snyk as Projects.\
\
The imported Projects appear on your Snyk **Projects** page and are continuously checked for vulnerabilities.
@@ -106,15 +106,15 @@ Snyk performs all the Bitbucket DC/Server operations on behalf of the integrated
For Snyk to perform the required operations on monitored repositories, such as reading manifest files on a frequent basis and opening fix or upgrade PRs, the integrated Bitbucket DC/Server service account needs **Admin** permissions on the imported repositories.
-**Admin** permissions are also needed to set secure webhooks. Snyk relies on webhooks to perform a variety of tasks, from PR checks, to commit tests upon merge events, and upcoming auto imports. To ensure the events come from your system and your system only, with no tampering or spoofing, we secure the webhooks using the recommended method shared by the systems we are connecting to. For Bitbucket Server, please see [this link](https://confluence.atlassian.com/bitbucketserver/manage-webhooks-938025878.html#Managewebhooks-webhooksecretsSecuringyourwebhook).\
-To do this, a secret token is generated for each secure webhook we create. Snyk setting the webhooks resolves scalability constraints, eliminates token leakage, and reduces the integration workload for you.
+**Admin** permissions are also needed to set secure webhooks. Snyk relies on webhooks to perform a variety of tasks, from PR checks, to commit tests upon merge events, and upcoming auto imports. To ensure the events come from your system and your system only, with no tampering or spoofing, Snyk secures the webhooks using the recommended method shared by the systems Snyk connects to. For Bitbucket Server, see the [Manage webhooks](https://confluence.atlassian.com/bitbucketserver/manage-webhooks-938025878.html#Managewebhooks-webhooksecretsSecuringyourwebhook) documentation.\
+To do this, Snyk generates a secret token for each secure webhook it creates. Snyk setting the webhooks resolves scalability constraints, eliminates token leakage, and reduces the integration workload for you.
For detailed information on the permission scopes required, see [Bitbucket permission requirements](../user-permissions-and-access-scopes.md#bitbucket-cloud-and-bitbucket-data-center-server-scopes).
### How to disconnect the Bitbucket Data Center/Server integration
{% hint style="warning" %}
-When you disconnect Snyk from your Bitbucket repository projects, your credentials are removed from Snyk, and any integration-specific projects that Snyk is monitoring are deactivated in Snyk.\
+When you disconnect Snyk from your Bitbucket repository Projects, your credentials are removed from Snyk, and any integration-specific Projects that Snyk is monitoring are deactivated in Snyk.\
To re-enable this integration later, you must re-enter your credentials and activate your Projects.
{% endhint %}
diff --git a/developer-tools/scm-integrations/organization-level-integrations/github-cloud-app.md b/developer-tools/scm-integrations/organization-level-integrations/github-cloud-app.md
index a3016248eae6..b46b2972effb 100644
--- a/developer-tools/scm-integrations/organization-level-integrations/github-cloud-app.md
+++ b/developer-tools/scm-integrations/organization-level-integrations/github-cloud-app.md
@@ -29,7 +29,7 @@ The GitHub Cloud App improves on many features as compared to the current GitHub
* RBAC (Role-Based Access Control) Compliance: With the GitHub Cloud App, the access control mechanism is decoupled from individual user accounts. Instead, it is associated with the app entity itself. This separation allows for better management and enforcement of RBAC policies, as access control is handled at the application level rather than being tied to individual user accounts.
* Granular access control: The GitHub Cloud App allows for fine-grained control over access permissions at the repository level.
-* Increased API rate limit: The GitHub Cloud App provides higher rate limits, allowing Snyk to make a larger number of API requests. This increased limit will assist in handling large-scale use cases, such as monorepos with a large number of Projects, GitHub organizations with a large number of repositories, and more.
+* Increased API rate limit: The GitHub Cloud App provides higher rate limits, allowing Snyk to make a larger number of API requests. This increased limit helps handle large-scale use cases, such as monorepos with a large number of Projects, GitHub organizations with a large number of repositories, and more.
* Enabler for an enhanced developer experience:
* Pull request checks: The Checks tab experience in GitHub is exclusively accessible through the GitHub Cloud App, enabling an SCM native experience as part of potential future PR check workflow improvements.
* Fix and upgrade pull requests: Pull requests initiated by Snyk are performed directly by the GitHub App rather than a service account.
@@ -70,7 +70,7 @@ Specify whether you wish to install the app in all of the repositories belonging
Install and authorize settings for the GitHub organization you are installing the GitHub Cloud App into
{% hint style="warning" %}
-The GitHub Cloud App will lose access to Snyk if it is uninstalled from the GitHub organization or if the repositories to which the app instance has access are edited.
+The GitHub Cloud App loses access to Snyk if it is uninstalled from the GitHub organization or if the repositories to which the app instance has access are edited.
{% endhint %}
## How to migrate to the GitHub Cloud App
diff --git a/developer-tools/scm-integrations/organization-level-integrations/github-enterprise.md b/developer-tools/scm-integrations/organization-level-integrations/github-enterprise.md
index 64cf9a3b5c93..bce9af49805a 100644
--- a/developer-tools/scm-integrations/organization-level-integrations/github-enterprise.md
+++ b/developer-tools/scm-integrations/organization-level-integrations/github-enterprise.md
@@ -50,7 +50,7 @@ See [GitHub and GitHub Enterprise permissions requirements](../user-permissions-
1. In Snyk, navigate to the **Integrations** page and click the **GitHub Enterprise** card.
2. Enter your GitHub Enterprise URL and the personal access token (PAT) for the service account you created, and **Save** your changes. After Snyk has successfully connected to the GitHub instance, the list of available repositories displays for your selection.
3. If your GitHub Enterprise organization enforces SAML/SSO, select **Configure SSO** next to the PAT in GitHub after the PAT has been created.\
- Occasionally, SSO is enforced in your GitHub Enterprise organizations after a PAT and Integration are configured. If this happens, any Projects that have already been imported show in Snyk, but retests, PR Checks, and so on, will not be performed. To fix this, check the **Configure SSO** settings to ensure the GitHub Enterprise organization is **Authorized**.\
+ Occasionally, SSO is enforced in your GitHub Enterprise organizations after a PAT and Integration are configured. If this happens, any Projects that have already been imported show in Snyk, but Snyk does not perform retests, PR Checks, and so on. To fix this, check the **Configure SSO** settings to ensure the GitHub Enterprise organization is **Authorized**.\
If the organization is showing as **Authorized**, but the issue still persists, try de-authorizing the organization and then re-authorizing.
{% hint style="info" %}
@@ -60,7 +60,7 @@ Ensure that there are no trailing characters such as `/` following the url. An i
{% endhint %}
{% hint style="warning" %}
-If the PAT token changes or expires in GitHub, the integration with Snyk will not function. To resolve this, update the token in the Snyk **GitHub Enterprise Integration settings**.
+If the PAT token changes or expires in GitHub, the integration with Snyk does not function. To resolve this, update the token in the Snyk **GitHub Enterprise Integration settings**.
{% endhint %}
#### How to import GitHub repositories
@@ -123,7 +123,7 @@ The Auto-assign PRs feature is supported only for private repositories.
Snyk can automatically assign the pull requests it creates to ensure that they are handled by the right team members.
-Auto-assign for PRs can be enabled for the GitHub and GitHub Enterprise integration and all Projects imported via GitHub, or on a per-Project basis.
+Auto-assign for PRs can be enabled for the GitHub and GitHub Enterprise integration and all Projects imported through GitHub, or on a per-Project basis.
Users can either be manually specified, and all will be assigned, or automatically selected based on the last commit user account.
@@ -164,9 +164,9 @@ Disconnecting the Snyk GitHub Enterprise integration halts all scans for importe
Confirm disconnecting from GitHub Enterprise
-After GitHub Enterprise is disconnected, imported Snyk Projects will be set to inactive, and you will no longer get alerts, pull requests, or Snyk tests on pull requests.
+After GitHub Enterprise is disconnected, Snyk sets imported Projects to inactive, and you no longer get alerts, pull requests, or Snyk tests on pull requests.
-You can re-connect anytime; however, re-initiating GitHub Enterprise projects for monitoring requires setting up the integration again.
+You can re-connect anytime. However, re-initiating GitHub Enterprise Projects for monitoring requires setting up the integration again.
4. Broker Token (`mandatory`): Create and add your Broker token if you use Snyk Broker.
* Generate your Broker token by following the instructions from the [Obtain your Broker token for Snyk Broker](https://app.gitbook.com/s/IgtgtomLQ2TUgSKOMSAm/snyk-broker/classic-broker/prepare-snyk-broker-for-deployment/obtain-the-tokens-required-to-set-up-snyk-broker) page.
diff --git a/developer-tools/scm-integrations/organization-level-integrations/github-read-only-projects.md b/developer-tools/scm-integrations/organization-level-integrations/github-read-only-projects.md
index 178e4f3fc539..371ee8b9dc77 100644
--- a/developer-tools/scm-integrations/organization-level-integrations/github-read-only-projects.md
+++ b/developer-tools/scm-integrations/organization-level-integrations/github-read-only-projects.md
@@ -2,11 +2,11 @@
### How GitHub Read-only Projects work
-Snyk offers GitHub Read-only Projects, providing the ability to monitor a public GitHub repository that is not owned by your Organization.
+Snyk offers GitHub Read-only Projects, which let you monitor a public GitHub repository that your Organization does not own.
Adding a read-only Project lets you track the vulnerabilities in a Project you are considering using as a dependency, a Project you are already using as a stand-alone independent tool within your business, or any other public repository where you do not need to actively prevent or fix issues using Snyk.
-The repository is tested daily using your Organization's GitHub credentials. These automated tests are not counted as part of the test limits of your Snyk plan.
+Snyk tests the repository daily using your Organization's GitHub credentials. These automated tests do not count as part of the test limits of your Snyk plan.
Unlike Projects imported through the Snyk GitHub integration, Projects that are imported or monitored with the read-only status cannot do the following:
@@ -21,8 +21,8 @@ Unlike Projects imported through the Snyk GitHub integration, Projects that are
Import a read-only Project using the **Add project** > **Monitor public GitHub repos** menu in the **Dashboard** and **Projects** tabs, or by going to [Monitor public GitHub repositories](https://app.snyk.io/add/github-readonly).
1. Enter a public repository to monitor, following the format `owner/repository.`
-2. When you have entered a valid repository name, click **+ Add repo**.\
- The repository is quickly tested for a supported manifest file.
-3. Enter the public repositories you want to monitor and select **Import N repository/ies**.
+2. After you enter a valid repository name, click **+ Add repo**.\
+ Snyk tests the repository for a supported manifest file.
+3. Enter the public repositories you want to monitor and select **Import N repositories**.
Add repo and Import repository or repositories
diff --git a/developer-tools/scm-integrations/organization-level-integrations/github-server-app.md b/developer-tools/scm-integrations/organization-level-integrations/github-server-app.md
index 54d2ab0cc61f..8b61613d850c 100644
--- a/developer-tools/scm-integrations/organization-level-integrations/github-server-app.md
+++ b/developer-tools/scm-integrations/organization-level-integrations/github-server-app.md
@@ -20,11 +20,11 @@ This feature supports self-hosted instances of GitHub and Snyk [Universal Broker
The Snyk GitHub Server App improves on many features compared to the Snyk GitHub Enterprise integration, including role-based granular access control, increased API rate limits, and the creation of an entry point for expanded and enhanced developer experiences.
* RBAC (Role-Based Access Control) Compliance:
- * With the GitHub Server App, the access control mechanism is decoupled from individual user accounts. Instead, it is associated with the app entity itself. This separation allows for better management and enforcement of RBAC policies, as access control is handled at the application level rather than being tied to individual user accounts.
+ * With the GitHub Server App, the access control mechanism is decoupled from individual user accounts. Instead, it is associated with the app entity itself. This separation allows better management and enforcement of RBAC policies, because access control is handled at the application level rather than being tied to individual user accounts.
* Granular access control:
- * The GitHub Server App allows for fine-grained control over access permissions at the repository level.
+ * The GitHub Server App provides fine-grained control over access permissions at the repository level.
* Increased API rate limit:
- * The GitHub Server App provides higher rate limits, allowing Snyk to make a larger number of API requests. This increased limit will assist in handling large-scale use cases, such as monorepos with a large number of Projects, GitHub organizations with a large number of repositories, and more.
+ * The GitHub Server App provides higher rate limits, letting Snyk make a larger number of API requests. This increased limit helps in handling large-scale use cases, such as monorepos with a large number of Projects, GitHub organizations with a large number of repositories, and more.
* Enabler for an enhanced developer experience:
* Pull request checks: The Checks tab experience in GitHub is exclusively accessible through the GitHub Cloud App, enabling an SCM native experience as part of potential future PR check workflow improvements.
* Fix and upgrade pull requests: Pull requests initiated by Snyk are performed directly by the GitHub App rather than a service account.
@@ -38,11 +38,11 @@ When setting up the GitHub Server App, you can implement only one of the followi
* One GitHub organization connected to multiple Snyk Organizations
{% endhint %}
-In the Snyk UI navigate to the integrations page and select the **GitHub Server App** tile.
+In the Snyk Web UI, navigate to the integrations page and select the **GitHub Server App** tile.
GitHub Server App tile highlighted in the Snyk UI
-Clicking on the tile opens a modal that allows you to enter the URL of your GitHub Server. Entering the URL of your GitHub Server instance will redirect you to your GitHub instance, where you will be able to create the app.
+Clicking the tile opens a modal where you can enter the URL of your GitHub Server. Entering the URL of your GitHub Server instance redirects you to your GitHub instance, where you can create the app.
Integration model prompting you for your GitHub Server's URL
@@ -65,7 +65,7 @@ Specify whether you wish to install the app in all or a select number of the rep
Install and authorize settings for the GitHub organization you are installing the GitHub Cloud App into
{% hint style="danger" %}
-The GitHub Server App will lose access to Snyk if it is uninstalled from the GitHub organization. If this happens, you can create a fresh integration in Snyk to regain access.
+The GitHub Server App loses access to Snyk if it is uninstalled from the GitHub organization. If this happens, you can create a fresh integration in Snyk to regain access.
{% endhint %}
### Migrate from an existing GitHub Enterprise integration
@@ -75,7 +75,7 @@ If you are an Enterprise plan customer, you can migrate Snyk Targets to the GitH
### How to disconnect a non-brokered GitHub Server App integration
{% hint style="warning" %}
-Disconnecting the Snyk GitHub Server App integration halts all scans for imported repositories. PR checks cannot be executed and Projects are deactivated in the Snyk Web UI.
+Disconnecting the Snyk GitHub Server App integration halts all scans for imported repositories. Snyk cannot run PR checks, and Projects are deactivated in the Snyk Web UI.
Note that the GitHub App will remain listed on your GitHub organization until removed manually.
{% endhint %}
@@ -86,20 +86,20 @@ Note that the GitHub App will remain listed on your GitHub organization until re
Confirm disconnecting from GitHub Server App
-After the integration is disconnected, imported Snyk Projects will be set to inactive, and you will no longer get alerts, pull requests, or Snyk tests on pull requests.
+After the integration is disconnected, imported Snyk Projects are set to inactive, and you no longer get alerts, pull requests, or Snyk tests on pull requests.
-You can re-connect anytime; however, re-initiating the Snyk Projects for monitoring requires setting up the integration again.
+You can re-connect anytime. However, re-initiating the Snyk Projects for monitoring requires setting up the integration again.
### How to disconnect a brokered GitHub Server App integration
{% hint style="warning" %}
-Disconnecting the Snyk GitHub Server App integration halts all scans for imported repositories. PR checks cannot be executed and Projects are deactivated in the Snyk Web UI.
+Disconnecting the Snyk GitHub Server App integration halts all scans for imported repositories. Snyk cannot run PR checks, and Projects are deactivated in the Snyk Web UI.
Note that the GitHub App will remain listed on your GitHub organization until the app is removed manually.
{% endhint %}
Run `snyk-broker-config workflows connections disconnect` and select the connection you want to disconnect.
-After the integration is disconnected, imported Snyk Projects will be set to inactive, and you will no longer get alerts, pull requests, or Snyk tests on pull requests.
+After the integration is disconnected, imported Snyk Projects are set to inactive, and you no longer get alerts, pull requests, or Snyk tests on pull requests.
-You can re-connect anytime; however, re-initiating the Snyk Projects for monitoring requires setting up the integration again.
+You can re-connect anytime. However, re-initiating the Snyk Projects for monitoring requires setting up the integration again.
diff --git a/developer-tools/scm-integrations/organization-level-integrations/github.md b/developer-tools/scm-integrations/organization-level-integrations/github.md
index 763b414fbde7..d3deb68b32bc 100644
--- a/developer-tools/scm-integrations/organization-level-integrations/github.md
+++ b/developer-tools/scm-integrations/organization-level-integrations/github.md
@@ -9,13 +9,13 @@
### Known limitations of the GitHub integration
-You cannot use the GitHub integration with a Snyk [Service Account](https://app.gitbook.com/s/IgtgtomLQ2TUgSKOMSAm/service-accounts/service-accounts), as the GitHub integration is associated with your user account, not with the Snyk Organization.
+You cannot use the GitHub integration with a Snyk [Service Account](https://app.gitbook.com/s/IgtgtomLQ2TUgSKOMSAm/service-accounts/service-accounts), because the GitHub integration is associated with your user account, not with the Snyk Organization.
Use the [GitHub Enterprise integration](github-enterprise.md) to import public and private Projects using the API with a Snyk Service Account.
### GitHub integration features
-The GitHub integration allows you to:
+The GitHub integration lets you:
* Continuously perform security scanning across all the integrated repositories
* Detect vulnerabilities in your open-source components
@@ -33,9 +33,9 @@ To connect your GitHub repositories to Snyk for scanning, you need to set up the
### GitHub integration settings
-To see all settings for your GitHub integration, go to the GitHub Integration settings page, then navigate to Organization **Settings**, and select **GitHub** in the **Integrations** section:
+To see all settings for your GitHub integration, navigate to the GitHub Integration settings page, then navigate to Organization **Settings**, and select **GitHub** in the **Integrations** section:
-You can then scroll down to the section required, and set the options accordingly:
+You can then scroll to the section required, and set the options accordingly:
* [General settings](github.md#general-github-integration-settings)
* Pull requests:
@@ -62,7 +62,7 @@ Select **General** to view general settings:
### GitHub integration features
-After you have connected GitHub to Snyk, you can use:
+After you connect GitHub to Snyk, you can use:
* [Project-level security reports](github.md#project-level-security-reports)
* [Project monitoring and automatic fix pull requests](github.md#project-monitoring-and-automatic-fix-pull-requests)
@@ -85,7 +85,7 @@ This example shows a Project-level security report.
#### Project monitoring and automatic fix pull requests
-Snyk scans your Projects on either a daily or a weekly basis. When new vulnerabilities are found, Snyk notifies you via email and opens automated pull requests with fixes for your repositories.
+Snyk scans your Projects on either a daily or a weekly basis. When Snyk finds new vulnerabilities, it notifies you by email and opens automated pull requests with fixes for your repositories.
The example that follows shows a fix pull request opened by Snyk.
@@ -105,11 +105,11 @@ Scroll down to the **Automatic fix PRs** section and set the options. For defini
For availability with Snyk Broker, see the [Commit signing](https://app.gitbook.com/s/IgtgtomLQ2TUgSKOMSAm/snyk-broker/snyk-broker-commit-signing) page in the Broker docs.
{% endhint %}
-All the commits in Snyk's pull requests are done by `snyk-bot@snyk.io` (a verified user on GitHub), and signed with a PGP key. All Snyk pull requests appear as verified on GitHub, thus providing your developers with the confidence that the fix and upgrade pull requests are generated by a trusted source.
+All the commits in Snyk pull requests are done by `snyk-bot@snyk.io` (a verified user on GitHub), and signed with a PGP key. All Snyk pull requests appear as verified on GitHub, giving your developers the confidence that a trusted source generates the fix and upgrade pull requests.
#### Pull request status checks
-The Snyk [PR Checks](https://app.gitbook.com/s/BJO0IZx7zB6bOkotxQP2/prevent/pull-request-checks) feature allows Snyk to test any new PR in your repositories for security vulnerabilities and sends a status check to GitHub. This lets you see, directly in GitHub, whether or not the pull request introduces new security issues.
+The Snyk [PR Checks](https://app.gitbook.com/s/BJO0IZx7zB6bOkotxQP2/prevent/pull-request-checks) feature lets Snyk test any new PR in your repositories for security vulnerabilities and sends a status check to GitHub. This lets you see, directly in GitHub, whether the pull request introduces new security issues.
This example shows how Snyk PR checks appear on the GitHub pull request page.
@@ -123,16 +123,16 @@ You can review and adjust the pull request test settings using the Snyk GitHub I
In non-brokered GitHub integrations, operations that are triggered through the Snyk Web UI, for example, opening a Fix PR or re-testing a Project, are performed on behalf of the acting user.
-Therefore, a user who wants to perform this operation on GitHub through the Snyk UI must connect their GitHub account to Snyk with the required permission scope for the repositories where they want to perform these operations. See [GitHub and GitHub Enterprise permissions requirements](../user-permissions-and-access-scopes.md#github-and-github-enterprise-permissions-requirements) for details.
+Therefore, a user who wants to perform this operation on GitHub through the Snyk Web UI must connect their GitHub account to Snyk with the required permission scope for the repositories where they want to perform these operations. See [GitHub and GitHub Enterprise permissions requirements](../user-permissions-and-access-scopes.md#github-and-github-enterprise-permissions-requirements) for details.
Operations that are not triggered through the Snyk Web UI, such as daily and weekly tests and automatic PRs (fix and upgrade), are performed on behalf of random Snyk Organization members who have connected their GitHub accounts to Snyk and have the required permission scope for the repository.
-For public repositories that are non-brokered, some operations, such as creating the PR, may occasionally be performed by `snyk-bot@snyk.io`.
+For public repositories that are non-brokered, `snyk-bot@snyk.io` occasionally performs some operations, such as creating the PR.
{% hint style="info" %}
A Snyk Organization administrator can [designate a specific GitHub account to use for opening fix and upgrade PRs](https://app.gitbook.com/s/BJO0IZx7zB6bOkotxQP2/fix/snyk-pull-or-merge-requests/opening-fix-and-upgrade-pull-requests-from-a-fixed-github-account).
-Note that Snyk will continue to use a random Snyk Organization member's GitHub account to perform all the other operations. Therefore using this feature does not eliminate the need to connect users' GitHub accounts to Snyk.
+Note that Snyk continues to use a random Snyk Organization member's GitHub account to perform all the other operations. Therefore, using this feature does not eliminate the need to connect users' GitHub accounts to Snyk.
{% endhint %}
### How to set up a GitHub account to open Snyk PRs and enable the Pull Request Experience
@@ -140,12 +140,12 @@ Note that Snyk will continue to use a random Snyk Organization member's GitHub a
You can designate a specific GitHub account to open fix and upgrade pull requests, and enable the [Pull Request Experience](https://app.gitbook.com/s/BJO0IZx7zB6bOkotxQP2/prevent/pull-request-checks/pull-request-experience).
{% hint style="info" %}
-The configured account is only used for opening PRs and posting issue summary and inline comments. All other operations are still performed on behalf of a randomly selected Snyk Organization member who has connected their GitHub accounts to Snyk.
+The configured account is used only for opening PRs and posting issue summary and inline comments. All other operations are still performed on behalf of a randomly selected Snyk Organization member who has connected their GitHub accounts to Snyk.
{% endhint %}
To use this feature, follow these steps:
-1. Navigate to the GitHub Integrations settings page in the Snyk Web UI using Organization **Settings** **Integrations** > **Source control** > **GitHub**.
+1. Navigate to the GitHub Integrations settings page in the Snyk Web UI using Organization **Settings** > **Integrations** > **Source control** > **GitHub**.
2. In the **Open Snyk automatic PRs from a fixed GitHub account** section, enter your GitHub personal access token.\
You can [generate this from your GitHub account](https://docs.github.com/en/authentication/keeping-your-account-and-data-secure/creating-a-personal-access-token).
3. Click **Save** to enable this feature.
@@ -168,13 +168,13 @@ The Auto-assign PRs feature is supported only for private repositories.
Snyk can automatically assign the pull requests it creates to ensure that they are handled by the right team members.
-Auto-assign for PRs can be enabled for the GitHub and GitHub Enterprise integration and all Projects imported via GitHub, or on a per-Project basis.
+You can enable Auto-assign for PRs for the GitHub and GitHub Enterprise integration and all Projects imported using GitHub, or on a per-Project basis.
-Users can either be manually specified, and all will be assigned, or automatically selected based on the last commit user account.
+You can either specify users manually, and Snyk assigns all of them, or select them automatically based on the last commit user account.
#### Enable Auto-assign for all Projects in the GitHub integration
-To configure the Auto-assign settings for all the Projects from an imported private repository, go to the Github integration settings using Organization **Settings** > **Integrations** > **Source control** > **GitHub** and select **Enable pull request assignees**.
+To configure the Auto-assign settings for all the Projects from an imported private repository, navigate to the Github integration settings using Organization **Settings** > **Integrations** > **Source control** > **GitHub** and select **Enable pull request assignees**.
You can then choose to assign PRs to the last user to change the manifest file or specified contributors.
@@ -191,7 +191,7 @@ To configure the Auto-assign settings for a specific Project from an imported pr
1. In the **Projects** tab for your Organization, select and expand the relevant private repository, select a Target, and click the **Settings** cog. This opens the Project page.
2. On the Project page, apply unique settings for that specific Project.\
Select the **Settings** tab in the upper right and the **Github integration** \_\_ option in the left sidebar.
-3. Go to the **Pull request assignees for private repos** section at the bottom of the page and choose to **Inherit from integration settings** or **Customize only for this Project**.
+3. Navigate to the **Pull request assignees for private repos** section at the bottom of the page and choose to **Inherit from integration settings** or **Customize only for this Project**.
4. Ensure **Auto-assign PRs for this private Project** is enabled.
5. Choose to assign PRs to the last user to change the manifest file or named contributors.
@@ -199,32 +199,32 @@ To configure the Auto-assign settings for a specific Project from an imported pr
### How to disable the GitHub integration
-The GitHub SCM integration leverages the OAuth app integration. If you integrated GitHub without using Snyk Broker, you can disconnect it by following these steps:
+The GitHub SCM integration uses the OAuth app integration. If you integrated GitHub without using Snyk Broker, you can disconnect it by following these steps:
1. In GitHub, log in to the GitHub account that you used to create the integration.
-2. Go to your GitHub account settings and select the **Applications** option in the left sidebar.
+2. Navigate to your GitHub account settings and select the **Applications** option.
3. Select the **Authorized OAuth Apps** tab.\
You can also reach the [Authorized OAuth Apps tab directly](https://github.com/settings/applications).
-4. Find the **Snyk** entry, click the three (3) dots on the right, and select **Revoke**.
+4. Find the **Snyk** entry, click the three dots, and select **Revoke**.
Revoke OAuth authorization
-Revoking this access effectively disconnects Snyk’s access to that GitHub account.
+Revoking this access disconnects Snyk access to that GitHub account.
-* Existing imported snapshots will persist in Snyk and continue to be re-scanned based on the existing snapshots until deleted.
-* Snyk will no longer be able to import new Projects from the GitHub integration and will no longer re-scan on new code merges.
+* Existing imported snapshots persist in Snyk and continue to be re-scanned based on the existing snapshots until deleted.
+* Snyk can no longer import new Projects from the GitHub integration and no longer re-scans on new code merges.
In addition, you must confirm that Snyk is not enabled on any existing **Branch protection rules**.
{% hint style="info" %}
-Note that branch protection is active only after a PR has been raised.
+Note that branch protection is active only after a PR is raised.
{% endhint %}
-1. From the main page of your GitHub repository, go to **Settings** > **Branches** > **Branch protection rules**.
+1. From the main page of your GitHub repository, navigate to **Settings** > **Branches** > **Branch protection rules**.
2. Ensure there are no **Status checks found in the last week for this repository**.
{% hint style="info" %}
-A disconnected GitHub integration will still appear as configured in the Integrations menu of the Snyk UI. However, clicking on the integration settings will show that it is not connected. In this case, the "configured" integration can safely be ignored.
+A disconnected GitHub integration still appears as configured in the Integrations menu of the Snyk Web UI. However, clicking the integration settings shows that it is not connected. In this case, you can safely ignore the "configured" integration.
{% endhint %}
### Migrate to the GitHub Enterprise integration
@@ -235,19 +235,19 @@ Before deleting Snyk Projects imported using the GitHub integration, consider th
Before you configure and Import Projects using the [GitHub Enterprise integration](github-enterprise.md), Snyk recommends removing all Projects imported using the GitHub integration. This avoids having duplicate Snyk Projects.
-You can remove Projects imported using the GitHub integration manually by removing the Projects from Snyk. However, depending on how many Projects you have already imported using the GitHub integration, it may be easier for you to create a new Snyk Organization.
+You can remove Projects imported using the GitHub integration manually by removing the Projects from Snyk. However, depending on how many Projects you have already imported using the GitHub integration, it might be easier for you to create a new Snyk Organization.
-If you have already created multiple Snyk Organizations and Projects have been imported from GitHub to each Organization, it may be easier to re-create the Snyk Organizations to use the Snyk GitHub Enterprise integration than to update each one manually. If you choose to do this, you can copy integration settings from an existing Organization to avoid having to re-configure other integrations.
+If you have already created multiple Snyk Organizations and imported Projects from GitHub to each Organization, it might be easier to re-create the Snyk Organizations to use the Snyk GitHub Enterprise integration than to update each one manually. If you choose to do this, you can copy integration settings from an existing Organization to avoid having to re-configure other integrations.
#### Migration steps
If you already have multiple Snyk Organizations with Projects imported using the GitHub integration, follow these steps to migrate from GitHub integration to GitHub Enterprise integration.
-1. Create a new Snyk Organization that will be used as the template for all others. You can copy integration settings from an existing Organization if required.
-2. In this new template Organization, set up the Snyk GitHub Enterprise integration using the steps on the page [GitHub Enterprise integration](github-enterprise.md#how-to-set-up-the-github-enterprise-integration). The dedicated GitHub service account in those steps is a separate user account that you will use as the connection between Snyk and GitHub.
-3. When the Snyk GitHub Enterprise integration is configured, you can import a Project to your template Organization to test that the integration is working as expected.
-4. You can now create new Organizations that will replace the existing Organizations that were configured using the GitHub integration. As you create each new Organization, ensure that you copy the integration settings from this template Organization so that the GitHub Enterprise integration is available.
+1. Create a new Snyk Organization to use as the template for all others. You can copy integration settings from an existing Organization if required.
+2. In this new template Organization, set up the Snyk GitHub Enterprise integration using the steps on the page [GitHub Enterprise integration](github-enterprise.md#how-to-set-up-the-github-enterprise-integration). The dedicated GitHub service account in those steps is a separate user account that you use as the connection between Snyk and GitHub.
+3. When the Snyk GitHub Enterprise integration is configured, you can import a Project to your template Organization to test that the integration works as expected.
+4. You can now create new Organizations to replace the existing Organizations that were configured using the GitHub integration. As you create each new Organization, ensure that you copy the integration settings from this template Organization so that the GitHub Enterprise integration is available.
5. Now that your new Organizations are created, you can import your Projects, choosing the GitHub Enterprise integration when you select the source.
6. You can now remove the previous Organizations that were configured using the GitHub integration.
-You may want to [disconnect your GitHub integration](github-enterprise.md#how-to-disconnect-the-github-enterprise-integration) to avoid unintentionally importing Projects using the GitHub integration in the future. Because the GitHub integration is configured per user account, rather than per Organization, each user who has set up the GitHub integration must complete this disconnection process individually.
+You might want to [disconnect your GitHub integration](github-enterprise.md#how-to-disconnect-the-github-enterprise-integration) to avoid unintentionally importing Projects using the GitHub integration in the future. Because the GitHub integration is configured per user account, rather than per Organization, each user who has set up the GitHub integration must complete this disconnection process individually.
diff --git a/developer-tools/scm-integrations/organization-level-integrations/gitlab.md b/developer-tools/scm-integrations/organization-level-integrations/gitlab.md
index 302d3dcaa4fc..b9688c7bedc3 100644
--- a/developer-tools/scm-integrations/organization-level-integrations/gitlab.md
+++ b/developer-tools/scm-integrations/organization-level-integrations/gitlab.md
@@ -5,7 +5,7 @@
The GitLab integration is available only with Enterprise plans. For more information, see [plans and pricing](https://snyk.io/plans/).
-[Snyk Broker](https://app.gitbook.com/s/IgtgtomLQ2TUgSKOMSAm/snyk-broker/snyk-broker) is required if you are integrating from a private network.
+You need [Snyk Broker](https://app.gitbook.com/s/IgtgtomLQ2TUgSKOMSAm/snyk-broker/snyk-broker) if you are integrating from a private network.
{% endhint %}
### Prerequisites for GitLab integration
@@ -15,7 +15,7 @@ The GitLab integration is available only with Enterprise plans. For more informa
### GitLab integration features
-The GitLab integration allows you to:
+The GitLab integration lets you:
1. Check for vulnerabilities in your pull requests.
2. From the **Report** page or the **Project** page on the Snyk Web UI, [trigger a Snyk pull request](gitlab.md#fix-vulnerabilities-with-snyk-merge-requests) for the fixes listed.
@@ -28,13 +28,13 @@ To set up the GitLab integration with Snyk, create a GitLab access token and ent
Typically, the first user in a Snyk Organization, a [Snyk admin](https://app.gitbook.com/s/IgtgtomLQ2TUgSKOMSAm/#user-types) and GitLab Owner or Maintainer, sets up an integration with a **GitLab Personal Access Token** or **Group Access Token**. This token is then authenticated with GitLab, enabling access by Snyk to the repositories in that GitLab account.
-* A **GitLab Personal Access Token** is used to perform actions on and manage personal GitLab projects individually. These differ from Group Access Tokens as they are attached to a user rather than a GitLab group. For Snyk Essentials to show all repositories from GitLab, the user generating the PAT should be part of the GitLab group where their GitLab permissions can be a minimum of Guest.
-* A **GitLab Group Access Token** is used to perform actions for and manage more than one GitLab project within a GitLab group. The Group Access Token also grants access to all GitLab projects in a GitLab group or subgroup without contributing to GitLab's licensed user count.
+* A **GitLab Personal Access Token** performs actions on and manages personal GitLab projects individually. These differ from Group Access Tokens because they are attached to a user rather than a GitLab group. For Snyk Essentials to show all repositories from GitLab, the user generating the PAT must be part of the GitLab group where their GitLab permissions can be a minimum of Guest.
+* A **GitLab Group Access Token** performs actions for and manages more than one GitLab project in a GitLab group. The Group Access Token also grants access to all GitLab projects in a GitLab group or subgroup without contributing to the licensed user count in GitLab.
-To trigger the creation of fix pull requests manually, all users in a Snyk Organization can add and work with any related Snyk Projects, while the merge requests themselves will appear in GitLab as having been opened by the Snyk admin who set up the configuration.
+To trigger the creation of fix pull requests manually, all users in a Snyk Organization can add and work with any related Snyk Projects, while the merge requests themselves appear in GitLab as opened by the Snyk admin who set up the configuration.
{% hint style="warning" %}
-Group Access Tokens can only be created by a GitLab Owner using a GitLab Premium or Ultimate [account tier](https://about.gitlab.com/pricing/). This can be done in [GitLab's web UI](https://docs.gitlab.com/ee/user/group/settings/group_access_tokens.html), their Rails console, or through the GitLab API.
+Only a GitLab Owner using a GitLab Premium or Ultimate [account tier](https://about.gitlab.com/pricing/) can create Group Access Tokens. You can do this in the [GitLab web UI](https://docs.gitlab.com/ee/user/group/settings/group_access_tokens.html), the Rails console, or through the GitLab API.
{% endhint %}
### How to set up the GitLab integration
@@ -52,7 +52,7 @@ Group Access Tokens can only be created by a GitLab Owner using a GitLab Premium
Generating a GitLab Group Access Token requires selecting the Maintainer role for access.
-Selecting the **api** scope with a **Maintainer** role allows Snyk to authenticate user accounts and create webhooks, enabling the following:
+Selecting the **api** scope with a **Maintainer** role lets Snyk authenticate user accounts and create webhooks, enabling the following:
* Automation of fix pull requests and Snyk tests on your pull requests.
* Manual creation of fix pull requests.
@@ -73,12 +73,12 @@ Selecting the **api** scope with a **Maintainer** role allows Snyk to authentica
#### Fix vulnerabilities with Snyk merge requests
-When viewing a Snyk test report for a Snyk Project that you own or when looking at a GitLab Project that you are watching with Snyk, you see two options for fixing a vulnerability:
+When viewing a Snyk test report for a Snyk Project that you own or when looking at a GitLab Project that you are watching with Snyk, you see two (2) options for fixing a vulnerability:
* **Fix these vulnerabilities**: generate a Snyk merge request with the minimal changes needed to fix all the Snyk Project's detected vulnerabilities.
* **Fix this vulnerability**: generate a Snyk merge request on an individual issue that fixes the vulnerability.
-You can review the vulnerabilities that will be fixed, change your selection with the checkboxes, and choose to ignore any vulnerabilities that cannot be fixed now before opening the merge request on the **Open a Fix Merge Request** page.
+You can review the vulnerabilities that Snyk fixes, change your selection with the checkboxes, and choose to ignore any vulnerabilities that cannot be fixed now before opening the merge request on the **Open a Fix Merge Request** page.
{% hint style="info" %}
GitLab webhooks send out an event to Snyk when merge requests occur. This starts a series of other events, such as pulling GitLab project files, running the test process, and posting the results to GitLab, all of which occur on the Snyk side.
@@ -86,14 +86,14 @@ GitLab webhooks send out an event to Snyk when merge requests occur. This starts
#### Receive email alerts for new vulnerabilities
-When a new vulnerability is detected on a Snyk Project you are watching, Snyk will send you an email with a generated Snyk merge request to address the vulnerability.
+When Snyk detects a new vulnerability on a Snyk Project you are watching, it sends you an email with a generated Snyk merge request to address the vulnerability.
#### Receive email alerts for new upgrades or patches
-You may find yourself in a situation where no upgrade is found for a vulnerability, and only a patch is available. When a fix does become available, Snyk notifies you by email and generates a merge request containing the new fix.
+You might find yourself in a situation where no upgrade is found for a vulnerability, and only a patch is available. When a fix does become available, Snyk notifies you by email and generates a merge request containing the new fix.
{% hint style="warning" %}
-Patching is only available on Node.js Projects.
+Patching is available only on Node.js Projects.
{% endhint %}
### How to disconnect the GitLab integration
@@ -101,7 +101,7 @@ Patching is only available on Node.js Projects.
{% hint style="warning" %}
Disconnecting the GitLab integration removes all Snyk webhooks, along with the Snyk credentials, and deactivates the GitLab Projects in the Snyk Web UI.
-The Projects will be set to inactive, and you will no longer get alerts, pull requests, or Snyk tests on your pull requests.
+The Projects are set to inactive, and you no longer get alerts, pull requests, or Snyk tests on your pull requests.
{% endhint %}
1. Navigate to the Snyk GitLab integration **Settings**.
@@ -110,9 +110,9 @@ The Projects will be set to inactive, and you will no longer get alerts, pull re
Confirm disconnecting from GitLab
-After GitLab is disconnected, Snyk Projects imported from GitLab will be set to inactive, and you will no longer get alerts, pull requests, or Snyk tests on pull requests. The webhook that enables the integration for this repository will be removed.
+After GitLab is disconnected, Snyk Projects imported from GitLab are set to inactive, and you no longer get alerts, pull requests, or Snyk tests on pull requests. Snyk removes the webhook that enables the integration for this repository.
-You can re-connect anytime; however, re-initiating GitLab projects for monitoring requires setting up the integration again.
+You can re-connect anytime. However, re-initiating GitLab projects for monitoring requires setting up the integration again.
### GitLab integration Troubleshooting
diff --git a/developer-tools/scm-integrations/scm-integrations-and-snyk-broker.md b/developer-tools/scm-integrations/scm-integrations-and-snyk-broker.md
index 90431c89c035..90e046de669f 100644
--- a/developer-tools/scm-integrations/scm-integrations-and-snyk-broker.md
+++ b/developer-tools/scm-integrations/scm-integrations-and-snyk-broker.md
@@ -10,7 +10,7 @@ You can find on [GitHub](https://github.com/snyk/broker/tree/565242baf003f06f445
## Integrated SCM tokens for classic Broker
-An integrated SCM token is required for [Broker client setup](https://app.gitbook.com/s/IgtgtomLQ2TUgSKOMSAm/snyk-broker/classic-broker/prepare-snyk-broker-for-deployment). It is used in the `-e _TOKEN` parameter, for example, `-e GITHUB_TOKEN=xxx…`, to enable access to the SCM. These meet certain permissions needed for the operation of Broker and Snyk Code.
+An integrated SCM token is required for [Broker client setup](https://app.gitbook.com/s/IgtgtomLQ2TUgSKOMSAm/snyk-broker/classic-broker/prepare-snyk-broker-for-deployment). You use it in the `-e _TOKEN` parameter, for example, `-e GITHUB_TOKEN=xxx…`, to enable access to the SCM. These tokens meet certain permissions needed for the operation of Broker and Snyk Code.
An integrated SCM token can be generated for the following SCM integrations:
@@ -67,15 +67,15 @@ https://github.com/settings/apps/new?name=Snyk&description=Snyk%20helps%20you%20
* Snyk EU: `https%3A%2F%2Fapp.eu.snyk.io`
* Snyk AU: `https%3A%2F%2Fapp.au.snyk.io`
-3. After the value is replaced, navigate to that URL in your browser.\
- This will take you to the app creation screen in your GitHub Cloud instance with all the required details pre-filled.
+3. After you replace the value, navigate to that URL in your browser.\
+ This takes you to the app creation screen in your GitHub Cloud instance with all the required details pre-filled.
4. Scroll to the end of the page. Ensure that **Any account** is selected, and then click **Create GitHub App**.
5. Make a note of the `ClientId` and `AppId`. Store these safely and treat them as secrets. You must enter these credentials when you create the Universal Broker connection to your GitHub Cloud app.
6. Click the **generate a private key** link.\
This initiates the download of a `.pem` file. Store this file safely and treat it as a secret. You must enter the path to this file when you create the Universal Broker connection to your GitHub Cloud app.\
- Your GitHub Cloud App is now ready to be installed in repositories in your Snyk Organization.
+ Your GitHub Cloud App is now ready to install in repositories in your Snyk Organization.
7. Scroll to the top of the page and click **Install App** on the navigation panel. Click the **Install** button for your app.
-8. Choose where you want to install the app in your GitHub organization. It can be installed in specific repositories or all of them.
+8. Choose where you want to install the app in your GitHub organization. You can install it in specific repositories or all of them.
{% hint style="info" %}
If you choose to install the app only in specific repositories, the app works only in those repositories. You can return to this screen and edit where the app is installed if you want to add it to additional repositories.
@@ -105,7 +105,7 @@ Before the GitHub Cloud App can be used with the Universal Broker, you must crea
1. Run the `snyk-broker-config workflows connections create` command. Choose the `github-cloud-app` option and provide the information you are prompted for in the workflow.
2. Run `snyk-broker-config workflows connections integrate` to integrate the newly created connection to the Organization of your choice. Enter the Organization ID when you are prompted.
-Visit the integrations page in Snyk to verify that the integration has been configured.
+Visit the integrations page in Snyk to verify that the integration is configured.
See the [Universal Broker](https://app.gitbook.com/s/IgtgtomLQ2TUgSKOMSAm/snyk-broker/universal-broker) documentation for more details.
@@ -137,15 +137,15 @@ To use the GitHub Server App with Universal Broker you must create your own GitH
* Snyk AU: https%3A%2F%2Fapp.au.snyk.io
* Snyk US-02: https%3A%2F%2Fapp.us.snyk.io
-3. After these values are replaced, navigate to that URL in your browser.\
- This will take you to the app creation screen in your GitHub Server instance with all the required details pre-filled.
+3. After you replace these values, navigate to that URL in your browser.\
+ This takes you to the app creation screen in your GitHub Server instance with all the required details pre-filled.
4. Scroll to the end of the page. Ensure that **Any account** is selected, and then click **Create GitHub App**.
5. Make a note of the `ClientId` and `AppId`. Store these safely and treat them as secrets. You must enter these credentials when you create the Universal Broker connection to your GitHub Server app.
6. Click the **generate a private key** link.\
This initiates the download of a `.pem` file. Store this file safely and treat it as a secret. You must enter the path to this file when you create the Universal Broker connection to your GitHub Server app.\
- Your GitHub Server App is now ready to be installed in repositories in your Snyk Organization.
+ Your GitHub Server App is now ready to install in repositories in your Snyk Organization.
7. Scroll to the top of the page and click **Install App** on the navigation panel. Click the **Install** button for your app.
-8. Choose where you want to install the app in your GitHub organization. It can be installed in specific repositories or all of them.
+8. Choose where you want to install the app in your GitHub organization. You can install it in specific repositories or all of them.
{% hint style="info" %}
If you choose to install the app only in specific repositories, the app works only in those repositories. You can return to this screen and edit where the app is installed if you want to add it to additional repositories.
@@ -158,7 +158,7 @@ If you choose to install the app only in specific repositories, the app works on
### Create the Universal Broker connection for your GitHub Server App
-Before the GitHub Server App can be used with the Universal Broker, you must create a connection of the `github-server-app` type using the `snyk-broker-config` tool. For more details, see the [Universal Broker](https://app.gitbook.com/s/IgtgtomLQ2TUgSKOMSAm/snyk-broker/universal-broker) documentation. After the connection is created, it can be integrated with one or more Organization(s) of your choice.
+Before the GitHub Server App can be used with the Universal Broker, you must create a connection of the `github-server-app` type using the `snyk-broker-config` tool. For more details, see the [Universal Broker](https://app.gitbook.com/s/IgtgtomLQ2TUgSKOMSAm/snyk-broker/universal-broker) documentation. After you create the connection, you can integrate it with one or more Organizations of your choice.
#### Prerequisites
@@ -174,6 +174,6 @@ Before the GitHub Server App can be used with the Universal Broker, you must cre
1. Run the `snyk-broker-config workflows connections create` command. Choose the `github-server-app` option and provide the information you are prompted for in the workflow.
2. Run `snyk-broker-config workflows connections integrate` to integrate the newly created connection to the Organization of your choice. Enter the Organization ID when you are prompted.
-Visit the integrations page in Snyk to see that the integration has been configured.
+Visit the integrations page in Snyk to see that the integration is configured.
See the [Universal Broker](https://app.gitbook.com/s/IgtgtomLQ2TUgSKOMSAm/snyk-broker/universal-broker) documentation for more details.
diff --git a/developer-tools/scm-integrations/user-permissions-and-access-scopes.md b/developer-tools/scm-integrations/user-permissions-and-access-scopes.md
index b6922b9a3eb7..cec35aecc1e2 100644
--- a/developer-tools/scm-integrations/user-permissions-and-access-scopes.md
+++ b/developer-tools/scm-integrations/user-permissions-and-access-scopes.md
@@ -1,6 +1,6 @@
# User permissions and access scopes
-Snyk SCM integrations may require different permission requirements based on the connection method.
+Snyk SCM integrations can require different permissions based on the connection method.
See the following for detailed permission requirements:
@@ -28,7 +28,7 @@ A PAT generated for the Group-level GitHub integration requires the following pe
For information about token permissions in a brokered integration, see [GitHub - prerequisites and steps to install and configure Broker](https://app.gitbook.com/s/IgtgtomLQ2TUgSKOMSAm/snyk-broker/classic-broker/install-and-configure-snyk-broker/github-prerequisites-and-steps-to-install-and-configure-broker) and [Integrated SCM tokens for Snyk Broker](scm-integrations-and-snyk-broker.md#integrated-scm-tokens-for-classic-broker).
{% endhint %}
-The Snyk GitHub Enterprise integration is bound to a single user, preferably a GitHub service account. The level of access for the integration is defined by the combination of the user's permissions in GitHub and the access defined for the Personal Access Token (PAT) on that user's account. If the PAT is defined with more permission than the user's GitHub account, the integration will not be able to use that permission.
+The Snyk GitHub Enterprise integration is bound to a single user, preferably a GitHub service account. The combination of the user's permissions in GitHub and the access defined for the Personal Access Token (PAT) on that user's account defines the level of access for the integration. If the PAT has more permission than the user's GitHub account, the integration cannot use that permission.
The following table details the access scopes required in GitHub and GitHub Enterprise for Personal Access Tokens (PAT) and the scopes required for Snyk to perform the required operations on monitored repositories, such as reading manifest files on a frequent basis and opening fix or upgrade PRs. GitHub custom roles are not supported.
@@ -55,7 +55,7 @@ Snyk uses SCM webhooks to:
### GitHub Cloud App permission requirements
-The [Snyk GitHub Cloud App](organization-level-integrations/github-cloud-app.md) integration uses role-based access control, meaning access control is not dependent on individual users or their role, it is instead tied to the app entity.
+The [Snyk GitHub Cloud App](organization-level-integrations/github-cloud-app.md) integration uses role-based access control. Access control does not depend on individual users or their role; instead, it is tied to the app entity.
To set up the GitHub Cloud app integration, you must be a:
@@ -64,7 +64,7 @@ To set up the GitHub Cloud app integration, you must be a:
* GitHub Repository Admin (if installing through the GitHub UI).
{% hint style="info" %}
-While some permissions may be optional from GitHub’s perspective, they are necessary to support Snyk functions. These permissions cannot be customized for your individual needs because the app is registered under the Snyk Organization.
+While some permissions are optional from GitHub’s perspective, they are necessary to support Snyk functions. You cannot customize these permissions for your individual needs because the app is registered under the Snyk Organization.
{% endhint %}
The following table states the required GitHub App permissions and scopes:
@@ -130,7 +130,7 @@ Scope by Purpose
|
Importing new projects to Snyk: Lists available repos in the Bitbucket instance in the Add Projects screen.
|
read:project:bitbucket
read:workspace:bitbucket
read:account
read:user:bitbucket
|
|
Snyk Group Level Integrations: Required for Inventory and Essentials
|
read:repository:bitbucket
read:user:bitbucket read:workspace:bitbucket
|
-When reviewing the token scopes, they are listed by access level. Please review to ensure that you have the correct scopes:
+Bitbucket lists the token scopes by access level. Review them to ensure that you have the correct scopes:
| READ | WRITE |
| -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ---------------------------------------------------------------------------------------------------------------------------------- |
diff --git a/developer-tools/scm-integrations/workspaces.md b/developer-tools/scm-integrations/workspaces.md
index 3dfd4c302ab3..ff617c85602c 100644
--- a/developer-tools/scm-integrations/workspaces.md
+++ b/developer-tools/scm-integrations/workspaces.md
@@ -1,22 +1,22 @@
# Workspaces
{% hint style="info" %}
-Workspaces improve the accuracy and reliability of Snyk’s SCM integration results, especially for large-scale enterprise environments. This capability also supports additional functionality and improvements we have planned in the future. For these reasons, Snyk strongly recommends [enabling this option](workspaces.md#manage-workspaces) by default at your Group level.
+Workspaces improve the accuracy and reliability of the SCM integration results in Snyk, especially for large-scale enterprise environments. This capability also supports additional functionality and improvements we have planned in the future. For these reasons, Snyk strongly recommends [enabling this option](workspaces.md#manage-workspaces) by default at your Group level.
{% endhint %}
Workspaces represents a significant step forward in providing you with the most reliable and accurate vulnerability detection possible.
-Traditionally, Snyk has accessed repository contents using SCM APIs, which impose primary and secondary rate limits, and content limits. For example, the GitHub.com APIs are rate-limited to allow only a certain number of requests per hour, and there is a limit on the number of tree entries that can be retrieved from the Git database.
+Traditionally, Snyk accessed repository contents using SCM APIs, which impose primary and secondary rate limits, and content limits. For example, the GitHub.com APIs are rate-limited to allow only a certain number of requests per hour, and there is a limit on the number of tree entries that can be retrieved from the Git database.
-When repository contents are retrieved over these APIs, these limitations inhibit Snyk’s providing a complete analysis in a number of ways, especially across a very large number of repositories, or for repositories containing more than 100,000 files, sometimes referred to as monorepos.
+When Snyk retrieves repository contents over these APIs, these limitations inhibit Snyk from providing a complete analysis in a number of ways, especially across a large number of repositories, or for repositories containing more than 100,000 files, sometimes referred to as monorepos.
-Through Workspaces, these limitations are removed.
+Workspaces removes these limitations.
-The accuracy of results is improved in a number of ways through cloning. Since Snyk can access a complete view of a source code repository at a specific commit SHA, including repositories containing more than 100,000 files, the analysis is also more complete through cloning.
+Cloning improves the accuracy of results in a number of ways. Because Snyk can access a complete view of a source code repository at a specific commit SHA, including repositories containing more than 100,000 files, the analysis is also more complete through cloning.
## Snyk data ingestion
-When Workspaces is enabled, Snyk will ingest, through configured SCM integrations, a temporary and shallow clone of repository contents at a given commit and all commit metadata (including the commit message, authors, and timestamp).
+When Workspaces is enabled, Snyk ingests, through configured SCM integrations, a temporary and shallow clone of repository contents at a given commit and all commit metadata (including the commit message, authors, and timestamp).
{% hint style="info" %}
For more information on Snyk data processing and safeguards concerning Git repo cloning, see [Cache retention period related to vulnerability source data](https://app.gitbook.com/s/ELvljsaLKPkSpffOkmsQ/how-snyk-handles-your-data#cache-retention-period-related-to-vulnerability-source-data) and [Snyk integrations: workspaces](https://app.gitbook.com/s/ELvljsaLKPkSpffOkmsQ/how-snyk-handles-your-data#snyk-integrations-workspaces).
@@ -28,15 +28,15 @@ Repositories are cloned using HTTPS. SSH-based clones are unavailable.
## Manage Workspaces
-The Workspaces feature is managed through the **Integrations settings** page on the Group or Organization level. To do so, you must be a Snyk Group Admin or Snyk Organization Admin.
+You manage the Workspaces feature through the **Integrations settings** page on the Group or Organization level. To do so, you must be a Snyk Group Admin or Snyk Organization Admin.
-When Workspaces is enabled at the Group level, all Organizations within that Group have Workspaces enabled. This Group level setting can be overridden by the individual Organization level setting.
+When Workspaces is enabled at the Group level, all Organizations in that Group have Workspaces enabled. The individual Organization level setting can override this Group level setting.
{% hint style="warning" %}
-When a Group level setting is overridden by an Organization level setting, the Organization level setting cannot be modified by any future changes made to the Group level setting.
+When an Organization level setting overrides a Group level setting, no future changes to the Group level setting can modify the Organization level setting.
{% endhint %}
-While you can choose to disable the Workspaces feature, it is important to understand doing so will hinder Snyk’s ability to scan repositories in two specific ways:
+While you can choose to disable the Workspaces feature, it is important to understand that doing so hinders the ability of Snyk to scan repositories in two specific ways:
-1. Frequency of scanning: With Workspaces disabled, Snyk will analyze repository content through SCM APIs, which typically impose primary and secondary rate limits, and content limits. For example, the GitHub.com APIs are rate-limited to allow only a certain number of requests per hour, which hinders Snyk’s ability to analyze a large number of repositories in any one hour.
-2. Completeness of scanning: With the Workspaces feature disabled, Snyk will analyze repo content through SCM APIs, which typically limit the number of tree entries that can be retrieved from the Git database, potentially leading to missed vulnerabilities. This impacts analysis of repositories containing a large number of files, sometimes referred to as monorepos.
+1. Frequency of scanning: With Workspaces disabled, Snyk analyzes repository content through SCM APIs, which typically impose primary and secondary rate limits, and content limits. For example, the GitHub.com APIs are rate-limited to allow only a certain number of requests per hour, which hinders the ability of Snyk to analyze a large number of repositories in any one hour.
+2. Completeness of scanning: With the Workspaces feature disabled, Snyk analyzes repo content through SCM APIs, which typically limit the number of tree entries that can be retrieved from the Git database, potentially leading to missed vulnerabilities. This impacts analysis of repositories containing a large number of files, sometimes referred to as monorepos.
diff --git a/developer-tools/snyk-api/api-end-of-life-eol-process-and-migration-guides/README.md b/developer-tools/snyk-api/api-end-of-life-eol-process-and-migration-guides/README.md
index 0772b0bbb376..1288a346dc7b 100644
--- a/developer-tools/snyk-api/api-end-of-life-eol-process-and-migration-guides/README.md
+++ b/developer-tools/snyk-api/api-end-of-life-eol-process-and-migration-guides/README.md
@@ -1,6 +1,6 @@
# API End of Life (EOL) process and migration guides
-This page explains the process, key dates, and milestones associated with the end-of-life (EOL) cycle for all API endpoints. In this documentation, you will also find detailed information about [key dates](api-eol-endpoints-and-key-dates.md) and [migration guides](guides-to-migration/) for API endpoints that are in the end-of-life process.
+This page explains the process, key dates, and milestones associated with the end-of-life (EOL) cycle for all API endpoints. In this documentation, you can also find detailed information about [key dates](api-eol-endpoints-and-key-dates.md) and [migration guides](guides-to-migration/) for API endpoints that are in the end-of-life process.
## API End of Life (EOL) process
@@ -11,25 +11,25 @@ Snyk GA REST APIs are an evolution of Snyk V1 APIs because the GA REST APIs hav
* Improved performance
* Specifications for client generation
-Snyk EOL for V1 APIs and replacement with GA REST APIs will implement this improvement over the equivalent V1 APIs. As Snyk delivers more GA REST APIs, experimental and beta versions of the REST API will also reach end-of-life.
+Snyk EOL for V1 APIs and replacement with GA REST APIs implements this improvement over the equivalent V1 APIs. As Snyk delivers more GA REST APIs, experimental and beta versions of the REST API also reach end-of-life.
-Migrating from V1 API to GA REST can be a time-consuming process, and Snyk wants to ensure that you have enough time to factor in and execute migrations so that you can have the best API experience as soon as possible. The process for taking an endpoint (V1, experimental, or beta API) to EOL for seamless migration to GA REST is as follows:
+Migrating from V1 API to GA REST can be a time-consuming process, and Snyk wants to ensure that you have enough time to factor in and execute migrations so that you can have the best API experience as soon as possible. The process for taking an endpoint (V1, experimental, or beta API) to EOL for migration to GA REST is as follows:
-1. Batches of endpoints will be part of an EOL cycle that begins twice a year: one batch in January and one batch in July.
+1. Batches of endpoints are part of an EOL cycle that begins twice a year: one batch in January and one batch in July.
2. API endpoints can be included for EOL only if they have:
* A GA REST equivalent or equivalents (except in the rare case where a V1 API does not have or need a GA REST equivalent)
* Functionality parity between V1 and GA REST (unless explicitly stated otherwise in the migration guide)
* A migration guide by our field specialists for ease of migration
-3. Snyk will [publicly announce](http://updates.snyk.io/) which endpoints will be part of an EOL cycle one month before the cycle begins.
-4. On the date the EOL begins, the endpoints are deemed **deprecated**. At that point, the documentation of each endpoint will either be **removed** or have a statement added that the endpoint is deprecated. In addition, no new customers will be able to integrate with the endpoint. The endpoint will remain functional for existing customers until the end-of-life date. You can find all of the endpoints reaching end of life and the associated timelines on the [API EOL endpoints and key dates](api-eol-endpoints-and-key-dates.md) page.
-5. On a monthly basis during the EOL cadence, Snyk will temporarily halt functionality for the nominated endpoints for a period of time, increasing in duration over the course of the EOL.
-6. When we reach the EOL date, the endpoint will stop working, and you will receive an error.
+3. Snyk [publicly announces](http://updates.snyk.io/) which endpoints are part of an EOL cycle one month before the cycle begins.
+4. On the date the EOL begins, the endpoints are deemed **deprecated**. At that point, Snyk either **removes** the documentation of each endpoint or adds a statement that the endpoint is deprecated. In addition, no new customers can integrate with the endpoint. The endpoint remains functional for existing customers until the end-of-life date. You can find all of the endpoints reaching end of life and the associated timelines on the [API EOL endpoints and key dates](api-eol-endpoints-and-key-dates.md) page.
+5. On a monthly basis during the EOL cadence, Snyk temporarily halts functionality for the nominated endpoints for a period of time, increasing in duration over the course of the EOL.
+6. When we reach the EOL date, the endpoint stops working, and you receive an error.
## Types of API EOL
-The following types of EOL will take place during each cycle:
+The following types of EOL take place during each cycle:
-1. V1 API: When a GA REST equivalent or equivalents are released, Snyk will aim to include the V1 API in an end-of-life cycle as soon as possible. Users will have a six-month window to migrate off the endpoint, beginning at the public announcement in January and July.
-2. Experimental and beta: When Snyk upgrades a REST endpoint to GA that has earlier experimental or beta endpoints or both, Snyk will aim to include them in the EOL cycle as soon as possible. Users will have a 3-month window to migrate off the endpoint (starting from the public announcement in January and July).
+1. V1 API: When a GA REST equivalent or equivalents are released, Snyk aims to include the V1 API in an end-of-life cycle as soon as possible. Users have a six-month window to migrate off the endpoint, beginning at the public announcement in January and July.
+2. Experimental and beta: When Snyk upgrades a REST endpoint to GA that has earlier experimental or beta endpoints or both, Snyk aims to include them in the EOL cycle as soon as possible. Users have a three-month window to migrate off the endpoint (starting from the public announcement in January and July).
-In exceptional circumstances, Snyk may have to announce an EOL for an endpoint outside of the two announcements each year in January and July. Users will receive a one-month notice of the EOL cycle. The time window to migrate off the endpoint will follow the same windows identified for each type of EOL: a V1 API or an experimental or beta endpoint.
+In exceptional circumstances, Snyk might have to announce an EOL for an endpoint outside of the two announcements each year in January and July. Users receive a one-month notice of the EOL cycle. The time window to migrate off the endpoint follows the same windows identified for each type of EOL: a V1 API or an experimental or beta endpoint.
diff --git a/developer-tools/snyk-api/api-end-of-life-eol-process-and-migration-guides/api-eol-endpoints-and-key-dates.md b/developer-tools/snyk-api/api-end-of-life-eol-process-and-migration-guides/api-eol-endpoints-and-key-dates.md
index 2663cfcfc0ab..6c7bbe3ac9b1 100644
--- a/developer-tools/snyk-api/api-end-of-life-eol-process-and-migration-guides/api-eol-endpoints-and-key-dates.md
+++ b/developer-tools/snyk-api/api-end-of-life-eol-process-and-migration-guides/api-eol-endpoints-and-key-dates.md
@@ -2,7 +2,7 @@
## APIs at EOL
-Beginning July 22, 2024, the following endpoints will follow the EOL process:
+Beginning July 22, 2024, the following endpoints follow the EOL process:
| Endpoint | Endpoint type | EOL date | Migration guide |
| ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------- | ---------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
@@ -18,7 +18,7 @@ Beginning July 22, 2024, the following endpoints will follow the EOL process:
A brownout occurs when Snyk temporarily suspends an endpoint from being usable, returning a `410 gone` response when a user calls the endpoint.
-Snyk brownouts for APIs that are part of an end-of-life cycle will occur at 12:00 UTC. For the end-of-life cycle beginning July 22, 2024, the brownouts will occur on the following dates. Users will see a reminder two weeks before the brownout through an announcement on [updates.snyk.io](http://updates.snyk.io/):
+Snyk brownouts for APIs that are part of an end-of-life cycle occur at 12:00 UTC. For the end-of-life cycle beginning July 22, 2024, the brownouts occur on the following dates. Users see a reminder two weeks before the brownout through an announcement on [updates.snyk.io](http://updates.snyk.io/):
| Endpoints | Brownout date | Duration |
| ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------- | -------- |
diff --git a/developer-tools/snyk-api/api-end-of-life-eol-process-and-migration-guides/candidates-for-upcoming-api-end-of-life-cadences.md b/developer-tools/snyk-api/api-end-of-life-eol-process-and-migration-guides/candidates-for-upcoming-api-end-of-life-cadences.md
index ae51e102dba8..9c5fa15bac20 100644
--- a/developer-tools/snyk-api/api-end-of-life-eol-process-and-migration-guides/candidates-for-upcoming-api-end-of-life-cadences.md
+++ b/developer-tools/snyk-api/api-end-of-life-eol-process-and-migration-guides/candidates-for-upcoming-api-end-of-life-cadences.md
@@ -2,7 +2,7 @@
This page contains the list of V1, non-GA REST, and older versions of GA REST endpoints that are potential candidates for future end-of-life cadences. To see which endpoints are end-of-life'd, see [API EOL endpoints and key dates](api-eol-endpoints-and-key-dates.md).
-If an endpoint is listed in the table below, it does not guarantee that the endpoint will be included in the next end-of-life cadence. In addition, an endpoint can go straight into the next end-of-life cadence without having to be listed in the table below.
+If an endpoint is listed in the following table, it does not guarantee that Snyk includes the endpoint in the next end-of-life cadence. In addition, an endpoint can go straight into the next end-of-life cadence without having to be listed in the following table.
The endpoints in this list, and in any end-of-life cadence, must adhere to our end-of-life criteria, which require that the endpoints have:
@@ -10,7 +10,7 @@ The endpoints in this list, and in any end-of-life cadence, must adhere to our e
* Functionality parity between V1 and GA REST (unless explicitly stated otherwise in the migration guide)
* A migration guide by our field specialists for ease of migration
-Endpoints that are end-of-life'd do not appear in the list that follows, as the list is for future candidates for end-of-life, and can be found on the [API EOL endpoints and key dates](api-eol-endpoints-and-key-dates.md) page.
+Endpoints that are end-of-life'd do not appear in the list that follows, because the list is for future candidates for end-of-life, and can be found on the [API EOL endpoints and key dates](api-eol-endpoints-and-key-dates.md) page.
| Endpoint | Endpoint Type | Migration Guide | Date Added |
| -------- | ------------- | --------------- | ---------- |
diff --git a/developer-tools/snyk-api/api-end-of-life-eol-process-and-migration-guides/guides-to-migration/list-all-projects-v1-api-to-rest-api-migration-guide-completed-migration.md b/developer-tools/snyk-api/api-end-of-life-eol-process-and-migration-guides/guides-to-migration/list-all-projects-v1-api-to-rest-api-migration-guide-completed-migration.md
index ebba6f81379a..89af3122b1cd 100644
--- a/developer-tools/snyk-api/api-end-of-life-eol-process-and-migration-guides/guides-to-migration/list-all-projects-v1-api-to-rest-api-migration-guide-completed-migration.md
+++ b/developer-tools/snyk-api/api-end-of-life-eol-process-and-migration-guides/guides-to-migration/list-all-projects-v1-api-to-rest-api-migration-guide-completed-migration.md
@@ -17,7 +17,7 @@ Based on OpenAPI specifications, the Snyk REST API is designed to provide a cons
The Projects REST API introduces improved data architecture to facilitate enhanced performance and separation of domains.
-Snyk understands that migrating to a new API can be a significant undertaking and wants to support you throughout the process. This comprehensive migration guide is intended to facilitate a seamless transition by providing step-by-step instructions, code examples, and best practices to help you smoothly integrate with the new API.
+Snyk understands that migrating to a new API can be a significant undertaking and wants to support you throughout the process. This comprehensive migration guide is intended to facilitate the transition by providing step-by-step instructions, code examples, and best practices to help you integrate with the new API.
If you are using the deprecated endpoint, Snyk encourages you to review this migration guide and move all your automations over before Friday, December 22, 2023.
@@ -32,7 +32,7 @@ If you are using the deprecated endpoint, Snyk encourages you to review this mig
| List all projects v1 API documentation removal | September 22, 2023 | No action needed |
| End-of-life: All access to List all projects v1 API will result in a 410 Gone response. | December 22, 2023 | Ensure migration has been completed by this time to avoid disruption to automated workflows |
-The following Snyk Tools that use the List all projects v1 API have been updated to use the [REST List all projects API](https://apidocs.snyk.io/?version=2023-05-29#get-/orgs/-org_id-/projects) instead:
+The following Snyk Tools that use the List all projects v1 API are updated to use the [REST List all projects API](https://apidocs.snyk.io/?version=2023-05-29#get-/orgs/-org_id-/projects) instead:
* [snyk-jira-tickets-for-new-vulns](https://github.com/snyk-tech-services/jira-tickets-for-new-vulns): version 5.0.0 or newer
* [snyk-api-ts-client](https://github.com/snyk-labs/snyk-api-ts-client): version 1.11.1 or newer
diff --git a/developer-tools/snyk-api/api-end-of-life-eol-process-and-migration-guides/guides-to-migration/rest-issues-experimental-api-to-ga-api-migration-guide.md b/developer-tools/snyk-api/api-end-of-life-eol-process-and-migration-guides/guides-to-migration/rest-issues-experimental-api-to-ga-api-migration-guide.md
index 52a9bee63a9e..75b7ff6fb311 100644
--- a/developer-tools/snyk-api/api-end-of-life-eol-process-and-migration-guides/guides-to-migration/rest-issues-experimental-api-to-ga-api-migration-guide.md
+++ b/developer-tools/snyk-api/api-end-of-life-eol-process-and-migration-guides/guides-to-migration/rest-issues-experimental-api-to-ga-api-migration-guide.md
@@ -3,7 +3,7 @@
{% hint style="info" %}
**Important information about Experimental APIs**
-An experimental endpoint should be considered unstable and regarded as a tech preview. Experimental versions may introduce breaking changes and may be discontinued at any time.
+Consider an experimental endpoint unstable and regard it as a tech preview. Experimental versions can introduce breaking changes and can be discontinued at any time.
{% endhint %}
## What's new in the GA REST Issues API?
@@ -17,9 +17,9 @@ This version of the API delivers:
* **Consistency:** Improved performance and reliability of the REST Issues API
* **Depth:** detailed representations for Open Source packages and fixes
* **Flexibility:** new filters for tailored API responses
-* **Usability:** improved pagination and response management, simplifying the API interaction
+* **Usability:** improved pagination and response management for the API interaction
-Snyk understands that migrating to a new API can be a significant undertaking and wants to support you throughout the process. This comprehensive migration guide is intended to facilitate a seamless transition by providing step-by-step instructions, code examples, and best practices to help you smoothly integrate with the new API.
+Snyk understands that migrating to a new API can be a significant undertaking and wants to support you throughout the process. This comprehensive migration guide is intended to facilitate the transition by providing step-by-step instructions, code examples, and best practices to help you integrate with the new API.
If you are using the deprecated endpoint, Snyk encourages you to review this migration guide and move all your automations over.
@@ -28,7 +28,7 @@ If you are using the deprecated endpoint, Snyk encourages you to review this mig
{% hint style="info" %}
**Mapping experimental API issues to GA API issues**
-One of the main differences you will see in the table below is that the format of the ID for an issue changes from URI format (consists of key & scan\_item.id) in the Experimental API to UUID in the GA API. To match an issue in the experimental api response to the same issue in the GA API response you can use **key** and the **scan\_item.id**. Note that **scan\_item** is part of the **relationships** block and **key** is part of the **attributes** block.
+One of the main differences you see in the following table is that the format of the ID for an issue changes from URI format (consists of key & scan\_item.id) in the Experimental API to UUID in the GA API. To match an issue in the experimental api response to the same issue in the GA API response you can use **key** and the **scan\_item.id**. Note that **scan\_item** is part of the **relationships** block and **key** is part of the **attributes** block.
{% endhint %}
Fields
Experimental
GA
classes
Present
No change
coordinates
Only available for cloud issues
Available for cloud and SCA issues and has new fixability fields.
coordinates.is_fixable_manually
coordinates.is_fixable_snyk
coordinates.is_fixable_upstream
coordinates.is_patchable
coordinates.is_pinnable
coordinates.is_upgradeable
Not present
Newly introduced fixability data
coordinates.reachability
Not present
Newly introduced
coordinates.remedies
Present
No change
representations
Present
New fields
representations.resourcePath
Present
No change
respresentations.dependencyChain
Present
Removed in favor of representations.dependency
representations.dependency
Not present
Newly introduced replaces representations.
dependencyChain
representations.dependency
.package_name
representations.dependency.
package_version
Not present
Newly introduced as part of represenations.dependency
diff --git a/developer-tools/snyk-api/api-end-of-life-eol-process-and-migration-guides/guides-to-migration/search-audit-logs-group-and-org-v1-api-to-ga-rest-audit-logs-api-migration-guide.md b/developer-tools/snyk-api/api-end-of-life-eol-process-and-migration-guides/guides-to-migration/search-audit-logs-group-and-org-v1-api-to-ga-rest-audit-logs-api-migration-guide.md
index 638dc20b7bb9..de1f6be4d958 100644
--- a/developer-tools/snyk-api/api-end-of-life-eol-process-and-migration-guides/guides-to-migration/search-audit-logs-group-and-org-v1-api-to-ga-rest-audit-logs-api-migration-guide.md
+++ b/developer-tools/snyk-api/api-end-of-life-eol-process-and-migration-guides/guides-to-migration/search-audit-logs-group-and-org-v1-api-to-ga-rest-audit-logs-api-migration-guide.md
@@ -7,11 +7,11 @@ Based on OpenAPI specifications, the Snyk REST API is designed to provide a cons
* Consistent versioning
* Improved performance
-The Search Audit Logs REST API deprecates offset-based pagination in favour of more performant and consistent cursor-based pagination. Our v1 APIs get slower the higher your page offset becomes and will eventually time out at very high page counts. We’ve improved this considerably in our REST API by using a cursor-based approach that consistently returns results at greater speeds regardless of page count.
+The Search Audit Logs REST API deprecates offset-based pagination in favor of more performant and consistent cursor-based pagination. Our v1 APIs get slower the higher your page offset becomes and eventually time out at high page counts. We’ve improved this considerably in our REST API by using a cursor-based approach that consistently returns results at greater speeds regardless of page count.
-As well as performance improvements we have also improved filtering capabilities, allowing users to provide multiple include or exclude events for finer-tuned filtering. In a addition to this, the API was only capable of searching for logs within a minimum time-frame of 24 hours, we’ve improved this with higher granularity time stamps [RFC3339](https://datatracker.ietf.org/doc/html/rfc3339), which allows users to search within windows of minutes on a given day.
+As well as performance improvements, we have also improved filtering capabilities, letting users provide multiple include or exclude events for finer-tuned filtering. In addition to this, the API was only capable of searching for logs in a minimum time-frame of 24 hours; we’ve improved this with higher granularity time stamps [RFC3339](https://datatracker.ietf.org/doc/html/rfc3339), which lets users search in windows of minutes on a given day.
-`` `api.access` `` logs are now excluded by default on all search queries unless explicitly provided as part of the \`events\` parameter. These are typically high-volume low-information logs that are superseded by our explicit action logs, e.g. group.create. Explicit action logs will contain richer contextual information for an action and should be favoured in all cases.
+`` `api.access` `` logs are now excluded by default on all search queries unless explicitly provided as part of the \`events\` parameter. These are typically high-volume low-information logs that are superseded by our explicit action logs, for example, group.create. Explicit action logs contain richer contextual information for an action and you should favor them in all cases.
Here is what you could use in the v1 endpoints, and their GA REST equivalents:
@@ -19,7 +19,7 @@ Here is what you could use in the v1 endpoints, and their GA REST equivalents:
## Response
-Audit log event payloads have not changed as part of the REST migration, however, the structure of the response is different to conform to our standardised JSON API responses.
+Audit log event payloads have not changed as part of the REST migration; however, the structure of the response is different to conform to our standardized JSON API responses.
The V1 response is returned as an array, e.g.
@@ -63,7 +63,7 @@ The V1 response is returned as an array, e.g.
` ``` `
-The REST response will contain the same event payload information, however, it will be in the following format:
+The REST response contains the same event payload information; however, it is in the following format:
` ``` `
diff --git a/developer-tools/snyk-api/api-end-of-life-eol-process-and-migration-guides/guides-to-migration/v1-reporting-apis-to-export-api-migration-guide.md b/developer-tools/snyk-api/api-end-of-life-eol-process-and-migration-guides/guides-to-migration/v1-reporting-apis-to-export-api-migration-guide.md
index 3e6b501be0ec..c160ca8d1686 100644
--- a/developer-tools/snyk-api/api-end-of-life-eol-process-and-migration-guides/guides-to-migration/v1-reporting-apis-to-export-api-migration-guide.md
+++ b/developer-tools/snyk-api/api-end-of-life-eol-process-and-migration-guides/guides-to-migration/v1-reporting-apis-to-export-api-migration-guide.md
@@ -3,7 +3,7 @@
{% hint style="warning" %}
**End of life**
-The v1 Reporting API is being deprecated, and future development and support are focused on the [Dataset Export API](../../using-specific-snyk-apis/export-api-specifications-columns-and-filters.md) and the [Issues REST API](../../reference/issues.md). Snyk recommends migrating to the new [Export API](../../using-specific-snyk-apis/export-api-specifications-columns-and-filters.md).
+Snyk is deprecating the v1 Reporting API, and future development and support are focused on the [Dataset Export API](../../using-specific-snyk-apis/export-api-specifications-columns-and-filters.md) and the [Issues REST API](../../reference/issues.md). Snyk recommends migrating to the new [Export API](../../using-specific-snyk-apis/export-api-specifications-columns-and-filters.md).
{% endhint %}
This guide outlines the migration path for all routes in the legacy v1 Reporting API.
@@ -25,7 +25,7 @@ The most significant change is the shift from a direct, synchronous request/resp
To replace any v1 Reporting API call, follow these steps:
1. Initiate the Export:
- 1. Send a `POST` request with your filters to create an export job. You will receive an `export_id`.
+ 1. Send a `POST` request with your filters to create an export job. You receive an `export_id`.
2. Endpoint: `POST /groups/{group_id}/export`
3. Required Parameters: The body must include the filters (including at least one date filter: introduced or updated) and specify the dataset (issues or usage) in the request header.
2. Validate the Export Status:
@@ -33,7 +33,7 @@ To replace any v1 Reporting API call, follow these steps:
2. Endpoint: `GET /groups/{group_id}/jobs/export/{export_id}`
3. Statuses: `PENDING`, `STARTED`, `FINISHED`, `ERROR`.
3. Fetch Results in a CSV:
- 1. After `FINISHED`, fetch the results, which will return a self-signed URL to the CSV file.
+ 1. After `FINISHED`, fetch the results, which return a self-signed URL to the CSV file.
2. Endpoint: `GET /groups/{group_id}/export/{export_id}`
{% hint style="info" %}
@@ -53,7 +53,7 @@ The v1 issue count endpoints (`/v1/reporting/counts/issues` and `/latest`) relie
Key issue:
* The legacy v1 issue count endpoints do not include issues from Snyk Code, and do not include issues generated by the most recent Snyk Infrastructure as Code (IaC) engines.
-* Action: Migrating to the Export API with the issues dataset will provide a more complete and accurate count of all issues across all Snyk products, including IaC. Any count migration should be aware that the new number will likely be higher and more representative of your total issue landscape.
+* Action: Migrating to the Export API with the issues dataset provides a more complete and accurate count of all issues across all Snyk products, including IaC. For any count migration, be aware that the new number is likely to be higher and more representative of your total issue landscape.
#### Filter parameter migration
@@ -86,11 +86,11 @@ For any v1 filter not listed above (for example, `severity`, `fixable`, `languag
#### CSV to JSON Conversion Tool
-Since the Export API returns data as CSV, and the legacy API returned JSON, you will likely need to convert the exported file for structured consumption by your application.
+Because the Export API returns data as CSV, and the legacy API returned JSON, you likely need to convert the exported file for structured consumption by your application.
**Native JSON output**
-We are prioritizing adding the ability to export data directly in JSON format. It will be available early November. This feature will simplify data consumption for users migrating from the v1 API.
+We are prioritizing adding the ability to export data directly in JSON format. It is available early November. This feature streamlines data consumption for users migrating from the v1 API.
**Current workaround script**
diff --git a/developer-tools/snyk-api/api-end-of-life-eol-process-and-migration-guides/guides-to-migration/v1-reporting-issues-and-v1-aggregated-issues-apis-to-rest-issues-api-migration-guide.md b/developer-tools/snyk-api/api-end-of-life-eol-process-and-migration-guides/guides-to-migration/v1-reporting-issues-and-v1-aggregated-issues-apis-to-rest-issues-api-migration-guide.md
index e9f1f8a0b127..e524d25f4ee0 100644
--- a/developer-tools/snyk-api/api-end-of-life-eol-process-and-migration-guides/guides-to-migration/v1-reporting-issues-and-v1-aggregated-issues-apis-to-rest-issues-api-migration-guide.md
+++ b/developer-tools/snyk-api/api-end-of-life-eol-process-and-migration-guides/guides-to-migration/v1-reporting-issues-and-v1-aggregated-issues-apis-to-rest-issues-api-migration-guide.md
@@ -11,7 +11,7 @@ This page applies to the following V1 API endpoints:
* [Get list of latest issues](../../reference/reporting-api-v1.md#post-reporting-issues-latest) (`POST /reporting/issues/latest`) - not available for customers or partners in the `Snyk-US-02`, `Snyk-EU-01`, and `Snyk-AU-01` regions.
* [List all aggregated issues](../../reference/projects-v1.md#post-org-orgid-project-projectid-aggregated-issues) (`POST /org/{orgId}/project/{projectId}/aggregated-issues`)
-These APIs are subject to deprecation, and migrating to the REST Issues API immediately is highly recommended. The REST Issues API accommodates multiple regions.
+These APIs are subject to deprecation, and Snyk highly recommends migrating to the REST Issues API immediately. The REST Issues API accommodates multiple regions.
{% endhint %}
## Key benefits of the REST Issues API
@@ -30,7 +30,7 @@ The REST Issues API provides:
* Flexibility through new filters for tailored API responses.
* Enhanced usability through better pagination and response handling, streamlining API interactions.
-This migration guide is intended to facilitate a seamless transition by providing step-by-step instructions, code examples, and best practices to help you smoothly integrate with the new API.
+This migration guide is intended to facilitate the transition by providing step-by-step instructions, code examples, and best practices to help you integrate with the new API.
If you are using the V1 Issues endpoints, Snyk recommends that you migrate all your automation, API-based reporting, and integrations accordingly, by using the guidance provided here.
diff --git a/developer-tools/snyk-api/api-endpoints-index-and-tips/README.md b/developer-tools/snyk-api/api-endpoints-index-and-tips/README.md
index 0d69b68dac4e..f038ab03d516 100644
--- a/developer-tools/snyk-api/api-endpoints-index-and-tips/README.md
+++ b/developer-tools/snyk-api/api-endpoints-index-and-tips/README.md
@@ -19,7 +19,7 @@ See also the following sections on specific APIs:
For additional information, see the [API support articles](https://support.snyk.io/s/topic/0TOPU00000BgWMv4AN/snyk-api).
-This index includes the categories and names of REST GA and beta and V1 API endpoints, with the URL in the reference docs for each endpoint, and links to related information where available. REST is the default, and GA is the status unless beta is noted. V1 API is specified where applicable. This index is a work in progress; additional information is being added continually.
+This index includes the categories and names of REST GA and beta and V1 API endpoints, with the URL in the reference docs for each endpoint, and links to related information where available. REST is the default, and GA is the status unless beta is noted. V1 API is specified where applicable. This index is a work in progress; Snyk adds additional information continually.
## AccessRequests (beta)
@@ -337,7 +337,7 @@ The View Project History permission is needed to use this API.
Projects can be Git repositories, Docker images, containers, configuration files, and much more. For more information, see [Snyk Projects](https://app.gitbook.com/s/BJO0IZx7zB6bOkotxQP2/scan-with-snyk/snyk-projects); the page includes the [Targets definition](https://app.gitbook.com/s/BJO0IZx7zB6bOkotxQP2/scan-with-snyk/snyk-projects#target).
-A typical import starts with using the endpoint [Import targets](../reference/import-projects-v1.md#org-orgid-integrations-integrationid-import) to request a target to be processed. Then, use the endpoint [Get import job details](../reference/import-projects-v1.md#org-orgid-integrations-integrationid-import-jobid) to poll the Import Job AP I for further details on completion and resulting Snyk Projects.
+A typical import starts with using the endpoint [Import targets](../reference/import-projects-v1.md#org-orgid-integrations-integrationid-import) to request a target to be processed. Then, use the endpoint [Get import job details](../reference/import-projects-v1.md#org-orgid-integrations-integrationid-import-jobid) to poll the Import Job API for further details on completion and resulting Snyk Projects.
### [Import targets](../reference/import-projects-v1.md#org-orgid-integrations-integrationid-import) and [Get import job details](../reference/import-projects-v1.md#org-orgid-integrations-integrationid-import-jobid)
@@ -347,10 +347,10 @@ For information on when and how you can use Import targets, see [Gain visibility
If a call to the Import targets endpoint fails, use [Get import job detail](../reference/import-projects-v1.md#org-orgid-integrations-integrationid-import-jobid)s to help determine why. There are two types of failures:
-* The repository was rejected for processing, that is, HTTP status code 201 was not returned. This happens if there is an issue Snyk can see quickly for example:
+* The repository was rejected for processing, that is, HTTP status code 201 was not returned. This happens if there is an issue Snyk can see quickly, for example:
* The repository does not exist.
* The repository is unreachable by Snyk because the token is invalid or does not have sufficient permissions; there is no default branch.
-* The repository was accepted for processing, that is, the user got back HTTP status code 201 and a url to poll, but no projects were detected or some failed. This may occur because:
+* The repository was accepted for processing, that is, the user got back HTTP status code 201 and a url to poll, but no projects were detected or some failed. This can occur because:
* There are no Snyk-supported manifests in this repository.
* The repository is archived and the Snyk API calls to fetch files fail.
* The individual project or manifest had issues during processing. In this case Snyk returns success: false with a message in the log.
@@ -610,11 +610,11 @@ More information: [Project type responses from the API](project-type-responses-f
### [Applying (project) attributes](../reference/projects-v1.md#org-orgid-project-projectid-attributes)
-By using the API endpoint Applying attributes, you can set attributes for Snyk Projects including business criticality, lifecycle stage, and environment once the project has been created . To do so:
+By using the API endpoint Applying attributes, you can set attributes for Snyk Projects including business criticality, lifecycle stage, and environment after the project is created. To do so:
* Import the project using the API endpoint [Import targets](../reference/import-projects-v1.md#org-orgid-integrations-integrationid-import).
* Get the status API ID from [Import targets](../reference/import-projects-v1.md#org-orgid-integrations-integrationid-import).
-* Poll using the endpoint [Import job details](../reference/import-projects-v1.md#org-orgid-integrations-integrationid-import-jobid) until all imports have completed.
+* Poll using the endpoint [Import job details](../reference/import-projects-v1.md#org-orgid-integrations-integrationid-import-jobid) until all imports are completed.
* Parse the project IDs from the `projectURL` field.
* Use the endpoint [Applying attributes](../reference/projects-v1.md#org-orgid-project-projectid-attributes) to set the project attributes.
@@ -632,7 +632,7 @@ The Snyk V1 API endpoint [List all aggregated issues](../reference/projects-v1.m
### [List all Projects for an Org with the given Org ID](../reference/projects.md#orgs-org_id-projects)
-The query-string parameter for types is optional. The endpoint does not enforce specific project types and will return `no matching projects` if you enter a string that does not match a requested project type. See [Project type responses from the AP](project-type-responses-from-the-api.md)I for a list of project types.
+The query-string parameter for types is optional. The endpoint does not enforce specific project types and returns `no matching projects` if you enter a string that does not match a requested project type. See [Project type responses from the API](project-type-responses-from-the-api.md) for a list of project types.
**More information:** [Slack app (for Jira integration)](../../integrations/jira-and-slack-integrations/slack-app.md) (Use: Find your Project ID);\
[Snyk Projects](https://app.gitbook.com/s/BJO0IZx7zB6bOkotxQP2/scan-with-snyk/snyk-projects);\
@@ -670,7 +670,7 @@ The V1 Reporting endpoints support only Snyk legacy reporting, not the latest re
The V1 Reporting API underlies Snyk legacy reporting. Using the V1 Reporting API, you can find answers to questions like how many issues your Organization has, or how many tests have been conducted in a given time period.
-The rate limit is up to 70 requests per minute, per user. For all requests above the limit, the response will have the status code `429: Too many requests`, until requests stop for the duration of the rate-limiting interval (one minute). For more information see [Rate limiting for V1 API](../v1-api.md#rate-limiting).
+The rate limit is up to 70 requests per minute, per user. For all requests above the limit, the response has the status code `429: Too many requests`, until requests stop for the duration of the rate-limiting interval (one minute). For more information, see [Rate limiting for V1 API](../v1-api.md#rate-limiting).
**More information:** [Dependencies and licenses](https://app.gitbook.com/s/BJO0IZx7zB6bOkotxQP2/prevent/dependencies-and-licenses)
@@ -832,7 +832,7 @@ To get a list of issues that have been fixed, use the endpoint [Get list of late
### [Get target by target ID](../reference/targets.md#orgs-org_id-targets-target_id)
-This endpoint retrieves a list of Snyk Targets, which is used if you want to delete Targets by target ID.
+This endpoint retrieves a list of Snyk Targets, which you use if you want to delete Targets by target ID.
### [Delete target by target ID](../reference/targets.md#orgs-org_id-targets-target_id-1)
diff --git a/developer-tools/snyk-api/api-endpoints-index-and-tips/project-issue-paths-api-endpoints.md b/developer-tools/snyk-api/api-endpoints-index-and-tips/project-issue-paths-api-endpoints.md
index 3221bc8f95d1..4a0fce3d62f3 100644
--- a/developer-tools/snyk-api/api-endpoints-index-and-tips/project-issue-paths-api-endpoints.md
+++ b/developer-tools/snyk-api/api-endpoints-index-and-tips/project-issue-paths-api-endpoints.md
@@ -2,7 +2,7 @@
The following provides information in addition to the information in the API Reference for the endpoints [List all project issue paths](../reference/projects-v1.md#org-orgid-project-projectid-issue-issueid-paths) and [List all project snapshot issue paths](../reference/snapshots-v1.md#org-orgid-project-projectid-history-snapshotid-issue-issueid-paths).
-The `paths` endpoints provide details of the paths through which an issue has been introduced.
+The `paths` endpoints provide details of the paths through which an issue is introduced.
**Requests** to the `paths` endpoint are `GET` requests. The endpoints are available at the following URLs:
@@ -51,4 +51,4 @@ In this example, an issue is introduced through two different versions of the `l
The shortest path is provided first. If an issue applies to the Project itself, it appears as the only element in the path. For issues that apply to dependencies, each path starts with a direct dependency.
-The `fixVersion` attribute is provided on the first element of each path when that path is upgradable. If the `version` attribute and `fixVersion` attributes are the same, then the upgrade will only involve re-locking transitive dependencies.
+The `fixVersion` attribute is provided on the first element of each path when that path is upgradable. If the `version` attribute and `fixVersion` attributes are the same, then the upgrade involves only re-locking transitive dependencies.
diff --git a/developer-tools/snyk-api/api-endpoints-index-and-tips/project-type-responses-from-the-api.md b/developer-tools/snyk-api/api-endpoints-index-and-tips/project-type-responses-from-the-api.md
index 39f1830bc655..c4084aac0f50 100644
--- a/developer-tools/snyk-api/api-endpoints-index-and-tips/project-type-responses-from-the-api.md
+++ b/developer-tools/snyk-api/api-endpoints-index-and-tips/project-type-responses-from-the-api.md
@@ -2,7 +2,7 @@
The Snyk Project type, defined in the V1 API only as `the package manager of the project`, is returned from the [API v1 Projects endpoints](../reference/projects-v1.md) and from the endpoint [List all Projects for an Org with the given Org ID](../reference/projects.md#orgs-org_id-projects).
-The following is a list of the possible `type` values that may be returned.
+The following is a list of the possible `type` values that the API can return.
`apk`\
`armconfig`\
diff --git a/developer-tools/snyk-api/api-endpoints-index-and-tips/scenarios-for-using-the-snyk-api.md b/developer-tools/snyk-api/api-endpoints-index-and-tips/scenarios-for-using-the-snyk-api.md
index e17fbcea2539..5e94ec6f6781 100644
--- a/developer-tools/snyk-api/api-endpoints-index-and-tips/scenarios-for-using-the-snyk-api.md
+++ b/developer-tools/snyk-api/api-endpoints-index-and-tips/scenarios-for-using-the-snyk-api.md
@@ -26,7 +26,7 @@ Scenario: [assign-users-to-all-orgs](https://github.com/snyk-playground/cx-tools
### Add users to organizations at scale ahead of the first login
-Scenario: [Provision users to Orgs via API](https://app.gitbook.com/s/IgtgtomLQ2TUgSKOMSAm/user-management/user-management-with-the-api/provision-users-to-organizations-using-the-api)
+Scenario: [Provision users to Orgs using the API](https://app.gitbook.com/s/IgtgtomLQ2TUgSKOMSAm/user-management/user-management-with-the-api/provision-users-to-organizations-using-the-api)
**Endpoint used:**\
[Provision a user to the organization](../reference/organizations-v1.md#org-orgid-provision)
@@ -93,7 +93,7 @@ Scenario: [Broker-token-rotation](https://github.com/snyk-playground/cx-tools/bl
[Add new integration](../reference/integrations-v1.md#org-orgid-integrations)\
[Update existing integration](../reference/integrations-v1.md#org-orgid-integrations-integrationid) (to enable Broker)
-### For a specific event or time, disable all interactions (pull requests, tests) from Snyk to the code base (source control management repository)
+### For a specific event or time, disable all interactions (pull requests, tests) from Snyk to the codebase (source control management repository)
Scenario: [disable-all-interaction-from-snyk](https://github.com/snyk-playground/cx-tools/blob/main/scripts/disable-all-interaction-from-snyk.md) (complete procedure)
diff --git a/developer-tools/snyk-api/authentication-for-api/README.md b/developer-tools/snyk-api/authentication-for-api/README.md
index 9b549678662d..fa887de1fa0b 100644
--- a/developer-tools/snyk-api/authentication-for-api/README.md
+++ b/developer-tools/snyk-api/authentication-for-api/README.md
@@ -18,7 +18,7 @@ Enterprise users have [access to a personal access token under their profile](./
* Authenticating with the IDE manually
* Running API calls one time, for example, to test something
-Note that for free and team plan users, the personal token does not have access to the API and may be used for authenticating to IDE, CLI, and CI/CD integrations only. For details, see [Obtain and use your PAT token](https://app.gitbook.com/s/L7HyJj9FsK1W4pNt8Gzl/getting-started-guides/getting-started#obtain-and-use-your-snyk-api-token).
+Note that for free and team plan users, the personal token does not have access to the API and can be used for authenticating to IDE, CLI, and CI/CD integrations only. For details, see [Obtain and use your PAT token](https://app.gitbook.com/s/L7HyJj9FsK1W4pNt8Gzl/getting-started-guides/getting-started#obtain-and-use-your-snyk-api-token).
For additional information, see [Snyk PAT token permissions users can control](snyk-api-token-permissions-users-can-control.md).
@@ -30,11 +30,11 @@ You can create a personal access token through your [account settings](https://a
You can find your personal API token in your personal [account settings](https://app.snyk.io/account) after you register with Snyk and log in. In the **key** field, **Click to show**. Then highlight and copy the API key.
-If you want a new API token, select **Revoke & Regenerate.** This will make the previous API token invalid. For details, see [Revoke and regenerate a Snyk API token](revoke-and-regenerate-a-snyk-api-token.md).
+If you want a new API token, select **Revoke & Regenerate.** This makes the previous API token invalid. For details, see [Revoke and regenerate a Snyk API token](revoke-and-regenerate-a-snyk-api-token.md).
## Authenticating with a personal API token
-When using the API directly, provide the API token in an `Authorization: token` header, as in the following example request, replacing `API_TOKEN` with your token
+When using the API directly, provide the API token in an `Authorization: token` header, as in the following example request, replacing `API_TOKEN` with your token.
```bash
curl --request GET \
@@ -54,4 +54,4 @@ curl --request GET \
--header "Authorization: bearer API_TOKEN"
```
-Otherwise, a `401 Unauthorized` error will be returned.
+Otherwise, Snyk returns a `401 Unauthorized` error.
diff --git a/developer-tools/snyk-api/authentication-for-api/personal-access-tokens-pats.md b/developer-tools/snyk-api/authentication-for-api/personal-access-tokens-pats.md
index 06bd8ed45e87..1e89a2094873 100644
--- a/developer-tools/snyk-api/authentication-for-api/personal-access-tokens-pats.md
+++ b/developer-tools/snyk-api/authentication-for-api/personal-access-tokens-pats.md
@@ -4,34 +4,34 @@
A Personal Access Token (PAT) is a credential used to authenticate API, CLI, and IDE workflows.
-At any given time, you can have up to three active PATs. This is primarily to allow for downtime-free rotation journeys, where the new token can be created ahead of the old one expiring. PATs can be named, and you can choose their expiration up to a maximum of 90 days ahead. Names are solely there to help you identify tokens; they have no functional impact. Users cannot create PATs that live for more than 90 days.
+At any given time, you can have up to three active PATs. This allows for downtime-free rotation, where you can create the new token before the old one expires. You can name PATs and choose their expiration up to a maximum of 90 days ahead. Names help you identify tokens and have no functional impact. You cannot create PATs that live for more than 90 days.
-PATs are revealed only upon creation, and never after this point. Users must ensure they safely store the token itself, as the only option after this will be to revoke and create another.
+Snyk reveals PATs only upon creation, never after this point. You must safely store the token itself, because the only option afterward is to revoke and create another.
-PATs can only be created through the UI, but can be revoked through the UI and API.
+You can create PATs only through the UI, but you can revoke them through the UI and API.
-You can see the name, created date and expiry for each token of a PAT (but not the token), and these details can be seen in the UI and through the API.
+You can see the name, created date, and expiry for each PAT, but not the token, in the UI and through the API.
-## Generating a new token (UI Only)
+## Generating a new token (UI only)
1. In your account settings area, select the **Personal access tokens** tab.
-2. In the Name field, enter the name that you would like to provide your PAT. The names are solely there to help you distinguish between your PATs, and provide no other purpose.
-3. To set an expiry date, select the Expiry drop-down and select a date for your PAT to expire. The maximum date you can pick is 90 days ahead. No PAT can be created with a longer expiry.
+2. In the **Name** field, enter a name for your PAT. Names help you distinguish between your PATs and serve no other purpose.
+3. To set an expiry date, select the **Expiry** dropdown and select a date for your PAT to expire. The maximum date you can pick is 90 days ahead. You cannot create a PAT with a longer expiry.
-4. Click **Generate new token**. You have generated your PAT and will see a window appear with your token. Click **Copy** to copy your token. This is the only time the Snyk Platform will share this token with you. You must store it in a secure and accessible location as you cannot retrieve it later.
+4. Click **Generate new token**. Snyk generates your PAT and a window appears with your token. Click **Copy** to copy your token. This is the only time the Snyk Platform shares this token with you. You must store it in a secure and accessible location, because you cannot retrieve it later.
-5. If you have three PATs already, you will not be able to create another one. You must revoke one of them before being able to create any more.
+5. If you already have three PATs, you cannot create another one. You must revoke one of them before you can create any more.
## Revoking a token
1. In your account settings area, select the **Personal access tokens** tab.
-2. Next to the token that you would like to revoke, click Revoke. This results in your token being revoked. Token revocation cannot be reverted.
+2. Next to the token you want to revoke, click **Revoke**. Snyk revokes your token. You cannot revert token revocation.
diff --git a/developer-tools/snyk-api/authentication-for-api/revoke-and-regenerate-a-snyk-api-token.md b/developer-tools/snyk-api/authentication-for-api/revoke-and-regenerate-a-snyk-api-token.md
index 5683fef42253..7ff8a9dd6890 100644
--- a/developer-tools/snyk-api/authentication-for-api/revoke-and-regenerate-a-snyk-api-token.md
+++ b/developer-tools/snyk-api/authentication-for-api/revoke-and-regenerate-a-snyk-api-token.md
@@ -1,7 +1,7 @@
# Revoke and regenerate a Snyk API token
{% hint style="warning" %}
-When an API token is revoked, all integrations using that key immediately stop working. Proceed with caution!
+When you revoke an API token, all integrations using that key immediately stop working. Proceed with caution.
{% endhint %}
If you suspect an API token has been leaked, it is good practice to revoke that token and generate a new one to use in its place.
@@ -10,4 +10,4 @@ To revoke your Snyk user API token, navigate to your personal General Account Se

-Click the **Revoke & Regenerate** button to revoke your API token. A new one will be generated in its place. You can now copy the newly generated API token and update integrations that used the old token.
+Click **Revoke & Regenerate** to revoke your API token. Snyk generates a new one in its place. You can now copy the newly generated API token and update integrations that used the old token.
diff --git a/developer-tools/snyk-api/authentication-for-api/snyk-api-token-permissions-users-can-control.md b/developer-tools/snyk-api/authentication-for-api/snyk-api-token-permissions-users-can-control.md
index 25a0f026abc6..8010cd09d134 100644
--- a/developer-tools/snyk-api/authentication-for-api/snyk-api-token-permissions-users-can-control.md
+++ b/developer-tools/snyk-api/authentication-for-api/snyk-api-token-permissions-users-can-control.md
@@ -1,7 +1,7 @@
# Snyk API token permissions users can control
-To set an API token to have read-only permissions so the user is unable to write to the platform, use a service account and set it to Group Viewer.
+To set an API token to have read-only permissions so the user cannot write to the platform, use a service account and set it to Group Viewer.
-Service accounts at the Organization level have only Organization Admin and Organization Collaborator permissions. Thus, to set a service account to view only, you must use a Group-level service account.
+Service accounts at the Organization level have only Organization Admin and Organization Collaborator permissions. So, to set a service account to view only, you must use a Group-level service account.
For more information see [Service accounts](https://app.gitbook.com/s/IgtgtomLQ2TUgSKOMSAm/service-accounts/service-accounts).
diff --git a/developer-tools/snyk-api/reference/aibom.md b/developer-tools/snyk-api/reference/aibom.md
index 8bb00b8202c9..a65b15ef02dc 100644
--- a/developer-tools/snyk-api/reference/aibom.md
+++ b/developer-tools/snyk-api/reference/aibom.md
@@ -1,4 +1,4 @@
-# AiBom
+# AI-BOM
{% hint style="info" %}
This document uses the REST API. For more details, see the [Authentication for API](../authentication-for-api/) page.
diff --git a/developer-tools/snyk-api/reference/dependencies-v1.md b/developer-tools/snyk-api/reference/dependencies-v1.md
index 0c1291fd61dd..b46fa791b7a6 100644
--- a/developer-tools/snyk-api/reference/dependencies-v1.md
+++ b/developer-tools/snyk-api/reference/dependencies-v1.md
@@ -1,7 +1,7 @@
# Dependencies (v1)
{% hint style="info" %}
-This document uses the v1 API, which will eventually be deprecated, as further Snyk developments are now focused on the REST API. For more details, see the [v1 API](../v1-api.md).
+This document uses the v1 API, which Snyk plans to deprecate, because Snyk now focuses development on the REST API. For more details, see the [v1 API](../v1-api.md).
{% endhint %}
Dependencies are packages or modules that your Projects depend on.
diff --git a/developer-tools/snyk-api/reference/entitlements-v1.md b/developer-tools/snyk-api/reference/entitlements-v1.md
index 5ecc16571747..ce1e84224824 100644
--- a/developer-tools/snyk-api/reference/entitlements-v1.md
+++ b/developer-tools/snyk-api/reference/entitlements-v1.md
@@ -1,7 +1,7 @@
# Entitlements (v1)
{% hint style="info" %}
-This document uses the v1 API, which will eventually be deprecated, as further Snyk developments are now focused on the REST API. For more details, see the [v1 API](../v1-api.md).
+This document uses the v1 API, which Snyk plans to deprecate, because Snyk now focuses development on the REST API. For more details, see the [v1 API](../v1-api.md).
{% endhint %}
{% openapi src="../../.gitbook/assets/v1-api-spec.yaml" path="/org/{orgId}/entitlements" method="get" %}
diff --git a/developer-tools/snyk-api/reference/import-projects-v1.md b/developer-tools/snyk-api/reference/import-projects-v1.md
index d817dc77eb52..3fa4343cbcae 100644
--- a/developer-tools/snyk-api/reference/import-projects-v1.md
+++ b/developer-tools/snyk-api/reference/import-projects-v1.md
@@ -4,7 +4,7 @@
This document uses the v1 API, which will eventually be deprecated, as further Snyk developments are now focused on the REST API. For more details, see the [v1 API](../v1-api.md).
{% endhint %}
-You can use this API to import projects into Snyk. Projects imported can be Git repositories, Docker images, containers, configuration files, and much more. See the [Projects and Targets documentation](https://docs.snyk.io/scan-fix-and-prevent/scan-with-snyk/snyk-projects#target) for more information. A typical import would start with requesting a target to be processed and then polling the Import Job API for more details on completion of an import and the resulting Snyk Projects.
+You can use this API to import Projects into Snyk. Imported Projects can be Git repositories, Docker images, containers, and configuration files. See the [Projects and Targets documentation](https://docs.snyk.io/scan-fix-and-prevent/scan-with-snyk/snyk-projects#target) for more information. A typical import starts by requesting a target to be processed, then polls the Import Job API for details about the completion of an import and the resulting Snyk Projects.
{% openapi src="../../.gitbook/assets/v1-api-spec.yaml" path="/org/{orgId}/integrations/{integrationId}/import" method="post" %}
[v1-api-spec.yaml](../../.gitbook/assets/v1-api-spec.yaml)
diff --git a/developer-tools/snyk-api/reference/licenses-v1.md b/developer-tools/snyk-api/reference/licenses-v1.md
index 465b0b9907ba..83b841883c1e 100644
--- a/developer-tools/snyk-api/reference/licenses-v1.md
+++ b/developer-tools/snyk-api/reference/licenses-v1.md
@@ -4,7 +4,7 @@
This document uses the v1 API, which will eventually be deprecated, as further Snyk developments are now focused on the REST API. For more details, see the [v1 API](../v1-api.md).
{% endhint %}
-**Note:** When you import or update Projects, changes will be reflected in the endpoint results after a one-hour delay.
+**Note:** When you import or update Projects, the endpoint results reflect the changes after a one-hour delay.
{% openapi src="../../.gitbook/assets/v1-api-spec.yaml" path="/org/{orgId}/licenses" method="post" %}
[v1-api-spec.yaml](../../.gitbook/assets/v1-api-spec.yaml)
diff --git a/developer-tools/snyk-api/reference/reporting-api-v1.md b/developer-tools/snyk-api/reference/reporting-api-v1.md
index cfe3d999bf2f..7c5b0c3897f2 100644
--- a/developer-tools/snyk-api/reference/reporting-api-v1.md
+++ b/developer-tools/snyk-api/reference/reporting-api-v1.md
@@ -9,7 +9,7 @@ The endpoints in this category support only Snyk legacy reporting, not the lates
{% endhint %}
Using the Reporting API, you can find answers to questions like how many issues your Organization has, or how many tests have been conducted in a given time period.
-The rate limit is up to **70 requests per minute, per user**. All requests above the limit will get a response with the status code `429 - Too many requests` until requests stop for the duration of the rate-limiting interval (one minute).
+The rate limit is up to **70 requests per minute, per user**. Requests above the limit receive a response with the status code `429 - Too many requests` until requests stop for the duration of the rate-limiting interval (one minute).
{% openapi src="../../.gitbook/assets/v1-api-spec.yaml" path="/reporting/issues" method="post" %}
[v1-api-spec.yaml](../../.gitbook/assets/v1-api-spec.yaml)
diff --git a/developer-tools/snyk-api/rest-api/about-the-rest-api.md b/developer-tools/snyk-api/rest-api/about-the-rest-api.md
index 6c333e1423d7..5ad5e358880c 100644
--- a/developer-tools/snyk-api/rest-api/about-the-rest-api.md
+++ b/developer-tools/snyk-api/rest-api/about-the-rest-api.md
@@ -16,13 +16,13 @@ This API is available only over HTTPS. Calling this API over HTTP will yield a 4
The Snyk REST API generally adheres to the [JSON:API standard](https://jsonapi.org/), with some [caveats](https://github.com/snyk/sweater-comb/blob/main/docs/principles/jsonapi.md). JSON:API is an opinionated specification for how a client should request and modify resources and how a server should respond to requests.
-When using the REST API, send all requests which contain data with the header:
+When using the REST API, send all requests that contain data with the header:
```
Content-Type: application/vnd.api+json
```
-Otherwise a 400 "Bad Request" response will be returned.
+Otherwise, Snyk returns a 400 "Bad Request" response.
```json
HTTP/1.1 400 Bad Request
@@ -42,9 +42,9 @@ HTTP/1.1 400 Bad Request
### Using versions dated on or after 2024-10-15
-The API Reference examples include `?version=text` as a placeholder, where `text` represents the required date-formatted version string. Snyk recommends using `2024-10-15` for the version number unless you are using an earlier version for a specific reason. You can use the current day's date; this will call the most recent version of the API. The format for the date is `YYYY-MM-DD`.
+The API Reference examples include `?version=text` as a placeholder, where `text` represents the required date-formatted version string. Snyk recommends using `2024-10-15` for the version number unless you are using an earlier version for a specific reason. You can use the current day's date to call the most recent version of the API. The format for the date is `YYYY-MM-DD`.
-### Using versions dated prior to 2024-10-15
+### Using versions dated before 2024-10-15
The following information applies to calling versions earlier than 2024-10-15. The Snyk REST API has per-endpoint version contracts. For information about the differences in GA versions, see the [API Changelog](../changelog.md). Each endpoint can have its own release and support lifecycle, independent of any other endpoint in the Snyk REST API. In its most explicit form, the endpoint version number includes a date and stability tree, for example:
@@ -54,9 +54,9 @@ The following information applies to calling versions earlier than 2024-10-15. T
This version number indicates that the requested endpoint should be at stability level `2023-11-27` or older `beta`. The possible stability levels are:
-* `ga` - Generally Available, the default. Snyk will support these for at least six months after the next GA release.
-* `beta` - Beta. Snyk will support these for at least three months after the next beta or GA release.
-* `experimental` - Experimental. An experimental endpoint should be considered unstable and regarded as a tech preview. Experimental versions may introduce breaking changes and may be discontinued at any time.
+* `ga` - Generally Available, the default. Snyk supports these for at least six months after the next GA release.
+* `beta` - Beta. Snyk supports these for at least three months after the next beta or GA release.
+* `experimental` - Experimental. Consider an experimental endpoint to be unstable and a tech preview. Experimental versions can introduce breaking changes and Snyk can discontinue them at any time.
In the default case of Generally Available, there is no stability level specified in the version number itself, that is, only the date is present, for example:
@@ -68,9 +68,9 @@ This means the requested endpoint should be 2023-11-27 or older on the Generally
When the requested endpoint is at a specific stability level, Snyk serves the latest version, the version released on or before the requested date, or that stability or higher. For example, if the requested endpoint has a beta version at 2023-09-29 and GA version at 2024-01-23, and the requested endpoint is after 2024-01-23\~beta, Snyk resolves to the GA version.
-Granular version controls enable Snyk to introduce progressive enhancements. These may require small or minor backward-incompatible changes. However, using granular version controls means Snyk can deliver rapid enhancements more quickly while supporting existing endpoints for a guaranteed period of time.
+Granular version controls let Snyk introduce progressive enhancements. These can require small or minor backward-incompatible changes. However, using granular version controls means Snyk can deliver rapid enhancements more quickly while supporting existing endpoints for a guaranteed period of time.
-After an endpoint is marked as deprecated, it will contain a `Sunset` header indicating the date at which that endpoint contract will no longer be supported. For example:
+After an endpoint is marked as deprecated, it contains a `Sunset` header indicating the date on which that endpoint contract is no longer supported. For example:
```
Sunset: "2021-11-11"
@@ -82,7 +82,7 @@ All endpoints in the Snyk REST API are paginated using _cursor-based_ pagination
To mitigate the possibility of inconsistent results, by default, Snyk sorts by insertion order, so it is not possible to have items inserted on a prior page. However, if you specify the `sort` parameter, consistent pagination is no longer guaranteed. If you see inconsistent results, you can submit a new request. If consistent pagination is important to your workflow, use the default insertion sort order.
-Whenever you receive an API response, it will contain appropriate links in the body of the response as follows:
+Whenever you receive an API response, it contains appropriate links in the body of the response as follows:
```json
{
@@ -121,6 +121,6 @@ Errors conform to the JSON:API specification and include path-based information
## Rate limiting
-There is a limit of **1620 requests per minute**, per API key. All requests above the limit will get a response with the status code `429` - `Too many requests` until requests stop for the duration of the rate-limiting interval (one minute).
+There is a limit of **1620 requests per minute**, per API key. All requests above the limit get a response with the status code `429` - `Too many requests` until requests stop for the duration of the rate-limiting interval (one minute).
-From time to time, Snyk may introduce new rate limits to maintain overall system health. This is not considered a breaking change. All clients are expected to handle the `429` responses correctly and such requests can be retried later safely.
+From time to time, Snyk can introduce new rate limits to maintain overall system health. This is not considered a breaking change. All clients are expected to handle the `429` responses correctly, and such requests can be retried later safely.
diff --git a/developer-tools/snyk-api/snyk-api.md b/developer-tools/snyk-api/snyk-api.md
index 27f61b91c0fc..5b9777d30ffc 100644
--- a/developer-tools/snyk-api/snyk-api.md
+++ b/developer-tools/snyk-api/snyk-api.md
@@ -6,22 +6,22 @@ The majority of Snyk APIs are restricted to use by Enterprise plan customers onl
For more information, see [Plans and pricing](https://snyk.io/plans).
{% endhint %}
-The Snyk API allows customers to integrate programmatically with Snyk.
+The Snyk API lets customers integrate programmatically with Snyk.
The [Snyk REST API ](rest-api/about-the-rest-api.md) and the [V1 API](v1-api.md) are available in the Snyk API [Reference](reference/). Additional endpoints are available in the [OAuth2 API reference](oauth2-api.md).
## Automating Snyk processes
-The Snyk API enables developers to automate Snyk processes to accomplish their specific workflows, ensuring consistency in both developer experience and platform governance.
+The Snyk API lets developers automate Snyk processes to accomplish their specific workflows, ensuring consistency in both developer experience and platform governance.
Use the API when you want to customize, integrate, and automate Snyk processes as part of your specific workflows.
## Deciding to use the API, the CLI, or an SCM integration
-You may decide to use an API rather than the CLI or an integration. When you decide, consider possible differences in the output for the API, the CLI, and integrations.
+You can decide to use an API rather than the CLI or an integration. When you decide, consider possible differences in the output for the API, the CLI, and integrations.
-For example, for many package managers, using the API will be less accurate than running the Snyk CLI as part of your build pipe or locally on your package. More than one version of a package may fit the requirements in manifest files.
+For example, for many package managers, using the API is less accurate than running the Snyk CLI as part of your build pipe or locally on your package. More than one version of a package can fit the requirements in manifest files.
Running the CLI locally tests the actual deployed code and creates an accurate snapshot of the dependency versions in use. The API infers a snapshot, with inferior accuracy. Note that the Snyk CLI can output machine-readable JSON (`snyk test --json`).
-You can allow Snyk access to your development flow by using Snyk integrations. The advantage is having Snyk monitor every new pull request and suggest fixes by opening new pull requests. You can integrate Snyk directly with your source code management (SCM) tool, or by using a Broker to allow greater security and auditability.
+You can allow Snyk access to your development flow by using Snyk integrations. The advantage is having Snyk monitor every new pull request and suggest fixes by opening new pull requests. You can integrate Snyk directly with your source code management (SCM) tool, or by using a Broker for greater security and auditability.
diff --git a/developer-tools/snyk-api/using-specific-snyk-apis/export-api-specifications-columns-and-filters.md b/developer-tools/snyk-api/using-specific-snyk-apis/export-api-specifications-columns-and-filters.md
index e01110fd27e8..92321319d111 100644
--- a/developer-tools/snyk-api/using-specific-snyk-apis/export-api-specifications-columns-and-filters.md
+++ b/developer-tools/snyk-api/using-specific-snyk-apis/export-api-specifications-columns-and-filters.md
@@ -1,6 +1,6 @@
# Export API: Specifications, columns, and filters
-The Export API, which Snyk Analytics supports, makes it easier to export data by allowing users to create and manage CSV files. These files are safely stored by Snyk. Designed for efficiency and security, the Export API helps users organize and scale the export of large datasets, which is useful for reporting and analytics tasks.
+The Export API, which Snyk Analytics supports, makes it easier to export data by letting users create and manage CSV files. Snyk stores these files safely. Designed for efficiency and security, the Export API helps users organize and scale the export of large datasets, which is useful for reporting and analytics tasks.
You can use the Export API to export the Snyk `issues`, `usage events`, `pr checks`, `pr checks project adoption`, and `pr checks integration adoption` datasets in the scope of `Snyk Organization` or `Snyk Group`. Navigate to the [available columns and filters](export-api-specifications-columns-and-filters.md#available-columns-and-filters) section to see the full lists.
@@ -48,7 +48,7 @@ GET /groups/{group_id}/export/{export_id}
### Data freshness
-The data provided by the Export API service updates approximately every two hours. Given the data freshness, cyclic exports should not be scheduled more frequently than once every two hours.
+The data provided by the Export API service updates approximately every two hours. Given the data freshness, do not schedule cyclic exports more frequently than once every two hours.
### Rate limits
@@ -57,12 +57,12 @@ The API is limited by:
* The export `POST` endpoint allows up to 20 export requests per hour, while the status checks and results retrieval are unlimited.
{% hint style="info" %}
-Given that the data is typically refreshed every two hours, Snyk anticipates that the applied rate limits will allow comfortable consumption. Snyk recommends requesting an export per relevant Group once in a few hours or on a daily basis.
+Given that the data is typically refreshed every two hours, Snyk anticipates that the applied rate limits allow comfortable consumption. Snyk recommends requesting an export per relevant Group once in a few hours or on a daily basis.
{% endhint %}
### Data retention
-The exported CSV files will remain available for a period of three days.
+The exported CSV files remain available for a period of three days.
{% hint style="danger" %}
While the files are accessible for three days, the self-signed link to retrieve the export results is available only for 60 minutes after its creation by default. Users can limit the link expiration by passing a value between 0 and 3600 to the `url_expiration_seconds` attribute.
diff --git a/developer-tools/snyk-api/using-specific-snyk-apis/issues-list-issues-for-a-package.md b/developer-tools/snyk-api/using-specific-snyk-apis/issues-list-issues-for-a-package.md
index baf32227c905..a0dc1b53c6c6 100644
--- a/developer-tools/snyk-api/using-specific-snyk-apis/issues-list-issues-for-a-package.md
+++ b/developer-tools/snyk-api/using-specific-snyk-apis/issues-list-issues-for-a-package.md
@@ -1,8 +1,8 @@
# Issues: List issues for a package
-The Snyk REST API endpoint [List issues for a package](../reference/issues.md#orgs-org_id-packages-purl-issues) can be used to get all direct (non-transitive) vulnerabilities for a package using its `purl`, which is a uniform way of identifying software packages across ecosystems as defined in the [package URL specification](https://github.com/package-url/purl-spec).
+Use the Snyk REST API endpoint [List issues for a package](../reference/issues.md#orgs-org_id-packages-purl-issues) to get all direct (non-transitive) vulnerabilities for a package using its `purl`, which is a uniform way of identifying software packages across ecosystems as defined in the [package URL specification](https://github.com/package-url/purl-spec).
-When you pass a `purl` to the endpoint, Snyk will find any known vulnerabilities for that package and return them as part of the response body.
+When you pass a `purl` to the endpoint, Snyk finds any known vulnerabilities for that package and returns them as part of the response body.
The API is useful when you have a list of packages and want to retrieve a list of vulnerabilities for a package version.
@@ -12,7 +12,7 @@ The examples on this page use [HTTPie](https://httpie.io/), but you can use any
## Supported purl types
-The current release supports the following `purl` types: `apk`, `cargo`, `cocoapods`, `conan`, `composer`, `deb`, `gem`, `generic`, `golang`, `hex`, `npm`, `nuget`, `pub`, `pypi`, `rpm`, `swift` and `maven`.
+The current release supports the following `purl` types: `apk`, `cargo`, `cocoapods`, `conan`, `composer`, `deb`, `gem`, `generic`, `golang`, `hex`, `npm`, `nuget`, `pub`, `pypi`, `rpm`, `swift`, and `maven`.
If you are interested in support for additional ecosystems, submit a request to [Snyk Support](https://support.snyk.io).
@@ -38,7 +38,7 @@ $ http \
version==2024-06-26
```
-For operating system packages, a vendor must be specified in the namespace portion, and a `distro` qualifier must be specified. Supported vendors include: `debian`, `alpine`, `rhel`, `ubuntu`, `amzn`, `centos`, `oracle`, `rocky`, `sles`.
+For operating system packages, you must specify a vendor in the namespace portion and a `distro` qualifier. Supported vendors include `debian`, `alpine`, `rhel`, `ubuntu`, `amzn`, `centos`, `oracle`, `rocky`, and `sles`.
An example using a valid url-encoded operating system purl follows:
@@ -240,7 +240,7 @@ Where applicable, **pagination links for the results** are included as follows:
## Troubleshooting for the List issues for a package endpoint
-The following are **error states** that you may receive when using the API. If you experience issues not covered here or are having trouble resolving these, contact your Solution Engineer or Technical Success Manager, or submit a request to [Snyk Support](https://support.snyk.io).
+The following are **error states** that you can receive when using the API. If you experience issues not covered here or are having trouble resolving these, contact your Solution Engineer or Technical Success Manager, or submit a request to [Snyk Support](https://support.snyk.io).
**Invalid PURL**\
400\
@@ -264,7 +264,7 @@ To get access, contact your Solutions Engineer or Technical Success Manager, or
**Rate limit exceeded**\
429\
-180 requests per minute per user are permitted on this API endpoint. If you exceed this volume, you will receive a 429 error response code.
+180 requests per minute per user are permitted on this API endpoint. If you exceed this volume, you receive a 429 error response code.
**Invalid pagination parameters**\
400\
diff --git a/developer-tools/snyk-api/using-specific-snyk-apis/sbom-apis/README.md b/developer-tools/snyk-api/using-specific-snyk-apis/sbom-apis/README.md
index 8d945a0572e6..6723b158d06f 100644
--- a/developer-tools/snyk-api/using-specific-snyk-apis/sbom-apis/README.md
+++ b/developer-tools/snyk-api/using-specific-snyk-apis/sbom-apis/README.md
@@ -1,6 +1,6 @@
# SBOM APIs
-Information about how to use the following API endpoints is provided:
+This section describes how to use the following API endpoints:
* [Get a project’s SBOM document](rest-api-get-a-projects-sbom-document.md)
* [Test an SBOM document for vulnerabilities](rest-api-endpoint-test-an-sbom-document-for-vulnerabilities.md)
diff --git a/developer-tools/snyk-api/using-specific-snyk-apis/sbom-apis/rest-api-endpoint-test-an-sbom-document-for-vulnerabilities.md b/developer-tools/snyk-api/using-specific-snyk-apis/sbom-apis/rest-api-endpoint-test-an-sbom-document-for-vulnerabilities.md
index 658fbd6090c5..766f7bbce39a 100644
--- a/developer-tools/snyk-api/using-specific-snyk-apis/sbom-apis/rest-api-endpoint-test-an-sbom-document-for-vulnerabilities.md
+++ b/developer-tools/snyk-api/using-specific-snyk-apis/sbom-apis/rest-api-endpoint-test-an-sbom-document-for-vulnerabilities.md
@@ -5,7 +5,7 @@
The Snyk REST API is available only for Enterprise plans. For more information, see [Plans and pricing](https://snyk.io/plans).
-These endpoints are beta API versions. Some of the functionality may change. For more information, see the [Versioning](../../rest-api/about-the-rest-api.md#versioning) information for the REST API.
+These endpoints are beta API versions. Some of the functionality can change. For more information, see the [Versioning](../../rest-api/about-the-rest-api.md#versioning) information for the REST API.
{% endhint %}
Snyk offers a [collection of API endpoints](https://apidocs.snyk.io/?version=2024-09-03%7Ebeta#post-/orgs/-org_id-/sbom_tests) to asynchronously test a software bill of materials (SBOM) document. You can use these endpoints to learn more about the vulnerabilities impacting your SBOM and its packages.
@@ -89,7 +89,7 @@ curl --request POST \
You can check the status of the test at any time after the initial request.
1. Using the `job_id` returned from the initial request to the endpoint [Create an SBOM test run](https://apidocs.snyk.io/?version=2024-09-03%7Ebeta#post-/orgs/-org_id-/sbom_tests), make a request to the endpoint [Gets an SBOM test run status](https://apidocs.snyk.io/?version=2024-09-03%7Ebeta#get-/orgs/-org_id-/sbom_tests/-job_id-).
-2. A successful request to this endpoint returns the status of your test, which can either be `processing` or `finished`. If the call is not successful, an error will be returned.
+2. A successful request to this endpoint returns the status of your test, which can either be `processing` or `finished`. If the call is not successful, Snyk returns an error.
```bash
curl --get \
@@ -116,9 +116,9 @@ The following response code indicates success.
**201 Created**
-The SBOM test run was successfully created. The response body contains the job ID of the test run.
+Snyk successfully created the SBOM test run. The response body contains the job ID of the test run.
-The following are error states that you may receive when using the API. If you experience issues not covered here or are having trouble resolving these, contact your Solutions Engineer or Technical Success Manager, or submit a request to [Snyk Support](https://support.snyk.io).
+The following are error states that you can receive when using the API. If you experience issues not covered here or are having trouble resolving these, contact your Solutions Engineer or Technical Success Manager, or submit a request to [Snyk Support](https://support.snyk.io).
**400 Bad Request**
@@ -134,7 +134,7 @@ You do not have the permissions required to make the request. This can happen if
**429 Too Many Requests**
-Since the Snyk API is rate-limited, an excessive number of requests will eventually start to be rejected. You need to wait before making any further requests.
+Since the Snyk API is rate-limited, an excessive number of requests eventually starts to be rejected. You need to wait before making any further requests.
**500 Internal Server Error**
diff --git a/developer-tools/snyk-api/using-specific-snyk-apis/sbom-apis/rest-api-get-a-projects-sbom-document.md b/developer-tools/snyk-api/using-specific-snyk-apis/sbom-apis/rest-api-get-a-projects-sbom-document.md
index 9d5292434071..79c0fecd0b7d 100644
--- a/developer-tools/snyk-api/using-specific-snyk-apis/sbom-apis/rest-api-get-a-projects-sbom-document.md
+++ b/developer-tools/snyk-api/using-specific-snyk-apis/sbom-apis/rest-api-get-a-projects-sbom-document.md
@@ -9,7 +9,7 @@ Snyk offers the endpoint [Get a project's SBOM document](../../reference/sbom.md
The SBOM document represents the latest state of a Project’s dependencies and their relationships.
-SBOM documents can be generated in [CycloneDX](https://cyclonedx.org/) v1.4, v1.5, v1. 6 (JSON, XML) and [SPDX](https://spdx.dev/) v2.3 (JSON) formats.
+You can generate SBOM documents in [CycloneDX](https://cyclonedx.org/) v1.4, v1.5, v1.6 (JSON, XML) and [SPDX](https://spdx.dev/) v2.3 (JSON) formats.
## How to generate the SBOM for a Project
@@ -18,15 +18,15 @@ SBOM documents can be generated in [CycloneDX](https://cyclonedx.org/) v1.4, v1.
2. Determine the format you want for the SBOM you will generate.\
Available options are CycloneDX 1.4 JSON (`cyclonedx1.4+json`), CycloneDX 1.4 XML (`cyclonedx1.4+xml`), CycloneDX 1.5 JSON (`cyclonedx1.5+json`), CycloneDX 1.5 XML (`cyclonedx1.5+xml`), CycloneDX 1.6 JSON (`cyclonedx1.6+json`), CycloneDX 1.6 XML (`cyclonedx1.6+xml`) or SPDX v2.3 JSON (`spdx2.3+json`).
3. Using any HTTP client, for example, Postman or `curl`, make a request to the endpoint, specifying the latest stable version.\
- Note that the `format` parameter must be URL-encoded.\
- Example: To retrieve a CycloneDX 1.4 JSON document, set `format=cyclonedx1.4%2Bjson` on the query. Note that the example has a placeholder for the version; use version 2024-08-22 or later.
+ The `format` parameter must be URL-encoded.\
+ Example: To retrieve a CycloneDX 1.4 JSON document, set `format=cyclonedx1.4%2Bjson` on the query. The example has a placeholder for the version; use version 2024-08-22 or later.
`$ curl --location 'https://api.snyk.io/rest/orgs//projects//sbom?version=yyyy-mm-dd&format='`\
`--header 'Authorization: token '`
## Custom CycloneDX properties
-An SBOM document generated by Snyk will include some Snyk-specific metadata about what has been exported. This is included in the `metadata.properties` section of the document when exported as CycloneDX.
+An SBOM document generated by Snyk includes some Snyk-specific metadata about what has been exported. This is included in the `metadata.properties` section of the document when exported as CycloneDX.
Property Name
Description
snyk:org_id
The organization ID (UUID), if applicable
snyk:collection_id
The project collection’s ID (UUID), if applicable
snyk:project_id
The project’s ID (UUID), if applicable
snyk:target_id
The target’s ID (UUID), if applicable
@@ -36,9 +36,9 @@ The following response code indicates success.
**200 OK**
-The SBOM document was successfully generated. The response body contains the document in the requested format.
+Snyk successfully generated the SBOM document. The response body contains the document in the requested format.
-The following are **error states** that you may receive when using the API. If you experience issues not covered here or are having trouble resolving these, contact your Solution Engineer or Technical Success Manager or submit a request to [Snyk Support](https://support.snyk.io).
+The following are **error states** that you can receive when using the API. If you experience issues not covered here or are having trouble resolving these, contact your Solution Engineer or Technical Success Manager, or submit a request to [Snyk Support](https://support.snyk.io).
**401 Unauthorized**
@@ -50,7 +50,7 @@ You do not have the permissions required to make the request. This can happen if
**429 Too Many Requests**
-Since the Snyk API is rate-limited, an excessive number of requests will eventually start to be rejected. Wait before making any further requests.
+Since the Snyk API is rate-limited, an excessive number of requests eventually starts to be rejected. Wait before making any further requests.
**500 Internal Server Error**
diff --git a/developer-tools/snyk-api/using-specific-snyk-apis/snyk-apps-apis/README.md b/developer-tools/snyk-api/using-specific-snyk-apis/snyk-apps-apis/README.md
index fc87549ab8a3..8addf0d49eda 100644
--- a/developer-tools/snyk-api/using-specific-snyk-apis/snyk-apps-apis/README.md
+++ b/developer-tools/snyk-api/using-specific-snyk-apis/snyk-apps-apis/README.md
@@ -1,6 +1,6 @@
# How to use Snyk Apps APIs
-This section provides an introduction to Snyk Apps and instructions for using the API and the CLI to create an App, for using the OAuth2 API to set up a Snyk App, and for using the API to manage Snyk Apps.
+This section introduces Snyk Apps and provides instructions for using the API and the CLI to create an App, using the OAuth2 API to set up a Snyk App, and using the API to manage Snyk Apps.
* [About Snyk Apps](about-snyk-apps.md)
* [Prerequisites for Snyk Apps](prerequisites-for-snyk-apps.md)
diff --git a/developer-tools/snyk-api/using-specific-snyk-apis/snyk-apps-apis/about-snyk-apps.md b/developer-tools/snyk-api/using-specific-snyk-apis/snyk-apps-apis/about-snyk-apps.md
index f9ca4bce652c..2b1f98fce259 100644
--- a/developer-tools/snyk-api/using-specific-snyk-apis/snyk-apps-apis/about-snyk-apps.md
+++ b/developer-tools/snyk-api/using-specific-snyk-apis/snyk-apps-apis/about-snyk-apps.md
@@ -1,8 +1,8 @@
# About Snyk Apps
-Snyk Apps are integrations that extend the functionality of the Snyk platform, allowing you to create a Snyk experience to suit your specific needs.
+Snyk Apps are integrations that extend the functionality of the Snyk platform, letting you create a Snyk experience to suit your specific needs.
-For example, a Snyk App might automate Snyk [application security testing](https://snyk.io/learn/application-security/testing/) as part of a build tool. Another Snyk App might stream Snyk security testing results into an incident management tool. You can create your own reporting, metrics, or even a user management App. You can move your automated Snyk API scripts and transform them into a Snyk App, which will add a better UX/UI experience for your Snyk Organization users.
+For example, a Snyk App might automate Snyk [application security testing](https://snyk.io/learn/application-security/testing/) as part of a build tool. Another Snyk App might stream Snyk security testing results into an incident management tool. You can create your own reporting, metrics, or even a user management App. You can move your automated Snyk API scripts and transform them into a Snyk App, which adds a better UX/UI experience for your Snyk Organization users.
The easiest way to start building a new Snyk App is to clone the [Demo Snyk Apps ](https://github.com/snyk/snyk-apps-demo)GitHub repository. You can either modify the demo to suit your App design or use it as a base for creating your own Snyk App. See the [Snyk Apps blog post](https://snyk.io/blog/snyk-apps-beta-build-custom-apps-extend-snyk-security-into-workflows/) for more details.
@@ -12,17 +12,17 @@ Snyk Apps are based on the [Snyk API](../../snyk-api.md) so that your integratio
## Integrating Apps with Snyk
-The Snyk Apps platform uses an [OAuth 2.0](http://oauth.net/2/) authorization flow. This allows your Snyk App to get an access token to act on behalf of the user or Tenant, depending on the scopes you request. There are many OAuth 2.0 libraries available that will greatly simplify the integration. The [Snyk Apps Demo](https://github.com/snyk/snyk-apps-demo) uses the popular JavaScript library [passport.js](http://www.passportjs.org/packages/passport-oauth2/).
+The Snyk Apps platform uses an [OAuth 2.0](http://oauth.net/2/) authorization flow. This lets your Snyk App get an access token to act on behalf of the user or Tenant, depending on the scopes you request. There are many OAuth 2.0 libraries available that greatly simplify the integration. The [Snyk Apps Demo](https://github.com/snyk/snyk-apps-demo) uses the popular JavaScript library [passport.js](http://www.passportjs.org/packages/passport-oauth2/).
See the Snyk [OAuth2 API documentation](../../oauth2-api.md) for details.
## How do Apps connect?
-When a Snyk App is created, it is set up to use `a specific context`, either `tenant` or `user`. Set this with the `context` field if you are creating a Snyk App with the API or the `--context` flag if you are using the CLI. If the `context` is not specified, a Snyk App will default to the `tenant` context, which is preferred unless your Snyk App specifically needs to perform operations as an individual user.
+When you create a Snyk App, it is set up to use `a specific context`, either `tenant` or `user`. Set this with the `context` field if you are creating a Snyk App with the API or the `--context` flag if you are using the CLI. If you do not specify the `context`, a Snyk App defaults to the `tenant` context, which is preferred unless your Snyk App specifically needs to perform operations as an individual user.
### User context
-Authorizing a Snyk App that has the `user` context grants the Snyk App access to perform actions on behalf of the user. The Snyk App will have access to the same set of Organizations and Groups as the installing user, as well as access to any new Snyk Organizations and Groups the user is added to. If the installing user deactivates their account, any installed apps having the `user` context that user has installed will lose access to Snyk.
+Authorizing a Snyk App that has the `user` context grants the Snyk App access to perform actions on behalf of the user. The Snyk App has access to the same set of Organizations and Groups as the installing user, as well as access to any new Snyk Organizations and Groups the user is added to. If the installing user deactivates their account, any installed apps having the `user` context that user has installed lose access to Snyk.
### Tenant context
@@ -48,13 +48,13 @@ You can also navigate directly to the [Authorized Snyk Apps page](https://app.sn
### Revoking a Snyk App from the management UI
-On the Authorized Snyk Apps page, you will see a list of all the Snyk Apps that you have integrated and authorized. The page displays relevant information about each App, including the date when it was authorized.
+On the Authorized Snyk Apps page, you see a list of all the Snyk Apps that you have integrated and authorized. The page displays relevant information about each App, including the date when it was authorized.
-If you wish to revoke access for a particular Snyk App:
+To revoke access for a particular Snyk App:
* Locate the specific App in the list of authorized Apps.
-* Click the **Revoke** button next to the App.
+* Click **Revoke** next to the App.
-Revoking access will prevent the App from further accessing your Snyk account and performing actions on your behalf. This gives you full control over which Apps can interact with your Snyk data and ensures that you can manage your App integrations securely.
+Revoking access prevents the App from further accessing your Snyk account and performing actions on your behalf. This gives you full control over which Apps can interact with your Snyk data and ensures that you can manage your App integrations securely.
By using the Snyk Apps management UI, you can maintain a clear overview of your authorized Apps and make adjustments to their access as needed, enhancing the security and customization of your Snyk experience.
diff --git a/developer-tools/snyk-api/using-specific-snyk-apis/snyk-apps-apis/create-a-snyk-app-using-the-snyk-api.md b/developer-tools/snyk-api/using-specific-snyk-apis/snyk-apps-apis/create-a-snyk-app-using-the-snyk-api.md
index 7c2dffc48572..413bc2e8f15e 100644
--- a/developer-tools/snyk-api/using-specific-snyk-apis/snyk-apps-apis/create-a-snyk-app-using-the-snyk-api.md
+++ b/developer-tools/snyk-api/using-specific-snyk-apis/snyk-apps-apis/create-a-snyk-app-using-the-snyk-api.md
@@ -31,10 +31,10 @@ curl -L \
}'
```
-The request body should contain the details for your new App, including the `name`, `context`, `redirect_uris`, and [`scopes`](scopes-to-request.md).
+The request body must contain the details for your new App, including the `name`, `context`, `redirect_uris`, and [`scopes`](scopes-to-request.md).
The response includes details necessary to complete the integration: `client_id` and `client_secret`. Use these values with Snyk API endpoints within your App; consider storing them as part of the configuration of your App.
{% hint style="info" %}
-Never share the `client_secret` publicly, as it is used to authenticate your App. This is the only time you will see the `client_secret`, so keep it secure and private. If you lose it or if the secret is leaked, you can [rotate your App's clientSecret](manage-app-details.md#rotate-app-clientsecret).
+Never share the `client_secret` publicly, as it is used to authenticate your App. This is the only time you see the `client_secret`, so keep it secure and private. If you lose it or if the secret is leaked, you can [rotate your App's clientSecret](manage-app-details.md#rotate-app-clientsecret).
{% endhint %}
diff --git a/developer-tools/snyk-api/using-specific-snyk-apis/snyk-apps-apis/create-a-snyk-app-using-the-snyk-cli.md b/developer-tools/snyk-api/using-specific-snyk-apis/snyk-apps-apis/create-a-snyk-app-using-the-snyk-cli.md
index 13a9d8d49d0a..e108a0d6da2b 100644
--- a/developer-tools/snyk-api/using-specific-snyk-apis/snyk-apps-apis/create-a-snyk-app-using-the-snyk-cli.md
+++ b/developer-tools/snyk-api/using-specific-snyk-apis/snyk-apps-apis/create-a-snyk-app-using-the-snyk-cli.md
@@ -48,11 +48,11 @@ A comma-separated list of scopes required by your Snyk App. This forms a list of
`--context=`
-The `context` your Snyk App will use when installed.
+The `context` your Snyk App uses when installed.
-Can be either `tenant` or `user`. The default is `tenant` if `context` is not specified.
+Can be either `tenant` or `user`. The default is `tenant` if you do not specify `context`.
-A Snyk App that has the `tenant` context will act as a bot user so it is not tied to any individual user and thus will persist even if the installing user leaves the Snyk Organization. In contrast, a Snyk App that has the `user` context will perform actions as the installing user. Specify the `user` context only if your Snyk App is performing operations that are specific to individual users. If there is any doubt, use `tenant`.
+A Snyk App that has the `tenant` context acts as a bot user, so it is not tied to any individual user and persists even if the installing user leaves the Snyk Organization. In contrast, a Snyk App that has the `user` context performs actions as the installing user. Specify the `user` context only if your Snyk App is performing operations that are specific to individual users. If there is any doubt, use `tenant`.
## Sub-commands of `snyk apps`
diff --git a/developer-tools/snyk-api/using-specific-snyk-apis/snyk-apps-apis/manage-app-details.md b/developer-tools/snyk-api/using-specific-snyk-apis/snyk-apps-apis/manage-app-details.md
index da7296d6bef2..8254d1a1c5f7 100644
--- a/developer-tools/snyk-api/using-specific-snyk-apis/snyk-apps-apis/manage-app-details.md
+++ b/developer-tools/snyk-api/using-specific-snyk-apis/snyk-apps-apis/manage-app-details.md
@@ -30,7 +30,7 @@ The `app_id` path parameter is the `id` in the response to a [`GET` request to t
For details, see the endpoint [Delete an app by its App ID](../../reference/apps.md#orgs-org_id-apps-client_id-2).
-Deleting an App revokes your App credentials and removes all of your App's installations. If you have active users, they will no longer be able to connect to Snyk through the App.
+Deleting an App revokes your App credentials and removes all of your App's installations. If you have active users, they can no longer connect to Snyk through the App.
## Rotate App clientSecret
@@ -62,18 +62,18 @@ Snyk recommends you adopt the following procedure when rotating your secrets:
### Create a clientSecret
-It is recommended that in normal operation you periodically rotate your client secrets. To start the process, send the request body `{"mode": "create"}` to the endpoint which will create a new secret. The returned value of this call will be your app with the newly generated secret. Both the new secret and any existing secrets will be valid until they are manually replaced or deleted. You can also immediately replace a client secret.
+In normal operation, Snyk recommends that you periodically rotate your client secrets. To start the process, send the request body `{"mode": "create"}` to the endpoint, which creates a new secret. The returned value of this call is your app with the newly generated secret. Both the new secret and any existing secrets are valid until they are manually replaced or deleted. You can also immediately replace a client secret.
An App can have a maximum of two active secrets at any time. This endpoint fails with the error `cannot update secrets` if you try to call `create` when you already have the maximum number of secrets active.
### Replace a clientSecret
-In the event that your App's `clientSecret` is leaked, you can generate a new one by using `{"mode": "replace"}`.
+If your App's `clientSecret` is leaked, you can generate a new one by using `{"mode": "replace"}`.
-When you replace your `clientSecret`, your current secret is immediately invalid. Your App will not be able to connect to Snyk until you update the App's configuration with the new secret.
+When you replace your `clientSecret`, your current secret is immediately invalid. Your App cannot connect to Snyk until you update the App's configuration with the new secret.
### Delete a clientSecret
To clean up any unused secrets, call the endpoint with `{"mode": "delete", "secret": "{clientSecret}"}` where `{clientSecret}` is your client secret that you want to delete. This action invalidates the secret immediately so it can no longer be used.
-An App must have at least one active secret; calling delete with your last secret will fail.
+An App must have at least one active secret. Calling delete with your last secret fails.
diff --git a/developer-tools/snyk-api/using-specific-snyk-apis/snyk-apps-apis/prerequisites-for-snyk-apps.md b/developer-tools/snyk-api/using-specific-snyk-apis/snyk-apps-apis/prerequisites-for-snyk-apps.md
index 31508a91691c..e3a6364f5bc2 100644
--- a/developer-tools/snyk-api/using-specific-snyk-apis/snyk-apps-apis/prerequisites-for-snyk-apps.md
+++ b/developer-tools/snyk-api/using-specific-snyk-apis/snyk-apps-apis/prerequisites-for-snyk-apps.md
@@ -2,7 +2,7 @@
To create a Snyk App, you must have access to the Snyk API. To get started, follow the instructions to [authenticate for the API](../../authentication-for-api/).
-You must also retrieve the ID of the Snyk Organization you intend the App to be owned by (your `orgId`). You can get the Organization ID from the Organization settings in the Snyk Web UI or by using the [List accesible organizations](../../reference/orgs.md#get-orgs) endpoint (`https://api.snyk.io/rest/orgs` ) with the Snyk API token in the Authorization header.
+You must also retrieve the ID of the Snyk Organization you intend to own the App (your `orgId`). You can get the Organization ID from the Organization settings in the Snyk Web UI or by using the [List accessible organizations](../../reference/orgs.md#get-orgs) endpoint (`https://api.snyk.io/rest/orgs` ) with the Snyk API token in the Authorization header.
{% hint style="info" %}
Snyk Apps have first-class access to the API, regardless of whether users installing the App have paid for access or not. To take advantage of this feature, Apps must use API endpoints with the domain https://api.snyk.io/ rather than the deprecated `https://snyk.io/api/` to call the API within the App.
diff --git a/developer-tools/snyk-api/using-specific-snyk-apis/snyk-apps-apis/scopes-to-request.md b/developer-tools/snyk-api/using-specific-snyk-apis/snyk-apps-apis/scopes-to-request.md
index ca33acbcf0d4..c837b37be0f2 100644
--- a/developer-tools/snyk-api/using-specific-snyk-apis/snyk-apps-apis/scopes-to-request.md
+++ b/developer-tools/snyk-api/using-specific-snyk-apis/snyk-apps-apis/scopes-to-request.md
@@ -2,12 +2,12 @@
Scopes define the permissions your Snyk App has to perform actions in a user’s account. When a user authorizes your Snyk App to access their Snyk account, they see the list of scopes the App is requesting and then decide whether or not they approve the connection.
-When deciding which scopes your Snyk App will request, consider the actions your App will be performing. It may seem better to request every available scope, but users may refuse to install an App that asks for more permissions than needed. Also, a user installing your App will not be able to complete the authorization process if they do not have all the permissions matching the scopes the App is requesting.
+When deciding which scopes your Snyk App requests, consider the actions your App performs. It can seem better to request every available scope, but users can refuse to install an App that asks for more permissions than needed. Also, a user installing your App cannot complete the authorization process if they do not have all the permissions matching the scopes the App is requesting.
The following lists the **available scopes**.
{% hint style="info" %}
-`org.read` is a mandatory scope and should always be included.
+`org.read` is a mandatory scope and must always be included.
{% endhint %}
| Scope | Description |
@@ -26,7 +26,7 @@ The following lists the **available scopes**.
| `org.project.ignore.edit` | Configure Project ignores |
| `org.project.ignore.delete` | Permanently remove Project ignores |
| `org.project.attributes.edit` | Apply and remove project attributes |
-| `org.project.tag.edit` | Create, apply and remove Project tags |
+| `org.project.tag.edit` | Create, apply, and remove Project tags |
| `org.project.pr.create` | Create fix pull requests for Projects |
| `org.project.pr.skip` | Skip failed security tests on pull requests by marking checks as successful |
| `org.project.jira.issue.read` | View Jira issue information |
diff --git a/developer-tools/snyk-api/using-specific-snyk-apis/snyk-apps-apis/set-up-a-snyk-app-using-the-oauth2-api/quick-setup.md b/developer-tools/snyk-api/using-specific-snyk-apis/snyk-apps-apis/set-up-a-snyk-app-using-the-oauth2-api/quick-setup.md
index 0f51bf73de17..521cf95a42d2 100644
--- a/developer-tools/snyk-api/using-specific-snyk-apis/snyk-apps-apis/set-up-a-snyk-app-using-the-oauth2-api/quick-setup.md
+++ b/developer-tools/snyk-api/using-specific-snyk-apis/snyk-apps-apis/set-up-a-snyk-app-using-the-oauth2-api/quick-setup.md
@@ -5,14 +5,14 @@ Snyk Apps uses the Authorization code with the Proof Key for Code Exchange (PKCE
* Authorization: `/oauth2/authorize`
* Token: `/oauth2/token`
-The Snyk Apps authorization flow should work with any popular OAuth2-compatible client library, providing it supports PKCE.
+The Snyk Apps authorization flow works with any popular OAuth2-compatible client library, providing it supports PKCE.
The basic steps to set up a Snyk App using the OAuth2 API follow:
1. Generate a code verifier and code challenge.
2. Request the authorization code by directing the installing user to `/oauth2/authorize` with the generated code challenge, as well as all other required OAuth2 parameters.
3. The user is asked to approve the request, selecting the Organization or Group to which the Snyk App is being installed.
-4. The user is returned to the redirect URI defined by the Snyk App with an authorization code. You have to extract the authorization code from the user request
+4. The user is returned to the redirect URI defined by the Snyk App with an authorization code. You must extract the authorization code from the user request.
5. Exchange the authorization code for an access token and refresh the token pair, using the code verifier generated in the first step.
The following pages go into more detail about each step.
diff --git a/developer-tools/snyk-api/using-specific-snyk-apis/snyk-apps-apis/set-up-a-snyk-app-using-the-oauth2-api/retrieve-the-app-org-ids.md b/developer-tools/snyk-api/using-specific-snyk-apis/snyk-apps-apis/set-up-a-snyk-app-using-the-oauth2-api/retrieve-the-app-org-ids.md
index d0be440c6b7d..bb63b7e815d4 100644
--- a/developer-tools/snyk-api/using-specific-snyk-apis/snyk-apps-apis/set-up-a-snyk-app-using-the-oauth2-api/retrieve-the-app-org-ids.md
+++ b/developer-tools/snyk-api/using-specific-snyk-apis/snyk-apps-apis/set-up-a-snyk-app-using-the-oauth2-api/retrieve-the-app-org-ids.md
@@ -1,6 +1,6 @@
# Retrieve the App Org IDs
-Users may connect with a single Organization or a single Group. Most of the Snyk API endpoints require an `orgid` in the path, which is used for authorizing the action being performed.
+Users can connect with a single Organization or a single Group. Most of the Snyk API endpoints require an `orgid` in the path, which is used for authorizing the action being performed.
To retrieve the `orgid` that is used by your App, send a GET request to the `orgs` endpoint, [List accessible organizations](../../../reference/orgs.md#get-orgs) at the following URL:
diff --git a/developer-tools/snyk-api/using-specific-snyk-apis/snyk-apps-apis/set-up-a-snyk-app-using-the-oauth2-api/revoke-compromised-refresh-tokens.md b/developer-tools/snyk-api/using-specific-snyk-apis/snyk-apps-apis/set-up-a-snyk-app-using-the-oauth2-api/revoke-compromised-refresh-tokens.md
index f70b7b326053..89fa92bd178c 100644
--- a/developer-tools/snyk-api/using-specific-snyk-apis/snyk-apps-apis/set-up-a-snyk-app-using-the-oauth2-api/revoke-compromised-refresh-tokens.md
+++ b/developer-tools/snyk-api/using-specific-snyk-apis/snyk-apps-apis/set-up-a-snyk-app-using-the-oauth2-api/revoke-compromised-refresh-tokens.md
@@ -1,8 +1,8 @@
# Revoke compromised refresh tokens
-If you believe that a refresh token has been compromised then it is recommended that you revoke that token as soon as possible. This is to prevent misuse of the token to gain access to Snyk systems.
+If you believe that a refresh token has been compromised, Snyk recommends that you revoke that token as soon as possible. This prevents misuse of the token to gain access to Snyk systems.
-To do this issue a POST request to the revoke endpoint:
+To do this, issue a POST request to the revoke endpoint:
```
https://api.snyk.io/oauth2/revoke
@@ -16,4 +16,4 @@ token=(refresh token to be revoked)
&client_secret=(clientSecret from the app creation)
```
-This endpoint will return an empty response on success and the given refresh token will immediately be revoked.
+This endpoint returns an empty response on success, and the given refresh token is immediately revoked.
diff --git a/developer-tools/snyk-api/using-specific-snyk-apis/snyk-apps-apis/set-up-a-snyk-app-using-the-oauth2-api/set-up-the-authorization-code-exchange.md b/developer-tools/snyk-api/using-specific-snyk-apis/snyk-apps-apis/set-up-a-snyk-app-using-the-oauth2-api/set-up-the-authorization-code-exchange.md
index a0b4b1d3a8b1..d7f546babfd5 100644
--- a/developer-tools/snyk-api/using-specific-snyk-apis/snyk-apps-apis/set-up-a-snyk-app-using-the-oauth2-api/set-up-the-authorization-code-exchange.md
+++ b/developer-tools/snyk-api/using-specific-snyk-apis/snyk-apps-apis/set-up-a-snyk-app-using-the-oauth2-api/set-up-the-authorization-code-exchange.md
@@ -21,8 +21,8 @@ grant_type=authorization_code
The response includes details necessary for your app to communicate with the Snyk APIs: `access_token` and `refresh_token`, as well as their expiry.
-Both tokens must be stored in a secured data store. It is highly recommended to encrypt the values before storing them.
+Both tokens must be stored in a secured data store. Snyk highly recommends that you encrypt the values before storing them.
-The `access_token` will be used for future API calls on behalf of the user and Organization. The access-token has a much shorter lifespan than the `refresh_token`.
+The `access_token` is used for future API calls on behalf of the user and Organization. The access-token has a much shorter lifespan than the `refresh_token`.
-The `refresh_token` can be used a single time to get a new `access_token` when it expires. In other words, the `refresh_token` will no longer be usable if its own expiry time passes or if it is used to refresh the `access_token`.
+The `refresh_token` can be used a single time to get a new `access_token` when it expires. In other words, the `refresh_token` is no longer usable if its own expiry time passes or if it is used to refresh the `access_token`.
diff --git a/developer-tools/snyk-api/using-specific-snyk-apis/snyk-apps-apis/set-up-a-snyk-app-using-the-oauth2-api/set-up-the-refresh-token-exchange.md b/developer-tools/snyk-api/using-specific-snyk-apis/snyk-apps-apis/set-up-a-snyk-app-using-the-oauth2-api/set-up-the-refresh-token-exchange.md
index 2583c5e85725..4944eed185f0 100644
--- a/developer-tools/snyk-api/using-specific-snyk-apis/snyk-apps-apis/set-up-a-snyk-app-using-the-oauth2-api/set-up-the-refresh-token-exchange.md
+++ b/developer-tools/snyk-api/using-specific-snyk-apis/snyk-apps-apis/set-up-a-snyk-app-using-the-oauth2-api/set-up-the-refresh-token-exchange.md
@@ -1,6 +1,6 @@
# Set up the refresh token exchange
-As the `access_token` will expire in a short time, the App will need to frequently request a new one using the `refresh_token`. This must be done while the `refresh_token` itself is still valid.
+As the `access_token` expires in a short time, the App needs to frequently request a new one using the `refresh_token`. This must be done while the `refresh_token` itself is still valid.
To exchange for a fresh `access_token`, make a POST request to the token endpoint:
@@ -19,4 +19,4 @@ grant_type=refresh_token
The response to this call provides a new `access_token`, `refresh_token`, and expiry for each.
-Be sure to store the new `refresh_token`, as the old one is now invalid. Be aware that concurrent calls to this endpoint may result in refresh tokens being marked invalid unexpectedly, make sure to only request a new refresh token pair once per given refresh token. If this process fails then a user will need to perform the authorization flow again.
+Be sure to store the new `refresh_token`, as the old one is now invalid. Be aware that concurrent calls to this endpoint can result in refresh tokens being marked invalid unexpectedly. Request a new refresh token pair only once per given refresh token. If this process fails, a user needs to perform the authorization flow again.
diff --git a/developer-tools/snyk-api/using-specific-snyk-apis/snyk-apps-apis/set-up-a-snyk-app-using-the-oauth2-api/set-up-to-authorize-users.md b/developer-tools/snyk-api/using-specific-snyk-apis/snyk-apps-apis/set-up-a-snyk-app-using-the-oauth2-api/set-up-to-authorize-users.md
index d529e7d75a5a..5003cb112c0e 100644
--- a/developer-tools/snyk-api/using-specific-snyk-apis/snyk-apps-apis/set-up-a-snyk-app-using-the-oauth2-api/set-up-to-authorize-users.md
+++ b/developer-tools/snyk-api/using-specific-snyk-apis/snyk-apps-apis/set-up-a-snyk-app-using-the-oauth2-api/set-up-to-authorize-users.md
@@ -2,11 +2,11 @@
When users connect their Snyk account to your App, they must authorize access to their chosen Organization or Group and approve the requested scopes. This process starts when you direct users to the Snyk Apps authorization web page and pass the appropriate parameters: `https://app.snyk.io/oauth2/authorize?response_type=code&client_id={clientId}&redirect_uri={redirectURI}&state={state}&code_challenge={codeChallenge}&code_challenge_method=S256`
-If your Snyk App is configured with multiple redirect URIs, passing `redirect_uri` will select which redirect URI to use. The given value must match exactly one of the values that are defined for your Snyk App. If not specified the first value defined on the Snyk App is used.
+If your Snyk App is configured with multiple redirect URIs, passing `redirect_uri` selects which redirect URI to use. The given value must match exactly one of the values that are defined for your Snyk App. If you do not specify it, the first value defined on the Snyk App is used.
The `state` value is used to carry any App-specific state from this `/authorize` call to the callback on the `redirect_uri` (such as a user’s id). It must be verified in your callback to [prevent CSRF attacks](https://datatracker.ietf.org/doc/html/rfc6749#section-10.12).
-The `code_challenge` value is a URL-safe base64-encoded string of the SHA256 hash of a generated code verifier. This code verifier must be a highly randomised string generated on the app side before calling `/authorize`, the code verifier is sent when exchanging the returned authorization code for an access token. For more information see [Proof Key for Code Exchange by OAuth Public Clients](https://datatracker.ietf.org/doc/html/rfc7636). Note that Snyk Apps only supports `S256` for the code challenge method.
+The `code_challenge` value is a URL-safe base64-encoded string of the SHA256 hash of a generated code verifier. This code verifier must be a highly randomized string generated on the app side before calling `/authorize`. The code verifier is sent when exchanging the returned authorization code for an access token. For more information, see [Proof Key for Code Exchange by OAuth Public Clients](https://datatracker.ietf.org/doc/html/rfc7636). Snyk Apps support only `S256` for the code challenge method.
Authorize access to Organization
diff --git a/developer-tools/snyk-api/using-specific-snyk-apis/snyk-apps-apis/tutorial-create-a-snyk-app/README.md b/developer-tools/snyk-api/using-specific-snyk-apis/snyk-apps-apis/tutorial-create-a-snyk-app/README.md
index e4c4bed06862..0630cb704d06 100644
--- a/developer-tools/snyk-api/using-specific-snyk-apis/snyk-apps-apis/tutorial-create-a-snyk-app/README.md
+++ b/developer-tools/snyk-api/using-specific-snyk-apis/snyk-apps-apis/tutorial-create-a-snyk-app/README.md
@@ -1,10 +1,10 @@
# Tutorial: create a Snyk App
-In this tutorial, we'll create a simple Snyk App using TypeScript to show users a list of their projects within Snyk.
+In this tutorial, we'll create a Snyk App using TypeScript to show users a list of their Projects in Snyk.
## Prerequisites
-* NodeJS
+* Node.js
* A Snyk account
## Configure the basics
@@ -19,7 +19,7 @@ Now that we have a place to save dependency information, use `npm` to install Ty
npm install typescript --save-dev
```
-At this point, TypeScript has been installed, but we'll need a configuration file to provide compilation options to the `tsc` binary. Create a TypeScript configuration file called `tsconfig.json` in the root of the project. Use the template that follows:
+At this point, TypeScript is installed, but we'll need a configuration file to provide compilation options to the `tsc` binary. Create a TypeScript configuration file called `tsconfig.json` in the root of the project. Use the template that follows:
```json
{
@@ -53,7 +53,7 @@ mkdir ./src
## Test it out
-Now that we have the basic parameters in place, we'll create a simple Hello World by creating the file `./src/index.ts`.
+Now that we have the basic parameters in place, we'll create a Hello World by creating the file `./src/index.ts`.
```
const world = 'world';
diff --git a/developer-tools/snyk-api/using-specific-snyk-apis/snyk-apps-apis/tutorial-create-a-snyk-app/configuring-express.js.md b/developer-tools/snyk-api/using-specific-snyk-apis/snyk-apps-apis/tutorial-create-a-snyk-app/configuring-express.js.md
index 80b70f613706..fecab26ce83e 100644
--- a/developer-tools/snyk-api/using-specific-snyk-apis/snyk-apps-apis/tutorial-create-a-snyk-app/configuring-express.js.md
+++ b/developer-tools/snyk-api/using-specific-snyk-apis/snyk-apps-apis/tutorial-create-a-snyk-app/configuring-express.js.md
@@ -2,7 +2,7 @@
## Set up Express to serve the application
-So far, we've configured our project directories, set the TypeScript compiler options, and created a very simple TypeScript application to print out `Hello World`.
+So far, we've configured our project directories, set the TypeScript compiler options, and created a TypeScript application to print out `Hello World`.
In this section, we'll expand our application by adding `ExpressJS` to serve our application and configure middleware to handle different kinds of requests.
@@ -32,7 +32,7 @@ npm install --save-dev \
> This tutorial makes use of Object-oriented programming (OOP) concepts. If you aren't familiar with OOP, refer to [this MDN page](https://developer.mozilla.org/en-US/docs/Learn/JavaScript/Objects/Object-oriented\_JS) for a brief primer.
-To begin, create a new file to house the application code we'll be working on in this portion of the tutorial. If you've just come from the previous module where we configured a simple 'Hello world' app, you can leave your `index.ts` file alone; we'll come back to it.
+To begin, create a new file to house the application code we'll be working on in this portion of the tutorial. If you have come from the previous module where we configured a 'Hello world' app, you can leave your `index.ts` file alone. We'll come back to it.
```bash
touch ./src/app.ts
@@ -40,9 +40,9 @@ touch ./src/app.ts
Add an import statement for Express and its TypeScript type / interface definitions at the top of the new file (`./src/app.ts`), then create an `App` class to house all the related functions and configuration required to run our application.
-The class constructor will initialize Express on port 3000 when the class is instantiated. We'll create a private function `listen()` for the constructor to call which will handle the actual start of the Express server.
+The class constructor initializes Express on port 3000 when the class is instantiated. We'll create a private function `listen()` for the constructor to call, which handles the start of the Express server.
-Don't forget to export the class at the bottom, we'll need it later.
+Remember to export the class at the bottom. We'll need it later.
```typescript
import express from 'express';
@@ -71,15 +71,15 @@ class App {
export default App;
```
-Test the new file using `npx tsc` and ensure an `app.js` file is successfully created in the `./dist` directory. If there are no errors, great! You're ready to start adding routes.
+Test the new file using `npx tsc` and ensure an `app.js` file is created in the `./dist` directory. If there are no errors, you're ready to start adding routes.
## Basic routes
Express will listen to any request on our given port, but it doesn't know _what to do_ when it receives a request. We need to tell Express _how_ to handle the various types of requests it might receive. How you configure this depends heavily on the architecture of your application, and which routes / pages you expect your app to respond to when hit.
-For this tutorial, we'll keep things simple. Since our end goal is to provide users with a list of their projects within Snyk, assume we'll want at least two routes: an index route (`/`) to handle any initial connections and a projects route (`/projects`) to present the data from Snyk.
+For this tutorial, we'll keep things simple. Since our end goal is to provide users with a list of their Projects in Snyk, assume we'll want at least two routes: an index route (`/`) to handle any initial connections and a projects route (`/projects`) to present the data from Snyk.
-To keep our project organized, we'll create a `routes` directory to house our collection of routes and we'll give each route its own subdirectory which will contain the main controller file for the route and any extras we might need.
+To keep our project organized, we'll create a `routes` directory to house our collection of routes, and we'll give each route its own subdirectory that contains the main controller file for the route and any extras we need.
We'll focus on the index route for this module:
@@ -88,9 +88,9 @@ mkdir -p ./src/routes/index
touch ./src/routes/index/indexController.ts
```
-Before we start working on the index controller, we should also create a [TypeScript interface](https://www.typescriptlang.org/docs/handbook/interfaces.html) definition to describe a common shape for controller data. This will help keep our controllers consistent and allow TypeScript to warn us early if a controller is missing something important.
+Before we start working on the index controller, we should also create a [TypeScript interface](https://www.typescriptlang.org/docs/handbook/interfaces.html) definition to describe a common shape for controller data. This keeps our controllers consistent and lets TypeScript warn us early if a controller is missing something important.
-Let's use a similar separation pattern to the one we decided on for routes. Since interface definitions in TypeScript are typically self-contained and descriptive, we'll skip creating a directory for each definition and store any interface files we create as siblings:
+Let's use a separation pattern similar to the one we decided on for routes. Since interface definitions in TypeScript are typically self-contained and descriptive, we'll skip creating a directory for each definition and store any interface files we create as siblings:
```bash
mkdir -p ./src/interfaces
@@ -139,7 +139,7 @@ Here we've imported a handful of TypeScript type/interface definitions as well a
We've set our `IndexController` to respond to `/` requests with the `indexPage` function, which renders 'index', but our App class doesn't yet have a way to register the route when it instantiates. Let's go back to our `./src/app.ts` file and add an `initRoutes()` function to establish that.
-We'll also modify the App's constructor function to take an array of Controllers and a port value as arguments.
+We'll also modify the constructor function for the App to take an array of Controllers and a port value as arguments.
Edit `./src/app.ts` and update the contents to match the following:
@@ -180,15 +180,15 @@ export default App;
## Running the Express server
-So far, we've created an App class that, when instantiated, will run an Express server that responds to requests at `/` and we've added an interface definition to ensure all our controllers follow the same data pattern.
+So far, we've created an App class that, when instantiated, runs an Express server that responds to requests at `/`, and we've added an interface definition to ensure all our controllers follow the same data pattern.
-Let's run our project and try it out!
+Let's run our project and try it out.
-If you run the compiled `./dist/app.js` at this point, nothing interesting happens. This is because we've yet to instantiate our exported class. In the previous module, we initialized our `package.json`. During that command, we were presented with questions pertaining to our app. One of the questions asked what our project's entrypoint was. If you were following along and selected the default value, this should be set to `index.js` in your `package.json`. This entrypoint is where we'll instantiate the App class.
+If you run the compiled `./dist/app.js` at this point, nothing interesting happens. This is because we've yet to instantiate our exported class. In the previous module, we initialized our `package.json`. During that command, questions about our app appeared. One of the questions asked what our project's entrypoint was. If you were following along and selected the default value, this should be set to `index.js` in your `package.json`. This entrypoint is where we'll instantiate the App class.
Edit `./src/index.ts` (where we had that hello world code) and clear it out if there's any content left over, then add import statements for our App and other required objects.
-Our entrypoint will only do one thing, instantiate the App class with the `new` keyword:
+Our entrypoint does only one thing, instantiate the App class with the `new` keyword:
```typescript
import IndexController from './routes/indexController';
@@ -202,16 +202,14 @@ new App(
);
```
-That's it!
-
-Build the project using `npx tsc` then run the compiled entrypoint with `node`:
+Build the project using `npx tsc`, then run the compiled entrypoint with `node`:
```bash
npx tsc && node ./dist/index.js
```
-Provided everything was successful, you'll see the message `App listening on port: 3000` in the console.
+When everything is successful, you'll see the message `App listening on port: 3000` in the console.
-Now visit http://localhost:3000 in your browser or use curl to check the response. If you see `index route!`, then congratulations! Express is serving the application and responding to routes!
+Now visit http://localhost:3000 in your browser or use curl to check the response. If you see `index route!`, Express is serving the application and responding to routes.
-In the next module of this tutorial, we'll dive deeper into routes and authentication and start working with the Snyk API.
+In the next module of this tutorial, we'll go deeper into routes and authentication and start working with the Snyk API.
diff --git a/developer-tools/snyk-api/using-specific-snyk-apis/snyk-apps-apis/tutorial-create-a-snyk-app/register-the-app-and-configure-user-authorization.md b/developer-tools/snyk-api/using-specific-snyk-apis/snyk-apps-apis/tutorial-create-a-snyk-app/register-the-app-and-configure-user-authorization.md
index 33a7f2fe9d3a..b3dcf363238b 100644
--- a/developer-tools/snyk-api/using-specific-snyk-apis/snyk-apps-apis/tutorial-create-a-snyk-app/register-the-app-and-configure-user-authorization.md
+++ b/developer-tools/snyk-api/using-specific-snyk-apis/snyk-apps-apis/tutorial-create-a-snyk-app/register-the-app-and-configure-user-authorization.md
@@ -1,10 +1,10 @@
# Register the App and configure user authorization
-In the previous sections of this tutorial, we set up our TypeScript project, added an Express server, and configured some basic routing. We'll be building on top of the project we created in the previous sections. It is highly recommended that you complete the previous portions of this tutorial before continuing if you have not done so already.
+In the previous sections of this tutorial, we set up our TypeScript project, added an Express server, and configured some basic routing. We'll be building on top of the project we created in the previous sections. Snyk recommends that you complete the previous portions of this tutorial before continuing if you have not done so already.
## Creating and registering a Snyk App
-We've made some good progress with our TypeScript application so far, but at the moment, that's all it is - a TypeScript application. To turn it into a bonafide Snyk App, we'll need to register our project as a new App using Snyk's API
+We've made good progress with our TypeScript application so far, but at the moment, that's all it is - a TypeScript application. To turn it into a bonafide Snyk App, we'll need to register our project as a new App using the Snyk API.
### Prerequisites
@@ -14,7 +14,7 @@ We've made some good progress with our TypeScript application so far, but at the
### Obtaining an `orgid`
-There are two methods for retrieving an `orgid`. The first is to log in to your Snyk account and visit the Organization settings page of the Organization for which you wish to retrieve the ID. The path to the Organization settings page is:
+There are two methods for retrieving an `orgid`. The first is to log in to your Snyk account and visit the Organization settings page of the Organization for which you want to retrieve the ID. The path to the Organization settings page is:
```
https://app.snyk.io/org/{your-org-name}/manage/settings
@@ -28,21 +28,21 @@ Snyk Apps have first-class access to the API, regardless of whether users instal
### Registering our app with Snyk
-Registration of a new Snyk App is performed through a simple POST request to Snyk's API. While we could configure the App we've been building throughout this tutorial to perform the request, we'll instead make the request directly using `curl` to avoid creating a function that can only be run a single time.
+You register a new Snyk App through a POST request to the Snyk API. While we could configure the App we've been building throughout this tutorial to perform the request, we'll instead make the request directly using `curl` to avoid creating a function that can only be run a single time.
The body of the request requires the following details:
* `name`: The name of the Snyk App
-* `redirectUris`: The accepted callback location(s) during end-user authentication
-* `scopes`: The account permissions the Snyk App will ask a user to grant
+* `redirectUris`: The accepted callback locations during end-user authentication
+* `scopes`: The account permissions the Snyk App asks a user to grant
-A note on scopes: Once registered, Snyk Apps scopes cannot currently be changed. The only recourse is deleting the Snyk App using the [Delete App](../../../reference/apps.md#orgs-org_id-apps-creations-app_id-2) API endpoint and registering the app again as a new Snyk App.
+A note on scopes: after registration, Snyk Apps scopes cannot be changed. The only recourse is deleting the Snyk App using the [Delete App](../../../reference/apps.md#orgs-org_id-apps-creations-app_id-2) API endpoint and registering the app again as a new Snyk App.
-At the time of this writing, **Snyk Apps is still in beta**. At the moment, t**here is only one available scope: `apps:beta`**. This scope **allows** the App to test and monitor existing projects, as well as read information about Snyk Organizations, existing Projects, issues, and reports.
+At the time of this writing, **Snyk Apps is still in beta**. There is only one available scope: **`apps:beta`**. This scope **lets** the App test and monitor existing Projects, as well as read information about Snyk Organizations, existing Projects, issues, and reports.
-One of the **limitations of the Snyk Apps beta** is that **a Snyk App may be authorized only by users who have administrator access to the Organization to which the Snyk App is registered**.
+One of the **limitations of the Snyk Apps beta** is that **only users who have administrator access to the Organization to which the Snyk App is registered can authorize a Snyk App**.
-With your API token and `orgid` in hand, perform the following command in your terminal, substituting the values as necessary. For this tutorial, use `http://localhost:3000/callback` for the `redirectUris` value.
+With your API token and `orgid` in hand, run the following command in your terminal, substituting the values as necessary. For this tutorial, use `http://localhost:3000/callback` for the `redirectUris` value.
{% hint style="info" %}
You can avoid inputting your API Token and other secrets directly into your shell by adding them as export statements in a file and sourcing the file to set them as environment variables.
@@ -63,13 +63,13 @@ curl --include \
The response from Snyk contains two important values needed to complete our Snyk App's integration: `clientId` and `clientSecret`. Store these values somewhere safe. This is the only time you will see your `clientSecret` from Snyk. As a warning, **never share your `clientSecret` publicly**. This is used to authenticate your App with Snyk.
-Now that we've registered the app as a Snyk App, we can start adjusting our TypeScript project to allow users to authorize it.
+Now that we've registered the app as a Snyk App, we can start adjusting our TypeScript project to let users authorize it.
## User authorization with a Snyk App
-User authentication for Snyk Apps is done by way of a webpage URL containing query parameters that match up with our Snyk App's data. We'll need to replace the query parameter values in this URL and send users to the final link in a web browser. From there they can grant account access to the Snyk App.
+User authentication for Snyk Apps works by way of a webpage URL containing query parameters that match up with the data for our Snyk App. We'll need to replace the query parameter values in this URL and send users to the final link in a web browser. From there they can grant account access to the Snyk App.
-After access has been provisioned, the user will be kicked back to our app's registered `callbackURL`, which we defined as `http://localhost:3000/callback`.
+After access is provisioned, the user returns to our app's registered `callbackURL`, which we defined as `http://localhost:3000/callback`.
Essentially, our app needs to generate a link like the following and then send the user to it when it's time to authorize:
@@ -77,13 +77,13 @@ Essentially, our app needs to generate a link like the following and then send t
https://app.snyk.io/oauth2/authorize?response_type=code&client_id={clientId}&redirect_uri={redirectURI}&state={state}&code_challenge={codeChallenge}&code_challenge_method=S256
```
-Though some of the query parameters may be somewhat obvious, we will go over them. We're going to modify our Snyk App to generate this URL for our users.
+Though some of the query parameters may be obvious, we will go over them. We're going to modify our Snyk App to generate this URL for our users.
-* `redirect_uri`: Optional values must match one of the values sent with our registration command from [Registering our app with Snyk](register-the-app-and-configure-user-authorization.md#registering-our-app-with-snyk). If not passed then the first value on the Snyk App is assumed.
-* `state`: This is used to carry any App-specific state from this `/authorize` call to the callback on the `redirect_uri` (such as a user's ID). It must be verified in our callback to [prevent CSRF attacks](https://datatracker.ietf.org/doc/html/rfc6749#section-10.12).
+* `redirect_uri`: Optional values must match one of the values sent with our registration command from [Registering our app with Snyk](register-the-app-and-configure-user-authorization.md#registering-our-app-with-snyk). If not passed, the first value on the Snyk App is assumed.
+* `state`: This carries any App-specific state from this `/authorize` call to the callback on the `redirect_uri` (such as a user's ID). You must verify it in our callback to [prevent CSRF attacks](https://datatracker.ietf.org/doc/html/rfc6749#section-10.12).
* `code_challenge`: A URL-safe base64-encodes string of the SHA256 hash of a code verifier. The code verifier is a highly randomized string stored alongside the app side before calling `/authorize`, then sent when exchanging the returned authorization code for a token pair. This is part of Proof Key for Code Exchange (PKCE) which helps prevent authorization code interception attacks.
-Once a connection is complete, the user is redirected to the provided redirect URI (our `/callback` route in this case) with query string parameters `code` and `state` added on, which are necessary for the next steps of authorization.
+After a connection is complete, the user is redirected to the provided redirect URI (our `/callback` route in this case) with query string parameters `code` and `state` added on, which are necessary for the next steps of authorization.
That next step involves taking the authorization code received as a query parameter in the response of the previous step and turning it into an _access token_. To do this, a Snyk App makes a POST request to the token endpoint: `https://api.snyk.io/oauth2/token`. That POST request needs some specific data in its request body, including the _authorization code_, `client id`, `client secret`, `code_verifier` and so on.
@@ -106,9 +106,9 @@ Based on the preceding information, our Snyk App has some new requirements. We w
5. Refresh those authorization tokens.
6. Handle errors and inform users of authorization success or failure.
-From here on, we'll be doing a lot of refactoring in our Snyk App and we'll be jumping into a number of different files. To help make the process easier to follow, this tutorial uses the convention of adding a commented filepath to the first line of code snippets, describing where they belong. In your own code; these comments aren't necessary.
+From here on, we'll be doing a lot of refactoring in our Snyk App and we'll be jumping into a number of different files. To help make the process easier to follow, this tutorial uses the convention of adding a commented filepath to the first line of code snippets, describing where they belong. In your own code, these comments aren't necessary.
-We'll also add a number of new packages to help address our new requirements. For convenience, go ahead and run the following in the root of your Project:
+We'll also add a number of new packages to help address our new requirements. For convenience, run the following in the root of your Project:
```bash
npm install --save passport \
@@ -138,7 +138,7 @@ npm install --save-dev @types/cryptr \
#### Application configuration
-Application config (for example, client secrets, api tokens, other config, and so on) should generally be stored securely and kept outside of the App itself. However, for brevity, this tutorial adds the configuration info as exportable constants in the `App.ts` file and leaves the actual implementation details to you. These are values that the Snyk App references in many different places.
+Application config (for example, client secrets, api tokens, and other config) should generally be stored securely and kept outside of the App itself. However, for brevity, this tutorial adds the configuration info as exportable constants in the `App.ts` file and leaves the implementation details to you. These are values that the Snyk App references in many different places.
```typescript
// ./src/app.ts
@@ -294,11 +294,11 @@ export async function updateDb(
### Prepare for API calls
-Earlier, we installed the popular `axios` package to handle API calls. We know that we'll need to make some repetitive calls to the same API, so we abstract some helper functions to make our code easily re-usable across the project. Create an `APIHelpers.ts` file in the `util` directory.
+Earlier, we installed the popular `axios` package to handle API calls. We know that we'll need to make some repetitive calls to the same API, so we abstract some helper functions to make our code reusable across the project. Create an `APIHelpers.ts` file in the `util` directory.
-Before we fill that out, take note that while we are consistently hitting Snyk's API, we'll likely need to make requests against multiple versions of the API, depending on the endpoint's status in the migration from Snyk API v1 to Snyk REST API. One way we can handle this is by defining a TypeScript Enum and within our functions, swapping any necessary query parameters by comparing an argument to the enum's possible values.
+Before we fill that out, take note that while we are consistently hitting the Snyk API, we'll likely need to make requests against multiple versions of the API, depending on the endpoint's status in the migration from Snyk API v1 to Snyk REST API. One way we can handle this is by defining a TypeScript Enum and, within our functions, swapping any necessary query parameters by comparing an argument to the enum's possible values.
-Add the following content to a new file, or to `APIHelpers.ts` if you prefer; just make sure to export it for later use.
+Add the following content to a new file, or to `APIHelpers.ts` if you prefer. Make sure to export it for later use.
```typescript
// ./interfaces/API.ts
@@ -333,7 +333,7 @@ export function callSnykApi(tokenType: string, token: string, version: APIVersio
}
```
-Because this function is an `AxiosInstance`, we can easily talk to the API's different endpoints by calling `.get()`, `.post()`, or any other methods usually available to such an object.
+Because this function is an `AxiosInstance`, we can talk to the API's different endpoints by calling `.get()`, `.post()`, or any other methods usually available to such an object.
We will see it in action by defining a second async function to retrieve our Snyk Apps' Organization ID:
@@ -407,7 +407,7 @@ export class EncryptDecrypt {
We've laid the groundwork; now it's time to start doing things.
-As discussed in a previous section, our app needs to send would-be authorizers to a specific token URL. We'll add an `/auth` route in our Snyk App and add some authentication middleware to Express. For this, we'll use the excellent [passportjs](https://www.passportjs.org), the [passport-oauth2](https://www.passportjs.org/packages/passport-oauth2/) authentication strategy, along with Snyk's [@snyk/passport-snyk-oauth2](https://www.npmjs.com/package/@snyk/passport-snyk-oauth2). `passport` and its friends handle a large portion of what would otherwise be a lengthy and complicated authentication process.
+As discussed in a previous section, our app needs to send would-be authorizers to a specific token URL. We'll add an `/auth` route in our Snyk App and add some authentication middleware to Express. For this, we'll use [passportjs](https://www.passportjs.org), the [passport-oauth2](https://www.passportjs.org/packages/passport-oauth2/) authentication strategy, along with the Snyk package [@snyk/passport-snyk-oauth2](https://www.npmjs.com/package/@snyk/passport-snyk-oauth2). `passport` and its friends handle a large portion of what would otherwise be a lengthy and complicated authentication process.
Because `passport` takes its encapsulation philosophy seriously, we'll need to handle everything else about the auth process. We need to set up an instance of the passport strategy we'll be using. We'll put our database helpers from earlier to use here as well, adding an entry into our database when we receive successful authorization.
@@ -571,7 +571,7 @@ touch ./src/routes/callback/callbackController.ts
The `AuthController` handles authentication of the App via the previously described authorization flow. This is the third step of `passport` setup. Every controller class implements the controller interface which has two members: the path and the router.
-This controller handles the `/auth` route, which is what we'll use to send users (via `passport`) to the Snyk website for authorization approval.
+This controller handles the `/auth` route, which is what we'll use to send users (through `passport`) to the Snyk website for authorization approval.
```typescript
// ./src/routes/auth/authController.ts
@@ -602,7 +602,7 @@ class AuthController implements Controller {
export default AuthController;
```
-Once a user approves authorization to our Snyk App via the Snyk website, the user is kicked back to our callback URI, `/callback`. We'll handle this route similarly, invoking passport again. This is the final step of user authorization.
+After a user approves authorization to our Snyk App through the Snyk website, the user returns to our callback URI, `/callback`. We'll handle this route similarly, invoking passport again. This is the final step of user authorization.
The `CallbackController` accepts requests on `/callback`, but also creates two sub-routes, `/callback/success` and `/callback/failure`, to handle the different possible outcomes it might receive from Snyk.
@@ -670,7 +670,7 @@ new App([
### Refresh token management
-If we build and run our Snyk App at this point, hitting the `/auth` route will successfully jump us out to the Snyk authorization portal and, provided we confirm the authorization, we'll get kicked back to our local app's callback route at `/callback`. If we had a very simplistic, one-off use case, we could end things here. But there's one more piece of the puzzle we should figure out if we're going to keep our user's authorization fresh; that is token expiry.
+If we build and run our Snyk App at this point, hitting the `/auth` route jumps us out to the Snyk authorization portal and, after we confirm the authorization, we return to our local app's callback route at `/callback`. If we had a simplistic, one-off use case, we could end things here. But there's one more piece of the puzzle we should figure out if we're going to keep our user's authorization fresh, that is token expiry.
If you ran the app to test things, take a look at database entries. If you've been following along, you should see something like this:
@@ -695,7 +695,7 @@ That `expires_in` value will continue to count down until 0. If it does, the use
To keep our access token from going stale, we need to make a POST request using our `refresh_token` to get an updated `access_token`. See [Set up the refresh token exchange](../set-up-a-snyk-app-using-the-oauth2-api/set-up-the-refresh-token-exchange.md).
-We can automate this process in our Snyk App by utilizing [Axios interceptors](https://axios-http.com/docs/interceptors) to _intercept_ the requests we make and ensure we have an up-to-date `access_token`.
+We can automate this process in our Snyk App by using [Axios interceptors](https://axios-http.com/docs/interceptors) to _intercept_ the requests we make and ensure we have an up-to-date `access_token`.
Create the file `./src/util/interceptors.ts`, importing all the packages, classes, and so on that we'll need at the top:
@@ -802,7 +802,7 @@ async function refreshAndUpdateDb(data: AuthData): Promise {
}
```
-With our interceptors defined, the only thing we need to do is update our `callSnykApi` function to utilize them. Interceptors are methods of the `axiosInstance` object, so we'll add them after the `axios.create()` call and before the function's `return`.
+With our interceptors defined, the only thing we need to do is update our `callSnykApi` function to use them. Interceptors are methods of the `axiosInstance` object, so we'll add them after the `axios.create()` call and before the function's `return`.
```typescript
// ./src/util/APIHelpers.ts
@@ -837,6 +837,6 @@ export function callSnykApi(tokenType: string, token: string, version: APIVersio
## Wrap-up
-If you've made it this far, congratulations! You've learned how to register a Snyk App with Snyk, configure the authorization flow, keep the `auth_token` from getting stale, and set up a great starting point using TypeScript.
+You've now learned how to register a Snyk App with Snyk, configure the authorization flow, keep the `auth_token` from getting stale, and set up a starting point using TypeScript.
-In the next module of this tutorial, we'll add a template system and configure our app to show users all of their projects from Snyk in our App.
+In the next module of this tutorial, we'll add a template system and configure our app to show users all of their Projects from Snyk in our App.
diff --git a/developer-tools/snyk-api/using-specific-snyk-apis/snyk-apps-apis/tutorial-create-a-snyk-app/render-content-for-users.md b/developer-tools/snyk-api/using-specific-snyk-apis/snyk-apps-apis/tutorial-create-a-snyk-app/render-content-for-users.md
index 773329bc6df6..910de03aa28c 100644
--- a/developer-tools/snyk-api/using-specific-snyk-apis/snyk-apps-apis/tutorial-create-a-snyk-app/render-content-for-users.md
+++ b/developer-tools/snyk-api/using-specific-snyk-apis/snyk-apps-apis/tutorial-create-a-snyk-app/render-content-for-users.md
@@ -1,12 +1,12 @@
# Render content for users
-In the previous module, we covered registering our Snyk App, setting up the authorization flow, and handling user authorization within our App. All of those topics are integral to the functionality of every Snyk App, but they're all what you might call "behind the scenes" topics.
+In the previous module, we covered registering our Snyk App, setting up the authorization flow, and handling user authorization in our App. All of those topics are integral to the functionality of every Snyk App, but they're all what you might call "behind the scenes" topics.
-In this module, we'll switch gears to focus on displaying content to the users who have authorized with our Snyk App. Specifically, we want to show unauthorized users a big button they can click to authorize and authorized users a list of their projects from Snyk.
+In this module, we'll focus on displaying content to the users who have authorized with our Snyk App. Specifically, we want to show unauthorized users a button they can click to authorize and authorized users a list of their Projects from Snyk.
## Add a template engine to the Snyk App
-While Express is perfectly capable of printing content to the screen and even rendering HTML server-side, life is much easier when using a template engine. For this tutorial we are using [EJS](https://ejs.co).
+While Express is capable of printing content to the screen and even rendering HTML server-side, life is much easier when using a template engine. For this tutorial we are using [EJS](https://ejs.co).
First, install the node packages needed in this part of the tutorial:
@@ -50,7 +50,7 @@ class App {
}
```
-For each route that we'll provide a template for, we'll need to modify the corresponding controller and ensure that we're using `res.render("")` rather than something more simplistic like `res.send()`.
+For each route that we'll provide a template for, we'll need to modify the corresponding controller and ensure that we're using `res.render("")` rather than something simpler like `res.send()`.
Example:
@@ -68,8 +68,6 @@ private indexPage(req: Request, res: Response, next: NextFunction) {
...
```
-That's all there is to it.
-
EJS templates support the concept of partial inclusion. While not strictly necessary, it makes sense to add a subdirectory to our `./src/views` to differentiate partial templates like headers and footers from route templates. For the tutorial, we'll use `./src/views/partials` to store such templates.
## Basic EJS templates
@@ -140,13 +138,13 @@ This `index.ejs` template will cover our basic `/` route.
These templates should be enough to get you started adding your own templates to any new routes you create. If you intend to continue using EJS, refer to the documentation for information about the features offered.
-Rendering content for your Snyk App can be as simple or complex as you'd like it to be. Because we're dealing with JavaScript, the options are very flexible!
+Rendering content for your Snyk App can be as simple or complex as you'd like it to be. Because we're dealing with JavaScript, the options are flexible.
## Showing users a list of projects
-Now that we have some basic templates, take a look at how we can add some functionality to our Snyk App using a User's Snyk data. For this tutorial, we set up our app to allow users to view all of their projects within Snyk from within our app.
+Now that we have some basic templates, take a look at how we can add some functionality to our Snyk App using a user's Snyk data. For this tutorial, we set up our app to let users view all of their Projects in Snyk from within our app.
-This is a basic and easily extendable feature.
+This is a basic and extendable feature.
We need to create:
@@ -154,7 +152,7 @@ We need to create:
* A function (or functions) to pull the project data
* An EJS template for showing the projects
-We start with the API work, using the `callSnykApi()` function we created in the previous module. Since this directly relates to a particular route, we'll store this file with its controller. Following the pattern we've used throughout these tutorial modules, we'll create both files at `./src/routes/projects/`.
+We start with the API work, using the `callSnykApi()` function we created in the previous module. Since this directly relates to a particular route, we'll store this file with its controller. Following the pattern we've used throughout these tutorial modules, we'll create both files in `./src/routes/projects/`.
```typescript
// ./src/routes/projects/projectsHandler.ts
@@ -269,4 +267,4 @@ new App([
Using the project's API handler and controller we created in this module, you should have all you need to create your own custom code and make your Snyk App do whatever you'd like it to do.
-We used the v1 API but keep an eye on Snyk's REST API. As additional features are added, you may find new or more efficient endpoints to use in your Snyk App.
+We used the v1 API, but keep an eye on the Snyk REST API. As Snyk adds features, you may find new or more efficient endpoints to use in your Snyk App.
diff --git a/developer-tools/snyk-api/using-specific-snyk-apis/webhooks-apis/about-webhooks.md b/developer-tools/snyk-api/using-specific-snyk-apis/webhooks-apis/about-webhooks.md
index 6f1d7c4751d3..7c04b4cf2cf8 100644
--- a/developer-tools/snyk-api/using-specific-snyk-apis/webhooks-apis/about-webhooks.md
+++ b/developer-tools/snyk-api/using-specific-snyk-apis/webhooks-apis/about-webhooks.md
@@ -4,7 +4,7 @@
The Webhooks API is in beta. While the API is in beta, Snyk may change the API and the structure of webhook payloads at any time, without notice. During this beta, Webhooks are available only in the Snyk US-01, US-02, EU-01, and AU-01 regions.
{% endhint %}
-Webhooks allow you to be notified of Snyk system events, enabling you to build notifications and react to changes in your projects. The current implementation supports events for recurring scans of open source and container image related projects.
+Webhooks notify you of Snyk system events, so you can build notifications and react to changes in your Projects. The current implementation supports events for recurring scans of open source and container image related Projects.
When events are triggered, Snyk sends HTTP POST requests to URLs you have configured for those events, with all the information you need.
@@ -12,17 +12,17 @@ When events are triggered, Snyk sends HTTP POST requests to URLs you have config
### Notifications
-Receive instant notifications/alerts in your organization's business communication/collaboration software.
+Receive instant notifications and alerts in your organization's business communication and collaboration software.
-### Incident Response
+### Incident response
-Respond to critical issues before they impact your business. Embrace modern incident management and Snyk to stay ahead of application security. Read more about this use case in the blog ["Shifting left security incident management with the Snyk & Opsgenie integration"](https://snyk.io/blog/security-incident-management-snyk-opsgenie-integration/).
+Respond to critical issues before they impact your business. Embrace modern incident management and Snyk to stay ahead of application security. Read more about this use case in the blog ["Shifting left security incident management with the Snyk and Opsgenie integration"](https://snyk.io/blog/security-incident-management-snyk-opsgenie-integration/).
### Security Information and Event Management (SIEM)
-Get real-time security alerts aggregated across various sources into a single platform. Read more about Snyk's partnership with Rapid7 and how together we help organizations mitigate security risks.
+Get real-time security alerts aggregated across various sources into a single platform. Read more about the Snyk partnership with Rapid7 and how together we help organizations mitigate security risks.
-### Vulnerability Management and Aggregation
+### Vulnerability management and aggregation
Browse the various [Snyk Partner integrations](../../../integrations/partner-integrations.md) for a comprehensive list of solutions.
@@ -32,13 +32,13 @@ Webhooks can only be configured for URLs using the HTTPS protocol. HTTP is not a
## Request signing
-When creating a webhook, you must provide a secret - this is a string that only you know that we will use to sign our transports to you so that you can ensure they come from Snyk. Your secret should be:
+When creating a webhook, you must provide a secret - this is a string that only you know and that Snyk uses to sign transports to you so that you can ensure they come from Snyk. Your secret should be:
* A random string with high entropy
-* Not be used for anything else
-* Only known to Snyk and your webhook transport consuming code
+* Not used for anything else
+* Known only to Snyk and your webhook transport consuming code
-All transports sent to your webhooks will have a `X-Hub-Signature` header, which contains the hash signature for the transport. The signature is a HMAC hexdigest of the request body, generated using sha256 and your secret as the HMAC key.
+All transports sent to your webhooks have a `X-Hub-Signature` header, which contains the hash signature for the transport. The signature is an HMAC hexdigest of the request body, generated using sha256 and your secret as the HMAC key.
{% hint style="info" %}
`X-Hub-Signature` always starts with `sha256=`
diff --git a/developer-tools/snyk-api/using-specific-snyk-apis/webhooks-apis/guides-to-webhooks/how-to-use-snyk-webhooks-to-connect-snyk-to-slack-with-aws-lambda/README.md b/developer-tools/snyk-api/using-specific-snyk-apis/webhooks-apis/guides-to-webhooks/how-to-use-snyk-webhooks-to-connect-snyk-to-slack-with-aws-lambda/README.md
index 0b4b0d25f06d..44e66ac0fa36 100644
--- a/developer-tools/snyk-api/using-specific-snyk-apis/webhooks-apis/guides-to-webhooks/how-to-use-snyk-webhooks-to-connect-snyk-to-slack-with-aws-lambda/README.md
+++ b/developer-tools/snyk-api/using-specific-snyk-apis/webhooks-apis/guides-to-webhooks/how-to-use-snyk-webhooks-to-connect-snyk-to-slack-with-aws-lambda/README.md
@@ -2,7 +2,7 @@
You can use Snyk Webhooks alongside a Lambda function to receive and filter new vulnerabilities discovered by Snyk in your Slack.
-Exposing the Lambda function to Snyk Webhooks is covered through two options, API Gateway and a Lambda Function URL. Choose the variant that suits your needs and environment the best. If you are not using API Gateway, you may disregard any of those instructions in this guide.
+This guide covers two options for exposing the Lambda function to Snyk Webhooks: API Gateway and a Lambda Function URL. Choose the variant that best suits your needs and environment. If you are not using API Gateway, you can disregard those instructions in this guide.
The **prerequisites** are as follows:
@@ -18,7 +18,7 @@ The Snyk Webhook, AWS Lambda function, and Slack notification **work as follows*
* Each time Snyk discovers a new vulnerability, it triggers the Snyk API Webhook.
* That triggers the Lambda function to send notifications to Slack. The goal of the Lambda function is to filter these notifications and customize the Slack payload to show the information that is interesting to you.
-* When you receive the Slack notification you can act on the newly discovered vulnerability.
+* When you receive the Slack notification, you can act on the newly discovered vulnerability.
This guide **explains** how to use an AWS Lambda function to filter the payload from Snyk Webhooks into Slack.
diff --git a/developer-tools/snyk-api/using-specific-snyk-apis/webhooks-apis/guides-to-webhooks/how-to-use-snyk-webhooks-to-connect-snyk-to-slack-with-aws-lambda/aws-lambda-setup-add-security-through-an-environment-variable.md b/developer-tools/snyk-api/using-specific-snyk-apis/webhooks-apis/guides-to-webhooks/how-to-use-snyk-webhooks-to-connect-snyk-to-slack-with-aws-lambda/aws-lambda-setup-add-security-through-an-environment-variable.md
index 53e1ed7082f3..228ec92bfbb3 100644
--- a/developer-tools/snyk-api/using-specific-snyk-apis/webhooks-apis/guides-to-webhooks/how-to-use-snyk-webhooks-to-connect-snyk-to-slack-with-aws-lambda/aws-lambda-setup-add-security-through-an-environment-variable.md
+++ b/developer-tools/snyk-api/using-specific-snyk-apis/webhooks-apis/guides-to-webhooks/how-to-use-snyk-webhooks-to-connect-snyk-to-slack-with-aws-lambda/aws-lambda-setup-add-security-through-an-environment-variable.md
@@ -4,7 +4,7 @@ For security reasons the script that you created uses an environment variable: `
Follow these steps to add security through an environment variable:
-1. Go to the **Configuration** tab in the AWS Lambda function.
+1. Navigate to the **Configuration** tab in the AWS Lambda function.
2. Click **Environment variables**.
3. Add the new environment variable.
4. Use `hmac_verification` as your key.
diff --git a/developer-tools/snyk-api/using-specific-snyk-apis/webhooks-apis/guides-to-webhooks/how-to-use-snyk-webhooks-to-connect-snyk-to-slack-with-aws-lambda/aws-lambda-setup-create-lambda-function-to-connect-snyk-to-slack.md b/developer-tools/snyk-api/using-specific-snyk-apis/webhooks-apis/guides-to-webhooks/how-to-use-snyk-webhooks-to-connect-snyk-to-slack-with-aws-lambda/aws-lambda-setup-create-lambda-function-to-connect-snyk-to-slack.md
index 017293b407b3..35244c3bcac4 100644
--- a/developer-tools/snyk-api/using-specific-snyk-apis/webhooks-apis/guides-to-webhooks/how-to-use-snyk-webhooks-to-connect-snyk-to-slack-with-aws-lambda/aws-lambda-setup-create-lambda-function-to-connect-snyk-to-slack.md
+++ b/developer-tools/snyk-api/using-specific-snyk-apis/webhooks-apis/guides-to-webhooks/how-to-use-snyk-webhooks-to-connect-snyk-to-slack-with-aws-lambda/aws-lambda-setup-create-lambda-function-to-connect-snyk-to-slack.md
@@ -1,8 +1,8 @@
# AWS Lambda setup: create Lambda function to connect Snyk to Slack
-AWS Lambda functions are used to connect Snyk to Slack because these functions are an inexpensive and efficient way of running code triggered by events, for example when there is a new Snyk vulnerability.
+AWS Lambda functions connect Snyk to Slack because these functions are an inexpensive and efficient way of running code triggered by events, for example when there is a new Snyk vulnerability.
-**Note:** If publishing the Lambda function through API Gateway, both must be configured in the same region. You can check this on the top right of the AWS Console.
+**Note:** If publishing the Lambda function through API Gateway, you must configure both in the same region. You can check this in the AWS Console.
Start by creating a zip file containing the code for the function and the necessary dependencies.
@@ -194,7 +194,7 @@ Start by creating a zip file containing the code for the function and the necess
To create an AWS Lambda function, follow these steps:
-1. Go to the AWS Console.
+1. Navigate to the AWS Console.
2. Navigate to Lambda.
3. Click **Create function**.
4. Choose **Node.js 16.x** for the **Runtime**.
@@ -208,4 +208,4 @@ To create an AWS Lambda function, follow these steps:
AWS code source display
10. In the code, modify the `slackWebhookUrl` to match your Slack webhook URL.
-11. For more information on the script you have pasted, go to [Configure the AWS Lambda Script](configure-the-aws-lambda-script.md).
+11. For more information about the script you have pasted, see [Configure the AWS Lambda Script](configure-the-aws-lambda-script.md).
diff --git a/developer-tools/snyk-api/using-specific-snyk-apis/webhooks-apis/guides-to-webhooks/how-to-use-snyk-webhooks-to-connect-snyk-to-slack-with-aws-lambda/aws-lambda-setup-set-up-the-trigger/README.md b/developer-tools/snyk-api/using-specific-snyk-apis/webhooks-apis/guides-to-webhooks/how-to-use-snyk-webhooks-to-connect-snyk-to-slack-with-aws-lambda/aws-lambda-setup-set-up-the-trigger/README.md
index 8012c6b5dd70..7bc3271fd897 100644
--- a/developer-tools/snyk-api/using-specific-snyk-apis/webhooks-apis/guides-to-webhooks/how-to-use-snyk-webhooks-to-connect-snyk-to-slack-with-aws-lambda/aws-lambda-setup-set-up-the-trigger/README.md
+++ b/developer-tools/snyk-api/using-specific-snyk-apis/webhooks-apis/guides-to-webhooks/how-to-use-snyk-webhooks-to-connect-snyk-to-slack-with-aws-lambda/aws-lambda-setup-set-up-the-trigger/README.md
@@ -1,3 +1,3 @@
# AWS Lambda setup: expose a public URL
-For Snyk to be able to send webhooks to the Lambda function you will need a public URL exposing the function. To do this you have two options, [API Gateway](with-api-gateway/) or a [Lambda function URL](with-a-lambda-function-url/). Choose the option that suits your current environments or needs the best.
+For Snyk to send webhooks to the Lambda function, you need a public URL exposing the function. To do this you have two options, [API Gateway](with-api-gateway/) or a [Lambda function URL](with-a-lambda-function-url/). Choose the option that best suits your current environments or needs.
diff --git a/developer-tools/snyk-api/using-specific-snyk-apis/webhooks-apis/guides-to-webhooks/how-to-use-snyk-webhooks-to-connect-snyk-to-slack-with-aws-lambda/aws-lambda-setup-set-up-the-trigger/with-a-lambda-function-url/README.md b/developer-tools/snyk-api/using-specific-snyk-apis/webhooks-apis/guides-to-webhooks/how-to-use-snyk-webhooks-to-connect-snyk-to-slack-with-aws-lambda/aws-lambda-setup-set-up-the-trigger/with-a-lambda-function-url/README.md
index 7ccc0d29faaf..e3b34e51ca1a 100644
--- a/developer-tools/snyk-api/using-specific-snyk-apis/webhooks-apis/guides-to-webhooks/how-to-use-snyk-webhooks-to-connect-snyk-to-slack-with-aws-lambda/aws-lambda-setup-set-up-the-trigger/with-a-lambda-function-url/README.md
+++ b/developer-tools/snyk-api/using-specific-snyk-apis/webhooks-apis/guides-to-webhooks/how-to-use-snyk-webhooks-to-connect-snyk-to-slack-with-aws-lambda/aws-lambda-setup-set-up-the-trigger/with-a-lambda-function-url/README.md
@@ -1,3 +1,3 @@
# With a Lambda Function URL
-The goal of this option is to avoid the need of AWS API Gateway and expose the Lambda function directly with the help of a Lambda Function URL.
+The goal of this option is to avoid the need for AWS API Gateway and expose the Lambda function directly with the help of a Lambda Function URL.
diff --git a/developer-tools/snyk-api/using-specific-snyk-apis/webhooks-apis/guides-to-webhooks/how-to-use-snyk-webhooks-to-connect-snyk-to-slack-with-aws-lambda/aws-lambda-setup-set-up-the-trigger/with-a-lambda-function-url/modify-the-lambda-function.md b/developer-tools/snyk-api/using-specific-snyk-apis/webhooks-apis/guides-to-webhooks/how-to-use-snyk-webhooks-to-connect-snyk-to-slack-with-aws-lambda/aws-lambda-setup-set-up-the-trigger/with-a-lambda-function-url/modify-the-lambda-function.md
index 9bbcec4ada71..1fa72527f918 100644
--- a/developer-tools/snyk-api/using-specific-snyk-apis/webhooks-apis/guides-to-webhooks/how-to-use-snyk-webhooks-to-connect-snyk-to-slack-with-aws-lambda/aws-lambda-setup-set-up-the-trigger/with-a-lambda-function-url/modify-the-lambda-function.md
+++ b/developer-tools/snyk-api/using-specific-snyk-apis/webhooks-apis/guides-to-webhooks/how-to-use-snyk-webhooks-to-connect-snyk-to-slack-with-aws-lambda/aws-lambda-setup-set-up-the-trigger/with-a-lambda-function-url/modify-the-lambda-function.md
@@ -1,6 +1,6 @@
# Modify the Lambda function
-1. Open your Lambda function and click on **Configuration**.
+1. Open your Lambda function and click **Configuration**.
2. Select **Function URL** and then **Create function URL**.
diff --git a/developer-tools/snyk-api/using-specific-snyk-apis/webhooks-apis/guides-to-webhooks/how-to-use-snyk-webhooks-to-connect-snyk-to-slack-with-aws-lambda/aws-lambda-setup-set-up-the-trigger/with-api-gateway/README.md b/developer-tools/snyk-api/using-specific-snyk-apis/webhooks-apis/guides-to-webhooks/how-to-use-snyk-webhooks-to-connect-snyk-to-slack-with-aws-lambda/aws-lambda-setup-set-up-the-trigger/with-api-gateway/README.md
index df277dd1a61d..eb276d641936 100644
--- a/developer-tools/snyk-api/using-specific-snyk-apis/webhooks-apis/guides-to-webhooks/how-to-use-snyk-webhooks-to-connect-snyk-to-slack-with-aws-lambda/aws-lambda-setup-set-up-the-trigger/with-api-gateway/README.md
+++ b/developer-tools/snyk-api/using-specific-snyk-apis/webhooks-apis/guides-to-webhooks/how-to-use-snyk-webhooks-to-connect-snyk-to-slack-with-aws-lambda/aws-lambda-setup-set-up-the-trigger/with-api-gateway/README.md
@@ -1,3 +1,3 @@
# With API Gateway
-The goal of this option is to use AWS API Gateway to trigger the Lambda function every time a new event is received.
+The goal of this option is to use AWS API Gateway to trigger the Lambda function each time a new event is received.
diff --git a/developer-tools/snyk-api/using-specific-snyk-apis/webhooks-apis/guides-to-webhooks/how-to-use-snyk-webhooks-to-connect-snyk-to-slack-with-aws-lambda/aws-lambda-setup-set-up-the-trigger/with-api-gateway/aws-api-gateway-add-the-post-method-to-connect-snyk-to-slack.md b/developer-tools/snyk-api/using-specific-snyk-apis/webhooks-apis/guides-to-webhooks/how-to-use-snyk-webhooks-to-connect-snyk-to-slack-with-aws-lambda/aws-lambda-setup-set-up-the-trigger/with-api-gateway/aws-api-gateway-add-the-post-method-to-connect-snyk-to-slack.md
index 07dc6c32084d..498a117db963 100644
--- a/developer-tools/snyk-api/using-specific-snyk-apis/webhooks-apis/guides-to-webhooks/how-to-use-snyk-webhooks-to-connect-snyk-to-slack-with-aws-lambda/aws-lambda-setup-set-up-the-trigger/with-api-gateway/aws-api-gateway-add-the-post-method-to-connect-snyk-to-slack.md
+++ b/developer-tools/snyk-api/using-specific-snyk-apis/webhooks-apis/guides-to-webhooks/how-to-use-snyk-webhooks-to-connect-snyk-to-slack-with-aws-lambda/aws-lambda-setup-set-up-the-trigger/with-api-gateway/aws-api-gateway-add-the-post-method-to-connect-snyk-to-slack.md
@@ -1,18 +1,18 @@
# AWS API Gateway: add the POST method to connect Snyk to Slack
-The payload Slack will receive will have a message, so create a POST method that will receive the message, verify it is a valid message, and then send on to the AWS Lambda function.
+The payload that Slack receives has a message, so create a POST method that receives the message, verifies it is a valid message, and then sends it on to the AWS Lambda function.
Follow these steps to add the POST Method:
1. Navigate to the AWS API Gateway you have created.
2. Click **Resources**.
-3. To create the method, navigate to **Actions** -> **Create Method** -> **Post**.
+3. To create the method, navigate to **Actions** > **Create Method** > **Post**.
4. Configure the AWS API Gateway to work with the Lambda function you created by adding the Gateway in the adjacent Lambda function box:\
Choose the **Lambda Function Integration type**.\
Select **Default Timeout**.
AWS Lambda function box
-5. In the **Resources**, lick the new **POST** method.
+5. In the **Resources**, click the new **POST** method.
6. Click **Integration Request** (top right on the AWS Gateway POST method execution screen).
AWS Gateway POST method execution
diff --git a/developer-tools/snyk-api/using-specific-snyk-apis/webhooks-apis/guides-to-webhooks/how-to-use-snyk-webhooks-to-connect-snyk-to-slack-with-aws-lambda/aws-lambda-setup-set-up-the-trigger/with-api-gateway/aws-api-gateway-deploy-the-post-method.md b/developer-tools/snyk-api/using-specific-snyk-apis/webhooks-apis/guides-to-webhooks/how-to-use-snyk-webhooks-to-connect-snyk-to-slack-with-aws-lambda/aws-lambda-setup-set-up-the-trigger/with-api-gateway/aws-api-gateway-deploy-the-post-method.md
index 6479f0f18b6a..f15a3b9e58cf 100644
--- a/developer-tools/snyk-api/using-specific-snyk-apis/webhooks-apis/guides-to-webhooks/how-to-use-snyk-webhooks-to-connect-snyk-to-slack-with-aws-lambda/aws-lambda-setup-set-up-the-trigger/with-api-gateway/aws-api-gateway-deploy-the-post-method.md
+++ b/developer-tools/snyk-api/using-specific-snyk-apis/webhooks-apis/guides-to-webhooks/how-to-use-snyk-webhooks-to-connect-snyk-to-slack-with-aws-lambda/aws-lambda-setup-set-up-the-trigger/with-api-gateway/aws-api-gateway-deploy-the-post-method.md
@@ -1,10 +1,10 @@
# AWS API Gateway: deploy the POST method
-Deploy with configured POST method so the AWS Lambda function can start receiving the information.
+Deploy the configured POST method so the AWS Lambda function can start receiving the information.
Follow these steps to deploy the POST method:
-1. Go to the **Resources** tab.
+1. Navigate to the **Resources** tab.
2. Click **POST**.
3. On the **Actions** tab, click **Deploy API**.
@@ -12,7 +12,7 @@ Follow these steps to deploy the POST method:
4. Select the **Deployment stage** to which you want to deploy the new API, in this case, the **default** stage.
AWS Gateway Deploy API to default stage
-5. Navigate back to your Lambda function and In the Lambda trigger configuration, verify you see a new API endpoint.
+5. Navigate back to your Lambda function and, in the Lambda trigger configuration, verify you see a new API endpoint.
6. Copy the API endpoint from the API Gateway boxes (obscured) for use in setting up the Snyk webhook.
AWS Lambda function trigger configuration showing new endpoint
diff --git a/developer-tools/snyk-api/using-specific-snyk-apis/webhooks-apis/guides-to-webhooks/how-to-use-snyk-webhooks-to-connect-snyk-to-slack-with-aws-lambda/aws-lambda-setup-set-up-the-trigger/with-api-gateway/aws-lambda-setup-set-up-the-trigger.md b/developer-tools/snyk-api/using-specific-snyk-apis/webhooks-apis/guides-to-webhooks/how-to-use-snyk-webhooks-to-connect-snyk-to-slack-with-aws-lambda/aws-lambda-setup-set-up-the-trigger/with-api-gateway/aws-lambda-setup-set-up-the-trigger.md
index 92d6e63865e7..5472cd1332c4 100644
--- a/developer-tools/snyk-api/using-specific-snyk-apis/webhooks-apis/guides-to-webhooks/how-to-use-snyk-webhooks-to-connect-snyk-to-slack-with-aws-lambda/aws-lambda-setup-set-up-the-trigger/with-api-gateway/aws-lambda-setup-set-up-the-trigger.md
+++ b/developer-tools/snyk-api/using-specific-snyk-apis/webhooks-apis/guides-to-webhooks/how-to-use-snyk-webhooks-to-connect-snyk-to-slack-with-aws-lambda/aws-lambda-setup-set-up-the-trigger/with-api-gateway/aws-lambda-setup-set-up-the-trigger.md
@@ -1,4 +1,4 @@
-# AWS API Gateway: Setting up a trigger
+# AWS API Gateway: set up a trigger
Follow these steps to add the AWS API Gateway to the function:
diff --git a/developer-tools/snyk-api/using-specific-snyk-apis/webhooks-apis/guides-to-webhooks/how-to-use-snyk-webhooks-to-connect-snyk-to-slack-with-aws-lambda/configure-the-aws-lambda-script.md b/developer-tools/snyk-api/using-specific-snyk-apis/webhooks-apis/guides-to-webhooks/how-to-use-snyk-webhooks-to-connect-snyk-to-slack-with-aws-lambda/configure-the-aws-lambda-script.md
index 555a99f6ca0b..ae073f9ea99a 100644
--- a/developer-tools/snyk-api/using-specific-snyk-apis/webhooks-apis/guides-to-webhooks/how-to-use-snyk-webhooks-to-connect-snyk-to-slack-with-aws-lambda/configure-the-aws-lambda-script.md
+++ b/developer-tools/snyk-api/using-specific-snyk-apis/webhooks-apis/guides-to-webhooks/how-to-use-snyk-webhooks-to-connect-snyk-to-slack-with-aws-lambda/configure-the-aws-lambda-script.md
@@ -126,6 +126,6 @@ async function messageSlack(message,snykProjectUrl,snykProjectName,snykIssuePack
}
```
-Snyk used Slack’s built-in block builder to design the payload in the desired format. With the block builder you can configure the JSON of the payload to display more information like the CWE, add more interactions, and even use the ignore API from Snyk to create an ignore button.
+Snyk used the built-in block builder in Slack to design the payload in the desired format. With the block builder you can configure the JSON of the payload to display more information like the CWE, add more interactions, and even use the ignore API from Snyk to create an ignore button.
You can find more information about the block builder ([Block Kit](https://api.slack.com/block-kit)) on the Slack website.
diff --git a/developer-tools/snyk-api/using-specific-snyk-apis/webhooks-apis/guides-to-webhooks/how-to-use-snyk-webhooks-to-connect-snyk-to-slack-with-aws-lambda/set-up-the-snyk-webhook.md b/developer-tools/snyk-api/using-specific-snyk-apis/webhooks-apis/guides-to-webhooks/how-to-use-snyk-webhooks-to-connect-snyk-to-slack-with-aws-lambda/set-up-the-snyk-webhook.md
index d4c2e93b72f8..c18d8dc14303 100644
--- a/developer-tools/snyk-api/using-specific-snyk-apis/webhooks-apis/guides-to-webhooks/how-to-use-snyk-webhooks-to-connect-snyk-to-slack-with-aws-lambda/set-up-the-snyk-webhook.md
+++ b/developer-tools/snyk-api/using-specific-snyk-apis/webhooks-apis/guides-to-webhooks/how-to-use-snyk-webhooks-to-connect-snyk-to-slack-with-aws-lambda/set-up-the-snyk-webhook.md
@@ -18,4 +18,4 @@ Content-Type: application/json
}
```
-With this request done, your connection from Snyk to Slack will be completed. Every time there is a new vulnerability, you will get a new notification.
+With this request done, your connection from Snyk to Slack is complete. Each time there is a new vulnerability, you get a new notification.
diff --git a/developer-tools/snyk-api/using-specific-snyk-apis/webhooks-apis/guides-to-webhooks/how-to-use-snyk-webhooks-to-connect-snyk-to-slack-with-aws-lambda/slack-setup-to-connect-snyk-with-aws-lambda.md b/developer-tools/snyk-api/using-specific-snyk-apis/webhooks-apis/guides-to-webhooks/how-to-use-snyk-webhooks-to-connect-snyk-to-slack-with-aws-lambda/slack-setup-to-connect-snyk-with-aws-lambda.md
index ff9cc1a93c8e..328d934feab3 100644
--- a/developer-tools/snyk-api/using-specific-snyk-apis/webhooks-apis/guides-to-webhooks/how-to-use-snyk-webhooks-to-connect-snyk-to-slack-with-aws-lambda/slack-setup-to-connect-snyk-with-aws-lambda.md
+++ b/developer-tools/snyk-api/using-specific-snyk-apis/webhooks-apis/guides-to-webhooks/how-to-use-snyk-webhooks-to-connect-snyk-to-slack-with-aws-lambda/slack-setup-to-connect-snyk-with-aws-lambda.md
@@ -4,7 +4,7 @@ To enable Snyk to communicate with Slack, start by setting up incoming webhooks
To set up Slack Apps with a webhook, follow these steps:
-1. Go to [https://api.slack.com/apps](https://api.slack.com/apps).
+1. Navigate to [https://api.slack.com/apps](https://api.slack.com/apps).
2. Select **Create New App**.
Your Apps in Slack
@@ -21,7 +21,7 @@ To set up Slack Apps with a webhook, follow these steps:
9. Activate incoming webhooks in that page.
Incoming webhooks activation
-10. Generate a webhook URL for the channel you want by clicking on **Add New Webhook to Workspace**.
+10. Generate a webhook URL for the channel you want by clicking **Add New Webhook to Workspace**.
11. Select the channel you want Snyk to post to. If you haven’t already done so, [create a channel](https://slack.com/intl/en-gb/help/articles/201402297-Create-a-channel).
12. When the webhook has been created, copy and save the webhook URL to use in the next step in AWS.
diff --git a/developer-tools/snyk-api/using-specific-snyk-apis/webhooks-apis/guides-to-webhooks/how-to-use-snyk-webhooks-to-connect-snyk-to-slack-with-aws-lambda/test-the-snyk-webhook-connection.md b/developer-tools/snyk-api/using-specific-snyk-apis/webhooks-apis/guides-to-webhooks/how-to-use-snyk-webhooks-to-connect-snyk-to-slack-with-aws-lambda/test-the-snyk-webhook-connection.md
index 51d307ca11dc..4dec46af412b 100644
--- a/developer-tools/snyk-api/using-specific-snyk-apis/webhooks-apis/guides-to-webhooks/how-to-use-snyk-webhooks-to-connect-snyk-to-slack-with-aws-lambda/test-the-snyk-webhook-connection.md
+++ b/developer-tools/snyk-api/using-specific-snyk-apis/webhooks-apis/guides-to-webhooks/how-to-use-snyk-webhooks-to-connect-snyk-to-slack-with-aws-lambda/test-the-snyk-webhook-connection.md
@@ -1,10 +1,10 @@
# Test the Snyk webhook connection
-The Snyk Webhook only updates when there is a new vulnerability found, but you can test your implementation using Postman.
+The Snyk Webhook only updates when a new vulnerability is found, but you can test your implementation using Postman.
If you don’t have Postman you can [install](https://www.postman.com/downloads/) it for free.
-To test, you will send a POST request to the AWS API Gateway with a sample payload that is secured with your API token.
+To test, send a POST request to the AWS API Gateway with a sample payload that is secured with your API token.
Follow these steps to test the connection:
@@ -23,8 +23,8 @@ Follow these steps to test the connection:
5. Change the method to **POST** and add your API Gateway URL or Function URL. Refer to [AWS API Gateway: add the POST method to connect Snyk to Slack](aws-lambda-setup-set-up-the-trigger/with-api-gateway/aws-api-gateway-add-the-post-method-to-connect-snyk-to-slack.md) for instructions on finding the URL.
Postman POST method add AWS API Gateway URL
-6. Configure your pre-request script to look like the following code. This script get your API token and secures it so when Snyk sends it with the payload the Lambda function can decrypt the payload.\
- The code follows; remember to change enter your API token for '`your-secret-string-here'`.\
+6. Configure your pre-request script to look like the following code. This script gets your API token and secures it so that when Snyk sends it with the payload, the Lambda function can decrypt the payload.\
+ The code follows. Remember to enter your API token for '`your-secret-string-here'`.\
\
`postman.setEnvironmentVariable('x-hub-signature', CryptoJS.HmacSHA256(request.data, 'your-secret-string-here').toString(CryptoJS.digest)); postman.setEnvironmentVariable('x-hub-signature', 'sha256='+ postman.getEnvironmentVariable('x-hub-signature'));`\
diff --git a/developer-tools/snyk-api/using-specific-snyk-apis/webhooks-apis/guides-to-webhooks/how-to-use-snyk-webhooks-to-integrate-new-relic-with-snyk/README.md b/developer-tools/snyk-api/using-specific-snyk-apis/webhooks-apis/guides-to-webhooks/how-to-use-snyk-webhooks-to-integrate-new-relic-with-snyk/README.md
index 46b83c405b9f..30447fd7dd2f 100644
--- a/developer-tools/snyk-api/using-specific-snyk-apis/webhooks-apis/guides-to-webhooks/how-to-use-snyk-webhooks-to-integrate-new-relic-with-snyk/README.md
+++ b/developer-tools/snyk-api/using-specific-snyk-apis/webhooks-apis/guides-to-webhooks/how-to-use-snyk-webhooks-to-integrate-new-relic-with-snyk/README.md
@@ -2,7 +2,7 @@
New Relic Security API is the most recent approach to having New Relic send any type of security-related information into the New Relic platform. This API is part of New Relic's Vulnerability Management capabilities.
-Using New Relic Security API is beneficial because New Relic “understands” the type of data being ingested and is able to provide a curated user interface for the information. New Relic also offers a standardized way of correlating this information with other types of data that New Relic is able to consume. You can see the correlations on the tabs in New Relic, including the vulnerability management section of an entity.
+Using New Relic Security API is beneficial because New Relic “understands” the type of data being ingested and can provide a curated user interface for the information. New Relic also offers a standardized way of correlating this information with other types of data that New Relic can consume. You can see the correlations on the tabs in New Relic, including the vulnerability management section of an entity.
Entity-level vulnerability management
@@ -11,13 +11,13 @@ Examples of such correlations are:
* For an application monitored by New Relic APM (Application Performance Monitoring), the Snyk Webhook provides the repository where the application resides. New Relic can then correlate issues Snyk identifies from an application security perspective with the APM data.
* For a container that is running inside a Kubernetes cluster where New Relic knows everything about the runtime behavior, the Snyk Webhook provides the ImageID. New Relic can then correlate detailed information provided about security aspects for the container.
-New Relic also provides a dedicated Vulnerability Management section for all of your security-related issues. The information shared using the Snyk webhook will automatically be populated automatically in this section.
+New Relic also provides a dedicated Vulnerability Management section for all of your security-related issues. The information shared using the Snyk webhook is populated automatically in this section.
Vulnerability Management
To set up the integration between Snyk and New Relic, follow the steps on these pages. There are two ways to achieve this:
-1. Through New Relic's native security ingest processor: follow the guide on [New Relic docs](https://docs.newrelic.com/docs/vulnerability-management/integrations/snyk/) to get started
+1. Through the native security ingest processor in New Relic: follow the guide in the [New Relic docs](https://docs.newrelic.com/docs/vulnerability-management/integrations/snyk/) to get started.
2. Through an Azure Function App that acts as a proxy: begin with [Create an Azure Function App](create-an-azure-function-app.md).
If you have **problems** setting up or using the Snyk Webhook, **contact** your Solutions Engineer or Technical Success Manager for help.
diff --git a/developer-tools/snyk-api/using-specific-snyk-apis/webhooks-apis/guides-to-webhooks/how-to-use-snyk-webhooks-to-integrate-new-relic-with-snyk/configure-azure-function-environment-variables.md b/developer-tools/snyk-api/using-specific-snyk-apis/webhooks-apis/guides-to-webhooks/how-to-use-snyk-webhooks-to-integrate-new-relic-with-snyk/configure-azure-function-environment-variables.md
index 58b82a54c699..91f73c61c463 100644
--- a/developer-tools/snyk-api/using-specific-snyk-apis/webhooks-apis/guides-to-webhooks/how-to-use-snyk-webhooks-to-integrate-new-relic-with-snyk/configure-azure-function-environment-variables.md
+++ b/developer-tools/snyk-api/using-specific-snyk-apis/webhooks-apis/guides-to-webhooks/how-to-use-snyk-webhooks-to-integrate-new-relic-with-snyk/configure-azure-function-environment-variables.md
@@ -7,7 +7,7 @@ Navigate to your Azure Function App Configuration and add the following new appl
* **NEW\_RELIC\_SECURITY\_URL**: URL for the New Relic Security API, that is, https://security-api.newrelic.com/security/v1
* **NEW\_RELIC\_LICENSE\_KEY**: New Relic License Key
-If you are using Azure DevOps Repos in your Snyk account, you may also want to configure the following application setting:
+If you are using Azure DevOps Repos in your Snyk account, you can also configure the following application setting:
* **AZURE\_DEVOPS\_ORG**: the name of your Azure DevOps organization
diff --git a/developer-tools/snyk-api/using-specific-snyk-apis/webhooks-apis/guides-to-webhooks/how-to-use-snyk-webhooks-to-integrate-new-relic-with-snyk/copy-the-azure-function-url.md b/developer-tools/snyk-api/using-specific-snyk-apis/webhooks-apis/guides-to-webhooks/how-to-use-snyk-webhooks-to-integrate-new-relic-with-snyk/copy-the-azure-function-url.md
index c8244728220a..64d13eb33f7f 100644
--- a/developer-tools/snyk-api/using-specific-snyk-apis/webhooks-apis/guides-to-webhooks/how-to-use-snyk-webhooks-to-integrate-new-relic-with-snyk/copy-the-azure-function-url.md
+++ b/developer-tools/snyk-api/using-specific-snyk-apis/webhooks-apis/guides-to-webhooks/how-to-use-snyk-webhooks-to-integrate-new-relic-with-snyk/copy-the-azure-function-url.md
@@ -1,6 +1,6 @@
# Copy the Azure Function URL
-Select the appropriate Azure Function and copy the Function URL. You need this URL in the next step, in order to [Create a Snyk Webhook](create-a-snyk-webhook.md).
+Select the appropriate Azure Function and copy the Function URL. You need this URL in the next step, to [Create a Snyk Webhook](create-a-snyk-webhook.md).
An example follows for one user's New Relic Azure Function.
diff --git a/developer-tools/snyk-api/using-specific-snyk-apis/webhooks-apis/guides-to-webhooks/how-to-use-snyk-webhooks-to-integrate-new-relic-with-snyk/create-a-snyk-webhook.md b/developer-tools/snyk-api/using-specific-snyk-apis/webhooks-apis/guides-to-webhooks/how-to-use-snyk-webhooks-to-integrate-new-relic-with-snyk/create-a-snyk-webhook.md
index af9b35337ef4..e38a99576108 100644
--- a/developer-tools/snyk-api/using-specific-snyk-apis/webhooks-apis/guides-to-webhooks/how-to-use-snyk-webhooks-to-integrate-new-relic-with-snyk/create-a-snyk-webhook.md
+++ b/developer-tools/snyk-api/using-specific-snyk-apis/webhooks-apis/guides-to-webhooks/how-to-use-snyk-webhooks-to-integrate-new-relic-with-snyk/create-a-snyk-webhook.md
@@ -27,7 +27,7 @@ The response is like this:
}
```
-You can then use the [Ping a webhook API](../../../../reference/webhooks-v1.md#org-orgid-webhooks-webhookid-ping) to pro-actively trigger the Snyk Webhook in order to test your integration:
+You can then use the [Ping a webhook API](../../../../reference/webhooks-v1.md#org-orgid-webhooks-webhookid-ping) to proactively trigger the Snyk Webhook to test your integration:
```http
POST https://api.snyk.io/v1/org/{SNYK-ORG-ID}/webhooks/{SNYK-WEBHOOK-ID}/ping HTTP/2
diff --git a/developer-tools/snyk-api/using-specific-snyk-apis/webhooks-apis/guides-to-webhooks/how-to-use-snyk-webhooks-to-integrate-new-relic-with-snyk/new-relic-curated-ui-and-snyk-custom-dashboard.md b/developer-tools/snyk-api/using-specific-snyk-apis/webhooks-apis/guides-to-webhooks/how-to-use-snyk-webhooks-to-integrate-new-relic-with-snyk/new-relic-curated-ui-and-snyk-custom-dashboard.md
index 83c0454ee596..27f2cee86339 100644
--- a/developer-tools/snyk-api/using-specific-snyk-apis/webhooks-apis/guides-to-webhooks/how-to-use-snyk-webhooks-to-integrate-new-relic-with-snyk/new-relic-curated-ui-and-snyk-custom-dashboard.md
+++ b/developer-tools/snyk-api/using-specific-snyk-apis/webhooks-apis/guides-to-webhooks/how-to-use-snyk-webhooks-to-integrate-new-relic-with-snyk/new-relic-curated-ui-and-snyk-custom-dashboard.md
@@ -1,6 +1,6 @@
# New Relic Curated UI and Snyk Custom Dashboard
-Once the Azure Function and the Snyk Webhook are created, you see data coming in for Snyk projects with the configured retest frequency, or projects that you scan manually and where Snyk identifies new issues.
+After the Azure Function and the Snyk Webhook are created, you see data coming in for Snyk Projects with the configured retest frequency, or Projects that you scan manually and where Snyk identifies new issues.
## Vulnerability event type
@@ -10,7 +10,7 @@ You can look into the Vulnerability event type to validate that data flows into
## New Relic Vulnerability Management
-In addition New Relic provides a curated UI, a New Relic app named Vulnerability Management, that you can use to visualize all the issues being sent.
+In addition, New Relic provides a curated UI, a New Relic app named Vulnerability Management, that you can use to visualize all the issues being sent.
Vulnerability management app
diff --git a/developer-tools/snyk-api/using-specific-snyk-apis/webhooks-apis/validation-and-versioning-of-payloads.md b/developer-tools/snyk-api/using-specific-snyk-apis/webhooks-apis/validation-and-versioning-of-payloads.md
index 8d4a29b8d94a..d1b13f059995 100644
--- a/developer-tools/snyk-api/using-specific-snyk-apis/webhooks-apis/validation-and-versioning-of-payloads.md
+++ b/developer-tools/snyk-api/using-specific-snyk-apis/webhooks-apis/validation-and-versioning-of-payloads.md
@@ -4,7 +4,7 @@
All transports sent to your webhooks have a `X-Hub-Signature` header, which contains the hash signature for the transport. The signature is a HMAC hexdigest of the request body, generated using sha256 and your `secret` as the HMAC key.
-You could use a function in Node.JS such as the following to validate these signatures on incoming requests from Snyk:
+You can use a function in Node.js such as the following to validate these signatures on incoming requests from Snyk:
```
import * as crypto from 'crypto';
@@ -27,6 +27,6 @@ Payloads may evolve over time, and so are versioned. Payload versions are suppli
Version numbers only increment when a breaking change is made, for example, removing a field that used to exist, or changing the name of a field. Version numbers do not increment when making an additive change, such as adding a new field that never existed before.
{% hint style="warning" %}
-During the BETA phase, the structure of webhook payloads may change at any time, so Snyk recommends that you check the payload version.
+During the BETA phase, the structure of webhook payloads can change at any time, so Snyk recommends that you check the payload version.
{% endhint %}
diff --git a/developer-tools/snyk-api/using-specific-snyk-apis/webhooks-apis/webhooks.md b/developer-tools/snyk-api/using-specific-snyk-apis/webhooks-apis/webhooks.md
index 0e0f789a7766..81896364f827 100644
--- a/developer-tools/snyk-api/using-specific-snyk-apis/webhooks-apis/webhooks.md
+++ b/developer-tools/snyk-api/using-specific-snyk-apis/webhooks-apis/webhooks.md
@@ -10,7 +10,7 @@ Webhooks are delivered with a `Content-Type` of `application/json`, with the eve
After your server is configured to receive payloads, it listens for any payload sent to the endpoint you configured. For security reasons, you should limit requests to those coming from Snyk.
-While consuming a webhook event, `X-Snyk-Event` header must be checked, as an end-point may receive multiple event types as described.
+While consuming a webhook event, you must check the `X-Snyk-Event` header, as an endpoint can receive multiple event types as described.
## **ping**
@@ -34,7 +34,7 @@ Content-Type: application/json
## **project\_snapshot**
-This event is triggered every time an existing project is tested and a new snapshot is created. It is triggered on every test of a project, whether or not there are new issues. This event is not triggered when a new project is created or imported. Currently supported targets/scan types are Open Source and container.
+This event is triggered every time an existing Project is tested and a new snapshot is created. It is triggered on every test of a Project, whether or not there are new issues. This event is not triggered when a new Project is created or imported. Supported targets and scan types are Open Source and container.
```sh
POST /webhook-handler/snyk123 HTTP/1.1
diff --git a/developer-tools/snyk-api/v1-api.md b/developer-tools/snyk-api/v1-api.md
index 0d474163d1d2..634e581f1941 100644
--- a/developer-tools/snyk-api/v1-api.md
+++ b/developer-tools/snyk-api/v1-api.md
@@ -7,10 +7,10 @@ The Snyk API is available only for Enterprise plans.
For more information, see [Plans and pricing](https://snyk.io/plans).
-The V1 API will be deprecated eventually, as further Snyk developments are now focused on the REST API.
+The V1 API will be deprecated eventually, as Snyk now focuses further development on the REST API.
{% endhint %}
-The V1 API enables you to test a package for issues as they are defined by Snyk, and to automate Snyk processes to accomplish your specific workflows. Customers and partners can perform functions including:
+The V1 API lets you test a package for issues as Snyk defines them, and automate Snyk processes to accomplish your specific workflows. Customers and partners can perform functions including:
* Accessing vulnerability data
* Scanning Projects and applications
@@ -26,7 +26,7 @@ Snyk is hosted in the following regions. Each region has its own base URL.
Region
Base URL
SNYK-US-01
https://api.snyk.io/v1/
SNYK-US-02
https://api.us.snyk.io/v1/
SNYK-EU-01
https://api.eu.snyk.io/v1/
SNYK-AU-01
https://api.au.snyk.io/v1/
{% hint style="info" %}
-This API is available only over HTTPS. Calling the API over HTTP will yield a 404 for all requests.
+This API is available only over HTTPS. Calling the API over HTTP yields a 404 for all requests.
{% endhint %}
## Authorization
@@ -39,7 +39,7 @@ Provide the token in an `Authorization` header with the token, preceded by `toke
Authorization: token API_KEY
```
-Otherwise, a 401 "Unauthorized" response will be returned.
+Otherwise, the API returns a 401 "Unauthorized" response.
```
HTTP/1.1 401 Unauthorized
@@ -57,7 +57,7 @@ Snyk limits the requests to the V1 API to help provide a stable experience for c
The V1 API has a default rate limit of **2,000 requests per minute**, but some specific endpoints have lower limits. Refer to the reference docs for each endpoint to see the rate limits.
-If you exceed the rate limit, you will receive a `429` error response.
+If you exceed the rate limit, you receive a `429` error response.
## Errors
diff --git a/developer-tools/snyk-ci-cd-integrations/README.md b/developer-tools/snyk-ci-cd-integrations/README.md
index 7c48d8448718..0e49d051e741 100644
--- a/developer-tools/snyk-ci-cd-integrations/README.md
+++ b/developer-tools/snyk-ci-cd-integrations/README.md
@@ -5,14 +5,14 @@ Snyk recommends using the [CLI ](../snyk-cli/)for CI/CD integrations for the fol
* You have the flexibility to test in-progress features of the CLI by using the [preview channel](../snyk-cli/releases-and-channels-for-the-snyk-cli.md#preview).
* The CLI provides feature-rich [stable releases](../snyk-cli/releases-and-channels-for-the-snyk-cli.md#stable) at a regular cadence.
-* With the CLI, you have options to [extend use cases](../snyk-cli/scan-and-maintain-projects-using-the-cli/cli-tools/) as you deploy Snyk at scale
+* With the CLI, you have options to [extend use cases](../snyk-cli/scan-and-maintain-projects-using-the-cli/cli-tools/) as you deploy Snyk at scale.
For more information, see the [Snyk CLI repository](https://github.com/snyk/cli).
{% endhint %}
## Adopting a CI/CD integration
-When you decide to use a CI/CD integration, you typically adopt the integration in stages, initially selecting a deployment method and the implementing strategies for the code you are scanning. For details, see [Snyk CI/CD Integration deployment and strategies](snyk-ci-cd-integration-deployment-and-strategies/).
+When you decide to use a CI/CD integration, you typically adopt the integration in stages, initially selecting a deployment method and implementing strategies for the code you are scanning. For details, see [Snyk CI/CD Integration deployment and strategies](snyk-ci-cd-integration-deployment-and-strategies/).
For detailed information, see the pages for the integration you are using:
@@ -33,7 +33,7 @@ For additional examples of binary and npm integrations for CI/CD, see [GitHub CI
## Support policy
-Snyk supports the latest 12 months of CI/CD plugin versions, ensuring functionality and performance. Older versions are considered End-of-Support (EOS) and will not receive bug fixes or troubleshooting.
+Snyk supports the latest 12 months of CI/CD plugin versions, ensuring functionality and performance. Older versions are considered End-of-Support (EOS) and do not receive bug fixes or troubleshooting.
Snyk provides fixes only in new versions and cannot fix older versions. Customers must upgrade to benefit from improvements.
diff --git a/developer-tools/snyk-ci-cd-integrations/aws-codepipeline-integration-by-adding-a-snyk-scan-stage.md b/developer-tools/snyk-ci-cd-integrations/aws-codepipeline-integration-by-adding-a-snyk-scan-stage.md
index cdd5efdc3e6c..abc559882630 100644
--- a/developer-tools/snyk-ci-cd-integrations/aws-codepipeline-integration-by-adding-a-snyk-scan-stage.md
+++ b/developer-tools/snyk-ci-cd-integrations/aws-codepipeline-integration-by-adding-a-snyk-scan-stage.md
@@ -76,7 +76,7 @@ The Snyk Open Source scan must be in the same CodeBuild action as the build proc
Using the [Snyk CLI](../snyk-cli/commands/) in CodeBuild gives you full access to its functionality and options. To get started with basic result handling, you can follow these tips:
* The `snyk test` command produces a non-zero exit code when vulnerabilities are found. Consider adding `|| true` to the end of the command to circumvent this behavior.
-* The [snyk-to-html](https://github.com/snyk/snyk-to-html) tool can be used to produce an HTML report of scan results by running a command similar to `snyk test --json | snyk-to-html -o snyk-results.html` . For more information, see the [`snyk-to-html`](../snyk-cli/scan-and-maintain-projects-using-the-cli/cli-tools/snyk-to-html.md) documentation.
+* You can use the [snyk-to-html](https://github.com/snyk/snyk-to-html) tool to produce an HTML report of scan results by running a command similar to `snyk test --json | snyk-to-html -o snyk-results.html` . For more information, see the [`snyk-to-html`](../snyk-cli/scan-and-maintain-projects-using-the-cli/cli-tools/snyk-to-html.md) documentation.
* Consider the following CLI options for common usage patterns:
* [--org=\](../snyk-cli/commands/test.md#org-less-than-org_id-greater-than) - Specify the \ to run Snyk commands tied to a specific Snyk Organization.
* [--severity-threshold=\](../snyk-cli/commands/test.md#severity-threshold-less-than-low-or-medium-or-high-or-critical-greater-than) - Report vulnerabilities only at the specified level or higher.
@@ -94,7 +94,7 @@ Using the [Snyk CLI](../snyk-cli/commands/) in CodeBuild gives you full access t
* When testing is complete, consider deploying the updated CodePipeline.
* Monitor your pipeline for successful Snyk scan execution and address any integration issues.
-### Next Steps
+### Next steps
Refer to the [Snyk CLI](../snyk-cli/) documentation to incorporate additional security scans into your CI/CD pipeline.
diff --git a/developer-tools/snyk-ci-cd-integrations/azure-pipelines-integration/README.md b/developer-tools/snyk-ci-cd-integrations/azure-pipelines-integration/README.md
index e57111950ff0..6a67a6158bf3 100644
--- a/developer-tools/snyk-ci-cd-integrations/azure-pipelines-integration/README.md
+++ b/developer-tools/snyk-ci-cd-integrations/azure-pipelines-integration/README.md
@@ -8,9 +8,9 @@ The Snyk Security Scan task is available for all languages supported by Snyk and
The Snyk Security Scan task supports Snyk Open Source, Snyk Container, and Snyk Code. If you plan to include other products in your pipeline, use the [Snyk CLI](../../snyk-cli/).
{% endhint %}
-Ready-to-use tasks for Azure Pipelines can be inserted quickly and directly from the Azure interface, enabling you to customize and automate your pipelines with no extra coding. Among the tasks included is the Snyk task.
+You can insert ready-to-use tasks for Azure Pipelines quickly and directly from the Azure interface, so you can customize and automate your pipelines with no extra coding. Among the tasks included is the Snyk task.
-You can include the Snyk task in your pipeline to test for security vulnerabilities and open-source license issues as part of your routine work. In this way, you can test and monitor your application dependencies and container images for security vulnerabilities. When the testing is done you can review and work with results directly from the Azure Pipelines output, as well as from the Snyk interface.
+You can include the Snyk task in your pipeline to test for security vulnerabilities and open-source license issues as part of your routine work. In this way, you can test and monitor your application dependencies and container images for security vulnerabilities. When the testing is done, you can review and work with results directly from the Azure Pipelines output, as well as from the Snyk interface.
For setup and use details, see the following pages:
diff --git a/developer-tools/snyk-ci-cd-integrations/azure-pipelines-integration/add-the-snyk-security-task-to-your-pipelines.md b/developer-tools/snyk-ci-cd-integrations/azure-pipelines-integration/add-the-snyk-security-task-to-your-pipelines.md
index e1fdd482bec6..4f547ceb94c9 100644
--- a/developer-tools/snyk-ci-cd-integrations/azure-pipelines-integration/add-the-snyk-security-task-to-your-pipelines.md
+++ b/developer-tools/snyk-ci-cd-integrations/azure-pipelines-integration/add-the-snyk-security-task-to-your-pipelines.md
@@ -9,20 +9,20 @@
## **Requirements to add Snyk Security Task to your pipelines**
-This extension requires that Node.js and npm be installed on the build agent. These are available by default on all Microsoft-hosted build agents. However, if you are using a self-hosted build agent, you may need to explicitly activate Node.js and npm and ensure they are in your [PATH](https://en.wikipedia.org/wiki/PATH_\(variable\)). This can be done using the [NodeTool task from Microsoft](https://docs.microsoft.com/en-us/azure/devops/pipelines/tasks/tool/node-js?view=azure-devops) prior to adding the Snyk Security Scan task to your pipeline.
+This extension requires that Node.js and npm be installed on the build agent. These are available by default on all Microsoft-hosted build agents. However, if you are using a self-hosted build agent, you might need to explicitly activate Node.js and npm and ensure they are in your [PATH](https://en.wikipedia.org/wiki/PATH_\(variable\)). Use the [NodeTool task from Microsoft](https://docs.microsoft.com/en-us/azure/devops/pipelines/tasks/tool/node-js?view=azure-devops) to do this before adding the Snyk Security Scan task to your pipeline.
## **Steps to add Snyk Security Task to your pipelines**
1. Add the Snyk Security Scan task when you create your pipeline or while editing an existing one. See the [Azure Pipelines documentation](https://docs.microsoft.com/en-us/azure/devops/pipelines/?view=azure-devops).
-2. From Azure, access the pipeline that you want to scan for vulnerabilities. Open it for editing and check that the Build step is included just before the point at which you want to insert the Snyk task. Note that this is not required but is considered best practice for consistency across projects.
+2. From Azure, access the pipeline that you want to scan for vulnerabilities. Open it for editing and check that the Build step appears just before the point at which you want to insert the Snyk task. This is not required but is considered best practice for consistency across projects.
3. Open the **assistant**, search for the Snyk Security Scan task, and click it as shown in the screen image that follows. The configuration panel opens on top of the assistant.
Search for the Snyk Security Scan Task
4. Complete the fields in the configuration.
1. Find full details about the parameters on the page [Snyk Security Scan task parameters and values](snyk-security-scan-task-parameters-and-values.md).
- 2. Note that if you check the **Fail build if Snyk finds issue** option, when the build fails the pipeline job is failed by the Snyk task.
- 3. If you uncheck the **Fail build if Snyk finds issue** option, the Snyk task tests for vulnerabilities but does not cause the pipeline job to fail.
+ 2. If you select the **Fail build if Snyk finds issue** option, the Snyk task fails the pipeline job when the build fails.
+ 3. If you clear the **Fail build if Snyk finds issue** option, the Snyk task tests for vulnerabilities but does not cause the pipeline job to fail.
4. When testing a container image, you can specify the path to the Dockerfile with the dockerfilePath property to receive additional information about issues in your base image.
5. To add your Dockerfile for additional base image data when testing your container, ensure the image has been built.
5. Place your cursor inside the pipeline, ensuring you place it before a deployment step, such as **npm publish** or **docker push**.
diff --git a/developer-tools/snyk-ci-cd-integrations/azure-pipelines-integration/example-of-a-snyk-task-for-a-container-image-pipeline.md b/developer-tools/snyk-ci-cd-integrations/azure-pipelines-integration/example-of-a-snyk-task-for-a-container-image-pipeline.md
index a6d2736bc4d6..65831826d466 100644
--- a/developer-tools/snyk-ci-cd-integrations/azure-pipelines-integration/example-of-a-snyk-task-for-a-container-image-pipeline.md
+++ b/developer-tools/snyk-ci-cd-integrations/azure-pipelines-integration/example-of-a-snyk-task-for-a-container-image-pipeline.md
@@ -6,6 +6,6 @@ When populated with the most common settings, the configuration panel in Azure l
Snyk Security Scan configuration panel
-The following shows the same configuration once you have added it to your pipeline.
+The following shows the same configuration after you have added it to your pipeline.

diff --git a/developer-tools/snyk-ci-cd-integrations/azure-pipelines-integration/example-of-a-snyk-task-to-test-a-node.js-npm-based-application.md b/developer-tools/snyk-ci-cd-integrations/azure-pipelines-integration/example-of-a-snyk-task-to-test-a-node.js-npm-based-application.md
index 701d82f0c7b0..b848912c7a9f 100644
--- a/developer-tools/snyk-ci-cd-integrations/azure-pipelines-integration/example-of-a-snyk-task-to-test-a-node.js-npm-based-application.md
+++ b/developer-tools/snyk-ci-cd-integrations/azure-pipelines-integration/example-of-a-snyk-task-to-test-a-node.js-npm-based-application.md
@@ -6,6 +6,6 @@ The configuration panel appears as follows:
Snyk Security Scan configuration panel
-Click **add** and the task is added to your pipeline as follows:
+Click **Add** and the task is added to your pipeline as follows:

diff --git a/developer-tools/snyk-ci-cd-integrations/azure-pipelines-integration/example-of-a-snyk-task-to-test-application-code.md b/developer-tools/snyk-ci-cd-integrations/azure-pipelines-integration/example-of-a-snyk-task-to-test-application-code.md
index 9cf3541bbf9b..8d72ff2d8aeb 100644
--- a/developer-tools/snyk-ci-cd-integrations/azure-pipelines-integration/example-of-a-snyk-task-to-test-application-code.md
+++ b/developer-tools/snyk-ci-cd-integrations/azure-pipelines-integration/example-of-a-snyk-task-to-test-application-code.md
@@ -6,6 +6,6 @@ The configuration panel appears as follows:
Snyk Security Scan configuration panel
-The following shows the same configuration once you have added it to your pipeline.
+The following shows the same configuration after you have added it to your pipeline.
diff --git a/developer-tools/snyk-ci-cd-integrations/azure-pipelines-integration/install-the-snyk-extension-for-your-azure-pipelines.md b/developer-tools/snyk-ci-cd-integrations/azure-pipelines-integration/install-the-snyk-extension-for-your-azure-pipelines.md
index 7860ef3f322b..7bafce7f3c71 100644
--- a/developer-tools/snyk-ci-cd-integrations/azure-pipelines-integration/install-the-snyk-extension-for-your-azure-pipelines.md
+++ b/developer-tools/snyk-ci-cd-integrations/azure-pipelines-integration/install-the-snyk-extension-for-your-azure-pipelines.md
@@ -13,7 +13,7 @@ To start using the Snyk task as part of your pipeline build, from the [Visual St
2. Token:
1. For **free plans**, navigate to your **General Account Settings** and find, copy, and save your personal API token.
2. For **paid plans**, navigate to the Organization where you want to integrate; then navigate to **Settings** to create a new service account token. Copy and save the new service account token.
-3. Access your Azure DevOps account and navigate to the **Extensions** > **Browse marketplace**.
+3. Access your Azure DevOps account and navigate to **Extensions** > **Browse marketplace**.
4. Search for the **Snyk Security Scan** extension and click **Get it free**.
5. Create a new **Service Connection** in your Project using **Project Settings** > **Pipelines** > **Service Connections**.
6. Select the **Snyk Authentication** service connection:
diff --git a/developer-tools/snyk-ci-cd-integrations/azure-pipelines-integration/regional-api-endpoints.md b/developer-tools/snyk-ci-cd-integrations/azure-pipelines-integration/regional-api-endpoints.md
index 7bcf9b3c0940..5e2c0fd82ff7 100644
--- a/developer-tools/snyk-ci-cd-integrations/azure-pipelines-integration/regional-api-endpoints.md
+++ b/developer-tools/snyk-ci-cd-integrations/azure-pipelines-integration/regional-api-endpoints.md
@@ -1,6 +1,6 @@
# Regional API endpoints
-By default, the task uses the [https://api.snyk.io](https://api.snyk.io) endpoint. To configure Snyk to use a different endpoint set a `SNYK_API` environment variable in the pipeline, for example, `https://api.eu.snyk.io`.
+By default, the task uses the [https://api.snyk.io](https://api.snyk.io) endpoint. To configure Snyk to use a different endpoint, set a `SNYK_API` environment variable in the pipeline, for example, `https://api.eu.snyk.io`.
For more information about environment configuration, see [Configure the Snyk CLI](../../snyk-cli/configure-the-snyk-cli/). For more details, see the [list of available regions on the Regional hosting and data residency page](https://app.gitbook.com/s/ELvljsaLKPkSpffOkmsQ/regional-hosting-and-data-residency#available-snyk-regions).
diff --git a/developer-tools/snyk-ci-cd-integrations/azure-pipelines-integration/snyk-security-scan-task-parameters-and-values.md b/developer-tools/snyk-ci-cd-integrations/azure-pipelines-integration/snyk-security-scan-task-parameters-and-values.md
index 2825ac2223f5..3d886520db6d 100644
--- a/developer-tools/snyk-ci-cd-integrations/azure-pipelines-integration/snyk-security-scan-task-parameters-and-values.md
+++ b/developer-tools/snyk-ci-cd-integrations/azure-pipelines-integration/snyk-security-scan-task-parameters-and-values.md
@@ -9,7 +9,7 @@ The following describes the Snyk task configuration fields on the configuration
**Default**: none\
**Type**: String / Azure Service Connection Endpoint of type SnykAuth / Snyk Authentication
-**Description**: The Azure DevOps service connection endpoint where your Snyk API token is defined. Your admin defines this within your Azure DevOps project settings, assigning it using a unique string in order to differentiate between different connections.
+**Description**: The Azure DevOps service connection endpoint where your Snyk API token is defined. Your admin defines this within your Azure DevOps project settings, assigning it using a unique string to differentiate between different connections.
The configuration panel displays all available Snyk service connections from a dropdown list like the following:
@@ -26,9 +26,9 @@ If multiple Snyk service connections are available from the dropdown list, ask y
**Description**: Determines the type of testing to perform, which also selects the dynamic fields to display as described on the rest of this page.
-* Specifying `app` will perform analysis of your application's open-source dependencies (SCA)
-* Specifying `container` will analyze container packages and detected application open-source packages (SCA)
-* Specifying `code` will perform static analysis (SAST) on source code.
+* Specifying `app` analyzes your application's open-source dependencies (SCA)
+* Specifying `container` analyzes container packages and detected application open-source packages (SCA)
+* Specifying `code` performs static analysis (SAST) on source code
## Field: Container Image Name
@@ -55,7 +55,7 @@ If multiple Snyk service connections are available from the dropdown list, ask y
**Default**: none\
**Type**: string
-**Description**: Applicable to application-type tests only. The path to the manifest file to be used by Snyk. Should be provided only if non-standard. This dynamic field appears when **What do you want to test** is set to **Application**.
+**Description**: Applicable to application-type tests only. The path to the manifest file for Snyk to use. Provide it only if non-standard. This dynamic field appears when **What do you want to test** is set to **Application**.
## Field: Testing severity threshold
@@ -91,7 +91,7 @@ If multiple Snyk service connections are available from the dropdown list, ask y
**Default**: true\
**Type**: Boolean
-**Description**: Specifies whether pipeline jobs should be failed or continued based on issues found by Snyk.
+**Description**: Specifies whether to fail or continue pipeline jobs based on issues found by Snyk.
## Field: Project name in Snyk
diff --git a/developer-tools/snyk-ci-cd-integrations/bitbucket-pipelines-integration-using-a-snyk-pipe/README.md b/developer-tools/snyk-ci-cd-integrations/bitbucket-pipelines-integration-using-a-snyk-pipe/README.md
index 133d664adc6f..e6c0c0c0ccea 100644
--- a/developer-tools/snyk-ci-cd-integrations/bitbucket-pipelines-integration-using-a-snyk-pipe/README.md
+++ b/developer-tools/snyk-ci-cd-integrations/bitbucket-pipelines-integration-using-a-snyk-pipe/README.md
@@ -1,8 +1,8 @@
# Bitbucket Pipelines integration using a Snyk pipe
-Snyk integrates with Bitbucket Pipelines using a Snyk pipe, seamlessly scanning your application dependencies and Docker images for security vulnerabilities as part of the continuous integration/continuous delivery (CI/CD) workflow.
+Snyk integrates with Bitbucket Pipelines using a Snyk pipe, scanning your application dependencies and Docker images for security vulnerabilities as part of the continuous integration/continuous delivery (CI/CD) workflow.
-[Bitbucket Pipes](https://bitbucket.org/blog/meet-bitbucket-pipes-30-ways-to-automate-your-ci-cd-pipeline) enables users to customize and automate a Bitbucket Pipeline CI/CD workflow with a group of ready-to-use tasks that can be added inside of your pipelines by copying and pasting them from the Bitbucket interface.
+[Bitbucket Pipes](https://bitbucket.org/blog/meet-bitbucket-pipes-30-ways-to-automate-your-ci-cd-pipeline) lets you customize and automate a Bitbucket Pipeline CI/CD workflow with a group of ready-to-use tasks that you can add inside your pipelines by copying and pasting them from the Bitbucket interface.
With the Snyk pipe, you can quickly add Snyk scanning to your pipelines to test and monitor for vulnerabilities at different points in the CI/CD workflow, based on your configurations. Results are then displayed in the Bitbucket Pipelines output view and can also be monitored on the [Snyk Web UI](http://app.snyk.io).
diff --git a/developer-tools/snyk-ci-cd-integrations/bitbucket-pipelines-integration-using-a-snyk-pipe/migrating-to-bitbucket-pipelines-v1.0.0.md b/developer-tools/snyk-ci-cd-integrations/bitbucket-pipelines-integration-using-a-snyk-pipe/migrating-to-bitbucket-pipelines-v1.0.0.md
index d752a46656e3..fcde932db7a3 100644
--- a/developer-tools/snyk-ci-cd-integrations/bitbucket-pipelines-integration-using-a-snyk-pipe/migrating-to-bitbucket-pipelines-v1.0.0.md
+++ b/developer-tools/snyk-ci-cd-integrations/bitbucket-pipelines-integration-using-a-snyk-pipe/migrating-to-bitbucket-pipelines-v1.0.0.md
@@ -48,10 +48,10 @@ script:
The table that follows lists the Snyk CLI Docker images used in Bitbucket Pipelines < 1.0.0 and the equivalent Snyk images that can be used in Bitbucket Pipelines > 1.0.0.
{% hint style="info" %}
-Node.js 14 is installed in all Snyk CLI Docker images for installing the CLI. In comparison, NodeJS is installed only in Snyk images containing the `node` tag.
+Node.js 14 is installed in all Snyk CLI Docker images for installing the CLI. In comparison, Node.js is installed only in Snyk images containing the `node` tag.
{% endhint %}
-Note that the images will not be exactly like-for-like. Properties, including the base image, the installed Snyk CLI version, and others, will be different.
+Note that the images are not exactly like-for-like. Properties, including the base image, the installed Snyk CLI version, and others, differ.
However, for the purpose of Bitbucket Pipelines, they are functionally equivalent.
diff --git a/developer-tools/snyk-ci-cd-integrations/bitbucket-pipelines-integration-using-a-snyk-pipe/snyk-pipe-parameters-and-values-bitbucket-cloud.md b/developer-tools/snyk-ci-cd-integrations/bitbucket-pipelines-integration-using-a-snyk-pipe/snyk-pipe-parameters-and-values-bitbucket-cloud.md
index b06e08e87794..aa417b771a69 100644
--- a/developer-tools/snyk-ci-cd-integrations/bitbucket-pipelines-integration-using-a-snyk-pipe/snyk-pipe-parameters-and-values-bitbucket-cloud.md
+++ b/developer-tools/snyk-ci-cd-integrations/bitbucket-pipelines-integration-using-a-snyk-pipe/snyk-pipe-parameters-and-values-bitbucket-cloud.md
@@ -2,7 +2,7 @@
## Configure the Snyk pipe
-Configure the following Snyk pipe as part of a pipeline YAML file in order to include vulnerability scanning as part of your CI/CD workflow:
+Configure the following Snyk pipe as part of a pipeline YAML file to include vulnerability scanning as part of your CI/CD workflow:
```
- pipe: snyk/snyk-scan:1.0.0
diff --git a/developer-tools/snyk-ci-cd-integrations/circleci-integration-using-a-snyk-orb.md b/developer-tools/snyk-ci-cd-integrations/circleci-integration-using-a-snyk-orb.md
index bd22b938e99e..14c3580fa901 100644
--- a/developer-tools/snyk-ci-cd-integrations/circleci-integration-using-a-snyk-orb.md
+++ b/developer-tools/snyk-ci-cd-integrations/circleci-integration-using-a-snyk-orb.md
@@ -1,8 +1,8 @@
# CircleCI integration using a Snyk Orb
-Snyk integrates with [CircleCI](https://circleci.com) using a Snyk Orb, seamlessly scanning your application dependencies and Docker images for open-source security vulnerabilities as part of the CI/CD workflow.
+Snyk integrates with [CircleCI](https://circleci.com) using a Snyk Orb, scanning your application dependencies and Docker images for open-source security vulnerabilities as part of the CI/CD workflow.
-CircleCI enables users to easily create CI/CD workflows using a group of ready-to-use commands ([Orbs](https://circleci.com/orbs/)) that can be added to your configuration file.
+CircleCI lets you create CI/CD workflows using a group of ready-to-use commands ([Orbs](https://circleci.com/orbs/)) that you can add to your configuration file.
With the Snyk Orb, you can quickly add Snyk scanning to your CI/CD to test and monitor for open-source vulnerabilities based on your configurations. Results are then displayed on the CircleCI output view and can also be monitored on [snyk.io](http://app.snyk.io).
@@ -32,7 +32,7 @@ Optionally, if the build completes successfully and **MONITOR** is set to **True
1. Create a Snyk account and retrieve the **Snyk API token** from your **Account settings**.
2. Import the relevant repository into CircleCI.
-3. Go to `Settings -> Security -> Orb security settings` and ensure you allow `opt-in to third party Orbs`.
+3. Navigate to `Settings -> Security -> Orb security settings` and ensure you allow `opt-in to third party Orbs`.
4. Ensure your configuration (`config.yml`) file follows version 2.1.
5. Add the required environment variables to CircleCI, including the Snyk PAT or API token as `SNYK_TOKEN`.
diff --git a/developer-tools/snyk-ci-cd-integrations/github-actions-for-snyk-setup-and-checking-for-vulnerabilities/README.md b/developer-tools/snyk-ci-cd-integrations/github-actions-for-snyk-setup-and-checking-for-vulnerabilities/README.md
index 69318e3a09bf..b1dc83825745 100644
--- a/developer-tools/snyk-ci-cd-integrations/github-actions-for-snyk-setup-and-checking-for-vulnerabilities/README.md
+++ b/developer-tools/snyk-ci-cd-integrations/github-actions-for-snyk-setup-and-checking-for-vulnerabilities/README.md
@@ -59,7 +59,7 @@ Examples follow of using a Snyk GitHub Action to test and monitor a Snyk Open So
You can find examples specific to each language, package manager, and process on the pages listed in [GitHub Actions for Open Source languages and package managers](./#github-actions-for-open-source-languages-and-package-managers) and [GitHub Actions for Snyk Container and Snyk Infrastructure as Code](./#github-actions-for-snyk-container-and-snyk-infrastructure-as-code).
-Note that GitHub Actions will not pass on secrets set in the repository to forks being used in pull requests; thus, the Snyk Actions that require the token will fail to run from a forked repository.
+Note that GitHub Actions does not pass on secrets set in the repository to forks used in pull requests; as a result, the Snyk Actions that require the token fail to run from a forked repository.
### Snyk test example
@@ -154,7 +154,7 @@ jobs:
sarif_file: snyk.sarif
```
-After you upload to GitHub Code Scanning support, you will see vulnerabilities on the GitHub Security tab as shown in the following screen image.
+After you upload to GitHub Code Scanning support, you see vulnerabilities on the GitHub Security tab as shown in the following screen image.
@@ -193,5 +193,5 @@ env:
Every Snyk account has this token. After you have created an account with Snyk, you can find the API token in one of two ways:
-1. In the UI, go to your Snyk account [settings page](https://app.snyk.io/account) and retrieve the API token, as explained on the page [Revoke and regenerate a Snyk API token](../../snyk-api/authentication-for-api/revoke-and-regenerate-a-snyk-api-token.md).
+1. In the UI, navigate to your Snyk account [settings page](https://app.snyk.io/account) and retrieve the API token, as explained on the page [Revoke and regenerate a Snyk API token](../../snyk-api/authentication-for-api/revoke-and-regenerate-a-snyk-api-token.md).
2. If you are using the [Snyk CLI](../../snyk-cli/getting-started-with-the-snyk-cli.md) locally, you can retrieve the API token by running `snyk config get api`.
diff --git a/developer-tools/snyk-ci-cd-integrations/github-actions-for-snyk-setup-and-checking-for-vulnerabilities/snyk-docker-action.md b/developer-tools/snyk-ci-cd-integrations/github-actions-for-snyk-setup-and-checking-for-vulnerabilities/snyk-docker-action.md
index 1fb2b841c6a8..3b23f6e47c34 100644
--- a/developer-tools/snyk-ci-cd-integrations/github-actions-for-snyk-setup-and-checking-for-vulnerabilities/snyk-docker-action.md
+++ b/developer-tools/snyk-ci-cd-integrations/github-actions-for-snyk-setup-and-checking-for-vulnerabilities/snyk-docker-action.md
@@ -2,7 +2,7 @@
This page provides instructions for and examples of using the Snyk GitHub Action for [Docker](https://github.com/snyk/actions/tree/master/docker). For general instructions and information, see [GitHub Actions for Snyk setup and checking for vulnerabilities](./).
-In order to use the Docker Action, you must have a Snyk API token. See [Getting your Snyk token](./#getting-your-snyk-token), or you can [sign up for free](https://snyk.io/login).
+To use the Docker Action, you must have a Snyk API token. See [Getting your Snyk token](./#getting-your-snyk-token), or you can [sign up for free](https://snyk.io/login).
## Using the Snyk Docker Action to check for vulnerabilities
@@ -55,7 +55,7 @@ jobs:
## Uploading Snyk scan results to GitHub Code Scanning using the Snyk Docker Action
-The Docker Action also supports integrating with GitHub Code Scanning and can show issues in the GitHub Security tab. As long as you reference a Dockerfile with `--file=Dockerfile` in the `args`, a `snyk.sarif` file will be generated, which can be uploaded to GitHub Code Scanning.
+The Docker Action also supports integrating with GitHub Code Scanning and can show issues in the GitHub Security tab. As long as you reference a Dockerfile with `--file=Dockerfile` in the `args`, Snyk generates a `snyk.sarif` file, which you can upload to GitHub Code Scanning.
```yaml
name: Snyk Container
diff --git a/developer-tools/snyk-ci-cd-integrations/github-actions-for-snyk-setup-and-checking-for-vulnerabilities/snyk-dotnet-action.md b/developer-tools/snyk-ci-cd-integrations/github-actions-for-snyk-setup-and-checking-for-vulnerabilities/snyk-dotnet-action.md
index 4c568a039d9e..1e4f44c6d02e 100644
--- a/developer-tools/snyk-ci-cd-integrations/github-actions-for-snyk-setup-and-checking-for-vulnerabilities/snyk-dotnet-action.md
+++ b/developer-tools/snyk-ci-cd-integrations/github-actions-for-snyk-setup-and-checking-for-vulnerabilities/snyk-dotnet-action.md
@@ -47,7 +47,7 @@ jobs:
```
{% hint style="info" %}
-It is required to restore the dependencies using `dotnet restore` or `nuget restore` before running the Snyk action
+You must restore the dependencies using `dotnet restore` or `nuget restore` before running the Snyk action
{% endhint %}
## Using the Snyk dotNET action to run snyk monitor
diff --git a/developer-tools/snyk-ci-cd-integrations/github-actions-for-snyk-setup-and-checking-for-vulnerabilities/snyk-golang-action.md b/developer-tools/snyk-ci-cd-integrations/github-actions-for-snyk-setup-and-checking-for-vulnerabilities/snyk-golang-action.md
index f52a1b00e29b..0c654c07352f 100644
--- a/developer-tools/snyk-ci-cd-integrations/github-actions-for-snyk-setup-and-checking-for-vulnerabilities/snyk-golang-action.md
+++ b/developer-tools/snyk-ci-cd-integrations/github-actions-for-snyk-setup-and-checking-for-vulnerabilities/snyk-golang-action.md
@@ -20,7 +20,7 @@ jobs:
SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }}
```
-You can use the Snyk Golang Action to check for only high severity vulnerabilitie**s** as follows:
+You can use the Snyk Golang Action to check for only high severity vulnerabilities as follows:
```yaml
name: Example workflow for Golang using Snyk
diff --git a/developer-tools/snyk-ci-cd-integrations/github-actions-for-snyk-setup-and-checking-for-vulnerabilities/snyk-gradle-jdk14-action.md b/developer-tools/snyk-ci-cd-integrations/github-actions-for-snyk-setup-and-checking-for-vulnerabilities/snyk-gradle-jdk14-action.md
index 285b1472bdd8..06d45e488c00 100644
--- a/developer-tools/snyk-ci-cd-integrations/github-actions-for-snyk-setup-and-checking-for-vulnerabilities/snyk-gradle-jdk14-action.md
+++ b/developer-tools/snyk-ci-cd-integrations/github-actions-for-snyk-setup-and-checking-for-vulnerabilities/snyk-gradle-jdk14-action.md
@@ -20,7 +20,7 @@ jobs:
SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }}
```
-You can use the Snyk Gradle (jdk11) action to check for only high severity vulnerabilities as follows:
+You can use the Snyk Gradle (jdk14) action to check for only high severity vulnerabilities as follows:
```yaml
name: Example workflow for Gradle (jdk14) using Snyk
diff --git a/developer-tools/snyk-ci-cd-integrations/github-actions-for-snyk-setup-and-checking-for-vulnerabilities/snyk-infrastructure-as-code-action.md b/developer-tools/snyk-ci-cd-integrations/github-actions-for-snyk-setup-and-checking-for-vulnerabilities/snyk-infrastructure-as-code-action.md
index 514ec719b7ff..73c80e1696a4 100644
--- a/developer-tools/snyk-ci-cd-integrations/github-actions-for-snyk-setup-and-checking-for-vulnerabilities/snyk-infrastructure-as-code-action.md
+++ b/developer-tools/snyk-ci-cd-integrations/github-actions-for-snyk-setup-and-checking-for-vulnerabilities/snyk-infrastructure-as-code-action.md
@@ -2,7 +2,7 @@
This page provides instructions for and examples of using the Snyk GitHub Action for [Infrastructure as Code](https://github.com/snyk/actions/tree/master/iac). For general instructions and information, see [GitHub Actions for Snyk setup and checking for vulnerabilities](./).
-In order to use the Snyk Infrastructure as Code Test Action, you must have a Snyk API token. See [Getting your Snyk token](./#getting-your-snyk-token), or you can [sign up for free](https://snyk.io/login).
+To use the Snyk Infrastructure as Code Test Action, you must have a Snyk API token. See [Getting your Snyk token](./#getting-your-snyk-token), or you can [sign up for free](https://snyk.io/login).
## Using the Snyk Infrastructure as Code Action to check for vulnerabilities
@@ -24,7 +24,7 @@ jobs:
## Snyk Infrastructure as Code Action properties
-The Snyk Infrastructure as Code Action has properties thatwhich are passed to the underlying image. These are passed to the action using `with`:
+The Snyk Infrastructure as Code Action has properties that are passed to the underlying image. These are passed to the action using `with`:
| Property | Default | Description |
| --------- | -------- | ----------------------------------------------------------------- |
diff --git a/developer-tools/snyk-ci-cd-integrations/github-actions-for-snyk-setup-and-checking-for-vulnerabilities/snyk-maven-3-jdk-11-action.md b/developer-tools/snyk-ci-cd-integrations/github-actions-for-snyk-setup-and-checking-for-vulnerabilities/snyk-maven-3-jdk-11-action.md
index a48e2e28e5d0..34e991e8c77a 100644
--- a/developer-tools/snyk-ci-cd-integrations/github-actions-for-snyk-setup-and-checking-for-vulnerabilities/snyk-maven-3-jdk-11-action.md
+++ b/developer-tools/snyk-ci-cd-integrations/github-actions-for-snyk-setup-and-checking-for-vulnerabilities/snyk-maven-3-jdk-11-action.md
@@ -20,7 +20,7 @@ jobs:
SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }}
```
-You can use the Snyk Snyk Maven (3-jdk-11) action to check for only high severity vulnerabilities as follows:
+You can use the Snyk Maven (3-jdk-11) action to check for only high severity vulnerabilities as follows:
```yaml
name: Example workflow for Maven (3-jdk-11) using Snyk
diff --git a/developer-tools/snyk-ci-cd-integrations/github-actions-for-snyk-setup-and-checking-for-vulnerabilities/snyk-maven-action.md b/developer-tools/snyk-ci-cd-integrations/github-actions-for-snyk-setup-and-checking-for-vulnerabilities/snyk-maven-action.md
index 9566980df378..d33c1fa2a81b 100644
--- a/developer-tools/snyk-ci-cd-integrations/github-actions-for-snyk-setup-and-checking-for-vulnerabilities/snyk-maven-action.md
+++ b/developer-tools/snyk-ci-cd-integrations/github-actions-for-snyk-setup-and-checking-for-vulnerabilities/snyk-maven-action.md
@@ -20,7 +20,7 @@ jobs:
SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }}
```
-You can use the Snyk Snyk Maven action to check for only high severity vulnerabilities as follows:
+You can use the Snyk Maven action to check for only high severity vulnerabilities as follows:
```yaml
name: Example workflow for Maven using Snyk
diff --git a/developer-tools/snyk-ci-cd-integrations/github-actions-for-snyk-setup-and-checking-for-vulnerabilities/snyk-python-3.6-action.md b/developer-tools/snyk-ci-cd-integrations/github-actions-for-snyk-setup-and-checking-for-vulnerabilities/snyk-python-3.6-action.md
index 40037a2a93af..a16b94226450 100644
--- a/developer-tools/snyk-ci-cd-integrations/github-actions-for-snyk-setup-and-checking-for-vulnerabilities/snyk-python-3.6-action.md
+++ b/developer-tools/snyk-ci-cd-integrations/github-actions-for-snyk-setup-and-checking-for-vulnerabilities/snyk-python-3.6-action.md
@@ -1,7 +1,7 @@
# Snyk Python-3.6 action
{% hint style="warning" %}
-This image has been removed on 12 Aug 2024. It is highly recommended that users consider migrating to a newer action to ensure continued support and up-to-date functionality. If you are currently using this image, plan an upgrade as soon as possible to avoid any disruptions in your workflow post this date.
+This image was removed on 12 Aug 2024. Migrate to a newer action to ensure continued support and up-to-date functionality. If you are using this image, plan an upgrade as soon as possible to avoid disruptions in your workflow after this date.
{% endhint %}
This page provides examples of using the Snyk GitHub action for [Python (3.6)](https://github.com/snyk/actions/tree/master/python-3.6). For instructions on using the action and further information, see [GitHub Actions for Snyk setup and checking for vulnerabilities](./).
@@ -18,7 +18,7 @@ The Python image checks and installs dependencies only if the manifest files are
* If pipenv is present on the current path, and Snyk finds a `Pipfile` without a `Pipfile.lock`, then Snyk runs `pipenv update`.
* If `pyproject.toml` is present in the current path and Snyk does not find `poetry.lock` then Snyk runs `pip install poetry`.
-If manifest files are present under any location other root then they must be installed prior to running Snyk.
+If manifest files are present under any location other than the root, you must install them before running Snyk.
You can use the Snyk Python (3.6) action to check for vulnerabilities as follows:
diff --git a/developer-tools/snyk-ci-cd-integrations/github-actions-for-snyk-setup-and-checking-for-vulnerabilities/snyk-python-3.7-action.md b/developer-tools/snyk-ci-cd-integrations/github-actions-for-snyk-setup-and-checking-for-vulnerabilities/snyk-python-3.7-action.md
index f59af7688e71..d0b26cca1ef2 100644
--- a/developer-tools/snyk-ci-cd-integrations/github-actions-for-snyk-setup-and-checking-for-vulnerabilities/snyk-python-3.7-action.md
+++ b/developer-tools/snyk-ci-cd-integrations/github-actions-for-snyk-setup-and-checking-for-vulnerabilities/snyk-python-3.7-action.md
@@ -1,7 +1,7 @@
# Snyk Python-3.7 action
{% hint style="warning" %}
-This image has been removed on 12 Aug 2024. It is highly recommended that users consider migrating to a newer action to ensure continued support and up-to-date functionality. If you are currently using this image, plan an upgrade as soon as possible to avoid any disruptions in your workflow after this date.
+This image was removed on 12 Aug 2024. Migrate to a newer action to ensure continued support and up-to-date functionality. If you are using this image, plan an upgrade as soon as possible to avoid disruptions in your workflow after this date.
{% endhint %}
This page provides examples of using the Snyk GitHub Action for [Python (3.7)](https://github.com/snyk/actions/tree/master/python-3.7). For instructions on using the action and further information, see [GitHub Actions for Snyk setup and checking for vulnerabilities](./).
@@ -18,7 +18,7 @@ The Python image checks and installs dependencies only if the manifest files are
* If pipenv is present on the current path, and Snyk finds a `Pipfile` without a `Pipfile.lock`, then Snyk runs `pipenv update`.
* If `pyproject.toml` is present in the current path and Snyk does not find `poetry.lock` then Snyk runs `pip install poetry`.
-If manifest files are present under any location other than the root, then they must be installed prior to running Snyk.
+If manifest files are present under any location other than the root, you must install them before running Snyk.
You can use the Snyk Python (3.7) Action to check for vulnerabilities as follows:
diff --git a/developer-tools/snyk-ci-cd-integrations/github-actions-for-snyk-setup-and-checking-for-vulnerabilities/snyk-python-3.8-action.md b/developer-tools/snyk-ci-cd-integrations/github-actions-for-snyk-setup-and-checking-for-vulnerabilities/snyk-python-3.8-action.md
index 2fd18eece5ac..5f7dce0065d6 100644
--- a/developer-tools/snyk-ci-cd-integrations/github-actions-for-snyk-setup-and-checking-for-vulnerabilities/snyk-python-3.8-action.md
+++ b/developer-tools/snyk-ci-cd-integrations/github-actions-for-snyk-setup-and-checking-for-vulnerabilities/snyk-python-3.8-action.md
@@ -14,7 +14,7 @@ The Python image checks and installs dependencies only if the manifest files are
* If pipenv is present on the current path, and Snyk finds a `Pipfile` without a `Pipfile.lock`, then Snyk runs `pipenv update`.
* If `pyproject.toml` is present in the current path and Snyk does not find `poetry.lock` then Snyk runs `pip install poetry`.
-If manifest files are present under any location other than the root then they must be installed prior to running Snyk.
+If manifest files are present under any location other than the root, you must install them before running Snyk.
You can use the Snyk Python Action (3.8) to check for vulnerabilities as follows:
diff --git a/developer-tools/snyk-ci-cd-integrations/github-actions-for-snyk-setup-and-checking-for-vulnerabilities/snyk-python-action.md b/developer-tools/snyk-ci-cd-integrations/github-actions-for-snyk-setup-and-checking-for-vulnerabilities/snyk-python-action.md
index a7256e0e6e60..004ed3f9c36f 100644
--- a/developer-tools/snyk-ci-cd-integrations/github-actions-for-snyk-setup-and-checking-for-vulnerabilities/snyk-python-action.md
+++ b/developer-tools/snyk-ci-cd-integrations/github-actions-for-snyk-setup-and-checking-for-vulnerabilities/snyk-python-action.md
@@ -14,7 +14,7 @@ The Python image checks and installs dependencies only if the manifest files are
* If pipenv is present on the current path, and Snyk finds a `Pipfile` without a `Pipfile.lock`, then Snyk runs `pipenv update`.
* If `pyproject.toml` is present in the current path and Snyk does not find `poetry.lock` then Snyk runs `pip install poetry`.
-If manifest files are present under any location other than the root, then they must be installed prior to running Snyk.
+If manifest files are present under any location other than the root, you must install them before running Snyk.
You can use the Snyk Python action to check for vulnerabilities as follows:
@@ -32,7 +32,7 @@ jobs:
SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }}
```
-You can use the Snyk CocoaPods action to check for only high severity vulnerabilities as follows:
+You can use the Snyk Python action to check for only high severity vulnerabilities as follows:
```yaml
name: Example workflow for Python using Snyk
diff --git a/developer-tools/snyk-ci-cd-integrations/github-actions-for-snyk-setup-and-checking-for-vulnerabilities/snyk-scala-action.md b/developer-tools/snyk-ci-cd-integrations/github-actions-for-snyk-setup-and-checking-for-vulnerabilities/snyk-scala-action.md
index 0ddd51227f62..3e5cb13c9850 100644
--- a/developer-tools/snyk-ci-cd-integrations/github-actions-for-snyk-setup-and-checking-for-vulnerabilities/snyk-scala-action.md
+++ b/developer-tools/snyk-ci-cd-integrations/github-actions-for-snyk-setup-and-checking-for-vulnerabilities/snyk-scala-action.md
@@ -1,7 +1,7 @@
# Snyk Scala action
{% hint style="warning" %}
-This image has been removed on 12 Aug 2024. It is highly recommended that users consider migrating to a newer action to ensure continued support and up-to-date functionality. If you are currently using this image, plan an upgrade as soon as possible to avoid any disruptions in your workflow post this date.
+This image was removed on 12 Aug 2024. Migrate to a newer action to ensure continued support and up-to-date functionality. If you are using this image, plan an upgrade as soon as possible to avoid disruptions in your workflow after this date.
{% endhint %}
This page provides examples of using the Snyk GitHub Action for [Scala](https://github.com/snyk/actions/tree/master/scala). For instructions on using the action and further information, see [GitHub Actions for Snyk setup and checking for vulnerabilities](./).
diff --git a/developer-tools/snyk-ci-cd-integrations/jenkins-plugin-integration-with-snyk.md b/developer-tools/snyk-ci-cd-integrations/jenkins-plugin-integration-with-snyk.md
index 786118e3aad7..e42674491bd8 100644
--- a/developer-tools/snyk-ci-cd-integrations/jenkins-plugin-integration-with-snyk.md
+++ b/developer-tools/snyk-ci-cd-integrations/jenkins-plugin-integration-with-snyk.md
@@ -51,7 +51,7 @@ The plugin can download the latest version of Snyk binaries and keep them up-to-
If you are in a region other than `SNYK-US-01`, which uses the `https://api.snyk.io` endpoint, configure Snyk to use a different endpoint by changing the `SNYK_API` environment variable:
-* Go to **Manage Jenkins** > **System**.
+* Navigate to **Manage Jenkins** > **System**.
* Under **Global Properties**, check the **Environment** variables option.
* Click **Add**.
* Set the name to `SNYK_API` and the value to the custom endpoint.
diff --git a/developer-tools/snyk-ci-cd-integrations/maven-plugin-integration-with-snyk.md b/developer-tools/snyk-ci-cd-integrations/maven-plugin-integration-with-snyk.md
index 0342ded619a6..898fc74676df 100644
--- a/developer-tools/snyk-ci-cd-integrations/maven-plugin-integration-with-snyk.md
+++ b/developer-tools/snyk-ci-cd-integrations/maven-plugin-integration-with-snyk.md
@@ -1,6 +1,6 @@
# Maven plugin integration with Snyk
-Snyk offers a [Maven plugin](https://github.com/snyk/snyk-maven-plugin) based on the [Snyk CLI](../snyk-cli/). This plugin allows you to scan and monitor your Maven dependencies for vulnerabilities.
+Snyk offers a [Maven plugin](https://github.com/snyk/snyk-maven-plugin) based on the [Snyk CLI](../snyk-cli/). This plugin lets you scan and monitor your Maven dependencies for vulnerabilities.
See all releases in the [Maven Central Repository](https://search.maven.org/artifact/io.snyk/snyk-maven-plugin).
@@ -84,7 +84,7 @@ Scan your Project's dependencies and provide a list of vulnerabilities if any ar
Default Phase: `install`
-Take a snapshot of your Project's dependency tree and monitor it on [snyk.io](https://snyk.io). You wil be alerted when new relevant vulnerabilities, updates, or patches are disclosed.
+Take a snapshot of your Project's dependency tree and monitor it on [snyk.io](https://snyk.io). Snyk alerts you when new relevant vulnerabilities, updates, or patches are disclosed.
## Configuration for the Maven plugin
@@ -112,7 +112,7 @@ When you are running `mvn`, you can also use `-Dsnyk.skip` to enable this behavi
Default: `true`
-When this variable is set to `true`, if the Snyk CLI tool indicates that action is required to remedy a security issue, the Maven build will be considered failed. When this variable is set to `false` , the build will continue even if action is required.
+When this variable is set to `true`, if the Snyk CLI tool indicates that action is required to remedy a security issue, the Maven build fails. When this variable is set to `false`, the build continues even if action is required.
### `args` \[array\]
diff --git a/developer-tools/snyk-ci-cd-integrations/snyk-ci-cd-integration-deployment-and-strategies/README.md b/developer-tools/snyk-ci-cd-integrations/snyk-ci-cd-integration-deployment-and-strategies/README.md
index 882963744a01..0d9207ae2980 100644
--- a/developer-tools/snyk-ci-cd-integrations/snyk-ci-cd-integration-deployment-and-strategies/README.md
+++ b/developer-tools/snyk-ci-cd-integrations/snyk-ci-cd-integration-deployment-and-strategies/README.md
@@ -4,7 +4,7 @@ When you decide to use a Snyk CI/CD Integration, you typically adopt the integra
Then, [set up](ci-cd-setup.md) the CI/CD Integration.
-You will be using `snyk test` and `snyk monitor` in the CI/CD integration. [See Snyk test and snyk monitor in CI/CD integration](snyk-test-and-snyk-monitor-in-ci-cd-integration.md).
+You use `snyk test` and `snyk monitor` in the CI/CD integration. [See Snyk test and snyk monitor in CI/CD integration](snyk-test-and-snyk-monitor-in-ci-cd-integration.md).
Review the CI/CD strategies for the code you are scanning:
@@ -12,4 +12,4 @@ Review the CI/CD strategies for the code you are scanning:
* [Snyk Container-specific CI/CD strategies](snyk-container-specific-ci-cd-strategies.md)
* [Snyk IaC-specific CI/CD strategies](snyk-iac-specific-ci-cd-strategies.md)
-Troubleshooting information and a list of resources are provided; see [CI/CD troubleshooting and resources](ci-cd-troubleshooting-and-resources.md).
+For troubleshooting information and a list of resources, see [CI/CD troubleshooting and resources](ci-cd-troubleshooting-and-resources.md).
diff --git a/developer-tools/snyk-ci-cd-integrations/snyk-ci-cd-integration-deployment-and-strategies/ci-cd-adoption-and-deployment.md b/developer-tools/snyk-ci-cd-integrations/snyk-ci-cd-integration-deployment-and-strategies/ci-cd-adoption-and-deployment.md
index 1f93808e83a4..fd0e80fa0b71 100644
--- a/developer-tools/snyk-ci-cd-integrations/snyk-ci-cd-integration-deployment-and-strategies/ci-cd-adoption-and-deployment.md
+++ b/developer-tools/snyk-ci-cd-integrations/snyk-ci-cd-integration-deployment-and-strategies/ci-cd-adoption-and-deployment.md
@@ -16,7 +16,7 @@ A typical approach is to use Snyk results to expose vulnerabilities during the d
When you first implement Snyk in your pipeline, Snyk recommends using only the `snyk monitor` command. If you use one of the Snyk CI plugins, Snyk recommends that you configure the plugin to NOT fail the build.
-This is because all Projects have vulnerabilities, and after you set Snyk to fail the build, every build fails because of Snyk. This may cause problems with your team being quickly overwhelmed with failure messages.
+This is because all Projects have vulnerabilities, and after you set Snyk to fail the build, every build fails because of Snyk. This can overwhelm your team with failure messages.
Using `snyk monitor` to expose results provides information without disrupting processes.
@@ -52,7 +52,7 @@ Snyk native plugins are available for most common CI/CD tools. You can use these
### **Deploy the Snyk CLI using the npm method**
-Follow steps similar to those for [installing the CLI](../../snyk-cli/install-the-snyk-cli/) locally. You must be able to run an npm command in the pipeline script. This method has the advantage of completely aligning with the CLI experience so that you can easily troubleshoot and configure.
+Follow steps similar to those for [installing the CLI](../../snyk-cli/install-the-snyk-cli/) locally. You must be able to run an npm command in the pipeline script. This method has the advantage of completely aligning with the CLI experience so that you can troubleshoot and configure.
### **Deploy the Snyk CLI binary version**
@@ -64,7 +64,7 @@ Snyk has Linux, Windows, and other versions.
### **Deploy a Snyk container**
-You may also deploy Snyk in your pipeline using one of the Snyk images in [Docker Hub](https://hub.docker.com/r/snyk/snyk).
+You can also deploy Snyk in your pipeline using one of the Snyk images in [Docker Hub](https://hub.docker.com/r/snyk/snyk).
## Examples of Snyk CI/CD Integrations
diff --git a/developer-tools/snyk-ci-cd-integrations/snyk-ci-cd-integration-deployment-and-strategies/ci-cd-setup.md b/developer-tools/snyk-ci-cd-integrations/snyk-ci-cd-integration-deployment-and-strategies/ci-cd-setup.md
index eb0436480a59..f1670a96783b 100644
--- a/developer-tools/snyk-ci-cd-integrations/snyk-ci-cd-integration-deployment-and-strategies/ci-cd-setup.md
+++ b/developer-tools/snyk-ci-cd-integrations/snyk-ci-cd-integration-deployment-and-strategies/ci-cd-setup.md
@@ -31,12 +31,12 @@ For instructions on authenticating with Snyk, see [Authenticate the CLI with you
Snyk supports the following approaches to add tests to a build pipeline:
* **Snyk integration plugins**: Snyk provides pre-built plugins for several CI servers, including [Jenkins](../jenkins-plugin-integration-with-snyk.md), [Team City](../teamcity-jetbrains-integration-using-the-snyk-security-plugin/), [Bitbucket Pipelines](../bitbucket-pipelines-integration-using-a-snyk-pipe/), and [Azure Pipelines](../azure-pipelines-integration/).
-* **Snyk CLI**: Teams with more complex workflows or using a build system without a Snyk pre-built plugin, can use the Snyk CLI during CI/CD setups. For more informationm, see [Snyk test and snyk monitor in CI/CD integration](snyk-test-and-snyk-monitor-in-ci-cd-integration.md).
+* **Snyk CLI**: Teams with more complex workflows or using a build system without a Snyk pre-built plugin, can use the Snyk CLI during CI/CD setups. For more information, see [Snyk test and snyk monitor in CI/CD integration](snyk-test-and-snyk-monitor-in-ci-cd-integration.md).
* **Snyk API**: For teams with complex requirements, Snyk provides an API, which you can use to automate functions including initiating scans, onboarding new Projects, and testing arbitrary libraries. See the [Snyk API documentation](../../snyk-api/snyk-api.md) for details.
## Setting up CI/CD using Snyk CLI
-The Snyk CLI is a NodeJS application that can be scripted directly by developers for easy integration into most CI/CD environments. The Snyk CLI is available as an npm application, pre-packaged binary, or container image. For more information, see [Install or update the Snyk CLI](../../snyk-cli/install-the-snyk-cli/).
+The Snyk CLI is a Node.js application that developers can script directly to integrate into most CI/CD environments. The Snyk CLI is available as an npm application, pre-packaged binary, or container image. For more information, see [Install or update the Snyk CLI](../../snyk-cli/install-the-snyk-cli/).
The Snyk CLI can be configured to:
diff --git a/developer-tools/snyk-ci-cd-integrations/snyk-ci-cd-integration-deployment-and-strategies/snyk-container-specific-ci-cd-strategies.md b/developer-tools/snyk-ci-cd-integrations/snyk-ci-cd-integration-deployment-and-strategies/snyk-container-specific-ci-cd-strategies.md
index 80dbec48e6b6..d9c86be254d1 100644
--- a/developer-tools/snyk-ci-cd-integrations/snyk-ci-cd-integration-deployment-and-strategies/snyk-container-specific-ci-cd-strategies.md
+++ b/developer-tools/snyk-ci-cd-integrations/snyk-ci-cd-integration-deployment-and-strategies/snyk-container-specific-ci-cd-strategies.md
@@ -33,7 +33,7 @@ Snyk can provide help as follows:
## Recommendations for integration with container images
-* Regardless of how you integrate with container images during CI, run a Snyk Container scan as a separate build step from your Snyk Open Source (application SCA) test. This allows you to isolate build failures to vulnerabilities within either the container or OS layer, or the application layer, respectively. This also enables more easily containerized build tasks.
+* Regardless of how you integrate with container images during CI, run a Snyk Container scan as a separate build step from your Snyk Open Source (application SCA) test. This lets you isolate build failures to vulnerabilities within either the container or OS layer, or the application layer, respectively. This also makes build tasks simpler to containerize.
* Use CLI options like `--fail-on` and `--severity-threshold` to customize the failure status for the build task. For more advanced testing, you can use `--json` to generate a JSON file containing the full vulnerability report and set your own build failure status based on the JSON data.
* Pass `--exclude-base-image-vulns` to report only vulnerabilities introduced by your user layers, rather than vulnerabilities that come from the base image of the container, that is, the image you specify in the `FROM` line in the Dockerfile.
* Run `snyk container monitor` following `snyk container test`, or check the **Monitor** box on your plugin settings, to keep a record of the bill of materials for the container within the Snyk UI and proactively monitor for new vulnerabilities on a daily basis. This is useful when pushing new releases into production environments. You can use `--project-name` to specify a unique identifier for the release to ensure production containers are tracked separately from others in your build process.
diff --git a/developer-tools/snyk-ci-cd-integrations/snyk-ci-cd-integration-deployment-and-strategies/snyk-open-source-specific-ci-cd-strategies.md b/developer-tools/snyk-ci-cd-integrations/snyk-ci-cd-integration-deployment-and-strategies/snyk-open-source-specific-ci-cd-strategies.md
index ce80cd0d90f9..fc27037db80c 100644
--- a/developer-tools/snyk-ci-cd-integrations/snyk-ci-cd-integration-deployment-and-strategies/snyk-open-source-specific-ci-cd-strategies.md
+++ b/developer-tools/snyk-ci-cd-integrations/snyk-ci-cd-integration-deployment-and-strategies/snyk-open-source-specific-ci-cd-strategies.md
@@ -26,7 +26,7 @@ snyk test --file=sln/.sln
## Yarn
-For Yarn workspaces, use the `--yarn-workspaces` option to `test` and `monitor` your packages. The root lockfile will be referenced for scans of all the packages. Use the `--detection-depth` option to find sub-folders that are not auto-discovered by default.
+For Yarn workspaces, use the `--yarn-workspaces` option to `test` and `monitor` your packages. Snyk references the root lockfile for scans of all the packages. Use the `--detection-depth` option to find sub-folders that are not auto-discovered by default.
{% hint style="info" %}
Support for Yarn workspaces is available for the `snyk test` and `snyk monitor` commands only.
@@ -53,7 +53,7 @@ Some customers have complex Projects, with multiple languages, package managers,
```
snyk test --file=package.json
```
-* After you install the dependencies of each Project, make a similar call pointing to the specific artifact, such as `pom.xml`. This is fast and efficient, but can be difficult to scale, especially if you are not familiar with the Project.
+* After you install the dependencies of each Project, make a similar call pointing to the specific artifact, such as `pom.xml`. This is efficient, but can be difficult to scale, especially if you are not familiar with the Project.
* For most Gradle Projects, using `--all-projects` works, as it invokes Gradle-specific options behind the scenes in the form of `snyk test --file=build.gradle --all-sub-projects` when it finds the build file as part of the `--all-projects` search.
* Gradle may require additional configuration parameters. If so, target the other artifacts by using `--file=` for each manifest in the other languages and package managers. You must then use `--all-sub-projects` and potentially `--configuration-matching` to scan a complex Gradle Project.
diff --git a/developer-tools/snyk-ci-cd-integrations/snyk-ci-cd-integration-deployment-and-strategies/snyk-test-and-snyk-monitor-in-ci-cd-integration.md b/developer-tools/snyk-ci-cd-integrations/snyk-ci-cd-integration-deployment-and-strategies/snyk-test-and-snyk-monitor-in-ci-cd-integration.md
index e880ae9ac8a8..624a8eb835d0 100644
--- a/developer-tools/snyk-ci-cd-integrations/snyk-ci-cd-integration-deployment-and-strategies/snyk-test-and-snyk-monitor-in-ci-cd-integration.md
+++ b/developer-tools/snyk-ci-cd-integrations/snyk-ci-cd-integration-deployment-and-strategies/snyk-test-and-snyk-monitor-in-ci-cd-integration.md
@@ -34,7 +34,7 @@ Among the most common options used in a CI/CD integration are the following:
`-p`: Prune dependency trees, removing duplicate sub-dependencies. Continues to find all vulnerabilities, but may not find all of the vulnerable paths.
-\--org=\: Specify the `ORG_ID` to run Snyk commands for a specific Organization. This influences where new Projects are created after running the `monitor` command, some availabilty of features, and private test limits. If you have multiple Organizations, you can set a default from the CLI using:
+\--org=\: Specify the `ORG_ID` to run Snyk commands for a specific Organization. This influences where new Projects are created after running the `monitor` command, some availability of features, and private test limits. If you have multiple Organizations, you can set a default from the CLI using:
```
$ snyk config set org=
@@ -68,6 +68,6 @@ You can use JSON output from Snyk commands to create custom test reports as buil
## Creating work items for new vulnerabilities
-Snyk allows you to automatically create new work items in JIRA; for details, see the [Jira integration ](../../integrations/jira-and-slack-integrations/jira-integration.md)documentation. You can customize this code for your specific requirements or adapt it to work with other work management systems.
+Snyk lets you automatically create new work items in Jira. For details, see the [Jira integration ](../../integrations/jira-and-slack-integrations/jira-integration.md)documentation. You can customize this code for your specific requirements or adapt it to work with other work management systems.
See [Jira tickets for new vulns](https://github.com/snyk-tech-services/jira-tickets-for-new-vulns) to get started. You can also use the API endpoints [Create jira issue](../../snyk-api/reference/jira-v1.md#org-orgid-project-projectid-issue-issueid-jira-issue) and [List all jira issues](../../snyk-api/reference/jira-v1.md#org-orgid-project-projectid-jira-issues).
diff --git a/developer-tools/snyk-ci-cd-integrations/snyk-images-and-eol-image-policy.md b/developer-tools/snyk-ci-cd-integrations/snyk-images-and-eol-image-policy.md
index 286bf21d16ec..9d4f02477557 100644
--- a/developer-tools/snyk-ci-cd-integrations/snyk-images-and-eol-image-policy.md
+++ b/developer-tools/snyk-ci-cd-integrations/snyk-images-and-eol-image-policy.md
@@ -4,11 +4,11 @@ This page outlines the Snyk end-of-life (EOL) policy for images provided by the
## Summary of EOL image policy
-As part of Snyk's commitment to helping customers ship secure code, Snyk will provide images that contain software supported by its upstream vendor as a convenience.
+As part of the Snyk commitment to helping customers ship secure code, Snyk provides images that contain software supported by its upstream vendor as a convenience.
### Image maintenance
-As a general practice, Snyk does not remove images once they are published. However, Snyk will not build, maintain, or ship images based on EOL software.
+As a general practice, Snyk does not remove images after they are published. However, Snyk does not build, maintain, or ship images based on EOL software.
### User responsibility
@@ -16,17 +16,17 @@ To ensure you are using the most current and secure images, monitor the software
### Example of an EOL image
-For example, Snyk stopped building images based on Python 3.7, which is not actively supported and does not receive security updates from Python. Thus users should migrate to Python 3.8 or higher.
+For example, Snyk stopped building images based on Python 3.7, which is not actively supported and does not receive security updates from Python. Migrate to Python 3.8 or higher.
## Snyk Images lifecycle
### Annual review
-Snyk conducts an annual review of images. Images containing software that has reached its end-of-life (EOL) status will not be rebuilt or updated. This means the CLI and base image will no longer receive updates, bug fixes, or security patches.
+Snyk conducts an annual review of images. Snyk does not rebuild or update images containing software that has reached its end-of-life (EOL) status. This means the CLI and base image no longer receive updates, bug fixes, or security patches.
### Image availability
-Snyk does not remove images from Docker Hub once the images are published. Users should check the [endoflife.date](https://endoflife.date/) website to ensure their build pipelines are not using EOL software. Snyk will not issue warnings about an image becoming EOL.
+Snyk does not remove images from Docker Hub after the images are published. Check the [endoflife.date](https://endoflife.date/) website to ensure your build pipelines are not using EOL software. Snyk does not issue warnings about an image becoming EOL.
Snyk follows a phased approach to building, maintaining, and discontinuing maintenance of an image. The phases are [Creation](snyk-images-and-eol-image-policy.md#creation-phase), [Active support and maintenance](snyk-images-and-eol-image-policy.md#active-support-and-maintenance-phase), and [End of Life (EOL)](snyk-images-and-eol-image-policy.md#end-of-life-eol-phase).
@@ -65,8 +65,8 @@ As long as the vendor supports the base image, the Snyk image will include the l
### End of Life (EOL) phase
-After the vendor software reaches EOL, that is, stops receiving active support and security updates, Snyk will also stop building and maintaining the impacted image.
+After the vendor software reaches EOL, that is, stops receiving active support and security updates, Snyk also stops building and maintaining the impacted image.
-Snyk will update the `snyk-images` repository and user documentation to remove the EOL images from the list of supported images.
+Snyk updates the `snyk-images` repository and user documentation to remove the EOL images from the list of supported images.
For more information, see the lists of [currently supported](https://github.com/snyk/snyk-images?tab=readme-ov-file#current-images) and [unsupported ](https://github.com/snyk/snyk-images?tab=readme-ov-file#vendor-unsupported-base-images)images in the [`snyk-images` repository](https://github.com/snyk/snyk-images).
diff --git a/developer-tools/snyk-ci-cd-integrations/snyk-images-guides-to-migration/README.md b/developer-tools/snyk-ci-cd-integrations/snyk-images-guides-to-migration/README.md
index a45efff178de..c5a7126efaca 100644
--- a/developer-tools/snyk-ci-cd-integrations/snyk-images-guides-to-migration/README.md
+++ b/developer-tools/snyk-ci-cd-integrations/snyk-images-guides-to-migration/README.md
@@ -2,7 +2,7 @@
Guides are available for the following:
-* [Snyk images migration](snyk-images-migration.md)
-* [Circle CI migration](circleci-migration.md)
-* [BitBukdet Pipelines migration](bitbucket-pipelines-migration.md)
-* [GitHub actions migration](github-actions-migration.md)
+* [Snyk Images migration](snyk-images-migration.md)
+* [CircleCI migration](circleci-migration.md)
+* [Bitbucket Pipelines migration](bitbucket-pipelines-migration.md)
+* [GitHub Actions migration](github-actions-migration.md)
diff --git a/developer-tools/snyk-ci-cd-integrations/snyk-images-guides-to-migration/bitbucket-pipelines-migration.md b/developer-tools/snyk-ci-cd-integrations/snyk-images-guides-to-migration/bitbucket-pipelines-migration.md
index 6184f2bb1840..68522150c0af 100644
--- a/developer-tools/snyk-ci-cd-integrations/snyk-images-guides-to-migration/bitbucket-pipelines-migration.md
+++ b/developer-tools/snyk-ci-cd-integrations/snyk-images-guides-to-migration/bitbucket-pipelines-migration.md
@@ -2,7 +2,7 @@
## For users of `snyk/snyk-scan` < v1.0.0
-`snyk/snyk-scan` \= v1.0.0
@@ -12,19 +12,19 @@ See the [upgrade guide in Snyk Docs](../bitbucket-pipelines-integration-using-a-
Users can create their own custom images to use. This option is available for `snyk/snyk-scan` >= v1.0.0 only. For details, see [User-defined custom images for CLI.](../user-defined-custom-images-for-cli.md)
-Creating a custom image should guarantee compatibility with your system. However, there are alternative images to which you can upgrade if creating a custom image is not possible.
+Creating a custom image guarantees compatibility with your system. However, there are alternative images to which you can upgrade if creating a custom image is not possible.
### Upgrade to a supported Snyk Image
-After you have validated that you are using a Snyk Image that will be removed, as outlined [for users of `snyk/snyk-scan` < v1.0.0](bitbucket-pipelines-migration.md#users-using-snyk-snyk-scan-less-than-v1.0.0), refer to the [Snyk images migration](snyk-images-migration.md) guidelines to view upgrade paths for your configuration.
+After you have validated that you are using a Snyk Image that Snyk will remove, as outlined [for users of `snyk/snyk-scan` < v1.0.0](bitbucket-pipelines-migration.md#users-using-snyk-snyk-scan-less-than-v1.0.0), refer to the [Snyk Images migration](snyk-images-migration.md) guidelines to view upgrade paths for your configuration.
{% hint style="info" %}
-Remember to use pinned versions where available for better stability. for example, `snyk/snyk:dotnet-8.0` is preferable to `snyk/snyk:dotnet`
+Remember to use pinned versions where available for better stability. For example, `snyk/snyk:dotnet-8.0` is preferable to `snyk/snyk:dotnet`
{% endhint %}
An example follows of upgrading to a supported Snyk Image.
-In the example `bitbucket-pipeline.yml` configuration that follows, a Snyk image is configured that will be removed on 12 Aug 2024:
+The following example `bitbucket-pipeline.yml` configuration uses a Snyk image that Snyk will remove on 12 Aug 2024:
```yaml
# Example bitbucket-pipelines.yml using `snyk/snyk:node-16` Snyk Image
@@ -55,7 +55,7 @@ pipelines:
DEBUG: "true" # Optional
```
-Following the [Snyk images migration](snyk-images-migration.md) guidelines, you can upgrade to a supported Snyk Image as shown here:
+Following the [Snyk Images migration](snyk-images-migration.md) guidelines, you can upgrade to a supported Snyk Image as shown here:
```yaml
# Upgrading to supported Snyk Image `snyk/snyk:node-22`
@@ -91,7 +91,7 @@ pipelines:
If you do not want to use the Bitbucket `snyk/snyk-scan` integration, you have the option to install and use the Snyk CLI directly.
{% hint style="info" %}
-If you use this option, you will be unable to use integration features such as Code Insight Results
+If you use this option, you cannot use integration features such as Code Insight Results
{% endhint %}
The following example shows using the CLI directly.
diff --git a/developer-tools/snyk-ci-cd-integrations/snyk-images-guides-to-migration/circleci-migration.md b/developer-tools/snyk-ci-cd-integrations/snyk-images-guides-to-migration/circleci-migration.md
index a3b6c14f9f6e..17cf2b8ace7d 100644
--- a/developer-tools/snyk-ci-cd-integrations/snyk-images-guides-to-migration/circleci-migration.md
+++ b/developer-tools/snyk-ci-cd-integrations/snyk-images-guides-to-migration/circleci-migration.md
@@ -4,9 +4,9 @@ This page explains how to transition away from affected jobs.
## Updating snyk orb and using `iac test`
-Customers using the `scan-iac` job will need to switch to using `snyk/scan` with the `iac test` command. For an example, see the [IaC scanning examples](https://github.com/snyk/snyk-orb/blob/v2.0.0/src/examples/quickstart-iac-scanning.yml) in the snyk-orb repository.
+Customers using the `scan-iac` job must switch to using `snyk/scan` with the `iac test` command. For an example, see the [IaC scanning examples](https://github.com/snyk/snyk-orb/blob/v2.0.0/src/examples/quickstart-iac-scanning.yml) in the snyk-orb repository.
-It is important to update the version of the snyk orb used to the latest version by updating the circleci config files. Currently, the latest Snyk orb is `snyk/snyk@2.1.0` .
+It is important to update the version of the snyk orb used to the latest version by updating the circleci config files. The latest Snyk orb is `snyk/snyk@2.1.0` .
## Use the Snyk orb to only install the Snyk CLI, and then run the Snyk CLI commands in your own steps
diff --git a/developer-tools/snyk-ci-cd-integrations/snyk-images-guides-to-migration/github-actions-migration.md b/developer-tools/snyk-ci-cd-integrations/snyk-images-guides-to-migration/github-actions-migration.md
index 3a9bae6095e2..fb4782f46ff4 100644
--- a/developer-tools/snyk-ci-cd-integrations/snyk-images-guides-to-migration/github-actions-migration.md
+++ b/developer-tools/snyk-ci-cd-integrations/snyk-images-guides-to-migration/github-actions-migration.md
@@ -1,6 +1,6 @@
# GitHub actions migration
-This page explains how to transition away from affected GitHub actions
+This page explains how to transition away from affected GitHub Actions.
Snyk recommends that you update the affected workflows to use a newer action that is not slated for removal.
@@ -97,11 +97,11 @@ jobs:
## Alternative (b) create your own custom actions
-Snyk customers who prefer to move away from pre-built actions provided by Snyk can create custom actions tailored to their specific needs. This approach allows for greater customization and control over the actions used in their workflows.
+Snyk customers who prefer to move away from pre-built actions provided by Snyk can create custom actions tailored to their specific needs. This approach gives you greater customization and control over the actions used in their workflows.
By creating your own actions, you can avoid the effects of future cleanup and removal events when images and actions lose vendor support.
-### Leveraging the [Snyk Setup Action](https://github.com/snyk/actions/tree/master/setup)
+### Use the [Snyk Setup Action](https://github.com/snyk/actions/tree/master/setup)
This [action](../github-actions-for-snyk-setup-and-checking-for-vulnerabilities/snyk-setup-action.md) offers a versatile method of incorporating Snyk into your workflows effectively.
@@ -113,7 +113,7 @@ Consider using this action when:
### Direct CLI Installation
-Another option is to install and use the Snyk CLI directly in your GitHub Actions workflow. This method allows you to skip the requirement of dedicated GitHub Actions integration.
+Another option is to install and use the Snyk CLI directly in your GitHub Actions workflow. This method lets you skip the requirement of dedicated GitHub Actions integration.
```yaml
name: Example workflow using Snyk
diff --git a/developer-tools/snyk-ci-cd-integrations/snyk-images-guides-to-migration/snyk-images-migration.md b/developer-tools/snyk-ci-cd-integrations/snyk-images-guides-to-migration/snyk-images-migration.md
index e331261b53ba..8b6f5e0c1e02 100644
--- a/developer-tools/snyk-ci-cd-integrations/snyk-images-guides-to-migration/snyk-images-migration.md
+++ b/developer-tools/snyk-ci-cd-integrations/snyk-images-guides-to-migration/snyk-images-migration.md
@@ -6,7 +6,7 @@ description: This page explains how to transition away from affected images.
You can [create your own custom images](../user-defined-custom-images-for-cli.md) to use. This option is available for any user affected by the removal of the Snyk Images listed on this page.
-Creating a custom image is the preferred solution, as it should guarantee compatibility with your system. However, if you cannot create a custom image, you can use an available alternative image.
+Creating a custom image is the preferred solution, as it guarantees compatibility with your system. However, if you cannot create a custom image, you can use an available alternative image.
{% hint style="info" %}
Snyk recommends using a pinned version of a software package unless stated otherwise.
@@ -14,7 +14,7 @@ Snyk recommends using a pinned version of a software package unless stated other
## snyk/snyk:docker-\*
-See the following table for the `snyk/snyk:docker-*` images to be removed
+See the following table for the `snyk/snyk:docker-*` images Snyk will remove.
| Image | Based on |
| ---------------------- | ------------ |
@@ -32,7 +32,7 @@ Users affected by the removal of these images can update to the following images
## snyk/snyk:golang-\*
-See the following table for the `snyk/snyk:golang-*` images to be removed.
+See the following table for the `snyk/snyk:golang-*` images Snyk will remove.
| Image | Based on |
| --------------------- | ----------- |
@@ -53,12 +53,12 @@ Users affected by the removal of these images can update to the following images
* `snyk/snyk:golang-1.22`
{% hint style="info" %}
-It is recommended to use a pinned Golang version such as `snyk/snyk:golang-1.22` instead of `snyk/snyk:golang,` which is based on Golang latest.
+Snyk recommends using a pinned Golang version such as `snyk/snyk:golang-1.22` instead of `snyk/snyk:golang,` which is based on Golang latest.
{% endhint %}
## snyk/snyk:gradle-\*
-See the following table for the `snyk/snyk:gradle-*` images to be removed.
+See the following table for the `snyk/snyk:gradle-*` images Snyk will remove.
| Image | Based on |
| -------------------------- | ---------------- |
@@ -89,7 +89,7 @@ Users affected by the removal of these images can update to the following images
## snyk/snyk:maven-3-jdk-19
-`snyk/snyk:maven-3-jdk-19` will be removed from Docker. Users affected by this removal can update to the following images:
+Snyk will remove `snyk/snyk:maven-3-jdk-19` from Docker. Users affected by this removal can update to the following images:
* `snyk/snyk:maven`
* `snyk/snyk:maven-3-jdk-11`
@@ -105,7 +105,7 @@ Users affected by the removal of these images can update to the following images
## snyk/snyk:dotnet-\*
-See the following table for the `snyk/snyk:dotnet-*` images to be removed.
+See the following table for the `snyk/snyk:dotnet-*` images Snyk will remove.
| Image | Based on |
| -------------------- | ------------------------------------- |
@@ -120,12 +120,12 @@ Users affected by the removal of these images can update to the following images
* `snyk/snyk:dotnet-8.0`
{% hint style="info" %}
-It is recommended to use the pinned version `snyk/snyk:dotnet-8.0,` which is based on the active LTS version of .NET, 8.0 at the time of publication.
+Snyk recommends using the pinned version `snyk/snyk:dotnet-8.0,` which is based on the active LTS version of .NET, 8.0 at the time of publication.
{% endhint %}
## snyk/snyk:node-\*
-See the following table for the `snyk/snyk:node-*` images to be removed.
+See the following table for the `snyk/snyk:node-*` images Snyk will remove.
| Image | Based on |
| ----------------- | -------- |
@@ -145,12 +145,12 @@ Users affected by the removal of these images can update to the following images
* `snyk/snyk:node-22`
{% hint style="info" %}
-It is recommend to use a pinned version such as `snyk/snyk:node-22`, which uses LTS version 22.
+Snyk recommends using a pinned version such as `snyk/snyk:node-22`, which uses LTS version 22.
{% endhint %}
## snyk/snyk:python-\*
-See the following table for the `snyk/snyk:python-*` images to be removed.
+See the following table for the `snyk/snyk:python-*` images Snyk will remove.
| Image | Based on |
| -------------------- | ---------- |
@@ -168,12 +168,12 @@ Users affected by the removal of these images can update to the following images
* `snyk/snyk:python-3.11`
{% hint style="info" %}
-It is recommend to use a pinned version such as `snyk/snyk:python-3.11`, which uses LTS version 3.11.
+Snyk recommends using a pinned version such as `snyk/snyk:python-3.11`, which uses LTS version 3.11.
{% endhint %}
## snyk/snyk:ruby-\*
-See the following table for the `snyk/snyk:ruby-*` images to be removed.
+See the following table for the `snyk/snyk:ruby-*` images Snyk will remove.
| Image | Based on |
| ------------------ | -------- |
@@ -189,12 +189,12 @@ Users affected by the removal of these images can update to the following images
* `snyk/snyk:ruby-3.3`
{% hint style="info" %}
-It is recommended to use the pinned version `snyk/snyk:ruby-3.3`, which is based on Ruby 3.3
+Snyk recommends using the pinned version `snyk/snyk:ruby-3.3`, which is based on Ruby 3.3
{% endhint %}
## snyk/snyk:sbt & snyk/snyk:scala
-See the following table for the `snyk/snyk:sbt` and `snyk/snyk:scala` images to be removed.
+See the following table for the `snyk/snyk:sbt` and `snyk/snyk:scala` images Snyk will remove.
| Image | Based on |
| --------------- | ----------------------------------------- |
@@ -208,5 +208,5 @@ Users affected by the removal of these images can update to the following images
* `snyk/snyk:ruby-3.3`
{% hint style="info" %}
-It is recommended to use the pinned version snyk/snyk:sbt1.10.0-scala3.4.2, which is based on Scala:3.4.2-sbt:1.10.0
+Snyk recommends using the pinned version snyk/snyk:sbt1.10.0-scala3.4.2, which is based on Scala:3.4.2-sbt:1.10.0
{% endhint %}
diff --git a/developer-tools/snyk-ci-cd-integrations/teamcity-jetbrains-integration-using-the-snyk-security-plugin/README.md b/developer-tools/snyk-ci-cd-integrations/teamcity-jetbrains-integration-using-the-snyk-security-plugin/README.md
index e6cafb56391f..31bf32f4be7a 100644
--- a/developer-tools/snyk-ci-cd-integrations/teamcity-jetbrains-integration-using-the-snyk-security-plugin/README.md
+++ b/developer-tools/snyk-ci-cd-integrations/teamcity-jetbrains-integration-using-the-snyk-security-plugin/README.md
@@ -4,7 +4,7 @@ Integrate the Snyk Security plugin with the JetBrains continuous integration (CI
The TeamCity integration adds a build step to scan for vulnerabilities in your Project as part of your build. After the scan, you can push your Project to Snyk for continuous monitoring.
-The Snyk plugin scans as part of your build and then displays test results directly from the TeamCity UI. This enables you to track, identify, and fix issues that risk the security of your application more quickly, over time, as fixes are made available for vulnerabilities or new vulnerabilities are disclosed.
+The Snyk plugin scans as part of your build and then displays test results directly from the TeamCity UI. You can track, identify, and fix issues that risk the security of your application more quickly, over time, as Snyk makes fixes available for vulnerabilities or as new vulnerabilities are disclosed.
For setup and use details, see the following pages:
diff --git a/developer-tools/snyk-ci-cd-integrations/teamcity-jetbrains-integration-using-the-snyk-security-plugin/how-teamcity-integration-works.md b/developer-tools/snyk-ci-cd-integrations/teamcity-jetbrains-integration-using-the-snyk-security-plugin/how-teamcity-integration-works.md
index bbd907c8739f..6c4595685f16 100644
--- a/developer-tools/snyk-ci-cd-integrations/teamcity-jetbrains-integration-using-the-snyk-security-plugin/how-teamcity-integration-works.md
+++ b/developer-tools/snyk-ci-cd-integrations/teamcity-jetbrains-integration-using-the-snyk-security-plugin/how-teamcity-integration-works.md
@@ -18,9 +18,9 @@ The steps in the process follow:
1. Snyk displays all vulnerability results and details on the **Snyk Security Report tab** in TeamCity.
2. If you specified the severity threshold for a severity assigned to any vulnerability identified in your Project, TeamCity breaks the build. Otherwise, TeamCity continues to run the build to completion (success or failure), and Snyk activity ends.
12. If you configured the **Monitor project on build** option, Snyk now runs the `snyk monitor` command and proceeds with the remainder of the steps as described here.
- 1. Snyk takes a snapshot of the Project, analyzes the manifest file of your Project to find its direct and transitive dependencies, and tests your Project against the Snyk vulnerability database for known vulnerabilities.
+ 1. Snyk takes a snapshot of the Project, analyzes the manifest file of your Project to find its direct and transitive dependencies, and tests your Project against the Snyk Vulnerability Database for known vulnerabilities.
2. Snyk pushes the snapshot to the Snyk UI. The snapshot displays the Project details and the dependency hierarchy, as well as vulnerability results and fix advice.
3. If you specified the severity threshold for a severity that is assigned to any vulnerability in your Project, TeamCity breaks the build.
4. After the snapshot is pushed to the Snyk UI, Snyk continues to monitor your Project as new vulnerabilities are disclosed. Based on your configuration, if vulnerabilities are found, Snyk notifies you by email or Slack so that you can take immediate fix action.
-For information on how to configure your build with a Snyk step, see [Team City integration: use Snyk in your build](teamcity-integration-use-snyk-in-your-build.md).
+For information on how to configure your build with a Snyk step, see [TeamCity integration: use Snyk in your build](teamcity-integration-use-snyk-in-your-build.md).
diff --git a/developer-tools/snyk-ci-cd-integrations/teamcity-jetbrains-integration-using-the-snyk-security-plugin/teamcity-configuration-parameters.md b/developer-tools/snyk-ci-cd-integrations/teamcity-jetbrains-integration-using-the-snyk-security-plugin/teamcity-configuration-parameters.md
index bb1897a35b6f..cc5698dfc1b5 100644
--- a/developer-tools/snyk-ci-cd-integrations/teamcity-jetbrains-integration-using-the-snyk-security-plugin/teamcity-configuration-parameters.md
+++ b/developer-tools/snyk-ci-cd-integrations/teamcity-jetbrains-integration-using-the-snyk-security-plugin/teamcity-configuration-parameters.md
@@ -22,7 +22,7 @@ This page provides information about [Snyk settings](teamcity-configuration-para
### Organization
* Optional
-* The ID of the Snyk Organization to which this Project will be associated when imported to the UI.
+* The ID of the Snyk Organization to associate this Project with when you import it to the UI.
* Copy the Organization ID from the Snyk UI in the Settings area.
### Project name
@@ -45,10 +45,10 @@ This page provides information about [Snyk settings](teamcity-configuration-para
### Snyk version
* Default: the most recent version
-* If you would like an older Snyk CLI version to support the plugin, select the plugin version to use in your build.
+* To support the plugin with an older Snyk CLI version, select the plugin version to use in your build.
* Snyk recommends configuring automatic upgrades and using the most recent version.
-### Use custom build tool path:
+### Use custom build tool path
* Specify which tool instance in your local environment Snyk is to use for this build.
* Without a specified tool, Snyk auto-detects the tool and locates it in your environment based on the Project type.
diff --git a/developer-tools/snyk-ci-cd-integrations/teamcity-jetbrains-integration-using-the-snyk-security-plugin/teamcity-integration-install-the-snyk-plugin.md b/developer-tools/snyk-ci-cd-integrations/teamcity-jetbrains-integration-using-the-snyk-security-plugin/teamcity-integration-install-the-snyk-plugin.md
index 830e3221614f..b8285380f7ee 100644
--- a/developer-tools/snyk-ci-cd-integrations/teamcity-jetbrains-integration-using-the-snyk-security-plugin/teamcity-integration-install-the-snyk-plugin.md
+++ b/developer-tools/snyk-ci-cd-integrations/teamcity-jetbrains-integration-using-the-snyk-security-plugin/teamcity-integration-install-the-snyk-plugin.md
@@ -12,4 +12,4 @@ Before you begin, sign up for a Snyk account.

-To configure the integration, see [TeamCity configuration parameters](teamcity-configuration-parameters.md). For information on how to configure your build with a Snyk step, see [Team City integration: use Snyk in your build](teamcity-integration-use-snyk-in-your-build.md).
+To configure the integration, see [TeamCity configuration parameters](teamcity-configuration-parameters.md). For information on how to configure your build with a Snyk step, see [TeamCity integration: use Snyk in your build](teamcity-integration-use-snyk-in-your-build.md).
diff --git a/developer-tools/snyk-ci-cd-integrations/terraform-cloud-integration-for-snyk-iac-using-run-tasks/README.md b/developer-tools/snyk-ci-cd-integrations/terraform-cloud-integration-for-snyk-iac-using-run-tasks/README.md
index 1dfefd39b499..fc7875897e84 100644
--- a/developer-tools/snyk-ci-cd-integrations/terraform-cloud-integration-for-snyk-iac-using-run-tasks/README.md
+++ b/developer-tools/snyk-ci-cd-integrations/terraform-cloud-integration-for-snyk-iac-using-run-tasks/README.md
@@ -6,7 +6,7 @@ Terraform Cloud run tasks are available in the Terraform Cloud Team & Governance
## Terraform Cloud overview
-[Terraform Cloud](https://www.terraform.io/cloud) (TFC) is a SaaS paid platform provided by HashiCorp that provides production-ready state management and continuous delivery for teams using Terraform. It enables teams managing their cloud infrastructure with Terraform to:
+[Terraform Cloud](https://www.terraform.io/cloud) (TFC) is a SaaS paid platform provided by HashiCorp that provides production-ready state management and continuous delivery for teams using Terraform. It lets teams managing their cloud infrastructure with Terraform to:
* Have Terraform state management on the cloud with versioning and out-of-the box
* Have a centralized place for the team to collaborate on their infrastructure, reviewing and approving changes to infrastructure
@@ -16,11 +16,11 @@ Terraform Cloud run tasks are available in the Terraform Cloud Team & Governance
Terraform Cloud has a Run Tasks feature available to customers with Run Task entitlement on their Terraform plan. This entitlement is an optional add-on to the Team plan and above. A `run` in TFC represents a unit of execution in TFC that eventually generates a Terraform plan to be reviewed, approved, and applied.
-The Run Tasks feature allows external integrations to connect to `run` events and interact with them, providing a status to determine if this run should pass or fail.
+The Run Tasks feature lets external integrations connect to `run` events and interact with them, providing a status to determine if this run passes or fails.
Snyk [introduced support in May 2021](https://snyk.io/blog/prevent-cloud-misconfigurations-hashicorp-terraform-snyk-iac/) for Terraform users to scan their Terraform plan JSON output against Snyk security policies for all major cloud providers.
-The Snyk integration connects the `run` workflow of Terraform Cloud with Snyk Terraform plan scanning, meaning that for each `run` enerated, Snyk scans the Terraform plan artifact for misconfigurations.
+The Snyk integration connects the `run` workflow of Terraform Cloud with Snyk Terraform plan scanning, meaning that for each `run` generated, Snyk scans the Terraform plan artifact for misconfigurations.
If you are a user of Terraform Cloud ([Team & Governance tier](https://www.hashicorp.com/products/terraform/pricing)), you can sign up with Snyk to set the integration and connect it with your workspaces in Terraform Cloud. If you have the Run Task entitlement add-on, you can track, manage, and resolve security misconfigurations as part of your software development lifecycle with Terraform Cloud.
diff --git a/developer-tools/snyk-ci-cd-integrations/terraform-cloud-integration-for-snyk-iac-using-run-tasks/how-to-use-the-terraform-cloud-integration-for-iac.md b/developer-tools/snyk-ci-cd-integrations/terraform-cloud-integration-for-snyk-iac-using-run-tasks/how-to-use-the-terraform-cloud-integration-for-iac.md
index 1cc8e3df152f..08e367add12b 100644
--- a/developer-tools/snyk-ci-cd-integrations/terraform-cloud-integration-for-snyk-iac-using-run-tasks/how-to-use-the-terraform-cloud-integration-for-iac.md
+++ b/developer-tools/snyk-ci-cd-integrations/terraform-cloud-integration-for-snyk-iac-using-run-tasks/how-to-use-the-terraform-cloud-integration-for-iac.md
@@ -6,9 +6,9 @@ After your integration is set up, Snyk scans Terraform plans for each run trigge
1. For each run triggered in the Terraform Cloud workspace, the result of Snyk Terraform plan scanning appears under the `run tasks` step, which starts after the `Plan` stage finishes.
2. The scan results in either a `passed` or a `failed` status. If Snyk finds issues in your Terraform plan file, the scan results in a failure.
-3. Click on the **Details** link of the run task results in Terraform Cloud to view further details in Snyk.
+3. Click **Details** for the run task results in Terraform Cloud to view further details in Snyk.
1. You can also find the results under the **Projects** tab in Snyk by searching for terraform-plan.json, which is under a **Target** named by `{YOUR_TFC_ORG_NAME}/{YOUR_TFC_WORKSPACE_NAME}`
- 2. You can also use the filter in the left pane to show only Terraform Cloud Projects.
+ 2. You can also use the filter to show only Terraform Cloud Projects.
4. A single Project in Snyk (`terraform-plan.json`) is created for each workspace that uses the Snyk integration. Every Project page shows the latest scanning results.
5. To see historical scan results, navigate to the **History** tab under the relevant Project and choose the historic snapshot you wish to view.
@@ -16,7 +16,7 @@ After your integration is set up, Snyk scans Terraform plans for each run trigge
The Snyk Terraform Cloud integration provides the following levels of customization:
-* **Severity Threshold**: Set the minimum level of severity for failure. This can be set on the integration page in Snyk.
+* **Severity Threshold**: Set the minimum level of severity for failure. You can set this on the integration page in Snyk.
* **Custom Severities**: Set custom severities for issues that overwrite the defaults (for example, [SNYK-CC-00172](https://security.snyk.io/rules/cloud/SNYK-CC-00172)).
* **Enforcement Level**: Determine whether a failure blocks the `apply` or not. This setting is controlled through Terraform Cloud. For example, the `Advisory` level does not block the `apply` even if Snyk finds issues within the minimum severity threshold.
diff --git a/developer-tools/snyk-ci-cd-integrations/terraform-cloud-integration-for-snyk-iac-using-run-tasks/set-up-the-terraform-cloud-integration-for-iac.md b/developer-tools/snyk-ci-cd-integrations/terraform-cloud-integration-for-snyk-iac-using-run-tasks/set-up-the-terraform-cloud-integration-for-iac.md
index 01645af8d7cd..1a5f63aca053 100644
--- a/developer-tools/snyk-ci-cd-integrations/terraform-cloud-integration-for-snyk-iac-using-run-tasks/set-up-the-terraform-cloud-integration-for-iac.md
+++ b/developer-tools/snyk-ci-cd-integrations/terraform-cloud-integration-for-snyk-iac-using-run-tasks/set-up-the-terraform-cloud-integration-for-iac.md
@@ -13,7 +13,7 @@ In the Snyk Web UI, go to the Terraform Cloud integration settings page for your
## Create the Snyk Run Task for Terraform Cloud
-Now navigate to [Terraform Cloud](https://app.terraform.io) in the organization global settings:
+Navigate to [Terraform Cloud](https://app.terraform.io) in the organization global settings:
.png>)
@@ -25,7 +25,7 @@ Now navigate to [Terraform Cloud](https://app.terraform.io) in the organization
## Associate the Run Task with your Terraform Cloud Workspace
1. Navigate to your Terraform Cloud Workspace, enter the **Settings** \_\_ menu, and choose **Run Tasks**.
-2. Find the run task you created under **Available Run Tasks**; click on **+** to associate it.
+2. Find the run task you created under **Available Run Tasks**, then click **+** to associate it.
3. Choose the enforcement level (**Advisory** or **Mandatory**) and click **Create**.
After your integration is set up, Snyk scans Terraform plans for each run triggered in your workspace.
diff --git a/developer-tools/snyk-ci-cd-integrations/terraform-enterprise-integration-for-snyk-iac.md b/developer-tools/snyk-ci-cd-integrations/terraform-enterprise-integration-for-snyk-iac.md
index baf2d1b18008..ffb175bfc4cd 100644
--- a/developer-tools/snyk-ci-cd-integrations/terraform-enterprise-integration-for-snyk-iac.md
+++ b/developer-tools/snyk-ci-cd-integrations/terraform-enterprise-integration-for-snyk-iac.md
@@ -14,6 +14,6 @@ Snyk integration for Terraform Enterprise relies on network connectivity between
* To check whether a connection from your Terraform Enterprise instance to the Snyk API can be established:
* Log on to your Terraform Enterprise server.
- * Make an HTTP request to a Snyk API endpoint; for example, you could use curl to initiate an HTTP request.
- * Even if you receive a 401/Unauthorized response from a Snyk API endpoint, that is an acceptable response; you are checking only basic network connectivity.
+ * Make an HTTP request to a Snyk API endpoint. For example, you could use curl to initiate an HTTP request.
+ * Even if you receive a 401/Unauthorized response from a Snyk API endpoint, that is an acceptable response. You are checking only basic network connectivity.
* You must also verify that Snyk servers can reach your Terraform Enterprise instance. Ensure that your network configuration (firewalls and so on) allows receiving network traffic from the Snyk platform.
diff --git a/developer-tools/snyk-ci-cd-integrations/use-snyk-code-in-the-ci-cd-pipeline.md b/developer-tools/snyk-ci-cd-integrations/use-snyk-code-in-the-ci-cd-pipeline.md
index 29a2dbc660c8..bba7bd240eeb 100644
--- a/developer-tools/snyk-ci-cd-integrations/use-snyk-code-in-the-ci-cd-pipeline.md
+++ b/developer-tools/snyk-ci-cd-integrations/use-snyk-code-in-the-ci-cd-pipeline.md
@@ -2,7 +2,7 @@
You can use CI/CD integration to test your code for vulnerabilities and ensure your changes do not introduce new vulnerabilities, keeping your applications secure.
-* Snyk Code may not be supported by a Snyk CI/CD plugin, such as the Snyk Jenkins plugin. If this is the case, you can integrate [Snyk CLI](../snyk-cli/scan-and-maintain-projects-using-the-cli/snyk-cli-for-snyk-code/) with your CI server.
+* A Snyk CI/CD plugin, such as the Snyk Jenkins plugin, might not support Snyk Code. If this is the case, you can integrate [Snyk CLI](../snyk-cli/scan-and-maintain-projects-using-the-cli/snyk-cli-for-snyk-code/) with your CI server.
* You can filter the results by severity, for example, fail jobs only when high-severity vulnerabilities are introduced. See [Filter results by Severity](../snyk-cli/scan-and-maintain-projects-using-the-cli/snyk-cli-for-snyk-code/view-snyk-code-cli-results.md#filter-results-by-severity-level).
* You can export the CLI output to JSON or SARIF standard formats. See [Output test results](../snyk-cli/scan-and-maintain-projects-using-the-cli/snyk-cli-for-snyk-code/view-snyk-code-cli-results.md#export-test-results).
* You can generate more visual results using the Snyk-to-HTML tool. See [`snyk-to-html`](../snyk-cli/scan-and-maintain-projects-using-the-cli/cli-tools/snyk-to-html.md).
diff --git a/developer-tools/snyk-ci-cd-integrations/user-defined-custom-images-for-cli.md b/developer-tools/snyk-ci-cd-integrations/user-defined-custom-images-for-cli.md
index c67f31748e98..26bd38f1d36c 100644
--- a/developer-tools/snyk-ci-cd-integrations/user-defined-custom-images-for-cli.md
+++ b/developer-tools/snyk-ci-cd-integrations/user-defined-custom-images-for-cli.md
@@ -2,13 +2,13 @@
## Context for user-defined custom images for CLI
-Following Snyk announcements regarding [Snyk CLI Images](https://updates.snyk.io/deprecation-notice-for-snyk-cli-images-292562) and [Snyk Images](https://updates.snyk.io/deprecation-notice-for-obsolete-snyk-images-292563), Snyk is providing instructions that customers will find useful in building their own custom images. You can visit the [Snyk Images build tool chain](https://github.com/snyk/snyk-images) on GitHub for a list of [currently supported images](https://github.com/snyk/snyk-images?tab=readme-ov-file#current-images).
+Following Snyk announcements regarding [Snyk CLI Images](https://updates.snyk.io/deprecation-notice-for-snyk-cli-images-292562) and [Snyk Images](https://updates.snyk.io/deprecation-notice-for-obsolete-snyk-images-292563), Snyk provides instructions to help customers build their own custom images. You can visit the [Snyk Images build tool chain](https://github.com/snyk/snyk-images) on GitHub for a list of [currently supported images](https://github.com/snyk/snyk-images?tab=readme-ov-file#current-images).
{% hint style="info" %}
Snyk does not build or maintain images that contain end-of-life software by an upstream vendor. The list of unsupported images is available on the [GitHub repo](https://github.com/snyk/snyk-images?tab=readme-ov-file#vendor-unsupported-base-images).
{% endhint %}
-Using custom images will allow you to extend environment support to any [environment](../snyk-cli/install-the-snyk-cli/) supported by the Snyk CLI.
+Using custom images lets you extend environment support to any [environment](../snyk-cli/install-the-snyk-cli/) supported by the Snyk CLI.
## Requirements for user-defined custom images for CLI
@@ -17,7 +17,7 @@ For your custom image to be supported, it must:
* Use an environment [supported](../snyk-cli/install-the-snyk-cli/) by the Snyk CLI.
* Use a language and framework [supported](https://app.gitbook.com/s/L7HyJj9FsK1W4pNt8Gzl/supported-languages/supported-languages-package-managers-and-frameworks) by Snyk.
* Have Snyk CLI installed on the image; see [Install or update the Snyk CLI](../snyk-cli/install-the-snyk-cli/) for steps to install the CLI.
-* Be publicly accessible; the integration will pull the image.
+* Be publicly accessible, so the integration can pull the image.
## Use of user-defined custom images for CLI
@@ -58,9 +58,9 @@ docker build --tag foobar/snyk:node-lts
docker push foobar/snyk:node-lts
```
-### Example: how to use a custom image in a BitBucket pipeline
+### Example: how to use a custom image in a Bitbucket pipeline
-Compatibility in the BitBucket Pipeline integration is limited to environments supported by the Docker container the integration runs in. Following the Snyk announcement [Decoupling Snyk Scan from Snyk CLI Docker Images](https://updates.snyk.io/decoupling-snyk-scan-from-snyk-cli-docker-images-277502), before v1.0.0, the experience was limited to environments supported by the Snyk CLI Docker Images.
+Compatibility in the Bitbucket Pipeline integration is limited to environments supported by the Docker container the integration runs in. Following the Snyk announcement [Decoupling Snyk Scan from Snyk CLI Docker Images](https://updates.snyk.io/decoupling-snyk-scan-from-snyk-cli-docker-images-277502), before v1.0.0, the experience was limited to environments supported by the Snyk CLI Docker Images.
With the release of v1.0.0, users can define custom images. If the list of environments provided by the [LANGUAGE](bitbucket-pipelines-integration-using-a-snyk-pipe/snyk-pipe-parameters-and-values-bitbucket-cloud.md#snyk-pipe-variables) variable does not support your particular build environment, you can define your own build environment in the form of a custom Docker image.
diff --git a/developer-tools/snyk-cli/README.md b/developer-tools/snyk-cli/README.md
index c31a2605cea0..4dd6203f921f 100644
--- a/developer-tools/snyk-cli/README.md
+++ b/developer-tools/snyk-cli/README.md
@@ -1,11 +1,11 @@
# Snyk CLI
-This documentation provides guidance and information for using the Snyk CLI to bring the functionality of Snyk into your development workflow. Here you will find:
+This documentation provides guidance and information for using the Snyk CLI to bring the functionality of Snyk into your development workflow. Here you can find:
* Guidance for [getting started with the CLI](getting-started-with-the-snyk-cli.md)
* An [important code execution warning for the Snyk CLI](code-execution-warning-for-snyk-cli.md)
* Instructions for [installing or updating the Snyk CLI](install-the-snyk-cli/), [authenticating the CLI with your account](authenticate-to-use-the-cli.md), and [configuring the CLI](configure-the-snyk-cli/)
-* The full text of the [CLI help](commands/) for all of the commands and their options, just as the help appears in your terminal
+* The full text of the [CLI help](commands/) for all of the commands and their options, as the help appears in your terminal
* A comprehensive summary of all of the [CLI commands and options](cli-commands-and-options-summary.md)
* Articles with in-depth information about [scanning and maintaining projects using the CLI](scan-and-maintain-projects-using-the-cli/)
diff --git a/developer-tools/snyk-cli/authenticate-to-use-the-cli.md b/developer-tools/snyk-cli/authenticate-to-use-the-cli.md
index fc622c437843..2d6f4bf5c896 100644
--- a/developer-tools/snyk-cli/authenticate-to-use-the-cli.md
+++ b/developer-tools/snyk-cli/authenticate-to-use-the-cli.md
@@ -1,6 +1,6 @@
# Authenticate to use the CLI
-Once you have [installed the Snyk CLI](install-the-snyk-cli/) using your chosen tool or operating system (OS), you need to authenticate with your Snyk account.
+After you [install the Snyk CLI](install-the-snyk-cli/) using your chosen tool or operating system (OS), you need to authenticate with your Snyk account.
## Supported authentication methods
@@ -30,7 +30,7 @@ snyk config environment SNYK-EU-01
```
{% endcode %}
-Once the environment has been configured, authenticate using your preferred method.
+After you configure the environment, authenticate using your preferred method.
## Authenticate locally
@@ -47,8 +47,8 @@ This applies to: Homebrew, npm, Yarn, Scoop (Windows), and Direct binary downloa
```bash
snyk auth
```
-* A browser window will open on a Snyk address. Click **Authenticate**.
-* Return to your terminal. You should see the message `Your account has been authenticated`.
+* A browser window opens on a Snyk address. Click **Authenticate**.
+* Return to your terminal. You see the message `Your account has been authenticated`.
For local service account testing, use the command:
diff --git a/developer-tools/snyk-cli/code-execution-warning-for-snyk-cli.md b/developer-tools/snyk-cli/code-execution-warning-for-snyk-cli.md
index 9d0e62bf6e0f..b144f5877145 100644
--- a/developer-tools/snyk-cli/code-execution-warning-for-snyk-cli.md
+++ b/developer-tools/snyk-cli/code-execution-warning-for-snyk-cli.md
@@ -1,13 +1,13 @@
# Code execution warning for Snyk CLI
{% hint style="warning" %}
-As part of examining the codebase for vulnerabilities, Snyk CLI may automatically execute code on your computer to obtain additional data for analysis.
+As part of examining the codebase for vulnerabilities, Snyk CLI can automatically execute code on your computer to obtain additional data for analysis.
{% endhint %}
This includes invoking the package manager, for example, pip, Gradle, Maven, Yarn, npm, and so on, to get dependency information for Snyk Open Source.
-Invoking these programs on untrusted code that has malicious configurations may expose your system to malicious code execution and exploits.
+Invoking these programs on untrusted code that has malicious configurations can expose your system to malicious code execution and exploits.
-Always make sure you understand and trust the code in the directory you intend to scan with Snyk CLI.
+Always ensure you understand and trust the code in the directory you intend to scan with Snyk CLI.
When in doubt, do not proceed with a scan.
diff --git a/developer-tools/snyk-cli/commands/README.md b/developer-tools/snyk-cli/commands/README.md
index e0668fa92c6b..93d5147cee18 100644
--- a/developer-tools/snyk-cli/commands/README.md
+++ b/developer-tools/snyk-cli/commands/README.md
@@ -50,7 +50,7 @@ Generate or test an SBOM document in ecosystems supported by Snyk.
### [`snyk aibom`](aibom.md)
-Generates an AIBOM for a local software project that is written in Python, to understand what AI models, datasets, tools, and so on are used in that project.
+Generates an AI-BOM for a local software project that is written in Python, to understand which AI models, datasets, tools, and so on the project uses.
### [`snyk aibom test`](aibom-test.md)
diff --git a/developer-tools/snyk-cli/commands/aibom.md b/developer-tools/snyk-cli/commands/aibom.md
index d017bc91862b..8eabc4e17695 100644
--- a/developer-tools/snyk-cli/commands/aibom.md
+++ b/developer-tools/snyk-cli/commands/aibom.md
@@ -19,7 +19,7 @@ The supported format is CycloneDX v1.6 (JSON).
In the JSON file, you can see the following AI dependencies and components:
-- **Models:** You can see your usage of foundational models (such as GPT-4) and open-source models (such as Llama-4). Where possible, the information surfaced also refers to model card, license, and other information.
+- **Models:** You can see your use of foundational models (such as GPT-4) and open-source models (such as Llama-4). Where possible, the information surfaced also refers to model card, license, and other information.
- **Agents:** Identified based on popular AI agent libraries.
- **Tools:** Identified based on popular patterns of tool calling.
- **MCPs:** Identified based on the official MCP SDK, in addition to other popular ways of building MCPs.
@@ -70,17 +70,17 @@ Default: `` that is the current preferred Organization in your [Account
### `--html`
-**Optional**. Embed the AIBOM into an HTML visualization of the AIBOM components and their relationships.
+**Optional**. Embed the AI-BOM into an HTML visualization of the AI-BOM components and their relationships.
### `[--json-file-output]`
-**Optional**. Save the AIBOM output as a JSON data structure directly to the specified file.
+**Optional**. Save the AI-BOM output as a JSON data structure directly to the specified file.
#### Available in 1.1303.0
### `--upload`
-**Optional**. Persist the AIBOM into your Snyk Organization. This flag requires the [`--repo`](aibom.md#repo) flag. It enables you to view your AI-BOM for the repository in the Evo web interface.
+**Optional**. Persist the AI-BOM into your Snyk Organization. This flag requires the [`--repo`](aibom.md#repo) flag. It lets you view your AI-BOM for the repository in the Evo web interface.
### `--repo`
diff --git a/developer-tools/snyk-cli/commands/auth.md b/developer-tools/snyk-cli/commands/auth.md
index 0fe6772da1f6..2b37b0f369c5 100644
--- a/developer-tools/snyk-cli/commands/auth.md
+++ b/developer-tools/snyk-cli/commands/auth.md
@@ -24,13 +24,13 @@ The Snyk API token can still be used as a fallback option. You must explicitly a
### `--auth-type=`
-Specify the \ of authentication to use. Supported types are `oauth` (the default beginning with version 1.1293.0) AND `token`.
+Specify the \ of authentication to use. Supported types are `oauth` (the default beginning with version 1.1293.0) and `token`.
### `--client-secret=` and `--client-id=`
-You can set the client secret, and the id can be set in order to use the OAuth2 Client Credentials Grant.
+Set the client secret and the ID to use the OAuth2 Client Credentials Grant.
-Both values must be provided together. They are only valid together with `--auth-type=oauth;`otherwise they will be ignored.
+You must provide both values together. They are valid only with `--auth-type=oauth;` otherwise Snyk ignores them.
For information about how to get the `` and the ``, see [Service accounts using OAuth 2.0](https://docs.snyk.io/enterprise-setup/service-accounts/service-accounts-using-oauth-2.0#oauth-2.0-with-client-secret)
diff --git a/developer-tools/snyk-cli/commands/code-test.md b/developer-tools/snyk-cli/commands/code-test.md
index 7f441c092415..63cbb5364993 100644
--- a/developer-tools/snyk-cli/commands/code-test.md
+++ b/developer-tools/snyk-cli/commands/code-test.md
@@ -79,7 +79,7 @@ Example of setting to the latest Git tag:
Set or override the remote URL for the repository.
-Example: `--remote-repo-url=https://gitlab.com/example/project` will create a target for given URL and on the UI it would be visible as `/example/project/` .
+Example: `--remote-repo-url=https://gitlab.com/example/project` creates a target for the given URL, which is visible in the UI as `/example/project/`.
### `--org=`
diff --git a/developer-tools/snyk-cli/commands/code.md b/developer-tools/snyk-cli/commands/code.md
index a36f6e0708fe..3eb463b2beb6 100644
--- a/developer-tools/snyk-cli/commands/code.md
+++ b/developer-tools/snyk-cli/commands/code.md
@@ -8,6 +8,6 @@ For more information, see [CLI for Snyk Code](https://docs.snyk.io/snyk-cli/scan
## `snyk code` command and the help docs
-The single`snyk code` command is identified here with the help options:
+The single `snyk code` command is listed here with the help options:
[`code test`](code-test.md); `code test --help`: Test source code for any known security issues (Static Application Security Testing).
diff --git a/developer-tools/snyk-cli/commands/config-environment.md b/developer-tools/snyk-cli/commands/config-environment.md
index 6c21005e88ec..fb7f00a57608 100644
--- a/developer-tools/snyk-cli/commands/config-environment.md
+++ b/developer-tools/snyk-cli/commands/config-environment.md
@@ -1,6 +1,6 @@
# Config environment
-**Note:** This command will be available as of CLI version 1.1293.0.
+**Note:** This command is available as of CLI version 1.1293.0.
If you are not in the system default environment, `SNYK-US-01`, use the `snyk config environment` command to set your environment before you run `snyk auth`.
@@ -10,7 +10,7 @@ If you are not in the system default environment, `SNYK-US-01`, use the `snyk co
## Description
-The `snyk config environment` command is provided for your convenience to make changing the endpoint used in the CLI easier and safer.
+The `snyk config environment` command makes changing the endpoint used in the CLI safer.
The outcome is almost the same as `snyk config set endpoint=` but in addition, the `snyk config environment` command does the following:
diff --git a/developer-tools/snyk-cli/commands/config.md b/developer-tools/snyk-cli/commands/config.md
index f37519910e86..3e5d77cc619f 100644
--- a/developer-tools/snyk-cli/commands/config.md
+++ b/developer-tools/snyk-cli/commands/config.md
@@ -36,7 +36,7 @@ Remove all config values.
### `environment`
-Change the endpoint to use. Run `config environment --help` or see the [snyk config environment command](https://docs.snyk.io/snyk-cli/commands/config-environment)
+Change the endpoint to use. Run `config environment --help` or see the [snyk config environment command](https://docs.snyk.io/snyk-cli/commands/config-environment)
## Supported `` values
diff --git a/developer-tools/snyk-cli/commands/container-monitor.md b/developer-tools/snyk-cli/commands/container-monitor.md
index 89ba1938cf75..6d429add0801 100644
--- a/developer-tools/snyk-cli/commands/container-monitor.md
+++ b/developer-tools/snyk-cli/commands/container-monitor.md
@@ -8,7 +8,7 @@
The `snyk container monitor` command captures the container image layers and dependencies in a project and monitors that snapshot for vulnerabilities, sending the results to [snyk.io](https://snyk.io)
-Use the `container monitor` command before integrating your code into production, to take a snapshot of the code to be monitored in order to avoid pushing vulnerabilities into production. Choose a test frequency in your Settings if you want to change the frequency from the default, which is daily.
+Use the `container monitor` command before integrating your code into production, to take a snapshot of the code to be monitored and avoid pushing vulnerabilities into production. Choose a test frequency in your Settings if you want to change the frequency from the default, which is daily.
If you make changes to your code, you must run the `container monitor` command again.
@@ -38,7 +38,7 @@ Use the `-d` option to output the debug logs.
Specify the `` to run Snyk commands tied to a specific Snyk Organization. The `` influences some features availability and private test limits.
-If you have multiple organizations, you can set a default from the CLI using:
+If you have multiple Organizations, you can set a default from the CLI using:
`$ snyk config set org=`
diff --git a/developer-tools/snyk-cli/commands/container-sbom.md b/developer-tools/snyk-cli/commands/container-sbom.md
index bb6f842b7ff6..2132e524724e 100644
--- a/developer-tools/snyk-cli/commands/container-sbom.md
+++ b/developer-tools/snyk-cli/commands/container-sbom.md
@@ -2,9 +2,9 @@
## Prerequisites
-**Feature availability:** This feature is currently in Early Access and is available to customers on Snyk Enterprise plans.
+**Feature availability:** This feature is in Early Access and is available to customers on Snyk Enterprise plans.
-**Note:** In order to use the SBOM generation feature, you must use a minimum of CLI version 1.1226.0.
+**Note:** To use the SBOM generation feature, you must use a minimum of CLI version 1.1226.0.
The `snyk container sbom` feature requires an internet connection.
@@ -45,13 +45,13 @@ Specify the `` (name or UUID) to run Snyk commands tied to a specific Sn
Use this option when your default Organization does not have API entitlement.
-If this option is omitted, the default Organization for your account will be used.
+If you omit this option, Snyk uses the default Organization for your account.
This is the `` that is the current preferred Organization in your [Account settings](https://app.snyk.io/account)
Set a default to ensure all newly tested projects are tested under your default Organization. If you need to override the default, use the `--org=` option.
-If you have multiple organizations, you can set a default from the CLI using:
+If you have multiple Organizations, you can set a default from the CLI using:
`$ snyk config set org=`
@@ -95,7 +95,7 @@ Specify a password to use when connecting to a container registry. This is ignor
### ``
-Required. The image for which you will generate an SBOM document.
+Required. The image for which you generate an SBOM document.
**Note:** The image should be specified in the format of `repo:tag`.
diff --git a/developer-tools/snyk-cli/commands/container-test.md b/developer-tools/snyk-cli/commands/container-test.md
index 0e5e16061785..9b84df695721 100644
--- a/developer-tools/snyk-cli/commands/container-test.md
+++ b/developer-tools/snyk-cli/commands/container-test.md
@@ -102,7 +102,7 @@ Fail only when there are vulnerabilities that can be fixed.
To fail on any Snyk discoverable vulnerability (the default behavior), do not use the `--fail-on` option. If vulnerabilities do not have a Snyk-computed fix and this option is being used, tests pass.
-**Note**: If you test code constrained by metadata that Snyk cannot respect with `snyk test`, Snyk will not propose a fix, in order to avoid breaking your code. You may be able to identify and apply a fix manually.
+**Note**: If you test code constrained by metadata that Snyk cannot respect with `snyk test`, Snyk does not propose a fix, to avoid breaking your code. You can identify and apply a fix manually.
### `--app-vulns`
@@ -124,7 +124,7 @@ Allow disabling the scan of `node_modules` directories inside node.js container
In CLI versions v1.1292.0 and higher, `node_modules` scanning is enabled by default.
-When `node_modules` scaning is disabled, Snyk reports vulnerabilities for npm Projects sourced from application file pairs: `[package.json, package-lock.json], [package.json, yarn.lock]`.
+When `node_modules` scanning is disabled, Snyk reports vulnerabilities for npm Projects sourced from application file pairs: `[package.json, package-lock.json], [package.json, yarn.lock]`.
### `--nested-jars-depth`
diff --git a/developer-tools/snyk-cli/commands/iac-test.md b/developer-tools/snyk-cli/commands/iac-test.md
index 09dbe3a08cbb..e9327a73400d 100644
--- a/developer-tools/snyk-cli/commands/iac-test.md
+++ b/developer-tools/snyk-cli/commands/iac-test.md
@@ -59,7 +59,7 @@ For more information see the article [How to select the Organization to use in t
### `--ignore-policy`
-Ignore all set policies, the current policy in the `.snyk` file, rg level ignores, and the project policy on snyk.io.
+Ignore all set policies, the current policy in the `.snyk` file, org level ignores, and the project policy on snyk.io.
### `--policy-path=`
@@ -139,7 +139,7 @@ For more information including allowable characters see [Project tags](https://d
Set or override the remote URL for the repository.
-Example: `--remote-repo-url=https://gitlab.com/example/project` will create a target for given URL and on the UI it would be visible as `/example/project/` .
+Example: `--remote-repo-url=https://gitlab.com/example/project` creates a target for the given URL, which is visible in the UI as `/example/project/`.
Can be used in combination with the `--report` option.
diff --git a/developer-tools/snyk-cli/commands/iac-update-exclude-policy.md b/developer-tools/snyk-cli/commands/iac-update-exclude-policy.md
index 97bd7c7d602e..17468b9413d7 100644
--- a/developer-tools/snyk-cli/commands/iac-update-exclude-policy.md
+++ b/developer-tools/snyk-cli/commands/iac-update-exclude-policy.md
@@ -17,7 +17,7 @@ For more information, see [Ignore resources](https://docs.snyk.io/scan-with-snyk
Possible exit codes and their meaning:
**0**: success, exclude rules generated successfully\
-**1**: error, something wrong happened during exclude rules generation
+**1**: error, something went wrong during exclude rules generation
## Configure the Snyk CLI
diff --git a/developer-tools/snyk-cli/commands/ignore.md b/developer-tools/snyk-cli/commands/ignore.md
index e9b3140a0f6e..504422c1a3dc 100644
--- a/developer-tools/snyk-cli/commands/ignore.md
+++ b/developer-tools/snyk-cli/commands/ignore.md
@@ -14,7 +14,7 @@ The `snyk ignore` command modifies the `.snyk` policy file to ignore a specified
`snyk ignore [--expiry=] [--reason=] [--policy-path=] [--file-path=] [OPTIONS]`
-You can exclude directories or files from scanning using the `--file-path` option. This option is available only for Snyk Code (SAST) tests or Open Source `--unmanaged` tests; it will not work for other test types.
+You can exclude directories or files from scanning using the `--file-path` option. This option is available only for Snyk Code (SAST) tests or Open Source `--unmanaged` tests; it does not work for other test types.
## Examples of updates to the `.snyk` file
@@ -55,7 +55,7 @@ exclude:
**Note**: Ignoring issues or vulnerabilities using the `.snyk` file is not supported for Snyk Code.
-The `--file-path` option excludes directories or files from scanning and is available only for Snyk Code (SAST) tests or Open Source `--unmanaged` tests; it will not work for other test types.
+The `--file-path` option excludes directories or files from scanning and is available only for Snyk Code (SAST) tests or Open Source `--unmanaged` tests; it does not work for other test types.
## Debug
@@ -79,9 +79,9 @@ Supported formats:
Default: 30 days or none if used with `--file-path`
-Note: The `expiry` field is not required, it will use the default if omitted. If you need a permanent ignore, set the expiry to a date far in the future (for example, `9999-01-01`).
+Note: The `expiry` field is not required; Snyk uses the default if you omit it. If you need a permanent ignore, set the expiry to a date far in the future (for example, `9999-01-01`).
-To ensure that expiration dates are enforced for ignores, you must specify a valid expiration date. The date must be in the Date Time String Javascript format like YYYY-MM-DDThh:mm:ss.fffZ. If the specified expiration date does not adhere to this format, the ignore will be respected and persist indefinitely.
+To ensure that expiration dates are enforced for ignores, you must specify a valid expiration date. The date must be in the Date Time String Javascript format like YYYY-MM-DDThh:mm:ss.fffZ. If the specified expiration date does not adhere to this format, Snyk respects the ignore and persists it indefinitely.
### `--reason=`
diff --git a/developer-tools/snyk-cli/commands/monitor.md b/developer-tools/snyk-cli/commands/monitor.md
index d7502e67bfc3..483e41bc5631 100644
--- a/developer-tools/snyk-cli/commands/monitor.md
+++ b/developer-tools/snyk-cli/commands/monitor.md
@@ -8,7 +8,7 @@
The `snyk monitor` command creates a project in your Snyk account to be continuously monitored for open-source vulnerabilities and license issues, sending the results to [snyk.io](https://snyk.io)
-Use the `monitor` command before integrating a project into production, to take a snapshot of the code to be monitored in order to avoid pushing vulnerabilities into production. Choose a test frequency in your Settings if you want to change the frequency from the default, which is daily.
+Use the `monitor` command before integrating a project into production, to take a snapshot of the code to be monitored and avoid pushing vulnerabilities into production. Choose a test frequency in your Settings if you want to change the frequency from the default, which is daily.
After running the `snyk monitor` command, log in to the Snyk website and view your projects to see the monitor.
@@ -46,7 +46,7 @@ See also subsequent sections for options for specific build environments, packag
### `--reachability=`
-Perform reachability analysis during the scan. This feature is currently in Snyk Preview. For more information, refer to [Reachability analysis](https://docs.snyk.io/manage-risk/prioritize-issues-for-fixing/reachability-analysis)
+Perform reachability analysis during the scan. This feature is in Snyk Preview. For more information, refer to [Reachability analysis](https://docs.snyk.io/manage-risk/prioritize-issues-for-fixing/reachability-analysis)
Default: `false`
@@ -243,7 +243,7 @@ Snyk reports the test results per individual `pom.xml` file within the aggregate
### `--maven-skip-wrapper`
-Forces the use of a globally installed `mvn` command, even when a Maven wrapper (i.e. `mvnw` or `mvnw.cmd`) is present in the project.
+Forces the use of a globally installed `mvn` command, even when a Maven wrapper (that is, `mvnw` or `mvnw.cmd`) is present in the project.
Some projects include a Maven wrapper but users may prefer (or be required by their CI environment) to use a globally installed `mvn` instead. This option gives an explicit escape hatch without having to remove the wrapper from the project.
@@ -335,7 +335,7 @@ This is useful when you have multiple projects with the same name in other `.sln
### `--dotnet-runtime-resolution`
-**Note:** This option in in Early Access and may change until it is released.
+**Note:** This option is in Early Access and may change until it is released.
Required. You must use this option when you test .NET projects using Runtime Resolution Scanning.
@@ -343,9 +343,9 @@ Example: `snyk test --dotnet-runtime-resolution`
### `--dotnet-target-framework`
-**Note:** This option in in Early Access and may change until it is released.
+**Note:** This option is in Early Access and may change until it is released.
-Optional. You may use this option if your solution contains multiple `` directives. If you do not specify the option `--dotnet-target-framework`, all supported Target Frameworks will be scanned.
+Optional. You may use this option if your solution contains multiple `` directives. If you do not specify the option `--dotnet-target-framework`, Snyk scans all supported Target Frameworks.
The Target Framework specified with this option should be defined following the standard [naming convention](https://learn.microsoft.com/en-us/dotnet/standard/frameworks#supported-target-frameworks)
@@ -405,7 +405,7 @@ You can specify how many sub-directories to search using `--detection-depth`.
You can exclude directories and files using `--exclude`.
-Default:`--all-projects` automatically detects and scans Yarn Workspaces.with other projects.
+Default: `--all-projects` automatically detects and scans Yarn Workspaces with other projects.
## Option for CocoaPods projects
@@ -421,7 +421,7 @@ Default: false
Indicate which specific Python commands to use based on the Python version.
-Snyk uses Python in order to scan and find your dependencies. If you are using multiple Python versions, use this parameter to specify the correct Python command for execution.
+Snyk uses Python to scan and find your dependencies. If you are using multiple Python versions, use this parameter to specify the correct Python command for execution.
Default: `python` This executes your default python version. Run `python -V` to find out what your default version is.
diff --git a/developer-tools/snyk-cli/commands/sbom.md b/developer-tools/snyk-cli/commands/sbom.md
index 459a1ab0a7c6..a5a7d322fbd0 100644
--- a/developer-tools/snyk-cli/commands/sbom.md
+++ b/developer-tools/snyk-cli/commands/sbom.md
@@ -4,7 +4,7 @@
**Feature availability:** This feature is available only to customers on Snyk Enterprise plans.
-**Note:** In order to use the SBOM generation feature, you must use the minimum CLI version 1.1071.0.
+**Note:** To use the SBOM generation feature, you must use the minimum CLI version 1.1071.0.
The `snyk sbom` feature requires an internet connection.
@@ -45,7 +45,7 @@ Specify the `` (name or UUID) to run Snyk commands tied to a specific Sn
Use this option when your default Organization does not have API entitlement.
-If this option is omitted, the default Organization for your account will be used.
+If you omit this option, Snyk uses the default Organization for your account.
This is the `` that is the current preferred Organization in your [Account settings](https://app.snyk.io/account)
@@ -149,7 +149,7 @@ Be sure to run the scan in the same directory as the root pom.xml file.
### `--maven-skip-wrapper`
-Forces the use of a globally installed `mvn` command, even when a Maven wrapper (i.e. `mvnw` or `mvnw.cmd`) is present in the project.
+Forces the use of a globally installed `mvn` command, even when a Maven wrapper (that is, `mvnw` or `mvnw.cmd`) is present in the project.
Some projects include a Maven wrapper but users may prefer (or be required by their CI environment) to use a globally installed `mvn` instead. This option gives an explicit escape hatch without having to remove the wrapper from the project.
@@ -267,7 +267,7 @@ Default: `--all-projects` automatically detects and scans Yarn Workspaces with o
Indicate which specific Python commands to use based on the Python version.
-Snyk uses Python in order to scan and find your dependencies. If you are using multiple Python versions, use this parameter to specify the correct Python command for execution.
+Snyk uses Python to scan and find your dependencies. If you are using multiple Python versions, use this parameter to specify the correct Python command for execution.
Default: `python` This executes your default python version. Run `python -V` to find out what your default version is.
diff --git a/developer-tools/snyk-cli/commands/test.md b/developer-tools/snyk-cli/commands/test.md
index a6ef6fdaa0a9..82b81cc5e1bd 100644
--- a/developer-tools/snyk-cli/commands/test.md
+++ b/developer-tools/snyk-cli/commands/test.md
@@ -37,7 +37,7 @@ See also subsequent sections for options for specific build environments, packag
### `--reachability=`
-Perform reachability analysis during the scan. This feature is currently in Snyk Preview. For more information, refer to [Reachability analysis](https://docs.snyk.io/manage-risk/prioritize-issues-for-fixing/reachability-analysis)
+Perform reachability analysis during the scan. This feature is in Snyk Preview. For more information, refer to [Reachability analysis](https://docs.snyk.io/manage-risk/prioritize-issues-for-fixing/reachability-analysis)
Default: `false`
@@ -73,7 +73,7 @@ Can be used with `--all-projects` and `--yarn-workspaces` to indicate directory
Example: `$ snyk test --all-projects --exclude=dir1,file2`
-This will exclude any directories and files named `dir1` and `file2` when scanning for project manifest files such as: `./dir1`, `./src/dir1`, `./file2`, `./src/file2` and so on.
+This excludes any directories and files named `dir1` and `file2` when scanning for project manifest files such as: `./dir1`, `./src/dir1`, `./file2`, `./src/file2` and so on.
**Note**: `--exclude=dir1` will find both `./dir1`, and `./src/dir1`.\
However, `--exclude=./src/dir1` will result in an error because it includes a path.
@@ -96,7 +96,7 @@ Print the dependency tree before sending it for analysis.
Set or override the remote URL for the repository.
-Example: `--remote-repo-url=https://gitlab.com/example/project` will create a target for given URL and on the UI it would be visible as `/example/project/` .
+Example: `--remote-repo-url=https://gitlab.com/example/project` creates a target for the given URL, and it is visible in the UI as `/example/project/` .
### `--dev`
@@ -230,7 +230,7 @@ Fail only when there are vulnerabilities that can be fixed. Use one of the value
To fail on any Snyk-discoverable vulnerability (the default behavior), do not use the `--fail-on` option. If vulnerabilities do not have a Snyk-computed fix and this option is being used, tests pass.
-**Note**: If you test code constrained by metadata that Snyk cannot respect with `snyk test`, Snyk will not propose a fix, in order to avoid breaking your code. You may be able to identify and apply a fix manually.
+**Note**: If you test code constrained by metadata that Snyk cannot respect with `snyk test`, Snyk does not propose a fix, to avoid breaking your code. You can identify and apply a fix manually.
### `--reachability-filter=`
@@ -256,9 +256,9 @@ Snyk reports the test results per individual `pom.xml` file within the aggregate
### `--maven-skip-wrapper`
-Forces the use of a globally installed `mvn` command, even when a Maven wrapper (i.e. `mvnw` or `mvnw.cmd`) is present in the project.
+Forces the use of a globally installed `mvn` command, even when a Maven wrapper (that is, `mvnw` or `mvnw.cmd`) is present in the project.
-Some projects include a Maven wrapper but users may prefer (or be required by their CI environment) to use a globally installed `mvn` instead. This option gives an explicit escape hatch without having to remove the wrapper from the project.
+Some projects include a Maven wrapper, but you might prefer, or your CI environment might require, a globally installed `mvn` instead. This option gives an explicit escape hatch without having to remove the wrapper from the project.
### `--scan-unmanaged`
@@ -372,7 +372,7 @@ This is useful when you have multiple projects with the same name in other `.sln
### `--dotnet-target-framework`
-Optional. You may use this option if your solution contains multiple `` directives. If you do not specify the option `--dotnet-target-framework`, all supported Target Frameworks will be scanned.
+Optional. You may use this option if your solution contains multiple `` directives. If you do not specify the option `--dotnet-target-framework`, Snyk scans all supported Target Frameworks.
The Target Framework specified with this option should be defined following the standard [naming convention](https://learn.microsoft.com/en-us/dotnet/standard/frameworks#supported-target-frameworks)
@@ -444,7 +444,7 @@ You can specify how many sub-directories to search using `--detection-depth.`
You can exclude directories and files using `--exclude`.
-Default: `--all-projects` automatically detects and scans Yarn Workspaces.with other projects.
+Default: `--all-projects` automatically detects and scans Yarn Workspaces with other projects.
## Option for CocoaPods projects
@@ -460,7 +460,7 @@ Default: false
Indicate which specific Python commands to use based on the Python version.
-Snyk uses Python in order to scan and find your dependencies. If you are using multiple Python versions, use this parameter to specify the correct Python command for execution.
+Snyk uses Python to scan and find your dependencies. If you are using multiple Python versions, use this parameter to specify the correct Python command for execution.
Default: `python` This executes your default python version. Run `python -V` to find out what your default version is.
diff --git a/developer-tools/snyk-cli/configure-the-snyk-cli/environment-variables-for-snyk-cli.md b/developer-tools/snyk-cli/configure-the-snyk-cli/environment-variables-for-snyk-cli.md
index a4c07518ec8d..b518fa86faab 100644
--- a/developer-tools/snyk-cli/configure-the-snyk-cli/environment-variables-for-snyk-cli.md
+++ b/developer-tools/snyk-cli/configure-the-snyk-cli/environment-variables-for-snyk-cli.md
@@ -6,7 +6,7 @@ This page identifies environment variables that you can use to configure specifi
`SNYK_MAX_ATTEMPTS`
-Starting with Snyk CLI v1.1303.2 `SNYK_MAX_ATTEMPTS=` can be used to enable network level retries. The default value is 1, which means that a network request will fail after one failed attempt. Increasing the value will make the network stack retry retriable status codes. The parameter can be used to mitigate transient network failures at the cost of increased runtime.
+Starting with Snyk CLI v1.1303.2, you can use `SNYK_MAX_ATTEMPTS=` to enable network level retries. The default value is 1, which means that a network request fails after one failed attempt. Increasing the value makes the network stack retry retriable status codes. Use the parameter to mitigate transient network failures at the cost of increased runtime.
The range is from 1 to 2,147,483,648 times.
@@ -16,13 +16,13 @@ Alternatively, you can set the value using the command line parameter `--max-att
`SNYK_CACHE_PATH`
-By specifying the environment variable `SNYK_CACHE_PATH`, you can define the path to the folder where the CLI will cache files. You must meet the [access requirements](../security-concept-of-operations-for-snyk/access-requirements.md) for the folder specified.
+By specifying the environment variable `SNYK_CACHE_PATH`, you can define the path to the folder where the CLI caches files. You must meet the [access requirements](../security-concept-of-operations-for-snyk/access-requirements.md) for the folder specified.
## Configure a timeout for CLI operations
`SNYK_TIMEOUT_SECS`
-When you specify an environment variable such as `SNYK_TIMEOUT_SECS=60`, the CLI will cancel all operations after 60 seconds and exit with exit code 69.
+When you specify an environment variable such as `SNYK_TIMEOUT_SECS=60`, the CLI cancels all operations after 60 seconds and exits with exit code 69.
The timeout can range from 1 to 2,147,483,648 seconds, approximately 596.523 hours.
diff --git a/developer-tools/snyk-cli/configure-the-snyk-cli/proxy-configuration-for-snyk-cli.md b/developer-tools/snyk-cli/configure-the-snyk-cli/proxy-configuration-for-snyk-cli.md
index a2fc3f87e58f..a29334dbf8f3 100644
--- a/developer-tools/snyk-cli/configure-the-snyk-cli/proxy-configuration-for-snyk-cli.md
+++ b/developer-tools/snyk-cli/configure-the-snyk-cli/proxy-configuration-for-snyk-cli.md
@@ -45,8 +45,8 @@ The use of these variables follows the MIT Kerberos implementation:
* [KRB5\_CONFIG](https://web.mit.edu/kerberos/krb5-devel/doc/admin/conf_files/krb5_conf.html) - Kerberos configuration file
* [KRB5CCNAME](https://web.mit.edu/kerberos/krb5-1.12/doc/basic/ccache_def.html) - Kerberos credential cache
- * Currently, the only supported credential cache type (`ccache` types) is **FILE.**
- * It is important to note that the cache file cannot be updated by the CLI. This means that the cache file must be updated externally, for example, by running [kinit](https://web.mit.edu/kerberos/krb5-1.12/doc/user/user_commands/kinit.html).,
+ * The only supported credential cache type (`ccache` types) is **FILE.**
+ * The CLI cannot update the cache file. You must update the cache file externally, for example, by running [kinit](https://web.mit.edu/kerberos/krb5-1.12/doc/user/user_commands/kinit.html).
## Disable proxy authentication
diff --git a/developer-tools/snyk-cli/debugging-the-snyk-cli.md b/developer-tools/snyk-cli/debugging-the-snyk-cli.md
index 4c0b921427ad..722c8af8d925 100644
--- a/developer-tools/snyk-cli/debugging-the-snyk-cli.md
+++ b/developer-tools/snyk-cli/debugging-the-snyk-cli.md
@@ -1,6 +1,6 @@
# Debugging the Snyk CLI
-When working with the CLI on your Projects, it is possible that you encounter unexpected behavior that requires investigation. Such behavior can be caused by configuration, environment, or bugs.
+When working with the CLI on your Projects, you might encounter unexpected behavior that requires investigation. Configuration, environment, or bugs can cause such behavior.
## Debug mode
diff --git a/developer-tools/snyk-cli/getting-started-with-the-snyk-cli.md b/developer-tools/snyk-cli/getting-started-with-the-snyk-cli.md
index cea9394e08ef..73a90bdc7323 100644
--- a/developer-tools/snyk-cli/getting-started-with-the-snyk-cli.md
+++ b/developer-tools/snyk-cli/getting-started-with-the-snyk-cli.md
@@ -43,7 +43,7 @@ Look at the `test` command report in your terminal. The report shows the vulnera
Before using the Snyk CLI to test your Open Source Project for vulnerabilities, with limited exceptions, you must build your Project. For details, see [Open Source Projects that must be built before testing](https://docs.snyk.io/snyk-cli/scan-and-maintain-projects-using-the-cli/snyk-cli-for-open-source/open-source-projects-that-must-be-built-before-testing-with-the-snyk-cli).
-In addition, depending on the language of your open-source Project, you may need to set up your language environment before using the Snyk CLI. For details, refer to [Supported languages, package managers, and frameworks](https://docs.snyk.io/supported-languages-package-managers-and-frameworks).
+In addition, depending on the language of your open-source Project, you might need to set up your language environment before using the Snyk CLI. For details, refer to [Supported languages, package managers, and frameworks](https://docs.snyk.io/supported-languages-package-managers-and-frameworks).
After you have installed the CLI and authenticated your machine, to **scan an open-source Project**, use `cd /my/project/` to change the current directory to a folder containing a supported package manifest file, such as `package.json`, `pom.xml`, or `composer.lock`. Then run `snyk test`. All vulnerabilities identified are listed, including their path and fix guidance.
@@ -103,7 +103,7 @@ See the course [Introduction to the Snyk CLI](https://learn.snyk.io/lesson/snyk-
Snyk also provides a [cheat sheet](https://res.cloudinary.com/snyk/image/upload/v1664236143/cheat-sheets/cheat-sheet-snyk-cli-v3.pdf) ([blog post](https://snyk.io/blog/snyk-cli-cheat-sheet/)).
-In particular, see the information about the following options that you may find useful:
+In particular, see the information about the following useful options:
* `--severity-threshold=low|medium|high|critical`: Report only vulnerabilities of the specified level or higher.
* `--json`: Print results in JSON format.
@@ -121,7 +121,7 @@ Effective July 22, 2024, Snyk CLI no longer accepts external contributions.
Due to the CLI's extensive usage and intricate nature, even minor modifications can have unforeseen consequences. Since introducing [release channels](https://docs.snyk.io/snyk-cli/releases-and-channels-for-the-snyk-cli) to the CLI code in April 2024, Snyk's focus has been on stabilizing releases. Snyk believes this open-source, closed-contribution model best serves this goal.
-In the spirit of transparency to Snyk customers and CLI users, Snyk will continue working in public. However, going forward, Snyk CLI is closed to contributions.
+In the spirit of transparency to Snyk customers and CLI users, Snyk continues working in public. However, going forward, Snyk CLI is closed to contributions.
Snyk appreciates and extends gratitude to the Snyk community.
diff --git a/developer-tools/snyk-cli/install-the-snyk-cli/README.md b/developer-tools/snyk-cli/install-the-snyk-cli/README.md
index 22c3c8fdd1bb..690ce71f7f94 100644
--- a/developer-tools/snyk-cli/install-the-snyk-cli/README.md
+++ b/developer-tools/snyk-cli/install-the-snyk-cli/README.md
@@ -10,7 +10,7 @@ The Snyk CLI can be installed across all major operating systems using several d
After you install the CLI, authenticate your Snyk account to start scanning your Snyk Projects. For more information, visit [Authenticate to use the CLI](../authenticate-to-use-the-cli.md).
{% hint style="warning" %}
-The Snyk CLI does not natively support Windows Subsystem for Linux (WSL). You can install and use the CLI in a WSL environment, but Snyk does not guarantee compatability. Consequently, Snyk integrations that rely on the CLI, such as IDE extensions and CI/CD plugins, do not natively support WSL.
+The Snyk CLI does not natively support Windows Subsystem for Linux (WSL). You can install and use the CLI in a WSL environment, but Snyk does not guarantee compatibility. Consequently, Snyk integrations that rely on the CLI, such as IDE extensions and CI/CD plugins, do not natively support WSL.
{% endhint %}
## Common installation steps
@@ -146,7 +146,7 @@ Authenticate the connection. For more details, visit Authentication in Docker.
GitHub actions
-1. In your Snyk account, navigate to **Account Settings** and copy your Auth token. Use a Service Account Token if you are an Enterprise plan user, to protect your pipeline from breaking if you as an individual leave the comapny.
+1. In your Snyk account, navigate to **Account Settings** and copy your Auth token. Use a Service Account Token if you are an Enterprise plan user, to protect your pipeline from breaking if you as an individual leave the company.
2. Navigate to **Settings** > **Secrets and variables** > **Actions**, and create a **New repository secret** in the format:
1. **Name**: `SNYK_TOKEN`
2. **Secret**: Your Snyk Auth token or Service Account Token
@@ -263,11 +263,11 @@ Download the standalone binary for your operating system and CPU architecture, m
For Windows, download the `.exe` and manually add its location to your system variables.
1. Download [snyk-win.exe](https://static.snyk.io/cli/latest/snyk-win.exe)
-2. Rename the file from `snyk-win.exe` to just `snyk.exe`.
+2. Rename the file from `snyk-win.exe` to `snyk.exe`.
3. Move it to a permanent folder (for example, `C:\tools\snyk\`).
4. Add to `PATH`:
1. Search for **Environment Variables** in your Start Menu.
2. Under **System Variables**, find **Path** and click **Edit**.
- 3. Add the path to the folder where you saved the `.exe` (e.g., `C:\tools\snyk\`).
+ 3. Add the path to the folder where you saved the `.exe` (for example, `C:\tools\snyk\`).
diff --git a/developer-tools/snyk-cli/install-the-snyk-cli/install-or-upgrade-to-version-of-node.js-required-for-snyk-cli.md b/developer-tools/snyk-cli/install-the-snyk-cli/install-or-upgrade-to-version-of-node.js-required-for-snyk-cli.md
index f0b791cc0cfa..52a20c159a72 100644
--- a/developer-tools/snyk-cli/install-the-snyk-cli/install-or-upgrade-to-version-of-node.js-required-for-snyk-cli.md
+++ b/developer-tools/snyk-cli/install-the-snyk-cli/install-or-upgrade-to-version-of-node.js-required-for-snyk-cli.md
@@ -1,12 +1,12 @@
# Install or upgrade to version of Node.js required for Snyk CLI
-Node.js v12 or higher is required for Snyk CLI version 1.853.0 and higher. Snyk recommends running as recent a version of Node.js and npm as possible to ensure full compatibility.
+Snyk CLI version 1.853.0 and higher requires Node.js v12 or higher. Snyk recommends running as recent a version of Node.js and npm as possible to ensure full compatibility.
### How to upgrade Node.js
Node.js comes with npm pre-installed, but the manager is updated more frequently than Node.js.
-To update Node.js, you need need the npm [n module](https://www.npmjs.com/package/n).
+To update Node.js, you need the npm [n module](https://www.npmjs.com/package/n).
Run this code to clear the npm cache, install `n`, and install the latest stable version of Node.js:
@@ -22,7 +22,7 @@ Follow these steps to upgrade Node.js:
1. Run `npm-v` to see which version you have.
2. Then run`npm install npm@latest -g` to install the newest npm update.
-3. Run `npm -v` again to make sure npm updated correctly.
+3. Run `npm -v` again to ensure npm updated correctly.
### How to upgrade npm
diff --git a/developer-tools/snyk-cli/install-the-snyk-cli/using-cli-releases-before-version-1.1230.0-on-an-apple-m1-or-m2-machine.md b/developer-tools/snyk-cli/install-the-snyk-cli/using-cli-releases-before-version-1.1230.0-on-an-apple-m1-or-m2-machine.md
index 39a6f09372a1..b0046c98268b 100644
--- a/developer-tools/snyk-cli/install-the-snyk-cli/using-cli-releases-before-version-1.1230.0-on-an-apple-m1-or-m2-machine.md
+++ b/developer-tools/snyk-cli/install-the-snyk-cli/using-cli-releases-before-version-1.1230.0-on-an-apple-m1-or-m2-machine.md
@@ -2,14 +2,14 @@
**Beginning with version 1.1230.0**, the Snyk CLI supports Apple silicon, including M1 and M2 machines, so **you no longer need the Rosetta 2 software, as suggested on this page**. Snyk recommends always keeping your CLI installation updated to the latest version. You can check which version of the Snyk CLI you have installed by running `snyk --version`.
-If you run releases of the Snyk CLI before [version 1.1230.0](https://github.com/snyk/cli/releases/tag/v1.1230.0) on an Apple M1 machine, you may see the following error:
+If you run releases of the Snyk CLI before [version 1.1230.0](https://github.com/snyk/cli/releases/tag/v1.1230.0) on an Apple M1 machine, you might see the following error:
```
$ snyk --version
bad CPU type in executable
```
-On an M2 machine, you may see this error:
+On an M2 machine, you might see this error:
`Unknown system error -86`
diff --git a/developer-tools/snyk-cli/releases-and-channels-for-the-snyk-cli.md b/developer-tools/snyk-cli/releases-and-channels-for-the-snyk-cli.md
index 50ef3b1277da..e4d81adb9e81 100644
--- a/developer-tools/snyk-cli/releases-and-channels-for-the-snyk-cli.md
+++ b/developer-tools/snyk-cli/releases-and-channels-for-the-snyk-cli.md
@@ -14,7 +14,7 @@ Given a version number MAJOR.MINOR.PATCH, increment the:
Additional labels are added for CLI releases as needed based on the standard.
-In the Snyk CLI context, Snyk defines a breaking change as a change that could break automated workflows and cause failures in your existing working setup, such as CI/CD integrations. Breaking changes will be indicated by incrementing MAJOR and also mentioned in the release notes.
+In the Snyk CLI context, Snyk defines a breaking change as a change that could break automated workflows and cause failures in your existing working setup, such as CI/CD integrations. Snyk indicates breaking changes by incrementing MAJOR and also mentions them in the release notes.
Some examples of breaking changes are the following:
@@ -31,10 +31,10 @@ When you select a channel, you are selecting the stability level you want to use
### preview
{% hint style="info" %}
-Snyk offers a preview channel for those who want to test _in-progress_ features. However, keep in mind that this channel may contain bugs and is not officially supported.
+Snyk offers a preview channel for those who want to test _in-progress_ features. However, keep in mind that this channel might contain bugs and is not officially supported.
{% endhint %}
-A preview version is not recommended for production environments. It may contain bugs and is best tested in a local environment. For instructions on installing a preview version, see [Install standalone executables from a channel.](releases-and-channels-for-the-snyk-cli.md#install-standalone-executables-from-a-channel)
+A preview version is not recommended for production environments. It might contain bugs and is best tested in a local environment. For instructions on installing a preview version, see [Install standalone executables from a channel.](releases-and-channels-for-the-snyk-cli.md#install-standalone-executables-from-a-channel)
* Preview: pre-release builds are deployed regularly up to multiple times a day and contain the latest changes.
* Version Pattern: v{MAJOR}.{MINOR}.{PATCH}-preview
@@ -96,7 +96,7 @@ Snyk recommends opting in to a stable channel for the following reasons:
However, customers who would like to receive code changes as soon as they are merged can opt in to the preview channel. Note that Snyk does not offer support for the preview channel and expects known issues to be present in this channel.
{% hint style="info" %}
-Existing Snyk customers who are opted in to the previously known latest channel will be automatically opted in to the stable channel. Snyk is mirroring the latest channel and the stable channel to avoid disruption to existing customers. However, Snyk encourages you to switch to the new channels as shown above.
+Snyk automatically opts existing customers who are opted in to the previously known latest channel into the stable channel. Snyk is mirroring the latest channel and the stable channel to avoid disruption to existing customers. However, Snyk encourages you to switch to the new channels as shown above.
{% endhint %}
### Linux static builds
@@ -105,7 +105,7 @@ As of `v1.1305.0`, the Snyk CLI Linux binaries (`snyk-linux`, `snyk-linux-arm64`
## Support policy
-Snyk supports the latest 12 months of CLI versions in the stable channel, ensuring functionality and performance. Older versions are considered End-of-Support (EOS) and will not receive bug fixes or support for troubleshooting.
+Snyk supports the latest 12 months of CLI versions in the stable channel, ensuring functionality and performance. Older versions are considered End-of-Support (EOS) and do not receive bug fixes or support for troubleshooting.
Snyk provides fixes only in new versions and cannot fix older versions. Customers must upgrade to benefit from improvements.
@@ -118,7 +118,7 @@ If you need help, submit a [request](https://support.snyk.io) to Snyk Support.
This section specifies the minimum requirements for the latest CLI, covering aspects such as the operating system, dynamically linked libraries, and runtimes.
{% hint style="warning" %}
-Snyk CLI is designed and expected to run on operating system environments that are actively supported by their vendors and have not reached their End of Support (EOS) or End of Life (EOL). Once an operating system environment reaches its end of support, Snyk will cease testing and providing support for Snyk CLI in that specific environment.
+Snyk CLI is designed and expected to run on operating system environments that are actively supported by their vendors and have not reached their End of Support (EOS) or End of Life (EOL). After an operating system environment reaches its end of support, Snyk ceases testing and providing support for Snyk CLI in that specific environment.
{% endhint %}
| OS\Architecture | amd64 (minimum requirements) | arm64 (minimum requirements) |
diff --git a/developer-tools/snyk-cli/scan-and-maintain-projects-using-the-cli/README.md b/developer-tools/snyk-cli/scan-and-maintain-projects-using-the-cli/README.md
index 7fbeb99a7cfc..ec6bb5cc6f91 100644
--- a/developer-tools/snyk-cli/scan-and-maintain-projects-using-the-cli/README.md
+++ b/developer-tools/snyk-cli/scan-and-maintain-projects-using-the-cli/README.md
@@ -12,7 +12,7 @@ The remaining pages address [Scanning Projects](./#scanning-projects), [Monitori
* [The .snyk file](https://app.gitbook.com/s/BJO0IZx7zB6bOkotxQP2/prevent/policies/the-.snyk-file)
* [A .snyk policy file in a different directory from the manifest file](a-.snyk-policy-file-in-a-different-directory-from-the-manifest-file.md)
* [Failing builds in Snyk CLI](failing-of-builds-in-snyk-cli.md)
-* [Ignore vulnerabilties using Snyk CLI](ignore-vulnerabilities-using-the-snyk-cli.md)
+* [Ignore vulnerabilities using Snyk CLI](ignore-vulnerabilities-using-the-snyk-cli.md)
* [Invalid string length error when scanning projects](invalid-string-length-error-when-scanning-projects.md)
* [Scan all unmanaged JAR files](scan-all-unmanaged-jar-files.md)
* [How to select the organization to use in the CLI](how-to-select-the-organization-to-use-in-the-cli.md)
diff --git a/developer-tools/snyk-cli/scan-and-maintain-projects-using-the-cli/a-.snyk-policy-file-in-a-different-directory-from-the-manifest-file.md b/developer-tools/snyk-cli/scan-and-maintain-projects-using-the-cli/a-.snyk-policy-file-in-a-different-directory-from-the-manifest-file.md
index 9971b01f97a9..bb7e22d4ff92 100644
--- a/developer-tools/snyk-cli/scan-and-maintain-projects-using-the-cli/a-.snyk-policy-file-in-a-different-directory-from-the-manifest-file.md
+++ b/developer-tools/snyk-cli/scan-and-maintain-projects-using-the-cli/a-.snyk-policy-file-in-a-different-directory-from-the-manifest-file.md
@@ -1,6 +1,6 @@
# A .snyk policy file in a different directory from the manifest file
-When you scan a project with the CLI, the `.snyk` policy file may be in a different directory from the manifest file, either because of the structure of the project or because the project has multiple manifest files using the same policy file.
+When you scan a project with the CLI, the `.snyk` policy file might be in a different directory from the manifest file, either because of the structure of the project or because the project has multiple manifest files using the same policy file.
Use the `--policy-path` option to specify a policy path manually for use in scanning or monitoring the project.
diff --git a/developer-tools/snyk-cli/scan-and-maintain-projects-using-the-cli/cli-test-results.md b/developer-tools/snyk-cli/scan-and-maintain-projects-using-the-cli/cli-test-results.md
index 1eaf850af365..4bb3a44118d6 100644
--- a/developer-tools/snyk-cli/scan-and-maintain-projects-using-the-cli/cli-test-results.md
+++ b/developer-tools/snyk-cli/scan-and-maintain-projects-using-the-cli/cli-test-results.md
@@ -1,12 +1,12 @@
# CLI test results
-After you run `snyk test,` a list of vulnerabilities and license issues is displayed directly from the CLI. The list includes:
+After you run `snyk test,` the CLI displays a list of vulnerabilities and license issues directly. The list includes:
* severity
* detailed descriptions of issues
* where relevant, links to more specific details for each issue
-Depending on the language of the project you have tested you may also see fix advice, including details on how you can manually fix the vulnerability.
+Depending on the language of the project you have tested, you might also see fix advice, including details on how you can manually fix the vulnerability.
For more information see:\
[Snyk CLI](../)\
diff --git a/developer-tools/snyk-cli/scan-and-maintain-projects-using-the-cli/cli-tools/README.md b/developer-tools/snyk-cli/scan-and-maintain-projects-using-the-cli/cli-tools/README.md
index e1c88f7a7246..68a065c6fcac 100644
--- a/developer-tools/snyk-cli/scan-and-maintain-projects-using-the-cli/cli-tools/README.md
+++ b/developer-tools/snyk-cli/scan-and-maintain-projects-using-the-cli/cli-tools/README.md
@@ -1,5 +1,5 @@
# CLI tools
-The CLI tools extend the user of the Snyk CLI by performing analysis and transformation of output in specific ways. For details, see [`snyk-delta`](snyk-delta.md), [`snyk-filter`](snyk-filter.md), and [`snyk-to-html`](snyk-to-html.md).
+The CLI tools extend the use of the Snyk CLI by performing analysis and transformation of output in specific ways. For details, see [`snyk-delta`](snyk-delta.md), [`snyk-filter`](snyk-filter.md), and [`snyk-to-html`](snyk-to-html.md).
For information about additional tools, see [Snyk Tools](../../../scan-with-snyk/snyk-tools/).
diff --git a/developer-tools/snyk-cli/scan-and-maintain-projects-using-the-cli/cli-tools/snyk-delta.md b/developer-tools/snyk-cli/scan-and-maintain-projects-using-the-cli/cli-tools/snyk-delta.md
index 08a7a42341fe..06c0d9596a20 100644
--- a/developer-tools/snyk-cli/scan-and-maintain-projects-using-the-cli/cli-tools/snyk-delta.md
+++ b/developer-tools/snyk-cli/scan-and-maintain-projects-using-the-cli/cli-tools/snyk-delta.md
@@ -9,7 +9,7 @@ This tool provides the means to get the delta between two Snyk Open Source snaps
* Dependency delta between the two snapshots:
* Direct dependencies added and removed
* Indirect dependencies added and removed
- * Flag path(s) carrying new vulnerabilities
+ * Flag paths carrying new vulnerabilities
## Prerequisites
@@ -33,7 +33,7 @@ You can use this tool inline or as a standalone command.
Use `snyk test --json --print-deps | snyk-delta`
-* You may point to a specific snapshot by specifying org+project coordinates:\
+* You can point to a specific snapshot by specifying org+project coordinates:\
`snyk test --json --print-deps | snyk-delta --baselineOrg xxx --baselineProject xxx`
* Use `--setPassIfNoBaseline` if used with `snyk-prevent_commit_status` and the Project is not monitored. This prevents`snyk-prevent_commit_status` from failing:\
`setPassIfNoBaseline` default to false\
@@ -61,10 +61,10 @@ const result = await getDelta(jsonResultsFromSnykTest);
**The result** is a number:
* 0: no new issue
-* 1: new issue(s) or when using StrictMode and the unmonitored Project has issues (See more details in [StrictMode](snyk-delta.md#strictmode).)
+* 1: new issues or when using StrictMode and the unmonitored Project has issues (See more details in [StrictMode](snyk-delta.md#strictmode).)
* 2: for errors like invalid auth
-Details for issues will be listed on stdout.
+Details for issues are listed on stdout.
## Help for snyk-delta
diff --git a/developer-tools/snyk-cli/scan-and-maintain-projects-using-the-cli/cli-tools/snyk-filter.md b/developer-tools/snyk-cli/scan-and-maintain-projects-using-the-cli/cli-tools/snyk-filter.md
index 517a466e5ca2..c592156a5428 100644
--- a/developer-tools/snyk-cli/scan-and-maintain-projects-using-the-cli/cli-tools/snyk-filter.md
+++ b/developer-tools/snyk-cli/scan-and-maintain-projects-using-the-cli/cli-tools/snyk-filter.md
@@ -31,7 +31,7 @@ sudo npm install -g
3. The exit code from `snyk-filter` is 0 for pass (no issues) and 1 for fail (issues found).
{% hint style="info" %}
-When you use a multi-step approach like `snyk test --json > result-opensource.json` and then pass the results to a plugin, the [exit code](../../cli-commands-and-options-summary.md#exit-codes-for-cli-commands) may stop or break the process on your build system before you get to the step of passing the output file to a tool like `snyk-to-html` or `snyk-filter`. You have several options, depending on the capabilities of your build tools:\
+When you use a multi-step approach like `snyk test --json > result-opensource.json` and then pass the results to a plugin, the [exit code](../../cli-commands-and-options-summary.md#exit-codes-for-cli-commands) might stop or break the process on your build system before you get to the step of passing the output file to a tool like `snyk-to-html` or `snyk-filter`. You have several options, depending on the capabilities of your build tools:\
\
1\) Capture the [exit code](../../cli-commands-and-options-summary.md#exit-codes-for-cli-commands) in a parameter to prevent it from being returned to the process in addition to checking for an error state.\
2\) Use `||true` or some form of logic to prevent the [exit code](../../cli-commands-and-options-summary.md#exit-codes-for-cli-commands) from terminating the process.\
diff --git a/developer-tools/snyk-cli/scan-and-maintain-projects-using-the-cli/cli-tools/snyk-scm-contributors-count/README.md b/developer-tools/snyk-cli/scan-and-maintain-projects-using-the-cli/cli-tools/snyk-scm-contributors-count/README.md
index 9b967f6ae743..300e118aae46 100644
--- a/developer-tools/snyk-cli/scan-and-maintain-projects-using-the-cli/cli-tools/snyk-scm-contributors-count/README.md
+++ b/developer-tools/snyk-cli/scan-and-maintain-projects-using-the-cli/cli-tools/snyk-scm-contributors-count/README.md
@@ -4,7 +4,7 @@
This tool counts and prints a summary of the contributors count for the last 90 days for any of the following SCMs:
-* Azure Devops
+* Azure DevOps
* Bitbucket Cloud
* Bitbucket Server
* GitHub
@@ -29,15 +29,15 @@ For more information, see the [tool repository README](https://github.com/snyk-t
## **How the SCM-Contributors-Count tool works**
-The tool works in two modes: **Scoping usage prior to onboarding** and **Snyk License Consumption.**
+The tool works in two modes: **Scoping usage before onboarding** and **Snyk License Consumption.**
-* **Scoping usage prior to onboarding:** For users who want to onboard to Snyk and would like to get an estimate of the developer count across their SCMs.\
+* **Scoping usage before onboarding:** For users who want to onboard to Snyk and would like to get an estimate of the developer count across their SCMs.\
In this mode, the tool fetches all the information directly from the SCMs, using the credentials provided by the user.
* **Snyk License Consumption (valid only for Bitbucket and Azure):** For users with an existing Snyk account, who want some clarity and details about their license consumption (number of contributors, names, email, and so on).\
In this mode, the tool fetches the SCM-related projects monitored by Snyk and then matches those to the repos on the SCM and counts the contributors only for those repos/projects.
{% hint style="info" %}
-Note that currently the tool **does not** count emails that end with "noreply.github.com".
+Note that the tool **does not** count emails that end with "noreply.github.com".
{% endhint %}
## Downloading the tool
diff --git a/developer-tools/snyk-cli/scan-and-maintain-projects-using-the-cli/cli-tools/snyk-scm-contributors-count/api-rate-limit-control-for-scm-contributors-count.md b/developer-tools/snyk-cli/scan-and-maintain-projects-using-the-cli/cli-tools/snyk-scm-contributors-count/api-rate-limit-control-for-scm-contributors-count.md
index 106adb5212be..50f5bb00131f 100644
--- a/developer-tools/snyk-cli/scan-and-maintain-projects-using-the-cli/cli-tools/snyk-scm-contributors-count/api-rate-limit-control-for-scm-contributors-count.md
+++ b/developer-tools/snyk-cli/scan-and-maintain-projects-using-the-cli/cli-tools/snyk-scm-contributors-count/api-rate-limit-control-for-scm-contributors-count.md
@@ -16,17 +16,17 @@ The `snyk-scm-contributors-count` tool applies a strict limit of a maximum of 1,
On Bitbucket Server, the system admin has full control of the API rate limiting as described in this [guide](https://confluence.atlassian.com/bitbucketserver/improving-instance-stability-with-rate-limiting-976171954.html).
-The `snyk-scm-contributors-count` tool applies a moderate limit of a max 1000 calls per hour and additional regulating mechanism to deal with 429 responses ("too many calls")
+The `snyk-scm-contributors-count` tool applies a moderate limit of a maximum of 1,000 calls per hour and an additional regulating mechanism to deal with 429 responses ("too many calls").
## GitHub
-On GithHub, the API rate limit is 5,000 calls per hour for authenticated users as described in this [guide](https://docs.github.com/en/developers/apps/building-github-apps/rate-limits-for-github-apps).
+On GitHub, the API rate limit is 5,000 calls per hour for authenticated users as described in this [guide](https://docs.github.com/en/developers/apps/building-github-apps/rate-limits-for-github-apps).
The `snyk-scm-contributors-count` tool applies a strict limit of a maximum of 4,500 calls per hour to deal with the rate limit and an additional regulating mechanism to deal with 429 responses ("too many calls").
## GitHub Enterprise
-On Github Enterprise, the API rate limit is 5,000 calls per hour for authenticated users as described in this [guide](https://docs.github.com/en/developers/apps/building-github-apps/rate-limits-for-github-apps).
+On GitHub Enterprise, the API rate limit is 5,000 calls per hour for authenticated users as described in this [guide](https://docs.github.com/en/developers/apps/building-github-apps/rate-limits-for-github-apps).
The `snyk-scm-contributors-count` tool applies a strict limit of a maximum of 3 calls per second which amounts to 10,800 calls per hour, to deal with the rate limit and an additional regulating mechanism to deal with 429 responses ("too many calls").
diff --git a/developer-tools/snyk-cli/scan-and-maintain-projects-using-the-cli/cli-tools/snyk-scm-contributors-count/consolidate-results.md b/developer-tools/snyk-cli/scan-and-maintain-projects-using-the-cli/cli-tools/snyk-scm-contributors-count/consolidate-results.md
index aaf0908f360c..aa9fe52ff610 100644
--- a/developer-tools/snyk-cli/scan-and-maintain-projects-using-the-cli/cli-tools/snyk-scm-contributors-count/consolidate-results.md
+++ b/developer-tools/snyk-cli/scan-and-maintain-projects-using-the-cli/cli-tools/snyk-scm-contributors-count/consolidate-results.md
@@ -6,13 +6,13 @@ description: How to use the consolidateResults command
## consolidateResults command
-When you work with the SCM-Contributors-Count tool, you may work with more than one source control manager (SCM). You will run a separate command for each SCM to get the contributors count for your repos there.
+When you work with the SCM-Contributors-Count tool, you might work with more than one source control manager (SCM). You run a separate command for each SCM to get the contributors count for your repos there.
For example: If you have a contributor that commits to both GitHub repos and Bitbucket projects, you'll see that contributor's details in the output for both SCMs.
If you want to get an overall picture of all your contributors across all the SCMs, use the `consolidateResults` command.
-This command allows you to take multiple (`json`) outputs of `snyk-scm-contributors-count` commands for different SCMs and consolidate them into one file, with a unique contributors count and a total of the repos from all SCMs.
+This command lets you take multiple (`json`) outputs of `snyk-scm-contributors-count` commands for different SCMs and consolidate them into one file, with a unique contributors count and a total of the repos from all SCMs.
The following options are available for the `consolidateResults` command:
@@ -37,4 +37,4 @@ snyk-scm-contributors-count github-enterprise --token TOKEN --json > PathToFolde
snyk-scm-contributors-count consolidateResults --folderPath PathToFolder
```
-* The tool will then look for valid files in the folder, read the content of the files, create a new file with consolidated, unique results from all the files that have been read, and name the new file`consolidated-results.json`.
+* The tool then looks for valid files in the folder, reads the content of the files, creates a new file with consolidated, unique results from all the files that it read, and names the new file`consolidated-results.json`.
diff --git a/developer-tools/snyk-cli/scan-and-maintain-projects-using-the-cli/cli-tools/snyk-scm-contributors-count/creating-and-using-the-import-file.md b/developer-tools/snyk-cli/scan-and-maintain-projects-using-the-cli/cli-tools/snyk-scm-contributors-count/creating-and-using-the-import-file.md
index 9fc8237b452b..8cc93d43eaa9 100644
--- a/developer-tools/snyk-cli/scan-and-maintain-projects-using-the-cli/cli-tools/snyk-scm-contributors-count/creating-and-using-the-import-file.md
+++ b/developer-tools/snyk-cli/scan-and-maintain-projects-using-the-cli/cli-tools/snyk-scm-contributors-count/creating-and-using-the-import-file.md
@@ -8,16 +8,16 @@ description: How to generate the import file and use it with the snyk-api-import
This feature only works with Bitbucket and Azure.
-When the `snyk-scm-contributors-count` tool connects both to your Snyk account and your SCM account, the tools finds out which repos/projects are monitored by Snyk and which are not.
+When the `snyk-scm-contributors-count` tool connects both to your Snyk account and your SCM account, the tool finds out which repos/projects Snyk monitors and which it does not.
When you apply the `importConfDir` and `importFileRepoType` flags to the command, the tool generates an import file populated with the unmonitored repo data, to be used with the [**snyk-api-import** ](creating-and-using-the-import-file.md#using-the-snyk-api-import-tool)tool to import the missing repos to your Snyk account.
-* If the Snyk token was exported and the related Snyk account has an integration set for the specific SCM that is being scanned by the tool, the tool will try to find and match the OrgID and IntegrationID from Snyk as needed by the `snyk-api-import` tool and automatically add it to the import file.
-* If a Snyk token was not exported or the user has no Snyk account yet, this feature can be used to map all repos in the SCM and create the import file to be later used by the `snyk-api-import` tool. In this case or if the tool can not find an OrgID or IntegrationID, the tool prompts the user to supply these IDs (once) and automatically adds them to the import file.
+* If the Snyk token was exported and the related Snyk account has an integration set for the specific SCM that the tool scans, the tool tries to find and match the OrgID and IntegrationID from Snyk as needed by the `snyk-api-import` tool and automatically adds it to the import file.
+* If a Snyk token was not exported or the user has no Snyk account yet, you can use this feature to map all repos in the SCM and create the import file to use later with the `snyk-api-import` tool. In this case, or if the tool cannot find an OrgID or IntegrationID, the tool prompts the user to supply these IDs once and automatically adds them to the import file.
## The import flags
-`importConfDir` - This flag indicates that a query for unmonitored repos should be made and expects a path to a folder (with write privileges) in which to create the json import files, for example :
+`importConfDir` - This flag indicates that the tool should query for unmonitored repos and expects a path to a folder (with write privileges) in which to create the json import files, for example:
```
snyk-scm-contributors-count --token TOKEN -- importConfDir /snyk/import/
@@ -32,11 +32,11 @@ snyk-scm-contributors-count --token TOKEN -- importConfDir /snyk/impor
```
{% hint style="info" %}
-The import file requires an OrgID and IntegrationID from the user in order to import them to the right organization and integration at Snyk.
+The import file requires an OrgID and IntegrationID from the user to import them to the right organization and integration at Snyk.
-The tool will try to find these two values from Snyk (provided that a SNYK\_TOKEN was exported and that the org mapping at Snyk is mirrored to that of the SCM) and if the tool can not find those values, the user will be prompted to supply them in the command line.
+The tool tries to find these two values from Snyk (provided that a SNYK\_TOKEN was exported and that the org mapping at Snyk is mirrored to that of the SCM), and if the tool cannot find those values, it prompts the user to supply them in the command line.
-Once the user has stated the values for OrgID and IntegrationID once, these values will be set for ALL the entries in the import file (meaning that all the imported repos will be under the same org in Snyk).
+After the user states the values for OrgID and IntegrationID once, the tool sets these values for ALL the entries in the import file (meaning that all the imported repos are under the same org in Snyk).
{% endhint %}
## Using the snyk-api-import tool
diff --git a/developer-tools/snyk-cli/scan-and-maintain-projects-using-the-cli/cli-tools/snyk-scm-contributors-count/output.md b/developer-tools/snyk-cli/scan-and-maintain-projects-using-the-cli/cli-tools/snyk-scm-contributors-count/output.md
index 7652169d4ea2..7a23ffe14b52 100644
--- a/developer-tools/snyk-cli/scan-and-maintain-projects-using-the-cli/cli-tools/snyk-scm-contributors-count/output.md
+++ b/developer-tools/snyk-cli/scan-and-maintain-projects-using-the-cli/cli-tools/snyk-scm-contributors-count/output.md
@@ -89,7 +89,7 @@ Next to each repository name, there is an indication of its visibility, either (
* `email` - The email of the contributor
* `contributionsCount` - The number of the times this contributor has contributed to the repo/s.
* `repoContributedTo` - A list of the repo/repos to which this contributor has contributed.
-* `(duplicate)` - Indicator that the same user has been detected from different email addresses; note that they will be counted as **different committers**.
+* `(duplicate)` - Indicator that the same user has been detected from different email addresses; note that they are counted as **different committers**.
{% hint style="info" %}
As the output can be long, Snyk recommends sending the output to a file for better review and parsing options.
diff --git a/developer-tools/snyk-cli/scan-and-maintain-projects-using-the-cli/cli-tools/snyk-scm-contributors-count/scripts-for-scm-contributors-count/README.md b/developer-tools/snyk-cli/scan-and-maintain-projects-using-the-cli/cli-tools/snyk-scm-contributors-count/scripts-for-scm-contributors-count/README.md
index 58a0b448e9c3..053132ffc5b7 100644
--- a/developer-tools/snyk-cli/scan-and-maintain-projects-using-the-cli/cli-tools/snyk-scm-contributors-count/scripts-for-scm-contributors-count/README.md
+++ b/developer-tools/snyk-cli/scan-and-maintain-projects-using-the-cli/cli-tools/snyk-scm-contributors-count/scripts-for-scm-contributors-count/README.md
@@ -6,7 +6,7 @@ description: A detailed guide to the specific SCM-Contributor-Count scripts
The following scripts are provided:
-* [Azure Devops](azure-devops/)
+* [Azure DevOps](azure-devops/)
* [Bitbucket Cloud](bitbucket-cloud/)
* [Bitbucket Server](bitbucket-server/)
* [GitHub](github/)
diff --git a/developer-tools/snyk-cli/scan-and-maintain-projects-using-the-cli/cli-tools/snyk-scm-contributors-count/scripts-for-scm-contributors-count/azure-devops/azure-examples.md b/developer-tools/snyk-cli/scan-and-maintain-projects-using-the-cli/cli-tools/snyk-scm-contributors-count/scripts-for-scm-contributors-count/azure-devops/azure-examples.md
index 89296f3b3bea..be753648bec7 100644
--- a/developer-tools/snyk-cli/scan-and-maintain-projects-using-the-cli/cli-tools/snyk-scm-contributors-count/scripts-for-scm-contributors-count/azure-devops/azure-examples.md
+++ b/developer-tools/snyk-cli/scan-and-maintain-projects-using-the-cli/cli-tools/snyk-scm-contributors-count/scripts-for-scm-contributors-count/azure-devops/azure-examples.md
@@ -24,17 +24,17 @@ The following options are available for the `snyk-scm-contributors-count azure d
## Before running the command
1. Export SNYK\_TOKEN (if you want to get the contributors only for repos that are already monitored by Snyk):
- * Make sure that your token has Group level access or use a service account's token that has Group level access. To learn more about how to create a service account, refer to [Service accounts](https://app.gitbook.com/s/IgtgtomLQ2TUgSKOMSAm/service-accounts/service-accounts).
+ * Ensure that your token has Group level access or use a service account token that has Group level access. To learn more about how to create a service account, refer to [Service accounts](https://app.gitbook.com/s/IgtgtomLQ2TUgSKOMSAm/service-accounts/service-accounts).
* Copy the token value.
* Export the token in your environment:
```
export SNYK_TOKEN=
```
-2. Get your Azure Devops Token and Org:
+2. Get your Azure DevOps token and Org:
* Create a Token if one does not exist, using this [guide](https://docs.microsoft.com/en-us/azure/devops/organizations/accounts/use-personal-access-tokens-to-authenticate?view=azure-devops\&tabs=preview-page).
- **Note**: Make sure your token has read access to the repos.
+ **Note**: Ensure your token has read access to the repos.
* Find your Org name in Azure listed on the left pane on the [Azure DevOps site](https://dev.azure.com).
## Running the command
@@ -43,17 +43,17 @@ Consider the following levels of usage and options:
### Usage levels
-* To get commits for all projects and their repos under my Org in Azure , only provide the Azure token and Azure Org:
+* To get commits for all projects and their repos under your Org in Azure, provide only the Azure token and Azure Org:
```
snyk-scm-contributors-count azure-devops --token AZURE-TOKEN --org AZURE-ORG
```
-* To get commits for some projects and their repos under my Org in Azure , provide the Azure token, Azure Org and the project key/s separated by a comma:
+* To get commits for some projects and their repos under your Org in Azure, provide the Azure token, Azure Org, and the project keys separated by a comma:
```
snyk-scm-contributors-count azure-devops --token AZURE-TOKEN --org AZURE-ORG --projectKeys Key1,Key2...
```
-* To get commits for a specific repo under my Org in Azure , provide the Azure token, Azure Org, a project key and a repo name:
+* To get commits for a specific repo under your Org in Azure, provide the Azure token, Azure Org, a project key, and a repo name:
```
snyk-scm-contributors-count azure-devops --token AZURE-TOKEN --org AZURE-ORG --projectKeys Key1 --repo Repo1
diff --git a/developer-tools/snyk-cli/scan-and-maintain-projects-using-the-cli/cli-tools/snyk-scm-contributors-count/scripts-for-scm-contributors-count/azure-devops/azure-flow-and-tech.md b/developer-tools/snyk-cli/scan-and-maintain-projects-using-the-cli/cli-tools/snyk-scm-contributors-count/scripts-for-scm-contributors-count/azure-devops/azure-flow-and-tech.md
index c4004e0b6ffe..fd1850e9b381 100644
--- a/developer-tools/snyk-cli/scan-and-maintain-projects-using-the-cli/cli-tools/snyk-scm-contributors-count/scripts-for-scm-contributors-count/azure-devops/azure-flow-and-tech.md
+++ b/developer-tools/snyk-cli/scan-and-maintain-projects-using-the-cli/cli-tools/snyk-scm-contributors-count/scripts-for-scm-contributors-count/azure-devops/azure-flow-and-tech.md
@@ -6,7 +6,7 @@
2. Fetch `one`/`some`/`all` the projects that the credentials have access to from SCM and create a projects list.
3. Fetch `one`/`all` repos under the fetched/provided Projects.
4. Remove the repos that are not monitored by Snyk (if the `skipSnykMonitoredRepos` flag was **not set** and the `SNYK_TOKEN` was exported) and create a Repo list.
-5. Create an import file for unmonitored repos to use for easily importing repos into your Snyk account (if the `importConfDir` flag was set).
+5. Create an import file for unmonitored repos to use for importing repos into your Snyk account (if the `importConfDir` flag was set).
6. Fetch the commits for the fetched/provided repo/s and create a Contributors list.
7. Count the commits for the repo/s by the contributors.
8. Remove the contributors that were specified in the exclusion file (if `the exclusionFilePath` flag was set and a valid path to a text file was provided).
diff --git a/developer-tools/snyk-cli/scan-and-maintain-projects-using-the-cli/cli-tools/snyk-scm-contributors-count/scripts-for-scm-contributors-count/bitbucket-cloud/bitbucket-cloud-examples.md b/developer-tools/snyk-cli/scan-and-maintain-projects-using-the-cli/cli-tools/snyk-scm-contributors-count/scripts-for-scm-contributors-count/bitbucket-cloud/bitbucket-cloud-examples.md
index e836a63daa86..60fed1f2e5fb 100644
--- a/developer-tools/snyk-cli/scan-and-maintain-projects-using-the-cli/cli-tools/snyk-scm-contributors-count/scripts-for-scm-contributors-count/bitbucket-cloud/bitbucket-cloud-examples.md
+++ b/developer-tools/snyk-cli/scan-and-maintain-projects-using-the-cli/cli-tools/snyk-scm-contributors-count/scripts-for-scm-contributors-count/bitbucket-cloud/bitbucket-cloud-examples.md
@@ -23,7 +23,7 @@ The following options are available for the `snyk-scm-contributors-count bitbuck
## Before running the command
1. Export SNYK\_TOKEN (if you want to get the contributors only for repos that are already monitored by Snyk):
- * Make sure that your token has Group level access or use a service account's token that has Group level access. To learn more about how to create a service account, refer to [Service accounts](https://app.gitbook.com/s/IgtgtomLQ2TUgSKOMSAm/service-accounts/service-accounts).
+ * Ensure that your token has Group level access or use a service account token that has Group level access. To learn more about how to create a service account, refer to [Service accounts](https://app.gitbook.com/s/IgtgtomLQ2TUgSKOMSAm/service-accounts/service-accounts).
* Copy the token value.
* Export the token in your environment:
@@ -32,7 +32,7 @@ The following options are available for the `snyk-scm-contributors-count bitbuck
```
2. Get your Bitbucket Cloud username (**not email**) and [app password](https://developer.atlassian.com/cloud/bitbucket/rest/intro/#authentication)
- **Note**: Make sure your credentials have read access to the repos.
+ **Note**: Ensure your credentials have read access to the repos.
## Running the command
@@ -64,7 +64,7 @@ Consider the following levels of usage and options:
```
snyk-scm-contributors-count bitbucket-cloud --user USERNAME --password APP_PASSWORD --skipSnykMonitoredRepos
```
-* To exclude some contributors from being counted in the commits , add an exclusion file with the emails to ignore (separated by a new line),and apply the `--exclusionFilePath` with the path to that file:
+* To exclude some contributors from being counted in the commits, add an exclusion file with the emails to ignore (separated by a new line), and apply the `--exclusionFilePath` with the path to that file:
```
snyk-scm-contributors-count bitbucket-cloud --user USERNAME --password APP_PASSWORD --workspaces Workspace1,Workspace2 --exclusionFilePath PATH_TO_FILE
diff --git a/developer-tools/snyk-cli/scan-and-maintain-projects-using-the-cli/cli-tools/snyk-scm-contributors-count/scripts-for-scm-contributors-count/bitbucket-cloud/bitbucket-cloud-flow-and-tech.md b/developer-tools/snyk-cli/scan-and-maintain-projects-using-the-cli/cli-tools/snyk-scm-contributors-count/scripts-for-scm-contributors-count/bitbucket-cloud/bitbucket-cloud-flow-and-tech.md
index e9df11d1fcd0..5eeb61c72ddb 100644
--- a/developer-tools/snyk-cli/scan-and-maintain-projects-using-the-cli/cli-tools/snyk-scm-contributors-count/scripts-for-scm-contributors-count/bitbucket-cloud/bitbucket-cloud-flow-and-tech.md
+++ b/developer-tools/snyk-cli/scan-and-maintain-projects-using-the-cli/cli-tools/snyk-scm-contributors-count/scripts-for-scm-contributors-count/bitbucket-cloud/bitbucket-cloud-flow-and-tech.md
@@ -6,7 +6,7 @@
2. Fetch `one`/`some`/`all` the workspaces that the credentials have access to from SCM and create a workspaces list.
3. Fetch `one`/`all` repos under the fetched/provided workspaces.
4. Remove the repos that are not monitored by Snyk (if the `skipSnykMonitoredRepos` flag was **not set** and the `SNYK_TOKEN` was exported) and create a Repo list.
-5. Create an import file for unmonitored repos to use for easily importing repos into your Snyk account (if the `importConfDir` flag was set)
+5. Create an import file for unmonitored repos to use for importing repos into your Snyk account (if the `importConfDir` flag was set)
6. Fetch the commits for the fetched/provided repo/s and create a Contributors list.
7. Count the commits for the repo/s by the contributors.
8. Remove the contributors that were specified in the exclusion file (if `the exclusionFilePath` flag was set and a valid path to a text file was provided).
diff --git a/developer-tools/snyk-cli/scan-and-maintain-projects-using-the-cli/cli-tools/snyk-scm-contributors-count/scripts-for-scm-contributors-count/bitbucket-server/bitbucket-server-examples.md b/developer-tools/snyk-cli/scan-and-maintain-projects-using-the-cli/cli-tools/snyk-scm-contributors-count/scripts-for-scm-contributors-count/bitbucket-server/bitbucket-server-examples.md
index 0454d6d4ee6c..9b093b468ffe 100644
--- a/developer-tools/snyk-cli/scan-and-maintain-projects-using-the-cli/cli-tools/snyk-scm-contributors-count/scripts-for-scm-contributors-count/bitbucket-server/bitbucket-server-examples.md
+++ b/developer-tools/snyk-cli/scan-and-maintain-projects-using-the-cli/cli-tools/snyk-scm-contributors-count/scripts-for-scm-contributors-count/bitbucket-server/bitbucket-server-examples.md
@@ -23,7 +23,7 @@ The following options are available for the `snyk-scm-contributors-count bitbuck
## Before running the command
1. Export SNYK\_TOKEN (if you want to get the contributors ONLY for repos that are already monitored by Snyk):
- * Make sure that your token has Group level access or use a service account's token that has Group level access. To learn more on how to create a service account, refer to [Service accounts](https://app.gitbook.com/s/IgtgtomLQ2TUgSKOMSAm/service-accounts/service-accounts).
+ * Ensure that your token has Group level access or use a service account token that has Group level access. To learn more about how to create a service account, refer to [Service accounts](https://app.gitbook.com/s/IgtgtomLQ2TUgSKOMSAm/service-accounts/service-accounts).
* Copy the token value.
* Export the token in your environment:
@@ -33,7 +33,7 @@ The following options are available for the `snyk-scm-contributors-count bitbuck
2. Get your Bitbucket Server token and URL:
* Create a Token if one does not exist, using this [guide](https://www.jetbrains.com/help/youtrack/standalone/integration-with-bitbucket-server.html#enable-youtrack-integration-bbserver).
- **Note**: Make sure your token has read access to the repos.
+ **Note**: Ensure your token has read access to the repos.
* The URL is the actual URL of your Bitbucket Server instance, for example, http://bitbucket-server.mycompany.com.
## Running the command
@@ -47,12 +47,12 @@ Consider the following levels of usage and options:
```
snyk-scm-contributors-count bitbucket-server --token BITBUCKET-TOKEN --url BITBUCKET-URL
```
-* To get commits for some projects and their repos in Bitbucket Server, provide the Bitbucket Server token, Bitbucket Server url ,and the projects, separated by a comma:
+* To get commits for some projects and their repos in Bitbucket Server, provide the Bitbucket Server token, Bitbucket Server url, and the projects, separated by a comma:
```
snyk-scm-contributors-count bitbucket-server --token BITBUCKET-TOKEN --url BITBUCKET-URL --projectKeys Key1,Key2...
```
-* To get commits for a specific repo in Bitbucket Serve, provide your Bitbucket Server token, Bitbucket Server url, a project, and a repo name:
+* To get commits for a specific repo in Bitbucket Server, provide your Bitbucket Server token, Bitbucket Server url, a project, and a repo name:
```
snyk-scm-contributors-count bitbucket-server --token BITBUCKET-TOKEN --url BITBUCKET-URL --projectKeys Key1 --repo Repo1
@@ -61,12 +61,12 @@ Consider the following levels of usage and options:
### Options
* To get all the commits from Bitbucket Server regardless of the repos that are already monitored by Snyk, add the `--skipSnykMonitoredRepos` flag.\
- You might have repos in Bitbucket Server that are not monitored in Snyk,. Use this flag to skip checking for Snyk monitored repos and go directly to Bitbucket Server to fetch the commits.
+ You might have repos in Bitbucket Server that are not monitored in Snyk. Use this flag to skip checking for Snyk monitored repos and go directly to Bitbucket Server to fetch the commits.
```
snyk-scm-contributors-count bitbucket-server --token BITBUCKET-TOKEN --url BITBUCKET-URL --skipSnykMonitoredRepos
```
-* To exclude some contributors from being counted in the commits, add an exclusion file with the emails to ignore(separated by a new line) and apply the `--exclusionFilePath` with the path to that file:
+* To exclude some contributors from being counted in the commits, add an exclusion file with the emails to ignore (separated by a new line) and apply the `--exclusionFilePath` with the path to that file:
```
snyk-scm-contributors-count bitbucket-server --token BITBUCKET-TOKEN --url BITBUCKET-URL --projectKeys Key1,Key2 --exclusionFilePath PATH_TO_FILE
@@ -76,13 +76,13 @@ Consider the following levels of usage and options:
```
snyk-scm-contributors-count bitbucket-server --token BITBUCKET-TOKEN --url BITBUCKET-URL --projectKeys Key1 --repo Repo1 --json
```
-* To create an import file for me with my unmonitored repos, add the `--importConfDir` flag with a valid (writable) path to a folder in which the import files will be stored and add the `--importFileRepoType` flag (optional) with the repo types to add to the file (`all`/`private`/`public`, defaults to `all`). Note that these flags **can not** be set with the `--repo` flag.
+* To create an import file for your unmonitored repos, add the `--importConfDir` flag with a valid (writable) path to a folder in which the import files will be stored and add the `--importFileRepoType` flag (optional) with the repo types to add to the file (`all`/`private`/`public`, defaults to `all`). Note that these flags **can not** be set with the `--repo` flag.
```
snyk-scm-contributors-count bitbucket-server --token BITBUCKET-TOKEN --url BITBUCKET-URL --importConfDir ValidPathToFolder --importFileRepoType private/public/all
```
- For more information about these flag, refer to [Creating and using the import file](../../creating-and-using-the-import-file.md).
+ For more information about these flags, refer to [Creating and using the import file](../../creating-and-using-the-import-file.md).
* To run in debug mode for verbose output, add `DEBUG=snyk*` to the beginning of the command:
```
diff --git a/developer-tools/snyk-cli/scan-and-maintain-projects-using-the-cli/cli-tools/snyk-scm-contributors-count/scripts-for-scm-contributors-count/bitbucket-server/bitbucket-server-flow-and-tech.md b/developer-tools/snyk-cli/scan-and-maintain-projects-using-the-cli/cli-tools/snyk-scm-contributors-count/scripts-for-scm-contributors-count/bitbucket-server/bitbucket-server-flow-and-tech.md
index a505a646c330..83f8b45b4a5f 100644
--- a/developer-tools/snyk-cli/scan-and-maintain-projects-using-the-cli/cli-tools/snyk-scm-contributors-count/scripts-for-scm-contributors-count/bitbucket-server/bitbucket-server-flow-and-tech.md
+++ b/developer-tools/snyk-cli/scan-and-maintain-projects-using-the-cli/cli-tools/snyk-scm-contributors-count/scripts-for-scm-contributors-count/bitbucket-server/bitbucket-server-flow-and-tech.md
@@ -6,7 +6,7 @@
2. Fetch `one`/`some`/`all` the projects that the credentials have access to from SCM and create a projects list.
3. Fetch `one`/`all` repos under the fetched/provided projects.
4. Remove the repos that are not monitored by Snyk (if the `skipSnykMonitoredRepos` flag was **not set** and the `SNYK_TOKEN` was exported) and create a Repo list.
-5. Create an import file for unmonitored repos to use for easily importing repos into Snyk account (if the `importConfDir` flag was set).
+5. Create an import file for unmonitored repos to use for importing repos into your Snyk account (if the `importConfDir` flag was set).
6. Fetch the commits for the fetched/provided repo/s and create a Contributors list.
7. Count the commits for the repo/s by the contributors.
8. Remove the contributors that were specified in the exclusion file (if `the exclusionFilePath` flag was set and a valid path to a text file was provided).
diff --git a/developer-tools/snyk-cli/scan-and-maintain-projects-using-the-cli/cli-tools/snyk-scm-contributors-count/scripts-for-scm-contributors-count/github-enterprise/github-enterprise-examples.md b/developer-tools/snyk-cli/scan-and-maintain-projects-using-the-cli/cli-tools/snyk-scm-contributors-count/scripts-for-scm-contributors-count/github-enterprise/github-enterprise-examples.md
index 50179c563d0e..25c3f6ac2545 100644
--- a/developer-tools/snyk-cli/scan-and-maintain-projects-using-the-cli/cli-tools/snyk-scm-contributors-count/scripts-for-scm-contributors-count/github-enterprise/github-enterprise-examples.md
+++ b/developer-tools/snyk-cli/scan-and-maintain-projects-using-the-cli/cli-tools/snyk-scm-contributors-count/scripts-for-scm-contributors-count/github-enterprise/github-enterprise-examples.md
@@ -2,7 +2,7 @@
description: The list of options and some examples
---
-# Github Enterprise - Examples
+# GitHub Enterprise - Examples
The following options are available for the `snyk-scm-contributors-count github-enterprise` command:
@@ -25,7 +25,7 @@ The following options are available for the `snyk-scm-contributors-count github-
Get your GitHub Enterprise token or create a new one with this [guide](https://docs.github.com/en/authentication/keeping-your-account-and-data-secure/creating-a-personal-access-token).
-**Note:** Make sure your token has read access to the repos.
+**Note:** Ensure your token has read access to the repos.
## Running the command
@@ -57,12 +57,12 @@ Consider the following levels of usage and options:
snyk-scm-contributors-count github-enterprise --token TOKEN --url HOST_URL --fetchAllOrgs
```
-* To exclude some contributors from being counted in the commits, add an exclusion file with the emails to ignore(separated by a new line) and apply the `--exclusionFilePath` with the path to that file:
+* To exclude some contributors from being counted in the commits, add an exclusion file with the emails to ignore (separated by a new line) and apply the `--exclusionFilePath` with the path to that file:
```
snyk-scm-contributors-count github-enterprise --token TOKEN --url HOST_URL --orgs ORG_ONE,ORG_TWO --exclusionFilePath PATH_TO_FILE
```
-* To set the output to json format, dd the `--json` flag:
+* To set the output to json format, add the `--json` flag:
```
snyk-scm-contributors-count github-enterprise --token TOKEN --url HOST_URL --json
diff --git a/developer-tools/snyk-cli/scan-and-maintain-projects-using-the-cli/cli-tools/snyk-scm-contributors-count/scripts-for-scm-contributors-count/github/github-examples.md b/developer-tools/snyk-cli/scan-and-maintain-projects-using-the-cli/cli-tools/snyk-scm-contributors-count/scripts-for-scm-contributors-count/github/github-examples.md
index 3e980ec7f28b..7a69d3fcca24 100644
--- a/developer-tools/snyk-cli/scan-and-maintain-projects-using-the-cli/cli-tools/snyk-scm-contributors-count/scripts-for-scm-contributors-count/github/github-examples.md
+++ b/developer-tools/snyk-cli/scan-and-maintain-projects-using-the-cli/cli-tools/snyk-scm-contributors-count/scripts-for-scm-contributors-count/github/github-examples.md
@@ -21,7 +21,7 @@ Available options:
Get your GitHub token or create a new one with this [guide](https://docs.github.com/en/authentication/keeping-your-account-and-data-secure/creating-a-personal-access-token).
-**Note:** Make sure your token has read access to the repos.
+**Note:** Ensure your token has read access to the repos.
## Running the command
@@ -34,12 +34,12 @@ Consider the following levels of usage and options:
```
snyk-scm-contributors-count github --token TOKEN
```
-* To get commits for some Orgs and their repos in GitHub:, provide the GitHub token and the org names, separated by a comma:
+* To get commits for some Orgs and their repos in GitHub, provide the GitHub token and the org names, separated by a comma:
```
snyk-scm-contributors-count github --token TOKEN --orgs ORG_ONE,ORG_TWO,ORG_THREE
```
-* To get commits for only one repo in GitHub, provide the GitHub token, one org name ,and one repo name:
+* To get commits for only one repo in GitHub, provide the GitHub token, one org name, and one repo name:
```
snyk-scm-contributors-count github --token TOKEN --orgs ORG --repo REPO
@@ -47,13 +47,13 @@ Consider the following levels of usage and options:
### Options
-* To exclude some contributors from being counted in the commits , add an exclusion file with the emails to ignore(separated by a new line) and apply the `--exclusionFilePath` with the path to that file:
+* To exclude some contributors from being counted in the commits, add an exclusion file with the emails to ignore (separated by a new line) and apply the `--exclusionFilePath` with the path to that file:
```
snyk-scm-contributors-count github --token TOKEN --orgs ORG_ONE,ORG_TWO --exclusionFilePath PATH_TO_FILE
```
-* To set the output to json format, dd the `--json` flag:
+* To set the output to json format, add the `--json` flag:
```
snyk-scm-contributors-count github --token TOKEN --json
diff --git a/developer-tools/snyk-cli/scan-and-maintain-projects-using-the-cli/cli-tools/snyk-scm-contributors-count/scripts-for-scm-contributors-count/gitlab-and-gitlab-server/gitlab-examples.md b/developer-tools/snyk-cli/scan-and-maintain-projects-using-the-cli/cli-tools/snyk-scm-contributors-count/scripts-for-scm-contributors-count/gitlab-and-gitlab-server/gitlab-examples.md
index 087523395948..ac20140e2ee2 100644
--- a/developer-tools/snyk-cli/scan-and-maintain-projects-using-the-cli/cli-tools/snyk-scm-contributors-count/scripts-for-scm-contributors-count/gitlab-and-gitlab-server/gitlab-examples.md
+++ b/developer-tools/snyk-cli/scan-and-maintain-projects-using-the-cli/cli-tools/snyk-scm-contributors-count/scripts-for-scm-contributors-count/gitlab-and-gitlab-server/gitlab-examples.md
@@ -23,7 +23,7 @@ The following options are available for the `snyk-scm-contributors-count gitlab`
Get your GitLab token or create a new one with this [guide](https://docs.gitlab.com/ee/user/profile/personal_access_tokens.html).
-**Note:** Make sure your token has read access to the repos.
+**Note:** Ensure your token has read access to the repos.
## Running the command
@@ -54,7 +54,7 @@ Note that for nested groups, you need to provide the lowest level group name, fo
### Options
-* To exclude some contributors from being counted in the commits, add an exclusion file with the emails to ignore(separated by a new line) and apply the `--exclusionFilePath` with the path to that file:
+* To exclude some contributors from being counted in the commits, add an exclusion file with the emails to ignore (separated by a new line) and apply the `--exclusionFilePath` with the path to that file:
```
snyk-scm-contributors-count gitlab --token TOKEN --projectKeys ID1,ID2,Path1/Namespace1 --exclusionFilePath PATH_TO_FILE
diff --git a/developer-tools/snyk-cli/scan-and-maintain-projects-using-the-cli/cli-tools/snyk-scm-contributors-count/scripts-for-scm-contributors-count/gitlab-and-gitlab-server/gitlab-flow-and-tech.md b/developer-tools/snyk-cli/scan-and-maintain-projects-using-the-cli/cli-tools/snyk-scm-contributors-count/scripts-for-scm-contributors-count/gitlab-and-gitlab-server/gitlab-flow-and-tech.md
index a4c9a99e4142..104234b1c004 100644
--- a/developer-tools/snyk-cli/scan-and-maintain-projects-using-the-cli/cli-tools/snyk-scm-contributors-count/scripts-for-scm-contributors-count/gitlab-and-gitlab-server/gitlab-flow-and-tech.md
+++ b/developer-tools/snyk-cli/scan-and-maintain-projects-using-the-cli/cli-tools/snyk-scm-contributors-count/scripts-for-scm-contributors-count/gitlab-and-gitlab-server/gitlab-flow-and-tech.md
@@ -5,7 +5,7 @@
1. Set GitLab or GitLab Server mode (if a host was provided or not through the `url` flag).
2. Fetch `one`/`some`/`all` the groups that the credentials have access to from the SCM and create a groups list.
3. Fetch `one`/`all` projects under the fetched/provided groups.
-4. Create an import file for unmonitored repos to use for easily importing repos into your Snyk account (if the `importConfDir` flag was set)
+4. Create an import file for unmonitored repos to use for importing repos into your Snyk account (if the `importConfDir` flag was set)
5. Fetch the commits for the fetched/provided project/s and create a Contributors list.
6. Count the commits for the project/s by the contributors.
7. Remove the contributors that were specified in the exclusion file (if `the exclusionFilePath` flag was set and a valid path to a text file was provided).
diff --git a/developer-tools/snyk-cli/scan-and-maintain-projects-using-the-cli/cli-tools/snyk-scm-contributors-count/usage.md b/developer-tools/snyk-cli/scan-and-maintain-projects-using-the-cli/cli-tools/snyk-scm-contributors-count/usage.md
index 768cac81589c..cc53c09371ac 100644
--- a/developer-tools/snyk-cli/scan-and-maintain-projects-using-the-cli/cli-tools/snyk-scm-contributors-count/usage.md
+++ b/developer-tools/snyk-cli/scan-and-maintain-projects-using-the-cli/cli-tools/snyk-scm-contributors-count/usage.md
@@ -24,7 +24,7 @@ snyk-scm-contributors-count
## Modes
-### Scoping usage prior to onboarding
+### Scoping usage before onboarding
This mode works only with Bitbucket and Azure.
@@ -38,7 +38,7 @@ snyk-scm-contributors-count bitbucket-cloud --user USERNAME --password PASSWORD
This mode works only with Bitbucket and Azure.
-Make sure to export your `SNYK_TOKEN`, for example:
+Ensure you export your `SNYK_TOKEN`, for example:
```
export SNYK_TOKEN=
@@ -51,7 +51,7 @@ snyk-scm-contributors-count bitbucket-cloud --user USERNAME --password PASSWORD
In this level of usage, the tool starts from the top of the SCM to get the Orgs/Groups, then goes down to the repo level to get all the repos, then counts the commits for the past 90 days.
-To use this level, provide the credentials (and host/url where applicable), and the tool will get the contributors count for all your orgs/groups and all their repos, for example:
+To use this level, provide the credentials (and host/url where applicable), and the tool gets the contributors count for all your orgs/groups and all their repos, for example:
```
snyk-scm-contributors-count github --token TOKEN
@@ -61,7 +61,7 @@ snyk-scm-contributors-count github --token TOKEN
In this level of usage, the tool starts from the Orgs/Groups that the user provides, then goes down to the repo level to get all the repos, then count the commits for the past 90 days.
-To use this level, provide the credentials and a comma-separated list of groups or orgs for which you'd like to fetch the repos and their contributors count, for example:
+To use this level, provide the credentials and a comma-separated list of groups or orgs for which you want to fetch the repos and their contributors count, for example:
```
snyk-scm-contributors-count gitlab --token TOKEN --groups GROUP1,GROUP2
@@ -89,9 +89,9 @@ DEBUG=snyk* snyk-scm-contributors-count bitbucket-server --token BITBUCKET-TOKEN
Additional flags can be set for the command:
-* Create an **import file** with unmonitored repos data to use with the `snyk-api-import` tool and import the repos to `my Snyk account`. Works only with Bitbucket and Azure. Apply the `importConfDir` flag with a path to a valid and writable folder where you will save the import files. This flag correlates with the `importFileRepoType` flag.
+* Create an **import file** with unmonitored repos data to use with the `snyk-api-import` tool and import the repos to `my Snyk account`. Works only with Bitbucket and Azure. Apply the `importConfDir` flag with a path to a valid and writable folder where you save the import files. This flag correlates with the `importFileRepoType` flag.
* Choose which **types of repos to add to the import file**. Works only with Bitbucket and Azure. Apply the `importFileRepoType` flag with one of these options: `all,` `private`, or `public`**.**
-* **Exclude committers from being counted**. Apply the `exclusionFilePath` flag to the command with a path to a text file that contains the emails of the committers that you would like to be excluded from the count.
+* **Exclude committers from being counted**. Apply the `exclusionFilePath` flag to the command with a path to a text file that contains the emails of the committers you want to exclude from the count.
* Output the summary and results in a json format. Apply the `json` flag to the command.
## The consolidateResults command
diff --git a/developer-tools/snyk-cli/scan-and-maintain-projects-using-the-cli/cli-tools/snyk-to-html.md b/developer-tools/snyk-cli/scan-and-maintain-projects-using-the-cli/cli-tools/snyk-to-html.md
index ddf22c8e80a1..aab2cb9eb4fc 100644
--- a/developer-tools/snyk-cli/scan-and-maintain-projects-using-the-cli/cli-tools/snyk-to-html.md
+++ b/developer-tools/snyk-cli/scan-and-maintain-projects-using-the-cli/cli-tools/snyk-to-html.md
@@ -10,14 +10,14 @@ You can use `snyk-to-html` (the Snyk JSON to HTML Mapper) to:
This page explains how to [install `snyk-to-html`](snyk-to-html.md#install-snyk-to-html), [use the `snyk-to-html` tool](snyk-to-html.md#use-the-snyk-to-html-tool) to export the test results in JSON or SARIF format to an HTML file, and [view the test results in a browser](snyk-to-html.md#view-test-results-in-html-format).
{% hint style="warning" %}
-Note, only `json` output is supported for Open Source (SCA) scans. `sarif` output will return no results from the `snyk-to-html` process for Open Source tests.
+Note that Snyk supports only `json` output for Open Source (SCA) scans. `sarif` output returns no results from the `snyk-to-html` process for Open Source tests.
{% endhint %}
## Install `snyk-to-html`
To install `snyk-to-html`, you must have the required permissions on your machine. If the installation fails, contact your IT administrator to request the required permissions.
-You can install `snyk-to-html`using npm:
+You can install `snyk-to-html` using npm:
```
npm install snyk-to-html -g
@@ -43,7 +43,7 @@ When you run the `snyk-to-html` command, you can customize it with the following
The `snyk-to-html` command does not generate the standard exit codes.
-To display the help for `snyk-to-html`Use the command `snyk-to-html --help` or `--h`.
+To display the help for `snyk-to-html`, use the command `snyk-to-html --help` or `--h`.
If you want to use the `snyk-to-html` command in a CI/CD pipeline, see the [Snyk CI/CD integration examples](https://github.com/snyk-labs/snyk-cicd-integration-examples/blob/master/AzurePipelines/AzurePipelines-npm-generic-html.yml) for an example of a workaround for Azure Pipelines.
@@ -84,7 +84,7 @@ Navigate to the subfolder with the related files and run the following line to c
### Convert a JSON or SARIF file to HTML to view in a browser
-For automation purposes, you may be creating a JSON file for programmatic access to the results or already have one from a previous scan. You can send this JSON output to `snyk-to-html` to generate an HTML file.
+For automation purposes, you might create a JSON file for programmatic access to the results or already have one from a previous scan. You can send this JSON output to `snyk-to-html` to generate an HTML file.
Follow these steps to run `snyk test` and then convert the output file to HTML.
@@ -117,7 +117,7 @@ Note that when you do this, any return code is ignored, such as error codes sign
### Use `snyk-to-html` command options
-The following examples show the snyk test command; however, they will also work with the `snyk test` commands for container, code, and IaC.
+The following examples show the `snyk test` command; they also work with the `snyk test` commands for container, code, and IaC.
#### Show a simple version of the report
diff --git a/developer-tools/snyk-cli/scan-and-maintain-projects-using-the-cli/failing-of-builds-in-snyk-cli.md b/developer-tools/snyk-cli/scan-and-maintain-projects-using-the-cli/failing-of-builds-in-snyk-cli.md
index e14c4b354a8a..3753ceffd47a 100644
--- a/developer-tools/snyk-cli/scan-and-maintain-projects-using-the-cli/failing-of-builds-in-snyk-cli.md
+++ b/developer-tools/snyk-cli/scan-and-maintain-projects-using-the-cli/failing-of-builds-in-snyk-cli.md
@@ -14,7 +14,7 @@ The Snyk CLI on its own does not have the capability natively to fail tests on m
## Combining security policies with --severity-threshold
-[Security policies](https://app.gitbook.com/s/BJO0IZx7zB6bOkotxQP2/prevent/policies) provide the capability to change the severity of a vulnerability, when a Project is tested against an Organization using that policy and the severity matches specific criteria. You could, for example, change the severity of a vulnerability from high to low, and if you run `snyk test` with the option `--severity-threshold=medium|high`, this previously high severity vulnerability no longer fails the build.
+[Security policies](https://app.gitbook.com/s/BJO0IZx7zB6bOkotxQP2/prevent/policies) let you change the severity of a vulnerability when a Project is tested against an Organization using that policy and the severity matches specific criteria. You could, for example, change the severity of a vulnerability from high to low, and if you run `snyk test` with the option `--severity-threshold=medium|high`, this previously high severity vulnerability no longer fails the build.
{% hint style="info" %}
Security policies do not have all attributes available for criteria matching. Refer to the security policy configuration to see what is available.
@@ -32,17 +32,17 @@ The following example shows the`snyk test` command with the option `--severity-t
The CLI has companion tools for Open Source scanning `snyk-delta` and `snyk-filter`.
-`snyk-delta` finds the delta of vulnerabilities between the current test and a previously monitored snapshot. This tool is available from npmjs.org, and may be pulled into your CI/CD pipeline by running `npm install -g snyk-delta`.
+`snyk-delta` finds the delta of vulnerabilities between the current test and a previously monitored snapshot. This tool is available from npmjs.org, and you can pull it into your CI/CD pipeline by running `npm install -g snyk-delta`.
-`snyk-filter` provides for user-defined pass/fail criteria based on any available data in the `snyk test` JSON output. This tool is available from npmjs.org and may be pulled into your CI/CD pipeline by running `npm install -g snyk-filter`.
+`snyk-filter` provides for user-defined pass/fail criteria based on any available data in the `snyk test` JSON output. This tool is available from npmjs.org, and you can pull it into your CI/CD pipeline by running `npm install -g snyk-filter`.
### Fail current build only if new vulnerabilities are being introduced
#### inline mode for `snyk delta`
-This is a simple example: `snyk test --json --print-deps | snyk-delta`
+Example: `snyk test --json --print-deps | snyk-delta`
-This example possibly points to a specific snapshot by specifying Organization and Project coordinates.
+This example points to a specific snapshot by specifying Organization and Project coordinates.
`snyk test --json --print-deps | snyk-delta --baselineOrg xxx --baselineProject xxx`
@@ -60,6 +60,6 @@ Refer to the [snyk-delta project on GitHub](https://github.com/snyk-tech-service
`snyk-filter` can use any combination of criteria available in the `snyk test` JSON output.
-You may also have different criteria for display from what will fail the build. This allows you to do things like display all vulnerabilities in the test output while failing only on some specific criteria.
+You can also have different criteria for display from what fails the build. This lets you do things like display all vulnerabilities in the test output while failing only on some specific criteria.
Refer to the [snyk-filter project on GitHub](https://github.com/snyk-tech-services/snyk-filter) for examples and more information.
diff --git a/developer-tools/snyk-cli/scan-and-maintain-projects-using-the-cli/group-projects-by-branch-or-version-for-monitoring.md b/developer-tools/snyk-cli/scan-and-maintain-projects-using-the-cli/group-projects-by-branch-or-version-for-monitoring.md
index 95de814c9f70..37a7e336d91b 100644
--- a/developer-tools/snyk-cli/scan-and-maintain-projects-using-the-cli/group-projects-by-branch-or-version-for-monitoring.md
+++ b/developer-tools/snyk-cli/scan-and-maintain-projects-using-the-cli/group-projects-by-branch-or-version-for-monitoring.md
@@ -24,8 +24,8 @@ Use the latest Git tag.
snyk monitor --target-reference="$(git describe --tags --abbrev=0)"
```
-You can adjust the option for the developer tools used in your project. Any valid Git target can be used.
+You can adjust the option for the developer tools used in your project. You can use any valid Git target.
-`--target-reference` allows you to create sub-groupings on the Projects page.
+`--target-reference` lets you create sub-groupings on the Projects page.
A Project page with sub-groups.
diff --git a/developer-tools/snyk-cli/scan-and-maintain-projects-using-the-cli/how-to-select-the-organization-to-use-in-the-cli.md b/developer-tools/snyk-cli/scan-and-maintain-projects-using-the-cli/how-to-select-the-organization-to-use-in-the-cli.md
index b7d8eeb5eca7..8955f7db7189 100644
--- a/developer-tools/snyk-cli/scan-and-maintain-projects-using-the-cli/how-to-select-the-organization-to-use-in-the-cli.md
+++ b/developer-tools/snyk-cli/scan-and-maintain-projects-using-the-cli/how-to-select-the-organization-to-use-in-the-cli.md
@@ -1,8 +1,8 @@
# How to select the Organization to use in the CLI
-When you run commands with the CLI such as `snyk monitor` and `snyk test`, Snyk uses your `Preferred Organization`, which can be configured in your account. If you want commands to run against a different Organization, you can specify that Organization either globally or individually.
+When you run commands with the CLI such as `snyk monitor` and `snyk test`, Snyk uses your `Preferred Organization`, which you can configure in your account. If you want commands to run against a different Organization, you can specify that Organization either globally or individually.
-**Note**: The Snyk CLI help specifies using `--org=`; this article specifies using the `orgslugname`. The `ORG_ID` works in both the CLI and the API. The organization slug name works in the CLI, but not in the API.
+**Note**: The Snyk CLI help specifies using `--org=`; this page specifies using the `orgslugname`. The `ORG_ID` works in both the CLI and the API. The organization slug name works in the CLI, but not in the API.
## Specify an Organization globally
diff --git a/developer-tools/snyk-cli/scan-and-maintain-projects-using-the-cli/ignore-vulnerabilities-using-the-snyk-cli.md b/developer-tools/snyk-cli/scan-and-maintain-projects-using-the-cli/ignore-vulnerabilities-using-the-snyk-cli.md
index c8cb1e03c2ad..8d5ad0c5a5c9 100644
--- a/developer-tools/snyk-cli/scan-and-maintain-projects-using-the-cli/ignore-vulnerabilities-using-the-snyk-cli.md
+++ b/developer-tools/snyk-cli/scan-and-maintain-projects-using-the-cli/ignore-vulnerabilities-using-the-snyk-cli.md
@@ -10,9 +10,9 @@ For [Snyk Infrastructure as Code](https://app.gitbook.com/s/BJO0IZx7zB6bOkotxQP2
For [Snyk Code](https://app.gitbook.com/s/BJO0IZx7zB6bOkotxQP2/scan-with-snyk/snyk-code), see [Excluding directories and files from the Snyk Code CLI test](snyk-cli-for-snyk-code/exclude-directories-and-files-from-snyk-code-cli-tests.md).
{% endhint %}
-Sometimes, Snyk alerts you to a vulnerability that has no update or Snyk patch available, or that you do not believe to be currently exploitable in your application. When this happens you may want to tell Snyk to ignore the vulnerability for a certain period of time.
+Sometimes, Snyk alerts you to a vulnerability that has no update or Snyk patch available, or that you do not believe to be exploitable in your application. When this happens, you can tell Snyk to ignore the vulnerability for a period of time.
-You can ignore a specific vulnerability in a project using the `snyk ignore` command.
+You can ignore a specific vulnerability in a Project using the `snyk ignore` command.
`snyk ignore --id= [--expiry=] [--reason=] [--policy-path=] []`
diff --git a/developer-tools/snyk-cli/scan-and-maintain-projects-using-the-cli/invalid-string-length-error-when-scanning-projects.md b/developer-tools/snyk-cli/scan-and-maintain-projects-using-the-cli/invalid-string-length-error-when-scanning-projects.md
index 6ee470d4f4e8..2b57b6c6743f 100644
--- a/developer-tools/snyk-cli/scan-and-maintain-projects-using-the-cli/invalid-string-length-error-when-scanning-projects.md
+++ b/developer-tools/snyk-cli/scan-and-maintain-projects-using-the-cli/invalid-string-length-error-when-scanning-projects.md
@@ -8,7 +8,7 @@ The invalid string length error can occur in the following situations:
You can use the following workarounds to avoid the invalid string length error.
* Remove the `--json` or `--json-file-output=` option. This may not be possible in integrations using the CLI, for example, CI/CD integrations.
-* If you require the JSON output, try increasing the severity threshold using the `--severity-threshold=` option. This is likely to reduce the number of less critical vulnerabilities reported and thus reduce the size of the JSON file output.
+* If you require the JSON output, try increasing the severity threshold using the `--severity-threshold=` option. This reduces the number of less critical vulnerabilities reported and reduces the size of the JSON file output.
* If you are scanning multiple Projects using the `--all-projects` option, try removing this option and scanning Projects individually.
* Another method of reducing the JSON output is adding the `--prune-repeated-subdependencies` option. This may sufficiently reduce the size of the resulting scan so the JSON can be resolved.
diff --git a/developer-tools/snyk-cli/scan-and-maintain-projects-using-the-cli/log4shell-command-use.md b/developer-tools/snyk-cli/scan-and-maintain-projects-using-the-cli/log4shell-command-use.md
index a1f7d95d7fc7..b6583e84b8f8 100644
--- a/developer-tools/snyk-cli/scan-and-maintain-projects-using-the-cli/log4shell-command-use.md
+++ b/developer-tools/snyk-cli/scan-and-maintain-projects-using-the-cli/log4shell-command-use.md
@@ -24,7 +24,7 @@ Use `snyk log4shell` to scan a Java project, to see if the project includes:
## How to run
1. Install the latest version of the Snyk CLI - see [Install the Snyk CLI](../install-the-snyk-cli/).
-2. Make sure you have built the project.
+2. Ensure you have built the project.
3. Navigate to the project directory to scan.
4. Enter `snyk log4shell`.\
**Note**: this command does not require (nor support) any additional arguments.
diff --git a/developer-tools/snyk-cli/scan-and-maintain-projects-using-the-cli/monitor-your-projects-at-regular-intervals.md b/developer-tools/snyk-cli/scan-and-maintain-projects-using-the-cli/monitor-your-projects-at-regular-intervals.md
index fbe10052cf2d..3952a380f9ce 100644
--- a/developer-tools/snyk-cli/scan-and-maintain-projects-using-the-cli/monitor-your-projects-at-regular-intervals.md
+++ b/developer-tools/snyk-cli/scan-and-maintain-projects-using-the-cli/monitor-your-projects-at-regular-intervals.md
@@ -2,7 +2,7 @@
By using the `test` command and the `@snyk/protect` [package](https://github.com/snyk/snyk/tree/master/packages/snyk-protect) (replaced the snyk `protect` command), you are well set up to address known vulnerabilities. To address new vulnerabilities, which are constantly disclosed, use snyk monitor.
-Just before you deploy, run `snyk monitor` in your project directory:
+Before you deploy, run `snyk monitor` in your project directory:
`cd ~/projects/myproject/`\
`snyk monitor`
diff --git a/developer-tools/snyk-cli/scan-and-maintain-projects-using-the-cli/scan-all-unmanaged-jar-files.md b/developer-tools/snyk-cli/scan-and-maintain-projects-using-the-cli/scan-all-unmanaged-jar-files.md
index 399239edb2bc..7c08be0d3b65 100644
--- a/developer-tools/snyk-cli/scan-and-maintain-projects-using-the-cli/scan-all-unmanaged-jar-files.md
+++ b/developer-tools/snyk-cli/scan-and-maintain-projects-using-the-cli/scan-all-unmanaged-jar-files.md
@@ -12,7 +12,7 @@ To scan each JAR file individually, use the following command:
`snyk test --scan-unmanaged --file=/path/to/file`
-When you test each JAR file individually, the name of the JAR file that was scanned appears on the Snyk web UI.
+When you test each JAR file individually, the name of the scanned JAR file appears in the Snyk Web UI.
**WAR file support**: You can scan individual WAR files that are published in Maven Central. To scan open-source dependency JARs directly, you must extract (unzip) all other WAR files or JAR files containing other JARs.
@@ -111,6 +111,6 @@ SET REMOTE_REPO_URL=%2
for /R %WORKSPACE% %%f in (*.jar) do cmd /c snyk monitor --scan-unmanaged --remote-repo-url=%REMOTE_REPO_URL% --file=%%f --project-name=%%f
```
-An example follows of the result shown in the Snyk UI after you use these scripts with `REMOTE_REPO_URL` set to "econnect".
+An example follows of the result shown in the Snyk Web UI after you use these scripts with `REMOTE_REPO_URL` set to "econnect".
Result of scanning unmanaged JAR files
diff --git a/developer-tools/snyk-cli/scan-and-maintain-projects-using-the-cli/snyk-cli-for-iac/README.md b/developer-tools/snyk-cli/scan-and-maintain-projects-using-the-cli/snyk-cli-for-iac/README.md
index 79c09c4f3c6d..cae5a4093f01 100644
--- a/developer-tools/snyk-cli/scan-and-maintain-projects-using-the-cli/snyk-cli-for-iac/README.md
+++ b/developer-tools/snyk-cli/scan-and-maintain-projects-using-the-cli/snyk-cli-for-iac/README.md
@@ -18,10 +18,10 @@ Snyk Infrastructure as Code has no equivalent command to `snyk monitor` because
For IaC CLI results to appear in the Snyk Web UI, use [`snyk iac test --report`](share-cli-results-with-the-snyk-web-ui.md) to capture a one-time snapshot. Optionally, run the command on a recurring schedule to regularly test your IaC files.
-Alternatively, you can add an [SCM integration](../../../scm-integrations/organization-level-integrations/), and Snyk will monitor and test a given Git repository on a recurring basis.
+Alternatively, you can add an [SCM integration](../../../scm-integrations/organization-level-integrations/), and Snyk monitors and tests a given Git repository on a recurring basis.
## Using Snyk behind a proxy
If you are using a proxy, see [Proxy configuration for Snyk CLI](../../configure-the-snyk-cli/proxy-configuration-for-snyk-cli.md).
-For IaC scans specifically, you must also whitelist the \*.snyk.io address, as explained on the page [How can we allowlist Snyk IP addresses](https://support.snyk.io/s/article/How-can-we-allowlist-Snyk-IP-addresses)?
+For IaC scans specifically, you must also allowlist the \*.snyk.io address, as explained on the page [How can we allowlist Snyk IP addresses](https://support.snyk.io/s/article/How-can-we-allowlist-Snyk-IP-addresses)?
diff --git a/developer-tools/snyk-cli/scan-and-maintain-projects-using-the-cli/snyk-cli-for-iac/iac-exclusions-using-the-command-line.md b/developer-tools/snyk-cli/scan-and-maintain-projects-using-the-cli/snyk-cli-for-iac/iac-exclusions-using-the-command-line.md
index e137adef597c..a7306b82da1b 100644
--- a/developer-tools/snyk-cli/scan-and-maintain-projects-using-the-cli/snyk-cli-for-iac/iac-exclusions-using-the-command-line.md
+++ b/developer-tools/snyk-cli/scan-and-maintain-projects-using-the-cli/snyk-cli-for-iac/iac-exclusions-using-the-command-line.md
@@ -1,14 +1,14 @@
# IaC exclusions using the command line
-When you scan directories or a large collection of IaC files using the Snyk CLI `iac test` command, it is easy to include unwanted files or directories in your scan by mistake. When this happens, use your command line tools to exclude specific files or directories from the scan. This page describes some solutions to the most typical use cases.
+When you scan directories or a large collection of IaC files using the Snyk CLI `iac test` command, you can include unwanted files or directories in your scan by mistake. When this happens, use your command line tools to exclude specific files or directories from the scan. This page describes some solutions to the most typical use cases.
{% hint style="info" %}
-The following examples use command line tools like `find` and `xargs` that are widespread in UNIX-like environments. Make sure that the tools are available on your platform.
+The following examples use command line tools like `find` and `xargs` that are widespread in UNIX-like environments. Ensure the tools are available on your platform.
{% endhint %}
## Exclude files of the wrong type
-Sometimes your Projects contain different kinds of files, and you want to scan only files with a specific extension, excluding everything else. The following command scans only files with a `.tf` extension contained in the current working directory and its subdirectories. Files that do not have a `.tf` extension will not be scanned.
+Sometimes your Projects contain different kinds of files, and you want to scan only files with a specific extension, excluding everything else. The following command scans only files with a `.tf` extension contained in the current working directory and its subdirectories. Files that do not have a `.tf` extension are not scanned.
```
find . -type file -name '*.tf' | xargs snyk iac test
@@ -16,7 +16,7 @@ find . -type file -name '*.tf' | xargs snyk iac test
## Exclude directories by name
-In very large projects, it is common to save files that have different purposes in distinct directories. For example, you might save IaC files for your development, staging, and production environments in different directories. When scanning such Projects, you may want to exclude some of these directories. This command scans every file with a `.tf` extension in the current directory and its subdirectories, except those in the `prod` subdirectory.
+In large projects, it is common to save files that have different purposes in distinct directories. For example, you might save IaC files for your development, staging, and production environments in different directories. When scanning such Projects, you might want to exclude some of these directories. This command scans every file with a `.tf` extension in the current directory and its subdirectories, except those in the `prod` subdirectory.
```
find . -name '*.tf' -not -path './prod/*' | xargs snyk iac test
diff --git a/developer-tools/snyk-cli/scan-and-maintain-projects-using-the-cli/snyk-cli-for-iac/iac-ignores-using-the-.snyk-policy-file.md b/developer-tools/snyk-cli/scan-and-maintain-projects-using-the-cli/snyk-cli-for-iac/iac-ignores-using-the-.snyk-policy-file.md
index cf58821faca2..cf15d1ead1c0 100644
--- a/developer-tools/snyk-cli/scan-and-maintain-projects-using-the-cli/snyk-cli-for-iac/iac-ignores-using-the-.snyk-policy-file.md
+++ b/developer-tools/snyk-cli/scan-and-maintain-projects-using-the-cli/snyk-cli-for-iac/iac-ignores-using-the-.snyk-policy-file.md
@@ -1,12 +1,12 @@
# IaC ignores using the .snyk policy file
-When you scan IaC configuration files using the Snyk CLI `iac test` command, you can ignore issues that are not relevant to you by using the [`.snyk` policy file](https://app.gitbook.com/s/BJO0IZx7zB6bOkotxQP2/prevent/policies/the-.snyk-file). Snyk recommends that you store and version the `.snyk` file in the root of the working directory where you store your IaC configuration files. This file can be created with the `snyk ignore` command. For details see [Ignore vulnerabilities using Snyk CLI](../ignore-vulnerabilities-using-the-snyk-cli.md).
+When you scan IaC configuration files using the Snyk CLI `iac test` command, you can ignore issues that are not relevant to you by using the [`.snyk` policy file](https://app.gitbook.com/s/BJO0IZx7zB6bOkotxQP2/prevent/policies/the-.snyk-file). Snyk recommends that you store and version the `.snyk` file in the root of the working directory where you store your IaC configuration files. You can create this file with the `snyk ignore` command. For details see [Ignore vulnerabilities using Snyk CLI](../ignore-vulnerabilities-using-the-snyk-cli.md).
## Ignore paths
For tests run using the Snyk CLI, only issues defined in the `.snyk` file are ignored.
-For tests run from imported Git repositories, issues can be ignored in the Snyk UI. Note that these ignores apply only to scans done using the Snyk UI.
+For tests run from imported Git repositories, you can ignore issues in the Snyk Web UI. Note that these ignores apply only to scans done using the Snyk Web UI.
{% hint style="warning" %}
Ignores in the `.snyk` file and ignores created in the Snyk UI are not synchronized.
@@ -73,7 +73,7 @@ For more information about the Snyk CLI ignore command, see [Ignore vulnerabilit
## Ignore instances of a vulnerability
-Individual instances of a vulnerability within a file can be ignored. To do this, take the “resource path” from the output of `snyk iac test`, and add it to the file path.
+You can ignore individual instances of a vulnerability within a file. To do this, take the “resource path” from the output of `snyk iac test`, and add it to the file path.
For example, from the following output snippet (line break added for ease of reading):
@@ -113,6 +113,6 @@ When you run `snyk iac test`, the CLI loads `$PWD/.snyk`. One common pattern is
The CLI accepts an option, `--policy-path=...`, which overrides the location of `.snyk` policy files. The path can either be a directory containing a file named `.snyk` or the path to a file named `.snyk`. The name of the policy file must be `.snyk`.
-Policies are not loaded automatically when the argument to `snyk iac test` is a file rather than a directory. In this case, `--policy-path` must be specified in order to load policies.
+Policies are not loaded automatically when the argument to `snyk iac test` is a file rather than a directory. In this case, you must specify `--policy-path` to load policies.
The CLI accepts the option `--ignore-policy`, which causes any `.snyk` policy files that are found to be ignored.
diff --git a/developer-tools/snyk-cli/scan-and-maintain-projects-using-the-cli/snyk-cli-for-iac/share-cli-results-with-the-snyk-web-ui.md b/developer-tools/snyk-cli/scan-and-maintain-projects-using-the-cli/snyk-cli-for-iac/share-cli-results-with-the-snyk-web-ui.md
index 6c6ceafeaf95..ecb25ba3f71e 100644
--- a/developer-tools/snyk-cli/scan-and-maintain-projects-using-the-cli/snyk-cli-for-iac/share-cli-results-with-the-snyk-web-ui.md
+++ b/developer-tools/snyk-cli/scan-and-maintain-projects-using-the-cli/snyk-cli-for-iac/share-cli-results-with-the-snyk-web-ui.md
@@ -7,9 +7,9 @@ To see these issues displayed in the Snyk Web UI, run the following CLI command:
`snyk iac test myproject --report`
{% hint style="info" %}
-Using [Custom rules](https://app.gitbook.com/s/BJO0IZx7zB6bOkotxQP2/scan-with-snyk/snyk-iac/current-iac-custom-rules) and the Share Results functionality together is not currently supported.
+Using [Custom rules](https://app.gitbook.com/s/BJO0IZx7zB6bOkotxQP2/scan-with-snyk/snyk-iac/current-iac-custom-rules) and the Share Results functionality together is not supported.
-Snyk does not share any file contents over the network, only the required metadata for the configuration issues that were just scanned.
+Snyk does not share any file contents over the network, only the required metadata for the configuration issues that were scanned.
{% endhint %}
## `snyk iac test --report` example output
@@ -54,7 +54,7 @@ You can also open the Project itself and see the Project details:
You can ignore issues using the Snyk Web UI or by creating a `.snyk` policy file along with your Project when scanning. For more information, see [Iac Ignores using the .snyk policy file](iac-ignores-using-the-.snyk-policy-file.md).
{% hint style="info" %}
-Issues that are ignored by using the `.snyk` policy file can not be unignored in the Snyk web UI.
+Issues that are ignored by using the `.snyk` policy file cannot be unignored in the Snyk Web UI.
{% endhint %}
## Project tags
diff --git a/developer-tools/snyk-cli/scan-and-maintain-projects-using-the-cli/snyk-cli-for-iac/test-your-iac-files/README.md b/developer-tools/snyk-cli/scan-and-maintain-projects-using-the-cli/snyk-cli-for-iac/test-your-iac-files/README.md
index d0fb525a7855..8b3c55e72c21 100644
--- a/developer-tools/snyk-cli/scan-and-maintain-projects-using-the-cli/snyk-cli-for-iac/test-your-iac-files/README.md
+++ b/developer-tools/snyk-cli/scan-and-maintain-projects-using-the-cli/snyk-cli-for-iac/test-your-iac-files/README.md
@@ -135,7 +135,7 @@ You can also set the `org` flag in `snyk config`, so you do not need to use the
snyk config set org=infrastructure
```
-## Example Test Output
+## Example test output
```
Snyk Infrastructure as Code
diff --git a/developer-tools/snyk-cli/scan-and-maintain-projects-using-the-cli/snyk-cli-for-iac/test-your-iac-files/helm-charts.md b/developer-tools/snyk-cli/scan-and-maintain-projects-using-the-cli/snyk-cli-for-iac/test-your-iac-files/helm-charts.md
index 92565d7db851..38ae4f775d9e 100644
--- a/developer-tools/snyk-cli/scan-and-maintain-projects-using-the-cli/snyk-cli-for-iac/test-your-iac-files/helm-charts.md
+++ b/developer-tools/snyk-cli/scan-and-maintain-projects-using-the-cli/snyk-cli-for-iac/test-your-iac-files/helm-charts.md
@@ -27,4 +27,4 @@ helm template ./helm > output.yaml
snyk iac test output.yaml
```
-The Snyk CLI cannot read from standard input at this time; Snyk is working on this feature.
+The Snyk CLI cannot read from standard input. Snyk is working on this feature.
diff --git a/developer-tools/snyk-cli/scan-and-maintain-projects-using-the-cli/snyk-cli-for-iac/test-your-iac-files/serverless-files.md b/developer-tools/snyk-cli/scan-and-maintain-projects-using-the-cli/snyk-cli-for-iac/test-your-iac-files/serverless-files.md
index 98436234f6a2..395c81a74e5a 100644
--- a/developer-tools/snyk-cli/scan-and-maintain-projects-using-the-cli/snyk-cli-for-iac/test-your-iac-files/serverless-files.md
+++ b/developer-tools/snyk-cli/scan-and-maintain-projects-using-the-cli/snyk-cli-for-iac/test-your-iac-files/serverless-files.md
@@ -6,9 +6,9 @@ Snyk Infrastructure as Code for Serverless framework supports scanning the packa
You can **test for an issue on specified Serverless files** as explained on this page.
-Be sure you have the [Serverless CLI installed](https://www.serverless.com/framework/docs/getting-started).
+Ensure you have the [Serverless CLI installed](https://www.serverless.com/framework/docs/getting-started).
-After installing the Serverless CLI, **navigate** to the directory that contains your Serverless files and **generate** the Serverless artifacts by entering the following:
+After installing the Serverless CLI, navigate to the directory that contains your Serverless files and generate the Serverless artifacts by entering the following:
```
serverless package --package serverless-artifacts
diff --git a/developer-tools/snyk-cli/scan-and-maintain-projects-using-the-cli/snyk-cli-for-iac/test-your-iac-files/terraform-files.md b/developer-tools/snyk-cli/scan-and-maintain-projects-using-the-cli/snyk-cli-for-iac/test-your-iac-files/terraform-files.md
index c46275ab53d9..4193df6755aa 100644
--- a/developer-tools/snyk-cli/scan-and-maintain-projects-using-the-cli/snyk-cli-for-iac/test-your-iac-files/terraform-files.md
+++ b/developer-tools/snyk-cli/scan-and-maintain-projects-using-the-cli/snyk-cli-for-iac/test-your-iac-files/terraform-files.md
@@ -19,7 +19,7 @@ snyk iac test .
Terraform plan is the step run between writing your configuration files and deploying those changes.
-`$ terraform plan` identifies the changes that need to be made to your target environment in order to match your desired state.
+`$ terraform plan` identifies the changes that need to be made to your target environment to match your desired state.
As part of this planning stage, all variables and Terraform modules that are used in your targeted Terraform deployment are taken into consideration.
@@ -37,7 +37,7 @@ Provide the path to your Terraform plan output which must be stored as a valid J
snyk iac test tf-plan.json
```
-By default, Snyk scans the changes that will be made to your infrastructure, not the full infrastructure.
+By default, Snyk scans the changes made to your infrastructure, not the full infrastructure.
You can change this behavior by using the `--scan=` option.
@@ -53,7 +53,7 @@ terraform show -json tfplan.binary > tf-plan.json
You can name the `tf-plan.json` file according to your needs.
-These files are considered sensitive, and it is not recommended to commit them to source control.
+These files are sensitive, so Snyk recommends that you do not commit them to source control.
## Troubleshooting Terraform scans
@@ -65,6 +65,6 @@ The option `--experimental` is no longer required for testing your Terraform Pro
* **Variables** - Terraform plan output considers the values stored in variables.
* **Terraform modules** - Terraform plan output includes any configuration issues found from Terraform modules that you may be using.
-* **Delta** - By default, scanning the Terraform plan output scans only for configuration issues on the changes that will be made, not the whole deployment. In contrast, the static scan looks at all of the files. Try re-running the scan with the `--scan=planned-values` option.
+* **Delta** - By default, scanning the Terraform plan output scans only for configuration issues on the changes to be made, not the whole deployment. In contrast, the static scan looks at all of the files. Try re-running the scan with the `--scan=planned-values` option.
If you have found a discrepancy that you cannot explain based on this information, submit a [request](https://support.snyk.io) to Support.
diff --git a/developer-tools/snyk-cli/scan-and-maintain-projects-using-the-cli/snyk-cli-for-iac/understand-the-iac-cli-test-results/snyk-iac-cli-test-results-v.-1.939.0-and-later.md b/developer-tools/snyk-cli/scan-and-maintain-projects-using-the-cli/snyk-cli-for-iac/understand-the-iac-cli-test-results/snyk-iac-cli-test-results-v.-1.939.0-and-later.md
index 9b60ea32fe9a..cf9aed458be7 100644
--- a/developer-tools/snyk-cli/scan-and-maintain-projects-using-the-cli/snyk-cli-for-iac/understand-the-iac-cli-test-results/snyk-iac-cli-test-results-v.-1.939.0-and-later.md
+++ b/developer-tools/snyk-cli/scan-and-maintain-projects-using-the-cli/snyk-cli-for-iac/understand-the-iac-cli-test-results/snyk-iac-cli-test-results-v.-1.939.0-and-later.md
@@ -6,7 +6,7 @@ The instructions in this section apply to any file format supported by Snyk Infr
Snyk CLI analyzes your configuration file for issues and provides information and advice on how to resolve the issues discovered.
-For example, when scanning a Terraform file, run the following command:
+For example, when scanning a Terraform file, run the following command:
```
snyk iac test aws_api_gateway_stage_logging.tf
diff --git a/developer-tools/snyk-cli/scan-and-maintain-projects-using-the-cli/snyk-cli-for-open-source/integrate-snyk-into-your-workflow-using-the-cli.md b/developer-tools/snyk-cli/scan-and-maintain-projects-using-the-cli/snyk-cli-for-open-source/integrate-snyk-into-your-workflow-using-the-cli.md
index 6f6f4e181763..67e0d6401258 100644
--- a/developer-tools/snyk-cli/scan-and-maintain-projects-using-the-cli/snyk-cli-for-open-source/integrate-snyk-into-your-workflow-using-the-cli.md
+++ b/developer-tools/snyk-cli/scan-and-maintain-projects-using-the-cli/snyk-cli-for-open-source/integrate-snyk-into-your-workflow-using-the-cli.md
@@ -9,7 +9,7 @@ This page provides an example of integrating Snyk into your GitHub workflow usin
```
git clone https://github.com/snyk/goof.git
```
-2. Create a new branch, add vulnerabilities on this branch, then merge changes back to GitHub as a Pull Request:
+2. Create a new branch, add vulnerabilities on this branch, then merge changes back to GitHub as a pull request:
```
git branch add_vulns
@@ -89,4 +89,4 @@ Snyk can auto-scan your pull request (PR) for vulnerabilities and license issues
As the PR workflow is completed, Snyk validates the vulnerability and license policy set for the Project. Based on the policy, the checks either passed or failed; this is shown in GitHub.
-This allows you to establish a security gate and prevent pull requests from adding new vulnerabilities, or new open-source libraries that do not meet your license policy, to the source code baseline.
+This lets you establish a security gate and prevent pull requests from adding new vulnerabilities, or new open-source libraries that do not meet your license policy, to the source code baseline.
diff --git a/developer-tools/snyk-cli/scan-and-maintain-projects-using-the-cli/snyk-cli-for-open-source/open-source-projects-that-must-be-built-before-testing-with-the-snyk-cli.md b/developer-tools/snyk-cli/scan-and-maintain-projects-using-the-cli/snyk-cli-for-open-source/open-source-projects-that-must-be-built-before-testing-with-the-snyk-cli.md
index 3753d96b79c9..ea1a189ae350 100644
--- a/developer-tools/snyk-cli/scan-and-maintain-projects-using-the-cli/snyk-cli-for-open-source/open-source-projects-that-must-be-built-before-testing-with-the-snyk-cli.md
+++ b/developer-tools/snyk-cli/scan-and-maintain-projects-using-the-cli/snyk-cli-for-open-source/open-source-projects-that-must-be-built-before-testing-with-the-snyk-cli.md
@@ -10,7 +10,7 @@ The following types of Projects must be built before testing with the CLI.
| ------------------- | --------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
| JavaScript | npm |
Build required only if no package-lock.json file is present; run npm install to generate. See the Snyk for JavaScript documentation for supported lockfile versions
|
| JavaScript | pnpm | Build required only if no `pnpm-lock.yaml` file is present; run `pnpm install` to generate |
-| Javascript | Yarn | Build required only if no `yarn.lock` file is present; run `yarn install` to generate |
+| JavaScript | Yarn | Build required only if no `yarn.lock` file is present; run `yarn install` to generate |
| Java | Maven |
Yes Run mvn install before testing.
|
| Java | Gradle | No |
| .NET | NuGet | Build required only if no `packages.config` file is present. |
diff --git a/developer-tools/snyk-cli/scan-and-maintain-projects-using-the-cli/snyk-cli-for-open-source/review-the-snyk-open-source-cli-results.md b/developer-tools/snyk-cli/scan-and-maintain-projects-using-the-cli/snyk-cli-for-open-source/review-the-snyk-open-source-cli-results.md
index 9faef923d102..e0fb9389bff9 100644
--- a/developer-tools/snyk-cli/scan-and-maintain-projects-using-the-cli/snyk-cli-for-open-source/review-the-snyk-open-source-cli-results.md
+++ b/developer-tools/snyk-cli/scan-and-maintain-projects-using-the-cli/snyk-cli-for-open-source/review-the-snyk-open-source-cli-results.md
@@ -32,7 +32,7 @@ These are issues that can be fixed by upgrading a direct dependencies version. T
These are issues that cannot be resolved by upgrading a direct dependency. They contain the same information as the issues to fix by upgrading, with versions in which the vulnerability could be fixed if the dependency were upgradeable.
-### License Issues
+### License issues
License issues are determined by the [license policy](https://app.gitbook.com/s/BJO0IZx7zB6bOkotxQP2/prevent/policies/license-policies) of your Snyk Organization. License issues contain the following information:
@@ -49,7 +49,7 @@ The descriptive information about the test results includes the following detail
* **Package manager**: The package manager associated with this Open Source scan
* **Target File**: The target file which was scanned for Open Source vulnerabilities
* **Project Name**: The name of the directory in which this Project is located
-* **Open Source**: Information about whether or not this scan was performed on an Open Source Project.
+* **Open Source**: Information about whether this scan was performed on an Open Source Project.
* **Project Path**: The path through which the target file is introduced
* **Local Snyk Policy**: Information about whether this scan was performed on an Open Source Project. For more information, see [The .snyk file](https://app.gitbook.com/s/BJO0IZx7zB6bOkotxQP2/prevent/policies/the-.snyk-file).
* **Licenses**: Information about whether this Project was scanned for license issues
diff --git a/developer-tools/snyk-cli/scan-and-maintain-projects-using-the-cli/snyk-cli-for-open-source/use-options-to-customize-the-snyk-test-command.md b/developer-tools/snyk-cli/scan-and-maintain-projects-using-the-cli/snyk-cli-for-open-source/use-options-to-customize-the-snyk-test-command.md
index 35ab5693d4a0..6aaf0945b988 100644
--- a/developer-tools/snyk-cli/scan-and-maintain-projects-using-the-cli/snyk-cli-for-open-source/use-options-to-customize-the-snyk-test-command.md
+++ b/developer-tools/snyk-cli/scan-and-maintain-projects-using-the-cli/snyk-cli-for-open-source/use-options-to-customize-the-snyk-test-command.md
@@ -1,6 +1,6 @@
# Use options to customize the snyk test command
-The Snyk CLI has many commands that enable you to perform various tasks and many options that enable you to customize the commands. For details, see the [CLI help](../../commands/). This page explains how to customize snyk test to accomplish tasks you may want to do in testing Open Source Projects.
+The Snyk CLI has many commands that you can use to perform various tasks and many options that you can use to customize the commands. For details, see the [CLI help](../../commands/). This page explains how to customize snyk test to accomplish tasks you want to do in testing Open Source Projects.
## Scan multiple manifest files
@@ -20,6 +20,6 @@ If your manifest files are from a supported language but have a custom name, you
## **Test dev dependencies**
-Many package managers allow for separately calling out dependencies that are to be used only in a development or test context, that is, not eventually shipped to production. By default, Snyk does not scan these dependencies. If you want your `dev` dependencies to be included in the scan, use the `--dev` option:
+Many package managers let you separately call out dependencies that are to be used only in a development or test context, that is, not eventually shipped to production. By default, Snyk does not scan these dependencies. If you want your `dev` dependencies to be included in the scan, use the `--dev` option:
`$ snyk test --dev`
diff --git a/developer-tools/snyk-cli/scan-and-maintain-projects-using-the-cli/snyk-cli-for-snyk-code/README.md b/developer-tools/snyk-cli/scan-and-maintain-projects-using-the-cli/snyk-cli-for-snyk-code/README.md
index 1ab4ab6e584b..90612768ebd6 100644
--- a/developer-tools/snyk-cli/scan-and-maintain-projects-using-the-cli/snyk-cli-for-snyk-code/README.md
+++ b/developer-tools/snyk-cli/scan-and-maintain-projects-using-the-cli/snyk-cli-for-snyk-code/README.md
@@ -1,6 +1,6 @@
# Snyk CLI for Snyk Code
-The [Snyk Command Line Interface](../../) (CLI) enables you to bring the functionality of Snyk Code into your development workflow. Using the Snyk CLI, you can run Snyk Code tests locally or incorporate them into your CI/CD pipeline to scan your source code for security vulnerabilities.
+The [Snyk Command Line Interface](../../) (CLI) lets you bring the functionality of Snyk Code into your development workflow. Using the Snyk CLI, you can run Snyk Code tests locally or incorporate them into your CI/CD pipeline to scan your source code for security vulnerabilities.
## Prerequisites for using the Snyk CLI with Snyk Code
@@ -8,7 +8,7 @@ Before using the Snyk CLI for testing your source code with Snyk Code, verify yo
* A Snyk account.
* Repositories with code in [supported languages and frameworks](https://app.gitbook.com/s/L7HyJj9FsK1W4pNt8Gzl/supported-languages/supported-languages-package-managers-and-frameworks).
-* The **Snyk Code** option [enabled in your Snyk Org settings](https://app.gitbook.com/s/BJO0IZx7zB6bOkotxQP2/scan-with-snyk/snyk-code/configure-snyk-code).
+* The **Snyk Code** option [enabled in your Snyk Organization settings](https://app.gitbook.com/s/BJO0IZx7zB6bOkotxQP2/scan-with-snyk/snyk-code/configure-snyk-code).
* The Snyk CLI installed and authenticated.
* For instructions, see [Install or update the Snyk CLI](../../install-the-snyk-cli/) and [Authenticate the Snyk CLI](../../authenticate-to-use-the-cli.md).
* The minimum Snyk CLI version for Snyk Code, version 1.716.0. Snyk recommends using the latest version of the CLI.
@@ -18,7 +18,7 @@ Before using the Snyk CLI for testing your source code with Snyk Code, verify yo
To test your repository code using the Snyk CLI, use the [`snyk code test`](../../commands/code-test.md) command.\
For more information, see [Scan source code with Snyk Code using the CLI](scan-source-code-with-snyk-code-using-the-cli.md).
-Before running Snyk Code tests with the CLI, you may want to do the following:
+Before running Snyk Code tests with the CLI, you can do the following:
* [Update your Snyk CLI version](../../install-the-snyk-cli/).
* [Set the Organization for the CLI tests](set-the-snyk-organization-for-the-cli-tests.md).
diff --git a/developer-tools/snyk-cli/scan-and-maintain-projects-using-the-cli/snyk-cli-for-snyk-code/exclude-directories-and-files-from-snyk-code-cli-tests.md b/developer-tools/snyk-cli/scan-and-maintain-projects-using-the-cli/snyk-cli-for-snyk-code/exclude-directories-and-files-from-snyk-code-cli-tests.md
index 1f33eb02746e..0a9258d16570 100644
--- a/developer-tools/snyk-cli/scan-and-maintain-projects-using-the-cli/snyk-cli-for-snyk-code/exclude-directories-and-files-from-snyk-code-cli-tests.md
+++ b/developer-tools/snyk-cli/scan-and-maintain-projects-using-the-cli/snyk-cli-for-snyk-code/exclude-directories-and-files-from-snyk-code-cli-tests.md
@@ -34,7 +34,7 @@ The `.snyk` file is created as a hidden file. If you do not see it in your root
snyk ignore --file-path= && snyk ignore --file-path= && snyk ignore --file-path=
```
-From now on, when you run the `snyk code test` command from the selected folder, the specified directories or files will be excluded from the test.
+From now on, when you run the `snyk code test` command from the selected folder, Snyk excludes the specified directories or files from the test.
## Re-include excluded files in the CLI test
diff --git a/developer-tools/snyk-cli/scan-and-maintain-projects-using-the-cli/snyk-cli-for-snyk-code/scan-source-code-with-snyk-code-using-the-cli.md b/developer-tools/snyk-cli/scan-and-maintain-projects-using-the-cli/snyk-cli-for-snyk-code/scan-source-code-with-snyk-code-using-the-cli.md
index 426982d4abd9..80ca90392440 100644
--- a/developer-tools/snyk-cli/scan-and-maintain-projects-using-the-cli/snyk-cli-for-snyk-code/scan-source-code-with-snyk-code-using-the-cli.md
+++ b/developer-tools/snyk-cli/scan-and-maintain-projects-using-the-cli/snyk-cli-for-snyk-code/scan-source-code-with-snyk-code-using-the-cli.md
@@ -68,15 +68,15 @@ You can publish Snyk Code results to a Snyk Project with or without using an int
You do not need to connect to an SCM integration such as GitHub or GitLab for this to work. It works directly with the results you upload from Snyk CLI.
-* Sync with Snyk Web UI: After creating a Project from the CLI, you can manage it in the Snyk web interface. If you mark an issue as **Ignored** in the UI, future CLI scans for that Project are not being reported again.
+* Sync with Snyk Web UI: After creating a Project from the CLI, you can manage it in the Snyk web interface. If you mark an issue as **Ignored** in the UI, future CLI scans for that Project do not report it again.
* If the Project does not exist, Snyk automatically creates a new CLI Project for you with the value provided in the `--project-name` option.
-* If the Project already exists, Snyk adds your latest scan as a new snapshot to that same Project. This allows you to track its security history over time.
+* If the Project already exists, Snyk adds your latest scan as a new snapshot to that same Project. This lets you track its security history over time.
## Publishing CLI results to a Snyk Code Project
-Using Snyk Code through the CLI allows you to publish test results of local code to a Snyk Project in Snyk Web UI. Future CLI tests of this Project will respect issues that were ignored in the Web UI.
+Using Snyk Code through the CLI lets you publish test results of local code to a Snyk Project in Snyk Web UI. Future CLI tests of this Project respect issues that were ignored in the Web UI.
-This allows using Snyk Code as a blocking CI/CD gate to test and block builds at the main branch level and then have developers review the results in the Web UI, fix any newly introduced vulnerabilities, or ignore irrelevant ones.
+This lets you use Snyk Code as a blocking CI/CD gate to test and block builds at the main branch level and then have developers review the results in the Web UI, fix any newly introduced vulnerabilities, or ignore irrelevant ones.
In the terminal, enter the following command:
@@ -94,7 +94,7 @@ Running the `snyk code test` command with the `--report` option, as shown, retur
If a Snyk Code Project created with the CLI does not yet exist for the provided value in the option, the Snyk CLI creates a new Project. If a Project created using the CLI already exists, a new snapshot is made under the same Project.
-To make the Project easier to interpret in Snyk Web UI, you can use additional commands to specify a target name and also target references, such as Git branches. The following command will create or upload an existing Project named `` under a target named ``.
+To make the Project easier to interpret in Snyk Web UI, you can use additional commands to specify a target name and also target references, such as Git branches. The following command creates or uploads an existing Project named `` under a target named ``.
```
snyk code test --report --project-name="" --target-name=""
@@ -120,9 +120,9 @@ Snyk uses the `--project-name` or `--target-name` you provided in the command to
You do not need to connect to an SCM integration such as GitHub or GitLab for this to work. It works directly with the results you upload from Snyk CLI.
-* Sync with Snyk Web UI: After creating a Project from the CLI, you can manage it in the Snyk web interface. If you mark an issue as **Ignored** in the UI, it will be suppressed in all future Project scans.
+* Sync with Snyk Web UI: After creating a Project from the CLI, you can manage it in the Snyk web interface. If you mark an issue as **Ignored** in the UI, Snyk suppresses it in all future Project scans.
* If the Project is new, Snyk automatically creates a new CLI Project for you with the value provided in the `--project-name` option.
-* If the Project already exists, Snyk adds your latest scan as a new snapshot to that same Project. This allows you to track its security history over time.
+* If the Project already exists, Snyk adds your latest scan as a new snapshot to that same Project. This lets you track its security history over time.
### Troubleshooting published Snyk Code CLI results
diff --git a/developer-tools/snyk-cli/scan-and-maintain-projects-using-the-cli/snyk-cli-for-snyk-code/set-the-snyk-organization-for-the-cli-tests.md b/developer-tools/snyk-cli/scan-and-maintain-projects-using-the-cli/snyk-cli-for-snyk-code/set-the-snyk-organization-for-the-cli-tests.md
index 9d4a628b6251..9e6f4cdfc414 100644
--- a/developer-tools/snyk-cli/scan-and-maintain-projects-using-the-cli/snyk-cli-for-snyk-code/set-the-snyk-organization-for-the-cli-tests.md
+++ b/developer-tools/snyk-cli/scan-and-maintain-projects-using-the-cli/snyk-cli-for-snyk-code/set-the-snyk-organization-for-the-cli-tests.md
@@ -1,6 +1,6 @@
# Set the Snyk Organization for CLI tests
-If you have several Organizations in your Snyk account, before you test your code using the CLI, specify which Snyk Organization will be used for the test count.
+If you have several Organizations in your Snyk account, before you test your code using the CLI, specify which Snyk Organization to use for the test count.
You can find your available CLI test count on the Organization **Settings** page > **Plan and billing** > **Usage** tab > **Test Usage** section > **Snyk Code** field:
@@ -19,7 +19,7 @@ When setting an Organization for the CLI tests, you have two options:
## Find Snyk ID and internal name of an Organization
-When setting an Organization for the CLI tests, you can use either the Organization ID or the Organization internal name. These Organization identification details are generated automatically by Snyk for each Organization when it is created. The value you select to enter in the command will be shown as the **Organization** name in the test results. You can find the Snyk ID and internal name on the **Settings** page of the Organization on the Web UI.
+When setting an Organization for the CLI tests, you can use either the Organization ID or the Organization internal name. These Organization identification details are generated automatically by Snyk for each Organization when it is created. The value you select to enter in the command appears as the **Organization** name in the test results. You can find the Snyk ID and internal name on the **Settings** page of the Organization on the Web UI.
Follow these steps to find an Organization ID and internal name:
@@ -27,7 +27,7 @@ Follow these steps to find an Organization ID and internal name:
Open an Organization to find its details
-2. Once the selected Organization is open, click the **Org Settings**.
+2. After the selected Organization is open, click **Org Settings**.
3. On the **Settings** page of the Organization, select the **General** tab to find the following:
* **Internal name**: stated in the **Organization name** section.
@@ -40,7 +40,7 @@ Follow these steps to find an Organization ID and internal name:
## Set the default Organization globally for CLI tests
-You can set a default Organization globally for all CLI tests via the CLI. This default Organization will override the Organization set as the [preferred Organization](https://app.gitbook.com/s/IgtgtomLQ2TUgSKOMSAm/snyk-hierarchy/organizations/create-and-delete-organizations). When entering this command, you can use either the [ID or internal name](set-the-snyk-organization-for-the-cli-tests.md#find-snyk-id-and-internal-name-of-an-organization) of the new default Organization.
+You can set a default Organization globally for all CLI tests using the CLI. This default Organization overrides the Organization set as the [preferred Organization](https://app.gitbook.com/s/IgtgtomLQ2TUgSKOMSAm/snyk-hierarchy/organizations/create-and-delete-organizations). When entering this command, you can use either the [ID or internal name](set-the-snyk-organization-for-the-cli-tests.md#find-snyk-id-and-internal-name-of-an-organization) of the new default Organization.
Regardless of the Organization you set as a global default, you can [run specific CLI tests under a different Organization](set-the-snyk-organization-for-the-cli-tests.md#set-an-organization-locally-for-a-specific-cli-test).
@@ -56,7 +56,7 @@ You receive the following confirmation:
org updated
```
-From now on, all your CLI tests will run under the specified Organization.
+From now on, all your CLI tests run under the specified Organization.
For example, to set the Snyk Demo Org as the default Organization for the CLI tests, use the Organization ID and enter:
@@ -66,13 +66,13 @@ snyk config set org=a7708807-3881-xxxx-xxxx-xxxxxxxxxxxx
Command to set Organization and confirmation
-From now on, all the CLI tests will run by default under the Snyk Demo Org Organization, and the Snyk Demo Org ID will appear in the test results:
+From now on, all the CLI tests run by default under the Snyk Demo Org Organization, and the Snyk Demo Org ID appears in the test results:
Snyk Demo Org ID in test results
## Set an Organization locally for a specific CLI test
-You can run a specific CLI test under a different Organization from the default. When using this option, the specified Organization will override the default Organization in a specific CLI test. You can use either the [ID or internal name of the Organization](set-the-snyk-organization-for-the-cli-tests.md#find-snyk-id-and-internal-name-of-an-organization) to run a command.
+You can run a specific CLI test under a different Organization from the default. When using this option, the specified Organization overrides the default Organization in a specific CLI test. You can use either the [ID or internal name of the Organization](set-the-snyk-organization-for-the-cli-tests.md#find-snyk-id-and-internal-name-of-an-organization) to run a command.
To set an Organization for a specific CLI test in the terminal, after the `test` command enter:
diff --git a/developer-tools/snyk-cli/scan-and-maintain-projects-using-the-cli/snyk-cli-for-snyk-code/view-snyk-code-cli-results.md b/developer-tools/snyk-cli/scan-and-maintain-projects-using-the-cli/snyk-cli-for-snyk-code/view-snyk-code-cli-results.md
index d0b3ea0eb734..cb03f6e9fab7 100644
--- a/developer-tools/snyk-cli/scan-and-maintain-projects-using-the-cli/snyk-cli-for-snyk-code/view-snyk-code-cli-results.md
+++ b/developer-tools/snyk-cli/scan-and-maintain-projects-using-the-cli/snyk-cli-for-snyk-code/view-snyk-code-cli-results.md
@@ -1,6 +1,6 @@
# View Snyk Code CLI results
-The Snyk CLI enables you to perform the following actions on the results of the `snyk code test` command:
+The Snyk CLI lets you perform the following actions on the results of the `snyk code test` command:
* [Analyze Snyk Code CLI results](view-snyk-code-cli-results.md#analyze-snyk-code-cli-results): View test results and analyze vulnerabilities.
* [Filter results by severity level](view-snyk-code-cli-results.md#filter-results-by-severity-level): Filter the `snyk code test` results shown in the terminal to display only issues with a specific severity level and higher.
@@ -19,7 +19,7 @@ After you run the `snyk code test` command in the CLI, the results of the test a
Snyk Code test restuls from the CLI
-Note that if you ignored issues on the Snyk Web UI, these issues would still appear in the CLI results. Each section on this page explains one section of the displayed results.
+Note that if you ignored issues on the Snyk Web UI, these issues still appear in the CLI results. Each section on this page explains one section of the displayed results.
### List of vulnerability issues detected by Snyk Code
@@ -44,7 +44,7 @@ The general information about the test results includes the following details:
Detals in general information about the CLI test results
* Test success: Whether the test was completed or not.
-* Organization: The Snyk ID or internal name of the Organization under which the test run. For more information, see [Set the Snyk Organization for the CLI tests](set-the-snyk-organization-for-the-cli-tests.md).
+* Organization: The Snyk ID or internal name of the Organization under which the test ran. For more information, see [Set the Snyk Organization for the CLI tests](set-the-snyk-organization-for-the-cli-tests.md).
* Test type: The type of test command that generated the results. For Snyk Code, it is always `Static code analysis`.
* Project path: The path of the tested repository.
@@ -73,7 +73,7 @@ To display only issues above a specific severity level, enter the following:
snyk code test --severity-threshold=
```
-The results will include only issues with the specified severity level and issues with a higher severity level.
+The results include only issues with the specified severity level and issues with a higher severity level.
For example, in the `snyk-goof-master` folder, eight issues were found, four with a High severity level and four with Medium:
diff --git a/developer-tools/snyk-cli/scan-and-maintain-projects-using-the-cli/snyk-cli-for-snyk-container/scan-and-monitor-images.md b/developer-tools/snyk-cli/scan-and-maintain-projects-using-the-cli/snyk-cli-for-snyk-container/scan-and-monitor-images.md
index 927363cf6e1d..cfa00c865d6b 100644
--- a/developer-tools/snyk-cli/scan-and-maintain-projects-using-the-cli/snyk-cli-for-snyk-container/scan-and-monitor-images.md
+++ b/developer-tools/snyk-cli/scan-and-maintain-projects-using-the-cli/snyk-cli-for-snyk-container/scan-and-monitor-images.md
@@ -29,13 +29,13 @@ If you use a Dockerfile to build your image, you can specify this when running `
snyk container test : --file=Dockerfile
```
-Specifying a Dockerfile provides more context and allows Snyk to provide clear recommendations on how to fix discovered vulnerabilities.
+Specifying a Dockerfile provides more context and lets Snyk provide clear recommendations on how to fix discovered vulnerabilities.
-Snyk currently detects application vulnerabilities in your image by default.
+Snyk detects application vulnerabilities in your image by default.
## Monitor an image
-Snyk Container also allows you to monitor images. This provides the following advantages:
+Snyk Container also lets you monitor images. This provides the following advantages:
* Snyk alerts you if new vulnerabilities that affect your image are disclosed without having to retest your image locally.
* Snyk interactively filters the results and explores the list of vulnerabilities in your web browser.
diff --git a/developer-tools/snyk-cli/scan-and-maintain-projects-using-the-cli/snyk-cli-for-snyk-container/understand-snyk-container-cli-results.md b/developer-tools/snyk-cli/scan-and-maintain-projects-using-the-cli/snyk-cli-for-snyk-container/understand-snyk-container-cli-results.md
index fb3a1793d97a..2ae6c750aedd 100644
--- a/developer-tools/snyk-cli/scan-and-maintain-projects-using-the-cli/snyk-cli-for-snyk-container/understand-snyk-container-cli-results.md
+++ b/developer-tools/snyk-cli/scan-and-maintain-projects-using-the-cli/snyk-cli-for-snyk-container/understand-snyk-container-cli-results.md
@@ -33,7 +33,7 @@ Snyk groups together vulnerabilities that are found in multiple packages. This h
Snyk SCM scanning supports a subset of Docker Hub images. Other registries are not supported.
-If Snyk identifies the base image, and the image uses an [Official Docker image](https://docs.docker.com/docker-hub/official_images/), the output includes recommendations for upgrades, in order to fix some of the discovered vulnerabilities.
+If Snyk identifies the base image, and the image uses an [Official Docker image](https://docs.docker.com/docker-hub/official_images/), the output includes recommendations for upgrades, to fix some of the discovered vulnerabilities.
Example of recommendations to upgrade the base image
diff --git a/developer-tools/snyk-cli/security-concept-of-operations-for-snyk/README.md b/developer-tools/snyk-cli/security-concept-of-operations-for-snyk/README.md
index 18d8cc826d88..279d67d7be21 100644
--- a/developer-tools/snyk-cli/security-concept-of-operations-for-snyk/README.md
+++ b/developer-tools/snyk-cli/security-concept-of-operations-for-snyk/README.md
@@ -1,8 +1,8 @@
# Security concept of operations for Snyk
-A security concept of operations can be defined as providing a security-focused description of an information system. For details, see the definition in the [NIST computer security glossary](https://csrc.nist.gov/glossary/term/security_concept_of_operations).
+A security concept of operations provides a security-focused description of an information system. For details, see the definition in the [NIST computer security glossary](https://csrc.nist.gov/glossary/term/security_concept_of_operations).
-These pages provide a description of the [Snyk CLI](../getting-started-with-the-snyk-cli.md) and [IDE integrations](../../snyk-ide-plugins-and-extensions/) focused on security. The following information is included:
+These pages provide a security-focused description of the [Snyk CLI](../getting-started-with-the-snyk-cli.md) and [IDE integrations](../../snyk-ide-plugins-and-extensions/). The following pages are included:
* [Access requirements](access-requirements.md)
* [Securing data at rest](securing-data-at-rest.md)
diff --git a/developer-tools/snyk-cli/security-concept-of-operations-for-snyk/access-requirements.md b/developer-tools/snyk-cli/security-concept-of-operations-for-snyk/access-requirements.md
index 06d531437f24..d0346c4003f7 100644
--- a/developer-tools/snyk-cli/security-concept-of-operations-for-snyk/access-requirements.md
+++ b/developer-tools/snyk-cli/security-concept-of-operations-for-snyk/access-requirements.md
@@ -4,7 +4,7 @@ When you are using Snyk applications like the [CLI ](../getting-started-with-the
## Local filesystem
-The required filesystem access may vary by product.
+The required filesystem access varies by product.
* CACHE\_PATH (Read,Write,Execute)
* Windows: `C:\\Users\\\\AppData\\Local\\snyk`
@@ -23,7 +23,7 @@ The required filesystem access may vary by product.
* app.\.io:443
* 127.0.0.1:\
* required for Inter Process Communication
- * [Ephemeral Port Range](https://www.rfc-editor.org/rfc/rfc6335.html#section-6) might vary by Operating System and Settings
+ * the [Ephemeral Port Range](https://www.rfc-editor.org/rfc/rfc6335.html#section-6) can vary by operating system and settings
### Optional
diff --git a/developer-tools/snyk-cli/security-concept-of-operations-for-snyk/securing-data-at-rest.md b/developer-tools/snyk-cli/security-concept-of-operations-for-snyk/securing-data-at-rest.md
index 8439315b807b..efb373e71003 100644
--- a/developer-tools/snyk-cli/security-concept-of-operations-for-snyk/securing-data-at-rest.md
+++ b/developer-tools/snyk-cli/security-concept-of-operations-for-snyk/securing-data-at-rest.md
@@ -1,8 +1,8 @@
# Securing data at rest
-The Snyk CLI stores its configuration in a JSON file in the local file system in a user-related path. Because the configuration file might include secrets like tokens, it is recommended that you secure the stored file.
+The Snyk CLI stores its configuration in a JSON file in the local file system in a user-related path. Because the configuration file might include secrets like tokens, Snyk recommends that you secure the stored file.
-The following practices are recommended:
+Snyk recommends the following practices:
-* Use ACLs to limit access to the [file path of the configuration file](access-requirements.md). This might be provided by the operating system.
+* Use ACLs to limit access to the [file path of the configuration file](access-requirements.md). The operating system might provide this.
* Use Hard Disk Encryption to secure persisted data (data at rest).
diff --git a/developer-tools/snyk-cli/security-concept-of-operations-for-snyk/using-fips-validated-cryptography.md b/developer-tools/snyk-cli/security-concept-of-operations-for-snyk/using-fips-validated-cryptography.md
index 3e3ee419b65d..11581a4be639 100644
--- a/developer-tools/snyk-cli/security-concept-of-operations-for-snyk/using-fips-validated-cryptography.md
+++ b/developer-tools/snyk-cli/security-concept-of-operations-for-snyk/using-fips-validated-cryptography.md
@@ -13,7 +13,7 @@ Support for use of FIPS-validated cryptography is limited to the Windows and Lin
## FIPS-validated cryptography support and use in the Snyk CLI and Snyk Language Server
-To optimize the developer experience, Snyk is combining the [Snyk Language Server](../../snyk-ide-plugins-and-extensions/snyk-language-server/) and the [Snyk CLI](../getting-started-with-the-snyk-cli.md). As a first step, Snyk is bringing FIPS binaries under one application. Later also non-FIPS CLI binaries will be used for Snyk Language Server.
+To optimize the developer experience, Snyk is combining the [Snyk Language Server](../../snyk-ide-plugins-and-extensions/snyk-language-server/) and the [Snyk CLI](../getting-started-with-the-snyk-cli.md). As a first step, Snyk is bringing FIPS binaries under one application. Later, Snyk Language Server also uses non-FIPS CLI binaries.
The Snyk Language Server can now be executed as a CLI command.
@@ -40,7 +40,7 @@ On Windows, Snyk supports FIPS-validated cryptography through the Windows CNG AP
To enable FIPS on Windows, [use the Windows FIPS policy](https://docs.microsoft.com/en-us/windows/security/threat-protection/fips-140-validation#step-3-enable-the-fips-security-policy).
-For testing, FIPS can be enabled using the following registry key `HKLM\SYSTEM\CurrentControlSet\Control\Lsa\FipsAlgorithmPolicy` by setting the value of `Enabled` to 1.
+For testing, enable FIPS using the registry key `HKLM\SYSTEM\CurrentControlSet\Control\Lsa\FipsAlgorithmPolicy` by setting the value of `Enabled` to 1.
#### Download FIPS-enabled binaries
@@ -71,13 +71,13 @@ docker run -it mcr.microsoft.com/cbl-mariner/base/core:2.0 bash
### Troubleshooting FIPS-cryptography in the Snyk CLI
-`not in FIPS mode` errors indicate that the underlying cryptography library is not in FIPS mode. To solve these issues ensure that the [prerequisites](using-fips-validated-cryptography.md#prerequisites-for-fips-cryptography-in-the-cli-and-snyk-language-server) are met.
+`not in FIPS mode` errors indicate that the underlying cryptography library is not in FIPS mode. To solve these issues, ensure that the [prerequisites](using-fips-validated-cryptography.md#prerequisites-for-fips-cryptography-in-the-cli-and-snyk-language-server) are met.
## FIPS-validated cryptography support and use in IDE Integrations
### Visual Studio Code
-To make use of FIPS-validated cryptography in the [Snyk Visual Studio Code integration](../../snyk-ide-plugins-and-extensions/visual-studio-code-extension/), do the following:
+To use FIPS-validated cryptography in the [Snyk Visual Studio Code integration](../../snyk-ide-plugins-and-extensions/visual-studio-code-extension/), do the following:
* Ensure the [prerequisites](using-fips-validated-cryptography.md#prerequisites-for-fips-cryptography-in-the-cli-and-snyk-language-server) are met.
* [Download the appropriate FIPS-enabled binaries](using-fips-validated-cryptography.md#download-fips-enabled-binaries).
@@ -86,7 +86,7 @@ To make use of FIPS-validated cryptography in the [Snyk Visual Studio Code integ
### Eclipse
-To make use of FIPS-validated cryptography in the [Snyk Eclipse integration](../../snyk-ide-plugins-and-extensions/eclipse-plugin/), do the following:
+To use FIPS-validated cryptography in the [Snyk Eclipse integration](../../snyk-ide-plugins-and-extensions/eclipse-plugin/), do the following:
* Ensure the [prerequisites](using-fips-validated-cryptography.md#prerequisites-for-fips-cryptography-in-the-cli-and-snyk-language-server) are met
* [Download the appropriate FIPS-enabled binaries.](using-fips-validated-cryptography.md#download-fips-enabled-binaries)
@@ -96,7 +96,7 @@ To make use of FIPS-validated cryptography in the [Snyk Eclipse integration](../
### JetBrains
-To make use of FIPS-validated cryptography in the [Snyk JetBrains integration](../../snyk-ide-plugins-and-extensions/jetbrains-plugin/), do the following:
+To use FIPS-validated cryptography in the [Snyk JetBrains integration](../../snyk-ide-plugins-and-extensions/jetbrains-plugin/), do the following:
* Ensure the [prerequisites](using-fips-validated-cryptography.md#prerequisites-for-fips-cryptography-in-the-cli-and-snyk-language-server) are met.
* [Download the appropriate FIPS-enabled binaries](using-fips-validated-cryptography.md#download-fips-enabled-binaries).
@@ -106,7 +106,7 @@ To make use of FIPS-validated cryptography in the [Snyk JetBrains integration](.
### Visual Studio
-To make use of FIPS-validated cryptography in the [Snyk Visual Studio integration](../../snyk-ide-plugins-and-extensions/visual-studio-extension/) do the following:
+To use FIPS-validated cryptography in the [Snyk Visual Studio integration](../../snyk-ide-plugins-and-extensions/visual-studio-extension/) do the following:
* Ensure the [prerequisites](using-fips-validated-cryptography.md#prerequisites-for-fips-cryptography-in-the-cli-and-snyk-language-server) are met.
* [Download the appropriate FIPS-enabled binaries](using-fips-validated-cryptography.md#download-fips-enabled-binaries).
@@ -119,4 +119,4 @@ FIPS in [CI/CD Integrations](../../snyk-ci-cd-integrations/) is available only b
## FIPS-validated cryptography support and use in Package Repositories
-The [Artifactory Gatekeeper plugin](https://app.gitbook.com/s/BJO0IZx7zB6bOkotxQP2/scan-with-snyk/snyk-open-source/manage-vulnerabilities/artifactory-gatekeeper-plugin) uses the Snyk API and runs on a Java VM. To make use of FIPS-validated cryptography, configure the Java Runtime to use a FIPS-validated[ JCE (Java Cryptography Extension)](https://csrc.nist.gov/projects/cryptographic-module-validation-program/validated-modules/search?SearchMode=Basic\&ModuleName=java\&CertificateStatus=Active\&ValidationYear=0).
+The [Artifactory Gatekeeper plugin](https://app.gitbook.com/s/BJO0IZx7zB6bOkotxQP2/scan-with-snyk/snyk-open-source/manage-vulnerabilities/artifactory-gatekeeper-plugin) uses the Snyk API and runs on a Java VM. To use FIPS-validated cryptography, configure the Java Runtime to use a FIPS-validated[ JCE (Java Cryptography Extension)](https://csrc.nist.gov/projects/cryptographic-module-validation-program/validated-modules/search?SearchMode=Basic\&ModuleName=java\&CertificateStatus=Active\&ValidationYear=0).
diff --git a/developer-tools/snyk-cli/snyk-cli-analytics.md b/developer-tools/snyk-cli/snyk-cli-analytics.md
index c22b053e8463..a24d5798c1d4 100644
--- a/developer-tools/snyk-cli/snyk-cli-analytics.md
+++ b/developer-tools/snyk-cli/snyk-cli-analytics.md
@@ -1,6 +1,6 @@
# Snyk CLI analytics
-To provide a reliable and feature-rich experience, our command-line interface (CLI) utilizes two types of analytics: [Essential Operational Analytics](snyk-cli-analytics.md#essential-operational-analytics) and [Optional Usage Analytics](snyk-cli-analytics.md#optional-usage-analytics). We believe in transparency, and this document explains what data is collected, why it's necessary, and the controls you have.
+To provide a reliable and feature-rich experience, our command-line interface (CLI) uses two types of analytics: [Essential Operational Analytics](snyk-cli-analytics.md#essential-operational-analytics) and [Optional Usage Analytics](snyk-cli-analytics.md#optional-usage-analytics). We believe in transparency, and this document explains what data is collected, why it's necessary, and the controls you have.
## Essential Operational Analytics
diff --git a/developer-tools/snyk-cli/snyk-cli/upgrade-the-snyk-cli.md b/developer-tools/snyk-cli/snyk-cli/upgrade-the-snyk-cli.md
index 3aede9957edb..359b3f8df61d 100644
--- a/developer-tools/snyk-cli/snyk-cli/upgrade-the-snyk-cli.md
+++ b/developer-tools/snyk-cli/snyk-cli/upgrade-the-snyk-cli.md
@@ -126,7 +126,7 @@ The Snyk Setup action installs the CLI directly from a binary. By default, this
```
{% endcode %}
-Unlike Docker-based actions, the Snyk Setup action allows you to pin a specific CLI version to prevent automatic updates. Use the `version` input to specify the version:
+Unlike Docker-based actions, the Snyk Setup action lets you pin a specific CLI version to prevent automatic updates. Use the `version` input to specify the version:
{% code overflow="wrap" expandable="true" %}
```yaml
diff --git a/developer-tools/snyk-ide-plugins-and-extensions/README.md b/developer-tools/snyk-ide-plugins-and-extensions/README.md
index 9fdcc375fe7e..d5c0e94647d6 100644
--- a/developer-tools/snyk-ide-plugins-and-extensions/README.md
+++ b/developer-tools/snyk-ide-plugins-and-extensions/README.md
@@ -1,13 +1,13 @@
# Snyk IDE plugins and extensions
{% hint style="info" %}
-If Snyk is hosting your data in a region other than `SNYK US-01`, you may set the custom endpoint in the IDE. For more information, see [IDEs URLS](https://app.gitbook.com/s/ELvljsaLKPkSpffOkmsQ/regional-hosting-and-data-residency#ides-urls) on the [Regional hosting and data residency](https://app.gitbook.com/s/ELvljsaLKPkSpffOkmsQ/regional-hosting-and-data-residency) page.\
-Multi-tenant users who do not belong to the `SNYK-US-01` region will be automatically redirected to the correct domain for the email with which the user authenticated. The redirect will not occur for cases where the users are expected to use a custom URL, such as companies with single-tenant setups.
+If Snyk is hosting your data in a region other than `SNYK US-01`, you can set the custom endpoint in the IDE. For more information, see [IDEs URLS](https://app.gitbook.com/s/ELvljsaLKPkSpffOkmsQ/regional-hosting-and-data-residency#ides-urls) on the [Regional hosting and data residency](https://app.gitbook.com/s/ELvljsaLKPkSpffOkmsQ/regional-hosting-and-data-residency) page.\
+Snyk automatically redirects multi-tenant users who do not belong to the `SNYK-US-01` region to the correct domain for the email with which the user authenticated. The redirect does not occur for cases where the users are expected to use a custom URL, such as companies with single-tenant setups.
{% endhint %}
Snyk Security plugins and extensions find and fix security vulnerabilities and issues in Snyk Projects. This helps individual developers, open source contributors, and code maintainers to pass security reviews, avoid costly fixes later in development, and reduce time to develop and deliver secure code.
-The results of a vulnerability scan show issues with context, impact, and fix guidance in your IDE, where the fix for the vulnerability can be done right in the IDE itself.
+The results of a vulnerability scan show issues with context, impact, and fix guidance in your IDE, where you can fix the vulnerability directly.
The Snyk IDE plugins and extensions rely on the [Snyk CLI](../snyk-cli/) to perform many functions. For details, refer to the documentation for each IDE. When you are troubleshooting, it is always helpful to run the CLI for the same action with the debug option, `-d`.
diff --git a/developer-tools/snyk-ide-plugins-and-extensions/compatibility-matrix.md b/developer-tools/snyk-ide-plugins-and-extensions/compatibility-matrix.md
index 8dface07a40a..7875c9fe3b2f 100644
--- a/developer-tools/snyk-ide-plugins-and-extensions/compatibility-matrix.md
+++ b/developer-tools/snyk-ide-plugins-and-extensions/compatibility-matrix.md
@@ -1,4 +1,4 @@
-# IDE Plugin Compatibility Matrix
+# IDE plugin compatibility matrix
This matrix shows the compatible CLI version range for each IDE plugin version released in the past 12 months.
diff --git a/developer-tools/snyk-ide-plugins-and-extensions/eclipse-plugin/README.md b/developer-tools/snyk-ide-plugins-and-extensions/eclipse-plugin/README.md
index 14cdec4bba9b..957a3e93d28f 100644
--- a/developer-tools/snyk-ide-plugins-and-extensions/eclipse-plugin/README.md
+++ b/developer-tools/snyk-ide-plugins-and-extensions/eclipse-plugin/README.md
@@ -1,14 +1,14 @@
# Eclipse plugin
-## **Scan early, fix as you develop: elevate your security posture**
+## **Scan early, fix as you develop**
-Integrating security checks early in your development lifecycle helps you pass security reviews seamlessly and avoid expensive fixes down the line.
+Integrating security checks early in your development lifecycle helps you pass security reviews and avoid expensive fixes later.
-The Snyk Eclipse extension allows you to analyze your code, open-source dependencies, and Infrastructure as Code (IaC) configurations. With actionable insights directly in your IDE, you can address issues as they arise.
+The Snyk Eclipse extension lets you analyze your code, open-source dependencies, and Infrastructure as Code (IaC) configurations. With actionable insights directly in your IDE, you can address issues as they arise.
Key features:
-* In-line issue highlighting: Security issues are flagged directly within your code, categorized by type and severity for quick identification and resolution.
+* In-line issue highlighting: Snyk flags security issues directly within your code, categorized by type and severity for quick identification and resolution.
* Comprehensive scanning: The extension scans for a wide range of security issues, including:
* [Open Source Security](https://snyk.io/product/open-source-security-management/): Detects vulnerabilities and license issues in both direct and transitive open-source dependencies. Automated fix suggestions simplify remediation. Explore more in the [Snyk Open Source documentation](https://docs.snyk.io/scan-using-snyk/snyk-open-source).
* [Code Security](https://snyk.io/product/snyk-code/): Identifies security vulnerabilities in your custom code. Explore more in the [Snyk Code documentation](https://docs.snyk.io/scan-using-snyk/snyk-code).
diff --git a/developer-tools/snyk-ide-plugins-and-extensions/eclipse-plugin/authentication-for-the-eclipse-plugin.md b/developer-tools/snyk-ide-plugins-and-extensions/eclipse-plugin/authentication-for-the-eclipse-plugin.md
index 3e6675ad9ae8..56214e3b225b 100644
--- a/developer-tools/snyk-ide-plugins-and-extensions/eclipse-plugin/authentication-for-the-eclipse-plugin.md
+++ b/developer-tools/snyk-ide-plugins-and-extensions/eclipse-plugin/authentication-for-the-eclipse-plugin.md
@@ -16,7 +16,7 @@ After the plugin is installed, follow these steps to authenticate:
1. In the dialog that opens, set the Snyk API endpoint for a custom multi-tenant or single-tenant setup. For details, see [IDE URLs](https://app.gitbook.com/s/ELvljsaLKPkSpffOkmsQ/regional-hosting-and-data-residency#ides-urls).\
\
- Multi-tenant users who do not belong to the `SNYK-US-01` region ( `https://api.snyk.io`) will be automatically redirected to the correct domain for the email with which the user authenticated. This redirect will not happen if users are expected to use a custom URL, such as in single-tenant company configurations.\
+ Snyk automatically redirects multi-tenant users who do not belong to the `SNYK-US-01` region ( `https://api.snyk.io`) to the correct domain for the email with which the user authenticated. This redirect does not happen if users are expected to use a custom URL, such as in single-tenant company configurations.\
\
When you are finished with the settings on this page, click **Next**.
@@ -43,7 +43,7 @@ If you have problems, see [OAuth 2.0 authentication does not work](../troublesho
{% include "../../.gitbook/includes/this-method-is-inferior-to-....md" %}
{% hint style="warning" %}
-The Personal Access Token (PAT) authentication is progressively rolled out to all Enterprise customers. To check if this feature is available for your Organization at this time, please reach out to your Snyk account team.
+The Personal Access Token (PAT) authentication is progressively rolled out to all Enterprise customers. To check if this feature is available for your Organization at this time, contact your Snyk account team.
{% endhint %}
To authenticate using the Personal Access Token, follow these steps:
@@ -53,7 +53,7 @@ To authenticate using the Personal Access Token, follow these steps:
2. Set the **Authentication Method** to **Use Personal Access Token**.
-3. Click the **Connect IDE to Snyk** button.
+3. Click **Connect IDE to Snyk**.
4. Create your **Personal Access Token**. For details, see the [Authentication for API](../../snyk-api/authentication-for-api/) page.
5. Add the token in the **Token** field.
6. Click **Apply and Close**.
@@ -71,7 +71,7 @@ To authenticate using the API token, follow these steps:
2. Set the **Authentication Method** to **API token**.
-3. Click the **Connect IDE to Snyk** button.
+3. Click **Connect IDE to Snyk**.
4. Click **Authenticate** in the web browser window that opens.
diff --git a/developer-tools/snyk-ide-plugins-and-extensions/eclipse-plugin/configuration-of-the-eclipse-plugin.md b/developer-tools/snyk-ide-plugins-and-extensions/eclipse-plugin/configuration-of-the-eclipse-plugin.md
index f3c4ffadf990..06e39e0cfb83 100644
--- a/developer-tools/snyk-ide-plugins-and-extensions/eclipse-plugin/configuration-of-the-eclipse-plugin.md
+++ b/developer-tools/snyk-ide-plugins-and-extensions/eclipse-plugin/configuration-of-the-eclipse-plugin.md
@@ -9,10 +9,10 @@ You can set the following global configuration settings in the Snyk preferences.
Snyk preferences
* **Custom Endpoint**: Specify the Snyk API endpoint for a custom multi-tenant or single-tenant setup. If you are using `https://api.snyk.io`, no configuration is required. For details, see the list of [IDEs URLs](https://app.gitbook.com/s/ELvljsaLKPkSpffOkmsQ/regional-hosting-and-data-residency#ides-urls).\
- Multi-tenant users who do not belong to the `SNYK-US-01` region will be automatically redirected to the correct domain for the email with which the user authenticated. The redirect will not occur for cases where the users are expected to use a custom URL, such as companies with single-tenant setups.
+ Snyk automatically redirects multi-tenant users who do not belong to the `SNYK-US-01` region to the correct domain for the email with which the user authenticated. The redirect does not occur for cases where the users are expected to use a custom URL, such as companies with single-tenant setups.
* **Allow unknown certificate authorities**: Disable certificate checks for SSL connections.
-* **Authentication Method**: Select to override the default OAuth2 authentication in order to use a Snyk API token. Snyk recommends keeping this setting off because the default OAuth2 authentication is more secure.
-* **Connect to Snyk**: Launch the web-browser to authenticate. In case of Personal Access Tokens, it will redirect to the correct website where the token can be generated and copied from.
+* **Authentication Method**: Select to override the default OAuth2 authentication to use a Snyk API token. Snyk recommends keeping this setting off because the default OAuth2 authentication is more secure.
+* **Connect to Snyk**: Launch the web browser to authenticate. For Personal Access Tokens, it redirects to the correct website where you can generate and copy the token.
* **API Token or Personal Access Token**: Set the authentication token for Snyk.
* **Snyk Open Source enabled**: Enable or disable Snyk Open Source Dependency Scans through the Language Server. Default: `Enabled`.
* **Snyk Code Security enabled**: Enable or disable Snyk Code Security Issues through the Language Server. Default: `Disabled`.
diff --git a/developer-tools/snyk-ide-plugins-and-extensions/eclipse-plugin/eclipse-plugin-folder-trust.md b/developer-tools/snyk-ide-plugins-and-extensions/eclipse-plugin/eclipse-plugin-folder-trust.md
index 2c4475d2da97..83778564faa3 100644
--- a/developer-tools/snyk-ide-plugins-and-extensions/eclipse-plugin/eclipse-plugin-folder-trust.md
+++ b/developer-tools/snyk-ide-plugins-and-extensions/eclipse-plugin/eclipse-plugin-folder-trust.md
@@ -2,13 +2,13 @@
The Snyk plugin asks for folder trust before allowing scans to be run against new folders.
-When scanning for vulnerabilities, Snyk may automatically execute code such as invoking the package manager to get dependency information. You should only scan folders you trust.
+When scanning for vulnerabilities, Snyk might automatically execute code such as invoking the package manager to get dependency information. Scan only folders you trust.
Note that invoking a package manager (pip, Gradle, Maven, Yarn, npm, and so on) on untrusted code that has malicious configurations may expose your system to malicious code execution and exploits.
If in doubt, select **Don't trust folders**.
-After a trust is granted, Snyk will not ask for trust on the opened Project folder and its subfolders again. If you did not grant trust the first time, the plugin asks again the next time you restart your Eclipse instance.
+After you grant trust, Snyk does not ask for trust on the opened Project folder and its subfolders again. If you did not grant trust the first time, the plugin asks again the next time you restart your Eclipse instance.
To revoke an existing folder trust, you can navigate to the Snyk plugin preferences in Eclipse and edit the **Trusted Folders** setting to specify which paths are safe to scan.
diff --git a/developer-tools/snyk-ide-plugins-and-extensions/eclipse-plugin/environment-variables-for-the-eclipse-plugin.md b/developer-tools/snyk-ide-plugins-and-extensions/eclipse-plugin/environment-variables-for-the-eclipse-plugin.md
index cf5c7bdb9eca..e5941dd31467 100644
--- a/developer-tools/snyk-ide-plugins-and-extensions/eclipse-plugin/environment-variables-for-the-eclipse-plugin.md
+++ b/developer-tools/snyk-ide-plugins-and-extensions/eclipse-plugin/environment-variables-for-the-eclipse-plugin.md
@@ -1,17 +1,17 @@
# Environment variables for the Eclipse plugin
-To analyze open-source dependencies and IAC template files, the plugin uses the Snyk CLI. The CLI needs the following environment variables:
+To analyze open-source dependencies and IaC template files, the plugin uses the Snyk CLI. The CLI needs the following environment variables:
* `PATH`: The path to needed binaries, for example, to Maven. You can also adjust the `PATH` variable manually using the `Path` field in the settings dialog.
* `JAVA_HOME`: The path to the JDK you want to use to analyze Java dependencies.
* `http_proxy` and `https_proxy`: Proxy set using the value in the format `http://username:password@proxyhost:proxyport`.\
- Note that the leading `http://` in the value does not change to `https://` for an `https_proxy`. If you populate the proxy settings in Eclipse, the Snyk plugin will set the environment variables automatically for Language Server and CLI.
+ Note that the leading `http://` in the value does not change to `https://` for an `https_proxy`. If you populate the proxy settings in Eclipse, the Snyk plugin sets the environment variables automatically for Language Server and CLI.
Setting these variables only in a shell environment (for example, using `~/.bashrc`) is not enough, if you do not start Eclipse from the command line or create a script file that starts Eclipse using a shell environment.
* On Windows, set the variables using the GUI or on the command line using the [setx](https://docs.microsoft.com/en-us/windows-server/administration/windows-commands/setx) tool.
* On macOS, the process `launchd` needs to know the environment variables to launch Eclipse directly from the Finder. Set these environment variables using the `launchctl setenv` command, for example, on startup or using a script you launch at user login.\
- Note that providing environment variables to the macOS UI may change between operating system releases, so it can be easier to create a small shell script that launches the Eclipse app to leverage the shell environment. This can be defined using `~/.bashrc`.
+ Note that providing environment variables to the macOS UI may change between operating system releases, so it can be easier to create a small shell script that launches the Eclipse app to use the shell environment. This can be defined using `~/.bashrc`.
* On Linux, you can update the file `/etc/environment` to propagate the environment variables to the window manager and UI.
{% hint style="info" %}
diff --git a/developer-tools/snyk-ide-plugins-and-extensions/eclipse-plugin/misconfiguration-scanning-results-snyk-infrastructure-as-code.md b/developer-tools/snyk-ide-plugins-and-extensions/eclipse-plugin/misconfiguration-scanning-results-snyk-infrastructure-as-code.md
index 529bfdc69c18..ff8f45bd3846 100644
--- a/developer-tools/snyk-ide-plugins-and-extensions/eclipse-plugin/misconfiguration-scanning-results-snyk-infrastructure-as-code.md
+++ b/developer-tools/snyk-ide-plugins-and-extensions/eclipse-plugin/misconfiguration-scanning-results-snyk-infrastructure-as-code.md
@@ -3,7 +3,7 @@
In the Eclipse plugin version 2.0.0 and later, Snyk has enhanced integrations with the native flows of Eclipse: inline code highlights with displays of information about the issue on hover, and Eclipse Problems integrations. The following illustrates all of these for a high-severity security vulnerability found in a `js` file:
* The misconfiguration is highlighted in your code, with the underline color and icon adjacent to the line number indicating the severity of the issue. You can see detailed information and advice on how to resolve the misconfiguration by hovering over the highlighted code. The hover information is limited to the JavaEditor and GenericEditor, the latter being the default editor for plugins like Wild Web Developer.
-* Misconfigurations are displayed in the **Problems** view, which allows for filtering and grouping of issues. The line containing the issue is shown in the **Location** column. You can navigate to the issue in the code by clicking the issue in the list of problems.
+* Misconfigurations are displayed in the **Problems** view, which lets you filter and group issues. The line containing the issue is shown in the **Location** column. You can navigate to the issue in the code by clicking the issue in the list of problems.
Snyk IaC findings displayed in Eclipse
diff --git a/developer-tools/snyk-ide-plugins-and-extensions/eclipse-plugin/sast-scanning-results-sast-snyk-code.md b/developer-tools/snyk-ide-plugins-and-extensions/eclipse-plugin/sast-scanning-results-sast-snyk-code.md
index 01ac43dd45bb..b4a2ac3c6933 100644
--- a/developer-tools/snyk-ide-plugins-and-extensions/eclipse-plugin/sast-scanning-results-sast-snyk-code.md
+++ b/developer-tools/snyk-ide-plugins-and-extensions/eclipse-plugin/sast-scanning-results-sast-snyk-code.md
@@ -3,7 +3,7 @@
In the Eclipse plugin version 2.0.0 and later, Snyk has enhanced integrations with the native flows of Eclipse: inline code highlights with displays of information about the issue on hover, and Eclipse Problems integrations. The following illustrates all of these for a high-severity security vulnerability found in a `js` file.
* The security vulnerability is highlighted in your code, with the underline color and icon adjacent to the line number indicating the severity of the issue. You can see the vulnerability ID and detailed information by hovering over the highlighted code. The hover information is limited to the JavaEditor and GenericEditor, the latter being the default editor for plugins like Wild Web Developer.
-* Vulnerabilities are displayed in the **Problems** view, which allows for filtering and grouping issues. The line containing the issue is shown in the **Location** column. You can navigate to the issue in the code by clicking the issue in the list of problems.
+* Vulnerabilities are displayed in the **Problems** view, which lets you filter and group issues. The line containing the issue is shown in the **Location** column. You can navigate to the issue in the code by clicking the issue in the list of problems.
Snyk Code findings displayed in Eclipse
diff --git a/developer-tools/snyk-ide-plugins-and-extensions/eclipse-plugin/third-party-dependency-scanning-sca-snyk-open-source.md b/developer-tools/snyk-ide-plugins-and-extensions/eclipse-plugin/third-party-dependency-scanning-sca-snyk-open-source.md
index 7c6e039480bb..31712e5ccd05 100644
--- a/developer-tools/snyk-ide-plugins-and-extensions/eclipse-plugin/third-party-dependency-scanning-sca-snyk-open-source.md
+++ b/developer-tools/snyk-ide-plugins-and-extensions/eclipse-plugin/third-party-dependency-scanning-sca-snyk-open-source.md
@@ -3,7 +3,7 @@
In the Eclipse plugin version 2.0.0 and later, Snyk has enhanced integrations with the native flows of Eclipse: inline code highlights with displays of information about the issue on hover, and Eclipse Problems integrations. The following shows all of these for a high-severity security vulnerability found in a `js` file:
* The security vulnerability is highlighted in your code, with the underline color and icon adjacent to the line number indicating the severity of the issue. You can see the vulnerability ID and detailed information by hovering over the highlighted code. The hover information is limited to the JavaEditor and GenericEditor, the latter being the default editor for plugins like Wild Web Developer.
-* Vulnerabilities are displayed in the **Problems** view, which allows for filtering and grouping issues. The line containing the issue is shown in the **Location** column. You can navigate to the issue in the code by clicking the issue in the list of problems.
+* Vulnerabilities are displayed in the **Problems** view, which lets you filter and group issues. The line containing the issue is shown in the **Location** column. You can navigate to the issue in the code by clicking the issue in the list of problems.
Snyk Open Source issue displayed in Eclipse
@@ -15,4 +15,4 @@ To ignore an issue for 30 days, right-click the issue in the left panel of the *
You can enable monitoring for a Project to help spot new issues as they are reported. To do this, right-click a folder in the left panel of the **Snyk** view and select **Monitor project**.
-
Details for a Snyk Open Source issue dispilayed in the Snyk view
+
Details for a Snyk Open Source issue displayed in the Snyk view
diff --git a/developer-tools/snyk-ide-plugins-and-extensions/eclipse-plugin/troubleshooting-for-the-eclipse-plugin.md b/developer-tools/snyk-ide-plugins-and-extensions/eclipse-plugin/troubleshooting-for-the-eclipse-plugin.md
index 83662a33ce50..e2aeef010567 100644
--- a/developer-tools/snyk-ide-plugins-and-extensions/eclipse-plugin/troubleshooting-for-the-eclipse-plugin.md
+++ b/developer-tools/snyk-ide-plugins-and-extensions/eclipse-plugin/troubleshooting-for-the-eclipse-plugin.md
@@ -67,7 +67,7 @@ If you are facing issues installing Eclipse plugins, it might be due to the inco
6. Launch the Eclipse IDE by the usual method.
7. After Eclipse is launched, navigate to **Window** > **Preferences** > **Java** > **Installed JREs**.
8. Click on **Add** and select the **path to JDK 17 or higher version** installed on your system.
-9. Click **OK** and close the Preferences dialogue box.
+9. Click **OK** and close the Preferences dialog box.
You are now ready to install any Eclipse plugin of your choice.
@@ -79,20 +79,20 @@ Ensure you replace `C:\\\\Program Files\\\\Java\\\\jdk-17.0.1\\\\bin` with the a
## Application development and JDK version
-While running Eclipse with JDK 17 or a higher version can resolve issues related to plugin installation, it is important to note that it may not be compatible with all versions of Java used for developing applications. Depending on the specific requirements of your application, you may need to use a different version of Java, such as JDK 8 or 11, for development purposes. Be sure to consult the documentation and requirements for your application before making any changes to your Java environment.
+While running Eclipse with JDK 17 or a higher version can resolve issues related to plugin installation, it might not be compatible with all versions of Java used for developing applications. Depending on the specific requirements of your application, you may need to use a different version of Java, such as JDK 8 or 11, for development purposes. Be sure to consult the documentation and requirements for your application before making any changes to your Java environment.
Note also that while you can install multiple versions of JDK on your system, you can use only one version at a time. If you need to switch between different versions of JDK for different Projects, you must update the Eclipse configuration accordingly.
-To change the JDK version used by Eclipse for a specificProject, follow these steps:
+To change the JDK version used by Eclipse for a specific Project, follow these steps:
1. Open the Project in Eclipse.
2. Right-click on the Project and select **Properties**.
-3. In the Properties dialogue box, navigate to **Java Build Path** > **Libraries**.
+3. In the Properties dialog box, navigate to **Java Build Path** > **Libraries**.
4. Locate the **JRE System Library** and click on it to expand the options.
5. Click on **Edit** and select the desired JDK version from the list of installed JREs.
6. Click **Finish** to save the changes.
-By following these steps, you can easily switch between different JDK versions for different Projects in Eclipse. Ensure that you are using the correct version of JDK for each Project, as this can impact the compatibility and functionality of your application.
+By following these steps, you can switch between different JDK versions for different Projects in Eclipse. Ensure that you are using the correct version of JDK for each Project, as this can impact the compatibility and functionality of your application.
## Windows Defender warns of running a binary
diff --git a/developer-tools/snyk-ide-plugins-and-extensions/eclipse-plugin/use-the-snyk-plugin-to-secure-your-eclipse-projects.md b/developer-tools/snyk-ide-plugins-and-extensions/eclipse-plugin/use-the-snyk-plugin-to-secure-your-eclipse-projects.md
index be5cbcb2b71d..c8b7a03edcd3 100644
--- a/developer-tools/snyk-ide-plugins-and-extensions/eclipse-plugin/use-the-snyk-plugin-to-secure-your-eclipse-projects.md
+++ b/developer-tools/snyk-ide-plugins-and-extensions/eclipse-plugin/use-the-snyk-plugin-to-secure-your-eclipse-projects.md
@@ -1,6 +1,6 @@
# Use the Snyk plugin to secure your Eclipse projects
-After the Eclipse plugin is downloaded and authentication is complete, the plugin starts the workspace scan. You may notice a confirmation that a workspace scan is starting. Alternatively, you can trigger a workspace scan from the context menu of your Project, or from the Snyk View.
+After the Eclipse plugin is downloaded and authentication is complete, the plugin starts the workspace scan. You might notice a confirmation that a workspace scan is starting. Alternatively, you can trigger a workspace scan from the context menu of your Project, or from the Snyk View.
Starting workspace scan
@@ -22,7 +22,7 @@ To hide low-severity issues, navigate to **View** > **Severity** and clear **Low
Severity filters in the View menu
-## Issue View Options
+## Issue view options
[Code Consistent Ignores](https://app.gitbook.com/s/BJO0IZx7zB6bOkotxQP2/fix/prioritize-issues-for-fixing/ignore-issues/consistent-ignores-for-snyk-code) filters issues to help teams focus on critical tasks. After you create an ignore, Snyk applies it to all tests and branches.
@@ -36,7 +36,7 @@ These filters do not apply if you disable **Code Consistent Ignores** for the Or
Starting with version 3.1.0, it is possible to see only newly introduced issues.
-This functionality reduces noise and allows you to focus only on current changes. This helps prevent issues early, thus unblocking your CI/CD pipeline and speeding up your deliveries.
+This functionality reduces noise and lets you focus only on current changes. This helps prevent issues early, so it unblocks your CI/CD pipeline and speeds up your deliveries.
The logic uses your local Git repository or any folder to compare the current findings with those in a base branch or reference folder. Net new issues scanning (delta scanning) shows you the difference between the two branches or folders, highlighting only the new issues.
@@ -46,13 +46,13 @@ To apply the filter and see only the new issues, use the **total**/**new** toggl
Activate Net new issues in the dot menu of the Snyk View
-For newly created feature branches, there will be no reported issues. That is an intended state that developers would aim for, as illustrated in the screen image that follows:
+For newly created feature branches, there are no reported issues. That is an intended state that developers aim for, as illustrated in the screen image that follows:
No new issues introduced in a newly created branch
The base branch is usually automatically determined for each Git repository.
-You may change the base branch or base folder by following these steps, as illustrated in the screen image that follows:
+You can change the base branch or base folder by following these steps, as illustrated in the screen image that follows:
1. Toggle the **total**/**new** filter in the summary panel.
2. Click on the top-level node in the Issues tree to change the branch or directory.
diff --git a/developer-tools/snyk-ide-plugins-and-extensions/jetbrains-plugin/README.md b/developer-tools/snyk-ide-plugins-and-extensions/jetbrains-plugin/README.md
index 372ba622baa5..2412d66d8527 100644
--- a/developer-tools/snyk-ide-plugins-and-extensions/jetbrains-plugin/README.md
+++ b/developer-tools/snyk-ide-plugins-and-extensions/jetbrains-plugin/README.md
@@ -1,14 +1,14 @@
# JetBrains plugin
-## **Scan early, fix as you develop: elevate your security posture**
+## **Scan early, fix as you develop**
-Integrating security checks early in your development lifecycle helps you pass security reviews seamlessly and avoid expensive fixes down the line.
+Integrating security checks early in your development lifecycle helps you pass security reviews and avoid expensive fixes later.
-The Snyk JetBrains plugin allows you to analyze your code, open-source dependencies and Infrastructure as Code (IaC) configurations. With actionable insights directly in your IDE, you can address issues as they arise.
+The Snyk JetBrains plugin lets you analyze your code, open-source dependencies, and Infrastructure as Code (IaC) configurations. With actionable insights directly in your IDE, you can address issues as they arise.
Key features:
-* In-line issue highlighting: Security issues are flagged directly within your code, categorized by type and severity for quick identification and resolution.
+* In-line issue highlighting: Snyk flags security issues directly within your code, categorized by type and severity for quick identification and resolution.
* Comprehensive scanning: The extension scans for a wide range of security issues, including:
* [Open Source Security](https://snyk.io/product/open-source-security-management/): Detects vulnerabilities and license issues in both direct and transitive open-source dependencies. Automated fix suggestions simplify remediation. Explore more in the [Snyk Open Source documentation](https://docs.snyk.io/scan-using-snyk/snyk-open-source).
* [Code Security](https://snyk.io/product/snyk-code/): Identifies security vulnerabilities in your custom code. Explore more in the [Snyk Code documentation](https://docs.snyk.io/scan-using-snyk/snyk-code).
diff --git a/developer-tools/snyk-ide-plugins-and-extensions/jetbrains-plugin/authentication-for-the-jetbrains-plugins.md b/developer-tools/snyk-ide-plugins-and-extensions/jetbrains-plugin/authentication-for-the-jetbrains-plugins.md
index 972b8d6704c4..9b81ab0ab2f2 100644
--- a/developer-tools/snyk-ide-plugins-and-extensions/jetbrains-plugin/authentication-for-the-jetbrains-plugins.md
+++ b/developer-tools/snyk-ide-plugins-and-extensions/jetbrains-plugin/authentication-for-the-jetbrains-plugins.md
@@ -39,7 +39,7 @@ If you have problems, see [OAuth 2.0 authentication does not work](../troublesho
{% include "../../.gitbook/includes/this-method-is-inferior-to-....md" %}
{% hint style="warning" %}
-The Personal Access Token (PAT) authentication is progressively rolled out to all Enterprise customers. To check if this feature is available for your Organization at this time, please reach out to your Snyk account team.
+The Personal Access Token (PAT) authentication is progressively rolled out to all Enterprise customers. To check if this feature is available for your Organization at this time, contact your Snyk account team.
{% endhint %}
To authenticate using the Personal Access token, follow these steps:
@@ -48,7 +48,7 @@ To authenticate using the Personal Access token, follow these steps:
2. Set the **Authentication Method** to **Use Personal Access Token**.
-3. Click the **Connect IDE to Snyk** button.
+3. Click **Connect IDE to Snyk**.
4. Create your **Personal Access Token**. For details, see the [Authentication for API](../../snyk-api/authentication-for-api/) page.
5. Add the token in the **Token** field.
6. Click **Apply and Close**.
@@ -63,7 +63,7 @@ To authenticate, follow these steps:
2. Set the **Authentication Method** to **API token**.
-3. Click the **Connect IDE to Snyk** button.
+3. Click **Connect IDE to Snyk**.
4. Click **Authenticate** in the web browser window that opens.
diff --git a/developer-tools/snyk-ide-plugins-and-extensions/jetbrains-plugin/configuration-for-the-snyk-jetbrains-plugin-and-ide-proxy.md b/developer-tools/snyk-ide-plugins-and-extensions/jetbrains-plugin/configuration-for-the-snyk-jetbrains-plugin-and-ide-proxy.md
index 9f2c6103b488..44e9d963054e 100644
--- a/developer-tools/snyk-ide-plugins-and-extensions/jetbrains-plugin/configuration-for-the-snyk-jetbrains-plugin-and-ide-proxy.md
+++ b/developer-tools/snyk-ide-plugins-and-extensions/jetbrains-plugin/configuration-for-the-snyk-jetbrains-plugin-and-ide-proxy.md
@@ -1,7 +1,7 @@
# Configuration for the Snyk JetBrains plugin and IDE proxy
{% hint style="info" %}
-Snyk is moving to a [new unified configuration dialog](../unified-ide-configuration-dialog-experimental.md) which is currently available via opt-in.
+Snyk is moving to a [new unified configuration dialog](../unified-ide-configuration-dialog-experimental.md), which is available through opt-in.
{% endhint %}
Navigate to **Preferences** > **Tools** > **Snyk** to set the following configurations for the plugin:
@@ -12,7 +12,7 @@ Navigate to **Preferences** > **Tools** > **Snyk** to set the following configur
* **Authentication method**: Specify whether to authenticate with OAuth2 or with an API token. `OAuth2` is the default
* **Token**: Set the token to use for authentication with Snyk. For details, see [Authentication for the JetBrains plugins](authentication-for-the-jetbrains-plugins.md).
-* **Custom endpoint**: Specify the Snyk API endpoint for a custom multi-tenant or single-tenant setup. If you are using `https://api.snyk.io`, no configuration is required. For details, see the list of [IDE URLs](https://app.gitbook.com/s/ELvljsaLKPkSpffOkmsQ/regional-hosting-and-data-residency#ides-urls).\
+* **Custom endpoint**: Specify the Snyk API endpoint for a custom multi-tenant or single-tenant setup. If you are using `https://api.snyk.io`, no configuration is needed. For details, see the list of [IDE URLs](https://app.gitbook.com/s/ELvljsaLKPkSpffOkmsQ/regional-hosting-and-data-residency#ides-urls).\
Multi-tenant users who do not belong to the `SNYK-US-01` region are automatically redirected to the domain for the email with which the user authenticated. The redirect does not occur for cases where the users are expected to use a custom URL, such as companies with single-tenant setups.
* **Ignore unknown CA**: Ignore the SSL cert, if needed.
* **Organization**: Set the Organization to run `snyk test` against (similar to the `--org=` option in the CLI). Snyk recommends using the `ORG_ID`. If you specify an Organization slug name, the value must match the URL slug as displayed in the URL of your Organization in the Snyk Web UI: `https://app.snyk.io/org/[orgslugname]`.\
@@ -39,7 +39,7 @@ Navigate to **Preferences** > **Tools** > **Snyk** to set the following configur
## Executable settings
-These options allow you to customize the handling of the plugin dependency on Snyk CLI.
+These options let you customize the handling of the plugin dependency on Snyk CLI.
* **Base URL to download the CLI**: Allow specifying an alternative download location of the CLI. This location must conform to the same file and folder layout as `https://downloads.snyk.io`. For example, FIPS-supported CLIs would use the base URL `https://static.snyk.io/fips`.
* **Path to Snyk CLI**: Allow changing the file path of the Snyk CLI.
diff --git a/developer-tools/snyk-ide-plugins-and-extensions/jetbrains-plugin/jetbrains-plugin-folder-trust.md b/developer-tools/snyk-ide-plugins-and-extensions/jetbrains-plugin/jetbrains-plugin-folder-trust.md
index 2ffceed35dda..e2c7b14e065d 100644
--- a/developer-tools/snyk-ide-plugins-and-extensions/jetbrains-plugin/jetbrains-plugin-folder-trust.md
+++ b/developer-tools/snyk-ide-plugins-and-extensions/jetbrains-plugin/jetbrains-plugin-folder-trust.md
@@ -2,10 +2,10 @@
Snyk Open Source may automatically execute code on your computer to obtain additional data for analysis. This includes invoking the package manager, for example, pip, Gradle, Maven, Yarn, npm, and so on, to get dependency information. Invoking these programs on untrusted code that has malicious configurations may expose your system to malicious code execution and exploits.
-To safeguard against using the extension on untrusted Projects, the Snyk plugin asks for Project trust before allowing you to run any scans against your code. When in doubt, do not proceed with a scan.
+To safeguard against using the extension on untrusted Projects, the Snyk plugin asks for Project trust before you can run any scans against your code. When in doubt, do not proceed with a scan.
Snyk extension prompt to trust a project
-After a single Project trust is granted, Snyk will not ask for trust on the opened Project folder and its subfolders again. To revoke an existing folder trust, manually edit the `TRUSTED_PATHS` option in the `snyk.settings.xml` located in the [JetBrains IDE configuration options directory](https://www.jetbrains.com/help/idea/directories-used-by-the-ide-to-store-settings-caches-plugins-and-logs.html#config-directory).
+After you grant a single Project trust, Snyk does not ask for trust on the opened Project folder and its subfolders again. To revoke an existing folder trust, manually edit the `TRUSTED_PATHS` option in the `snyk.settings.xml` located in the [JetBrains IDE configuration options directory](https://www.jetbrains.com/help/idea/directories-used-by-the-ide-to-store-settings-caches-plugins-and-logs.html#config-directory).
Snyk recommends using the built-in [Trusted Projects](https://plugins.jetbrains.com/docs/intellij/trusted-projects.html) provided in the IntelliJ platform version 2021.2.4/2021.3.1 and higher for an extra layer of security.
diff --git a/developer-tools/snyk-ide-plugins-and-extensions/jetbrains-plugin/run-an-analysis-with-the-jetbrains-plugin.md b/developer-tools/snyk-ide-plugins-and-extensions/jetbrains-plugin/run-an-analysis-with-the-jetbrains-plugin.md
index 2084b35df853..28bf25812e2c 100644
--- a/developer-tools/snyk-ide-plugins-and-extensions/jetbrains-plugin/run-an-analysis-with-the-jetbrains-plugin.md
+++ b/developer-tools/snyk-ide-plugins-and-extensions/jetbrains-plugin/run-an-analysis-with-the-jetbrains-plugin.md
@@ -9,7 +9,7 @@ You can trigger `snyk test` using one of these methods:
* automatic (default)
* manual
-A Snyk scan is triggered automatically when you open your Project and when you save any supported files. This behavior can be turned off in [user experience configuration](configuration-for-the-snyk-jetbrains-plugin-and-ide-proxy.md#user-experience).
+Snyk triggers a scan automatically when you open your Project and when you save any supported files. You can turn off this behavior in the [user experience configuration](configuration-for-the-snyk-jetbrains-plugin-and-ide-proxy.md#user-experience).
{% hint style="info" %}
Ensure your files are saved before manually running an analysis.
@@ -25,7 +25,7 @@ To manually trigger `snyk test` , as illustrated in the following screen image:
## Scan configuration
-You may customize your scan behavior to reflect the security policy of your company or to focus on certain areas.
+You can customize your scan behavior to reflect the security policy of your company or to focus on certain areas.
### Severity filter
@@ -55,7 +55,7 @@ Snyk reports the following types of issues:
* Container issues: found in images sourced from Kubernetes workload files. For details, see the section [Snyk Container issues](run-an-analysis-with-the-jetbrains-plugin.md#snyk-container-issues).
{% hint style="info" %}
-The exact capabilities and available scanners depend on your plan. Be sure your Organization's admin has enabled all Snyk products prior to configuring any of them in the IDE plugin.
+The exact capabilities and available scanners depend on your plan. Ensure your Organization admin has enabled all Snyk products before you configure any of them in the IDE plugin.
{% endhint %}
There are two ways to show or hide specific issue types:
@@ -71,7 +71,7 @@ By default, all issue types shown are selected.
Beginning with plugin version [2.10.0](https://plugins.jetbrains.com/plugin/10972-snyk-security/versions/stable/623034), it is possible to see only newly introduced issues.
-This functionality reduces noise and allows you to focus only on current changes. This will prevent issues early, thus unblocking your CI/CD pipeline and speeding up your deliveries.
+This functionality reduces noise and lets you focus only on current changes. It prevents issues early, so it unblocks your CI/CD pipeline and speeds up your deliveries.
The logic uses your local Git repository or any folder to compare the current findings with those in a base branch or reference folder. Net new issues scanning (delta scanning) shows you the difference between the two branches or folders, highlighting only the new issues.
@@ -79,11 +79,11 @@ In plugin version 2.12.0 and later, you can choose any folder as your base for s
To apply the filter and see only the new issues, use the toggle in the summary panel.
-
Summary panel toggle showing the the total number of issues and the number of issues in the checked out branch or current folder or new issues only
+
Summary panel toggle showing the total number of issues and the number of issues in the checked out branch or current folder or new issues only
You can also enable the net new issues feature in the [scan configuration](run-an-analysis-with-the-jetbrains-plugin.md#scan-configuration) settings.\
\
-For newly created feature branches, there will be no reported issues. That is an intended state that developers would aim for, as illustrated in the screen image that follows:
+For newly created feature branches, there are no reported issues. That is an intended state that developers would aim for, as illustrated in the screen image that follows:
Successful state, no net new issues found
@@ -96,7 +96,7 @@ You can change the base branch or base folder by following these steps, as illus
1. Click on the top-level node in the issues tree.
2. Use the dropdown selection.
3. Choose any branch.
-4. Click OK to save the selection.
+4. Click **OK** to save the selection.
Choosing the base branch or folder
@@ -107,7 +107,7 @@ You can change the base branch or base folder by following these steps, as illus
Snyk Code analysis shows a list of security vulnerabilities and code quality issues found in your application code.
{% hint style="info" %}
-Effective beginning on June 24, 2025, Snyk Code Quality issues will no longer be provided.
+Effective beginning on June 24, 2025, Snyk no longer provides Snyk Code Quality issues.
{% endhint %}
For more details and examples of fixes others used to fix the issue, select the security vulnerability or the code security issue.
diff --git a/developer-tools/snyk-ide-plugins-and-extensions/jetbrains-plugin/troubleshooting-for-the-jetbrains-plugin.md b/developer-tools/snyk-ide-plugins-and-extensions/jetbrains-plugin/troubleshooting-for-the-jetbrains-plugin.md
index 947b98e44524..3fc65ec163c4 100644
--- a/developer-tools/snyk-ide-plugins-and-extensions/jetbrains-plugin/troubleshooting-for-the-jetbrains-plugin.md
+++ b/developer-tools/snyk-ide-plugins-and-extensions/jetbrains-plugin/troubleshooting-for-the-jetbrains-plugin.md
@@ -10,7 +10,7 @@ Snyk plugins are not supported on any operating system that has reached End Of L
When you enable `debug`, your code may be logged in the IDE log files, for example, the `idea.log` file.
{% endhint %}
-To enable Snyk Language Server debug logs in the JetBrains IDEs, change the log level to debug using the IDE by navigating to Debug Log Settings (Custom Debug Log Configuration).
+To enable Snyk Language Server debug logs in the JetBrains IDEs, change the log level to debug in the IDE by navigating to **Debug Log Settings** (**Custom Debug Log Configuration**).
Press the Shift key twice quickly and select the **Actions** tab. Then search for **Debug**. Alternatively, select the Debug Log Settings in the menu (not available in JetBrains Rider).
@@ -18,7 +18,7 @@ Press the Shift key twice quickly and select the **Actions** tab. Then search fo
Go to Custom Debug Log Configuration from Debug Log Settings
-Entering `Snyk Language Server` on its own line will enable debug logging of the Language Server. Restart the IDE to reload the Snyk Language Server with the new debug level logging enabled.
+Entering `Snyk Language Server` on its own line enables debug logging of the Language Server. Restart the IDE to reload the Snyk Language Server with the new debug level logging enabled.
Snyk Language Server configuration set to Debug Mode in the Custom Debug Log Configuration
@@ -35,13 +35,13 @@ See the [JetBrains documentation](https://www.jetbrains.com/help/idea/ssl-certif
Sometimes the checkboxes for Snyk Code in the JetBrains plugin are disabled. Some possible reasons follow:
* Network or proxy settings: If the network or proxy settings are not configured correctly, the checkboxes may be disabled. Check to see if there is an MITM proxy with certificate substitution. Also, verify whether connections to the endpoint API and deeproxy can be established using other tools, for example, the CLI or cURL.
-* Incorrect endpoint address. If the endpoint address in the Snyk Code plugin configuration is incorrect, the checkboxes will be disabled. To fix this, refer to the instructions and check that the endpoint address is correct. Restart the plugin afterwards.
-* Snyk Code is disabled server-side: If Snyk Code is disabled in the Snyk Organisation's settings, the checkboxes will be disabled. To fix this, follow the instructions shown in the IntelliJ settings. Restart your IDE.
+* Incorrect endpoint address. If the endpoint address in the Snyk Code plugin configuration is incorrect, the checkboxes are disabled. To fix this, refer to the instructions and check that the endpoint address is correct. Restart the plugin afterwards.
+* Snyk Code is disabled server-side: If Snyk Code is disabled in the Snyk Organization settings, the checkboxes are disabled. To fix this, follow the instructions shown in the IntelliJ settings. Restart your IDE.
* Have a look at the JetBrains logs: For additional information, see [Locating IDE log files](https://intellij-support.jetbrains.com/hc/en-us/articles/207241085-Locating-IDE-log-files).
## Undefined Python version
-Snyk uses Python in order to scan and find your dependencies.
+Snyk uses Python to scan and find your dependencies.
If you are using multiple Python versions, use the `--command` option to specify the correct Python command for execution. The plugin does not detect the Python version associated with the Project.
@@ -79,7 +79,7 @@ The `NullPointerException: Cannot read field "objId" because "robj" is null` enc
The most effective and recommended path to resolution is as follows:
-As of Android Studio Koala (2024.1.1), JCEF (Java Chromium Embedded Framework) is included but not enabled by default. To utilize JCEF features, you need to manually enable it by following these steps:
+As of Android Studio Koala (2024.1.1), JCEF (Java Chromium Embedded Framework) is included but not enabled by default. To use JCEF features, you need to manually enable it by following these steps:
#### Step 1: Disable the JCEF Sandbox
@@ -103,7 +103,7 @@ As of Android Studio Koala (2024.1.1), JCEF (Java Chromium Embedded Framework) i
Apply the IntelliJ IDEA VM option `-Dide.browser.jcef.out-of-process.enabled=false` to revert to the in-process JCEF mode, which is known to bypass the bug described in IJPL-186252.
-It is also advisable to keep IntelliJ IDEA updated to the latest patch release of version 2025.1.x or later, as future updates may include a permanent fix for IJPL-186252, rendering plugin-specific workarounds or manual VM option adjustments unnecessary. The dynamic between IDE platforms and their extensive plugin ecosystems often involves such diagnostic and adaptive challenges, where changes at one layer necessitate responses and adjustments at others to maintain overall system stability and user experience.
+It is also advisable to keep IntelliJ IDEA updated to the latest patch release of version 2025.1.x or later, as future updates may include a permanent fix for IJPL-186252, rendering plugin-specific workarounds or manual VM option adjustments unnecessary.
## How Snyk Container and Kubernetes JetBrains integration works
diff --git a/developer-tools/snyk-ide-plugins-and-extensions/release-and-support-policy-for-snyk-ide-plugins.md b/developer-tools/snyk-ide-plugins-and-extensions/release-and-support-policy-for-snyk-ide-plugins.md
index 7d93cd727362..fb0e15463b1f 100644
--- a/developer-tools/snyk-ide-plugins-and-extensions/release-and-support-policy-for-snyk-ide-plugins.md
+++ b/developer-tools/snyk-ide-plugins-and-extensions/release-and-support-policy-for-snyk-ide-plugins.md
@@ -26,12 +26,10 @@ Examples of **breaking** changes include the following:
## Support policy
-Snyk supports the latest 12 months of plugin versions, ensuring functionality and performance. Older versions are considered End-of-Support (EOS) and will not receive bug fixes or troubleshooting.
+Snyk supports the latest 12 months of plugin versions, ensuring functionality and performance. Older versions are considered End-of-Support (EOS) and do not receive bug fixes or troubleshooting.
Snyk provides fixes only in new versions and cannot fix older versions. Customers must upgrade to benefit from improvements.
-This policy fosters innovation while optimizing resources.
-
If you need help, submit a [request](https://support.snyk.io) to Snyk Support.
## Preview builds
diff --git a/developer-tools/snyk-ide-plugins-and-extensions/snyk-language-server/README.md b/developer-tools/snyk-ide-plugins-and-extensions/snyk-language-server/README.md
index 0e170d2b577a..457c6fd8e508 100644
--- a/developer-tools/snyk-ide-plugins-and-extensions/snyk-language-server/README.md
+++ b/developer-tools/snyk-ide-plugins-and-extensions/snyk-language-server/README.md
@@ -1,6 +1,6 @@
# Snyk Language Server
-Snyk offers IDE integrations that allow you to use the functionality of Snyk in your Integrated Development Environment or Editor. This page describes the Snyk Language Server that can provide diagnostics for any IDE or Editor that supports the [Language Server Protocol](https://microsoft.github.io/language-server-protocol/). For information about all of the IDE plugins and extensions and their use, see [Snyk IDE plugins and extensions](../).
+Snyk offers IDE integrations that let you use the functionality of Snyk in your Integrated Development Environment or Editor. This page describes the Snyk Language Server that can provide diagnostics for any IDE or Editor that supports the [Language Server Protocol](https://microsoft.github.io/language-server-protocol/). For information about all of the IDE plugins and extensions and their use, see [Snyk IDE plugins and extensions](../).
The Snyk Language Server scans for vulnerabilities, open-source license issues, and infrastructure misconfigurations and returns results with security issues categorized by issue type and severity.
@@ -31,9 +31,9 @@ You can use the Language Server in the following environments:
## Where you can download the Language Server (Snyk CLI)
-Snyk Language Server is nowadays included in the Snyk CLI. The CLI is automatically downloaded only when you use the Snyk IDE plugins.
+Snyk Language Server is now included in the Snyk CLI. Snyk downloads the CLI automatically only when you use the Snyk IDE plugins.
-Please refer to [snyk-cli](../../snyk-cli/ "mention") for installation and manual download instructions.
+Refer to [snyk-cli](../../snyk-cli/ "mention") for installation and manual download instructions.
## Usage of Snyk Language Server
@@ -91,7 +91,7 @@ For all .NET Projects, Snyk recommends adding the `--all-projects` additional pa
## **Authentication for Snyk Language Server**
-When Snyk Language Server starts, it checks for a token in the initializationOption `token`. If a token is not there, Snyk Language Server tries to retrieve and authenticate.. If the CLI is not authenticated either, Snyk Language Server opens a browser window to authenticate. After successful authentication in the web browser, Snyk Language Server, in case of OAuth2 or API token authentication methods, automatically retrieves the Snyk authentication token from the CLI, but only for the session.
+When Snyk Language Server starts, it checks for a token in the initializationOption `token`. If a token is not there, Snyk Language Server tries to retrieve and authenticate. If the CLI is not authenticated either, Snyk Language Server opens a browser window to authenticate. After successful authentication in the web browser, Snyk Language Server, in case of OAuth2 or API token authentication methods, automatically retrieves the Snyk authentication token from the CLI, but only for the session.
## **Environment variables for Snyk Language Server**
@@ -112,14 +112,14 @@ given config file via -c flag
$HOME/.snyk.env
```
-Any lines that contain an environment variable in the format `VARIABLENAME=VARIABLEVALUE` are added automatically to the environment if not already there. This adheres to the `dotenv` format. In the case of `.profile`, `.zshrc`and so on, if a variable is directly exported, for example, via `export VARIABLENAME=VARIABLEVALUE`, it is not loaded. The export would need to be split of and be in its own line, for example
+Any lines that contain an environment variable in the format `VARIABLENAME=VARIABLEVALUE` are added automatically to the environment if not already there. This adheres to the `dotenv` format. In the case of `.profile`, `.zshrc`and so on, if a variable is directly exported, for example, via `export VARIABLENAME=VARIABLEVALUE`, it is not loaded. The export would need to be split off and be in its own line, for example
```bash
VARIABLENAME=VARIABLEVALUE
export VARIABLENAME
```
-The PATH variable is treated differently frrom all other variables, as it is an aggregate of all PATH variables found in the files and in the environment. Also, the current working directory `.` is automatically added to the path, so a download of the Snyk CLI into the current working directory by an LSP client would yield a found Snyk CLI for the Language Server.
+The PATH variable is treated differently from all other variables, as it is an aggregate of all PATH variables found in the files and in the environment. Also, the current working directory `.` is automatically added to the path, so a download of the Snyk CLI into the current working directory by an LSP client would yield a found Snyk CLI for the Language Server.
In addition to configuring variables via config files, Snyk Language Server adds the following directories to the path on Linux and macOS:
@@ -150,7 +150,7 @@ The trust feature is enabled by default. When a folder is trusted, all sub-folde
Trust dialogs can be disabled by setting `enableTrustedFoldersFeature` to `false` in the initialization options. This disables all trust prompts and checks.
-An initial set of trusted folders can be provided by setting `trustedFolders` to an array of paths in the `initializationOptions`. These folders will be trusted on startup and will not prompt the user to trust them.
+You can provide an initial set of trusted folders by setting `trustedFolders` to an array of paths in the `initializationOptions`. Snyk trusts these folders on startup and does not prompt the user to trust them.
## Telemetry
@@ -158,10 +158,8 @@ Snyk collects telemetry from IDE plugins and CLI. For details, see [IDE and CLI
## Support policy for Snyk Language Server
-Snyk supports the latest 12 months of LS versions, ensuring functionality and performance. Older versions are considered End-of-Support (EOS) and will not receive bug fixes or troubleshooting.
+Snyk supports the latest 12 months of LS versions, ensuring functionality and performance. Older versions are considered End-of-Support (EOS) and do not receive bug fixes or troubleshooting.
Snyk only provides fixes in new versions and cannot fix older versions. Customers must upgrade to benefit from improvements.
-This policy fosters innovation while optimizing resources.
-
If you need help, submit a [request](https://support.snyk.io) to Snyk Support.
diff --git a/developer-tools/snyk-ide-plugins-and-extensions/snyk-language-server/example-configurations-for-snyk-language-server.md b/developer-tools/snyk-ide-plugins-and-extensions/snyk-language-server/example-configurations-for-snyk-language-server.md
index 62e8c180bb91..090504ba0b97 100644
--- a/developer-tools/snyk-ide-plugins-and-extensions/snyk-language-server/example-configurations-for-snyk-language-server.md
+++ b/developer-tools/snyk-ide-plugins-and-extensions/snyk-language-server/example-configurations-for-snyk-language-server.md
@@ -32,7 +32,7 @@
}
```
-After opening a supported file, the Language Server should be started by Sublime Text and findings will be highlighted.
+After you open a supported file, Sublime Text starts the Language Server and highlights findings.
.png>)
@@ -44,7 +44,7 @@ After opening a supported file, the Language Server should be started by Sublime
If the project root directory cannot be obtained from Git information, this script tries to set the root directory to your home directory by `vim.loop.os_homedir().` Depending on the contents of your home directory, this may consume a large amount of memory. If this happens, set an alternative root directory for your environment.
{% endhint %}
-The set up is as follows:
+The setup is as follows:
```
mkdir -p ~/.config/nvim
diff --git a/developer-tools/snyk-ide-plugins-and-extensions/troubleshooting-ides/error-executing-binary-because-of-corporate-policy-windows.md b/developer-tools/snyk-ide-plugins-and-extensions/troubleshooting-ides/error-executing-binary-because-of-corporate-policy-windows.md
index 08870f6270e6..0dd68470c306 100644
--- a/developer-tools/snyk-ide-plugins-and-extensions/troubleshooting-ides/error-executing-binary-because-of-corporate-policy-windows.md
+++ b/developer-tools/snyk-ide-plugins-and-extensions/troubleshooting-ides/error-executing-binary-because-of-corporate-policy-windows.md
@@ -8,4 +8,4 @@ Snyk is trying to run files from AppData but that is not allowed under the custo
As part of operations of the Snyk CLI, it extracts different files and executables to a temporary folder, which for Windows is located in `C:\Users\\\\AppData\\`.
-If running files from this location is not allowed by group policy or other security restrictions, set the environment variable `SNYK_CACHE_PATH` on each machine. This will override the directory Snyk uses for the cache.
+If running files from this location is not allowed by group policy or other security restrictions, set the environment variable `SNYK_CACHE_PATH` on each machine. This overrides the directory Snyk uses for the cache.
diff --git a/developer-tools/snyk-ide-plugins-and-extensions/troubleshooting-ides/force-use-of-the-latest-language-server.md b/developer-tools/snyk-ide-plugins-and-extensions/troubleshooting-ides/force-use-of-the-latest-language-server.md
index df563d03b007..aa20d6b241f0 100644
--- a/developer-tools/snyk-ide-plugins-and-extensions/troubleshooting-ides/force-use-of-the-latest-language-server.md
+++ b/developer-tools/snyk-ide-plugins-and-extensions/troubleshooting-ides/force-use-of-the-latest-language-server.md
@@ -3,14 +3,14 @@
Follow these steps to force the use of the latest Snyk Language Server:
* Update the Snyk plugin or extension to the latest version. Using the latest version of the plugin ensures that you can update to the most recent version of the language server. The plugin update alone does NOT update the language server.
-* Look up the Snyk Language Server binary path (`snyk-ls*`) or the Snyk CLI binary path in the Snyk Settings of the plugin. You must know the path of the binary file in order to delete it. Follow these instructions depending on IDE:
+* Look up the Snyk Language Server binary path (`snyk-ls*`) or the Snyk CLI binary path in the Snyk Settings of the plugin. You must know the path of the binary file to delete it. Follow these instructions depending on IDE:
* [VS Code](../visual-studio-code-extension/visual-studio-code-extension-configuration-environment-variables-and-proxy.md)
* [JetBrains](../jetbrains-plugin/configuration-for-the-snyk-jetbrains-plugin-and-ide-proxy.md)
* [Visual Studio](../visual-studio-extension/visual-studio-extension-configuration-environment-variables-and-proxy.md)
* [Eclipse](../eclipse-plugin/configuration-of-the-eclipse-plugin.md)
* Delete the binary from that path.
-* Enable **Automatic Management of dependencies** in the Snyk Settings or download the latest language server from [GitHub](https://github.com/snyk/snyk-ls) or use the [getLanguageServer.sh](https://github.com/snyk/snyk-ls/blob/main/getLanguageServer.sh) . If you enable **Automatic** **Management of dependencies**, the latest language server will be downloaded automatically.
+* Enable **Automatic Management of dependencies** in the Snyk Settings or download the latest language server from [GitHub](https://github.com/snyk/snyk-ls) or use the [getLanguageServer.sh](https://github.com/snyk/snyk-ls/blob/main/getLanguageServer.sh) . If you enable **Automatic** **Management of dependencies**, Snyk downloads the latest language server automatically.
* After completing the previous steps, restart your IDE.
- Note that if you can not find the path, the output of the plugin may specify the path of `snyk-ls` binaries:\
+ Note that if you cannot find the path, the output of the plugin may specify the path of `snyk-ls` binaries:\
`[Info] Snyk Language Server path: /Users/matthew/Library/Application Support/snyk-ls/snyk-ls_darwin_amd64`
diff --git a/developer-tools/snyk-ide-plugins-and-extensions/troubleshooting-ides/how-to-set-environment-variables-by-operating-system-for-ides-and-cli.md b/developer-tools/snyk-ide-plugins-and-extensions/troubleshooting-ides/how-to-set-environment-variables-by-operating-system-for-ides-and-cli.md
index 04219dc52c46..8e7e55a65358 100644
--- a/developer-tools/snyk-ide-plugins-and-extensions/troubleshooting-ides/how-to-set-environment-variables-by-operating-system-for-ides-and-cli.md
+++ b/developer-tools/snyk-ide-plugins-and-extensions/troubleshooting-ides/how-to-set-environment-variables-by-operating-system-for-ides-and-cli.md
@@ -21,7 +21,7 @@ The fundamental things to understand are:
* Environment variables are inherited by a process’s children at the time they are forked.
* The root process is a `launchd` instance, and there is also a separate `launchd` instance per user session.
-* `launchd` allows you to change its current environment variables using `launchctl`; the updated variables are then inherited by all new processes it forks from then on.
+* `launchd` lets you change its current environment variables using `launchctl`. All new processes it forks from then on inherit the updated variables.
You can verify if IntelliJ runs using this environment variable using `ps eww -o command | tr ' ' '\\n'` command.
diff --git a/developer-tools/snyk-ide-plugins-and-extensions/troubleshooting-ides/ide-plugin-fails-with-scan-failed-on-windows-systems-with-.exe-download-blocking.md b/developer-tools/snyk-ide-plugins-and-extensions/troubleshooting-ides/ide-plugin-fails-with-scan-failed-on-windows-systems-with-.exe-download-blocking.md
index c69d9a8a9dbd..ef613a8444c1 100644
--- a/developer-tools/snyk-ide-plugins-and-extensions/troubleshooting-ides/ide-plugin-fails-with-scan-failed-on-windows-systems-with-.exe-download-blocking.md
+++ b/developer-tools/snyk-ide-plugins-and-extensions/troubleshooting-ides/ide-plugin-fails-with-scan-failed-on-windows-systems-with-.exe-download-blocking.md
@@ -18,7 +18,7 @@ To determine if this is the case, navigate to the location for the CLI or Langua
The preferred solution for this is to allowlist `downloads.snyk.io` and `static.snyk.io` in the baseline policy for `.exe` files, so that downloads from this location are exempt from `.exe` popup approvals for all users.
-You can use the following temporary solutions in the interim if the preferred solution will take time to approve.
+You can use the following temporary solutions in the interim if the preferred solution takes time to approve.
* Manually download the relevant `.exe` file directly from either [Snyk CLI Releases](https://github.com/snyk/cli/releases) or [Snyk Language Server Releases](https://github.com/snyk/snyk-ls/releases), and place it in the location listed in your plugin settings. Ensure that you turn off the option to **Automatically Manage Dependencies**.
diff --git a/developer-tools/snyk-ide-plugins-and-extensions/troubleshooting-ides/maven-scans-with-private-repositories.md b/developer-tools/snyk-ide-plugins-and-extensions/troubleshooting-ides/maven-scans-with-private-repositories.md
index 1caacd4249c8..3ee4482321a1 100644
--- a/developer-tools/snyk-ide-plugins-and-extensions/troubleshooting-ides/maven-scans-with-private-repositories.md
+++ b/developer-tools/snyk-ide-plugins-and-extensions/troubleshooting-ides/maven-scans-with-private-repositories.md
@@ -2,7 +2,7 @@
## Problem
-Maven fails due to dependencies that reference private repositories in Ithe IDE plugin or CI/CD pipeline.
+Maven fails due to dependencies that reference private repositories in the IDE plugin or CI/CD pipeline.
## Investigation
@@ -16,4 +16,4 @@ Dependencies need to be downloaded from a private repository and the Snyk CLI sh
You can establish Maven settings or a profile containing the connection information, for example, with `-- -s your-home-directory/.m2/settings.xml` or `-- -Dprofile=my-profile`.
-These parameters can be passed on to the CLI using the `Additional Parameters` plugin setting in IDE. For CI/CDs. this should be passed as a pipeline argument if the Snyk CLI used directly, or a correct path mapping should be provided, if run in Docker image.
+You can pass these parameters on to the CLI using the `Additional Parameters` plugin setting in the IDE. For CI/CD, pass them as a pipeline argument if you use the Snyk CLI directly, or provide a correct path mapping if you run it in a Docker image.
diff --git a/developer-tools/snyk-ide-plugins-and-extensions/troubleshooting-ides/missing-or-differing-results-in-snyk-code.md b/developer-tools/snyk-ide-plugins-and-extensions/troubleshooting-ides/missing-or-differing-results-in-snyk-code.md
index 1828149f867b..4286f8daac7e 100644
--- a/developer-tools/snyk-ide-plugins-and-extensions/troubleshooting-ides/missing-or-differing-results-in-snyk-code.md
+++ b/developer-tools/snyk-ide-plugins-and-extensions/troubleshooting-ides/missing-or-differing-results-in-snyk-code.md
@@ -7,5 +7,5 @@
* If the result is now better, check the rules in `.gitignore` and `.dcignore` files to see if they cause the ignoring of files.
* Ignores can be analyzed in Jetbrains by enabling debug logging for the Snyk Code logger.
* Ignores can be analyzed in the Language Server by enabling trace logging, for example, by setting the env-variable `SNYK_DEBUG_LEVEL=trace.`
-* Enable ignore patterns step-by-step until results are correct, and the only files that are ignored should be ignored.
+* Enable ignore patterns step-by-step until results are correct and only the intended files are ignored.
* If the `.dcignore` is filled with a lot of ignores and was created automatically, it should be emptied. IntelliJ before 2.4.63 added this file automatically when no `.gitignore` was found at the top level. It contained many rules that can interfere with repositories and source files.
diff --git a/developer-tools/snyk-ide-plugins-and-extensions/troubleshooting-ides/net-new-issues-delta-scan-troubleshooting.md b/developer-tools/snyk-ide-plugins-and-extensions/troubleshooting-ides/net-new-issues-delta-scan-troubleshooting.md
index e8dcf061664d..3bf216aa138f 100644
--- a/developer-tools/snyk-ide-plugins-and-extensions/troubleshooting-ides/net-new-issues-delta-scan-troubleshooting.md
+++ b/developer-tools/snyk-ide-plugins-and-extensions/troubleshooting-ides/net-new-issues-delta-scan-troubleshooting.md
@@ -13,6 +13,6 @@ Some package managers, such as NuGet, pip, npm, and so on, require specific mani
Required manifest files must be generated before you can perform a scan analysis. These files, for example, `package-lock.json` or `obj/project.assets.json` for NuGet must have been generated on the current branch or folder and either:
* Be committed to the reference branch before the scan
-* Be prepared (compiled) into a different directory, that will be used as a reference folder for Snyk scan
+* Be prepared (compiled) into a different directory that Snyk uses as a reference folder for the scan
Choose the reference branch or folder
diff --git a/developer-tools/snyk-ide-plugins-and-extensions/troubleshooting-ides/server-returned-http-response-code-403-for-url.md b/developer-tools/snyk-ide-plugins-and-extensions/troubleshooting-ides/server-returned-http-response-code-403-for-url.md
index abf280c79c7a..d8455278bdf5 100644
--- a/developer-tools/snyk-ide-plugins-and-extensions/troubleshooting-ides/server-returned-http-response-code-403-for-url.md
+++ b/developer-tools/snyk-ide-plugins-and-extensions/troubleshooting-ides/server-returned-http-response-code-403-for-url.md
@@ -2,6 +2,6 @@
Check the endpoint URL and the authentication information.
-Most likely the API URL or the token is not ok. They need to use [https://api.snyk.io](https://api.snyk.io) without `/api` . For other tenants, the situation is similar: the path `/api` is not supported on the `api` subdomain.
+Most likely the API URL or the token is incorrect. They need to use [https://api.snyk.io](https://api.snyk.io) without `/api` . For other tenants, the situation is similar: the path `/api` is not supported on the `api` subdomain.
-Even if the URL may have worked before, the URL is invalid and must be changed.
+Even if the URL worked before, the URL is invalid and you must change it.
diff --git a/developer-tools/snyk-ide-plugins-and-extensions/troubleshooting-ides/troubleshoot-certificate-errors.md b/developer-tools/snyk-ide-plugins-and-extensions/troubleshooting-ides/troubleshoot-certificate-errors.md
index faae60fad6d4..8c5d13e4f7ae 100644
--- a/developer-tools/snyk-ide-plugins-and-extensions/troubleshooting-ides/troubleshoot-certificate-errors.md
+++ b/developer-tools/snyk-ide-plugins-and-extensions/troubleshooting-ides/troubleshoot-certificate-errors.md
@@ -23,8 +23,8 @@ See [Import the Certificate as a Trusted Certificate (The Java™ Tutorials > Se
Allow unknown certificate authorities
* Update the JDK used by Snyk scans to add unknown certificates.
-* Update to the latest CLI and pugin version.
-* CLI download can be re-triggered by deleting the CLI. The path is shown in the Snyk Preferences.
+* Update to the latest CLI and plugin version.
+* To re-trigger the CLI download, delete the CLI. The path is shown in the Snyk Preferences.
### IntelliJ
diff --git a/developer-tools/snyk-ide-plugins-and-extensions/unified-ide-configuration-dialog-experimental.md b/developer-tools/snyk-ide-plugins-and-extensions/unified-ide-configuration-dialog-experimental.md
index a1184aa53272..08f2a80f80cc 100644
--- a/developer-tools/snyk-ide-plugins-and-extensions/unified-ide-configuration-dialog-experimental.md
+++ b/developer-tools/snyk-ide-plugins-and-extensions/unified-ide-configuration-dialog-experimental.md
@@ -54,7 +54,7 @@ If you disable the new settings page, your configurations remain active. These s
| Issue View Options \| Show Open Issues | Show issues that are not ignored |
| Issue View Options \| Show Ignored Issues | Show issues that are ignored |
| Filter by Risk Score | Only show issues with a risk score above or equal to the given numeric threshold |
-| Delta Findings |
All Issues: show all issues Net-New Issues: show only newly introduced issues.
|
## Authentication
diff --git a/developer-tools/snyk-ide-plugins-and-extensions/visual-studio-code-extension/README.md b/developer-tools/snyk-ide-plugins-and-extensions/visual-studio-code-extension/README.md
index 99b1b1badb95..d3ad4ebf0ae3 100644
--- a/developer-tools/snyk-ide-plugins-and-extensions/visual-studio-code-extension/README.md
+++ b/developer-tools/snyk-ide-plugins-and-extensions/visual-studio-code-extension/README.md
@@ -2,9 +2,9 @@
## **Scan early, fix as you develop: elevate your security posture**
-Integrating security checks early in your development lifecycle helps you pass security reviews seamlessly and avoid expensive fixes down the line.
+Integrating security checks early in your development lifecycle helps you pass security reviews and avoid expensive fixes down the line.
-The Snyk Visual Studio Code extension allows you to analyze your code, open-source dependencies, and Infrastructure as Code (IaC) configurations. With actionable insights directly in your IDE, you can address issues as they arise.
+The Snyk Visual Studio Code extension lets you analyze your code, open-source dependencies, and Infrastructure as Code (IaC) configurations. With actionable insights directly in your IDE, you can address issues as they arise.
{% hint style="info" %}
The extension also works for other VSCode-based IDEs such as Windsurf, Cursor, and Eclipse Theia.
@@ -12,7 +12,7 @@ The extension also works for other VSCode-based IDEs such as Windsurf, Cursor, a
**Key features:**
-* **In-line issue highlighting:** Security issues are flagged directly within your code, categorized by type and severity for quick identification and resolution.
+* **In-line issue highlighting:** Snyk flags security issues directly within your code, categorized by type and severity for quick identification and resolution.
* **Comprehensive scanning:** The extension scans for a wide range of security issues, including:
* [**Open Source Security**](https://snyk.io/product/open-source-security-management/)**:** Detects vulnerabilities and license issues in both direct and transitive open-source dependencies. Automated fix suggestions simplify remediation. Explore more in the [Snyk Open Source documentation](https://docs.snyk.io/scan-using-snyk/snyk-open-source).
* [**Code Security**](https://snyk.io/product/snyk-code/)**:** Identifies security vulnerabilities in your custom code. Explore more in the [Snyk Code documentation](https://docs.snyk.io/scan-using-snyk/snyk-code).
@@ -41,7 +41,7 @@ Snyk Visual Studio Code extension does not support remote and containerized envi
Install the plugin at any time free of charge from the [Visual Studio Code marketplace](https://marketplace.visualstudio.com/items?itemName=snyk-security.snyk-vulnerability-scanner) and use it with any Snyk account, including a Free account. For more information, see the [VS Code extension installation guide](https://code.visualstudio.com/docs/editor/extension-marketplace#_install-an-extension).
-When the extension is installed, it automatically downloads the [Snyk CLI,](https://docs.snyk.io/snyk-cli) which includes the [Language Server](https://docs.snyk.io/scm-ide-and-ci-cd-integrations/snyk-ide-plugins-and-extensions/snyk-language-server).
+When you install the extension, it automatically downloads the [Snyk CLI,](https://docs.snyk.io/snyk-cli) which includes the [Language Server](https://docs.snyk.io/scm-ide-and-ci-cd-integrations/snyk-ide-plugins-and-extensions/snyk-language-server).
Continue by following the instructions in the other Visual Studio Code extension docs:
@@ -52,7 +52,7 @@ Continue by following the instructions in the other Visual Studio Code extension
* [Run an analysis with Visual Studio Code extension](https://docs.snyk.io/integrate-with-snyk/use-snyk-in-your-ide/visual-studio-code-extension/run-an-analysis-with-visual-studio-code-extension)
* [View analysis results from Visual Studio Code extension](https://docs.snyk.io/integrate-with-snyk/use-snyk-in-your-ide/visual-studio-code-extension/view-analysis-results-from-visual-studio-code-extension)
-When the VS Code extension is installed for the first time, a modal will pop up asking users if they want to enable Secure at Inception capabilities via Snyk Studio. With Secure at Inception enabled, a file such as snyk\_rules.mdc may be written to the directory.
+When you install the VS Code extension for the first time, a modal asks whether you want to enable Secure at Inception capabilities through Snyk Studio. With Secure at Inception enabled, Snyk may write a file such as snyk\_rules.mdc to the directory.
For more information, see the Snyk Studio quickstart guides for [Cursor](https://app.gitbook.com/s/N5N885PkllOWeBmgm3Bp/agentic-security-with-snyk-studio/quickstart-guides/cursor-guide), [Windsurf](https://app.gitbook.com/s/N5N885PkllOWeBmgm3Bp/agentic-security-with-snyk-studio/quickstart-guides/windsurf-guide), and [Copilot](https://app.gitbook.com/s/N5N885PkllOWeBmgm3Bp/agentic-security-with-snyk-studio/quickstart-guides/github-copilot-guide).
diff --git a/developer-tools/snyk-ide-plugins-and-extensions/visual-studio-code-extension/authentication-for-visual-studio-code-extension.md b/developer-tools/snyk-ide-plugins-and-extensions/visual-studio-code-extension/authentication-for-visual-studio-code-extension.md
index 66474475340a..413027e8bf8c 100644
--- a/developer-tools/snyk-ide-plugins-and-extensions/visual-studio-code-extension/authentication-for-visual-studio-code-extension.md
+++ b/developer-tools/snyk-ide-plugins-and-extensions/visual-studio-code-extension/authentication-for-visual-studio-code-extension.md
@@ -18,7 +18,7 @@ Before authenticating, ensure you have set your region properly. For details, se
Follow these steps to authenticate:
-1. After the extension is installed, click the **Snyk Icon** in the navigation bar, then click **Connect & Trust Workspace**:
+1. After you install the extension, click the **Snyk Icon** in the navigation bar, then click **Connect & Trust Workspace**:
Connect and trust workspace
2. A new browser window opens, requiring you to log in to your Snyk account.
@@ -39,13 +39,13 @@ If you have problems, see [OAuth 2.0 authentication does not work](../troublesho
{% include "../../.gitbook/includes/this-method-is-inferior-to-....md" %}
{% hint style="warning" %}
-The Personal Access Token (PAT) authentication is progressively rolled out to all Enterprise customers. To check if this feature is available for your Organization at this time, please reach out to your Snyk account team.
+Snyk is progressively rolling out Personal Access Token (PAT) authentication to all Enterprise customers. To check whether this feature is available for your Organization at this time, contact your Snyk account team.
{% endhint %}
When using this feature, ensure you generate and use a Personal Access Token (PAT). This feature is not compatible with Service Account tokens, and using them may result in unexpected behavior or errors.
{% hint style="info" %}
-Whenever you use this feature in your IDE, ensure to also retrieve the PAT details from the Snyk Web UI. Contact Snyk Support to enable the PAT feature within your Snyk Web UI Organization.
+Whenever you use this feature in your IDE, also retrieve the PAT details from the Snyk Web UI. Contact Snyk Support to enable the PAT feature in your Snyk Web UI Organization.
{% endhint %}
To authenticate using the Personal Access token, follow these steps:
@@ -64,7 +64,7 @@ To authenticate using the Personal Access token, follow these steps:
Follow these steps to authenticate:
-1. After the extension is installed, click the **Snyk Icon** in the navigation bar, then click the **Settings** icon, find **Authentication Method**, and change it to **Token authentication**:
+1. After you install the extension, click the **Snyk Icon** in the navigation bar, then click the **Settings** icon, find **Authentication Method**, and change it to **Token authentication**:
Change authentication method
diff --git a/developer-tools/snyk-ide-plugins-and-extensions/visual-studio-code-extension/run-an-analysis-with-visual-studio-code-extension.md b/developer-tools/snyk-ide-plugins-and-extensions/visual-studio-code-extension/run-an-analysis-with-visual-studio-code-extension.md
index 0597b0fe1883..39b7913e2fee 100644
--- a/developer-tools/snyk-ide-plugins-and-extensions/visual-studio-code-extension/run-an-analysis-with-visual-studio-code-extension.md
+++ b/developer-tools/snyk-ide-plugins-and-extensions/visual-studio-code-extension/run-an-analysis-with-visual-studio-code-extension.md
@@ -9,7 +9,7 @@ You can trigger `snyk test` by using one of these methods:
* automatic (default)
* manual
-Snyk Code and IaC configuration scans are triggered automatically when you open your Project and when you save any supported files. This behavior can be turned off in [user experience configuration](visual-studio-code-extension-configuration-environment-variables-and-proxy.md#user-experience).
+Snyk Code and IaC configuration scans run automatically when you open your Project and when you save any supported files. You can turn off this behavior in the [user experience configuration](visual-studio-code-extension-configuration-environment-variables-and-proxy.md#user-experience).
Snyk Open Source, by default, does not automatically run on save, but you can enable auto-scan in the configuration settings.
diff --git a/developer-tools/snyk-ide-plugins-and-extensions/visual-studio-code-extension/view-analysis-results-from-visual-studio-code-extension/README.md b/developer-tools/snyk-ide-plugins-and-extensions/visual-studio-code-extension/view-analysis-results-from-visual-studio-code-extension/README.md
index b30f8f14c49e..fda9edd914be 100644
--- a/developer-tools/snyk-ide-plugins-and-extensions/visual-studio-code-extension/view-analysis-results-from-visual-studio-code-extension/README.md
+++ b/developer-tools/snyk-ide-plugins-and-extensions/visual-studio-code-extension/view-analysis-results-from-visual-studio-code-extension/README.md
@@ -2,7 +2,7 @@
## Overview of results
-Snyk analysis shows a list of security vulnerabilities and code issues in the application code. Select a security vulnerability or a code security issue to view more details and examples of how others fixed the issue. The **Issue details panel** appears in a tab on the right side of the screen, as shown in following screen image.
+Snyk analysis shows a list of security vulnerabilities and code issues in the application code. Select a security vulnerability or a code security issue to view more details and examples of how others fixed the issue. The **Issue details panel** appears in a tab beside the code, as shown in the following screen image.
The **Snyk analysis panel** on the left shows the time the analysis took and a list of issues with the suggestions found for those issues.
@@ -35,7 +35,7 @@ Snyk reports the following types of issues:
* Infrastructure as Code issues: Found in infrastructure as code files; For more details, see [Snyk IaC Analysis results: Snyk IaC Configuration](analysis-results-snyk-iac-configuration.md).
{% hint style="info" %}
-The exact capabilities and available scanners depend on your Snyk plan. Be sure your Organization's admin enabled all Snyk products prior to configuring any of them in the IDE plugin.
+The exact capabilities and available scanners depend on your Snyk plan. Ensure your Organization admin enabled all Snyk products before configuring any of them in the IDE plugin.
{% endhint %}
You can set the issue types to be shown in the Scan configuration settings. By default, all issue types shown are selected.
@@ -44,7 +44,7 @@ You can set the issue types to be shown in the Scan configuration settings. By d
Starting with Visual Studio Code extension version 2.19.0, it is possible to see only newly introduced issues.
-This functionality reduces noise and allows you to focus only on current changes. This helps prevent issues early, thus unblocking your CI/CD pipeline and speeding up your deliveries.
+This functionality reduces noise and lets you focus only on current changes. This helps prevent issues early, unblocking your CI/CD pipeline and speeding up your deliveries.
The logic uses your local Git repository or any folder to compare the current findings with those in a base branch or reference folder. Net new issues scanning (delta scanning) shows you the difference between the two branches or folders, highlighting only the new issues.
@@ -58,7 +58,7 @@ To apply the filter and see only the new issues, use the **total** or **new** to
You can also enable the net new issues feature in the [scan configuration](./#scan-configuration) settings for the extension.
-For newly created feature branches, there will be no reported issues. That is an intended state that developers would aim for, as shown in the screen image that follows:
+For newly created feature branches, Snyk reports no issues. That is an intended state that developers aim for, as shown in the screen image that follows:
Successful state. No net new issues found.
diff --git a/developer-tools/snyk-ide-plugins-and-extensions/visual-studio-code-extension/view-analysis-results-from-visual-studio-code-extension/analysis-results-snyk-code.md b/developer-tools/snyk-ide-plugins-and-extensions/visual-studio-code-extension/view-analysis-results-from-visual-studio-code-extension/analysis-results-snyk-code.md
index cba4bd0b0b35..f4f5a7db959d 100644
--- a/developer-tools/snyk-ide-plugins-and-extensions/visual-studio-code-extension/view-analysis-results-from-visual-studio-code-extension/analysis-results-snyk-code.md
+++ b/developer-tools/snyk-ide-plugins-and-extensions/visual-studio-code-extension/view-analysis-results-from-visual-studio-code-extension/analysis-results-snyk-code.md
@@ -16,7 +16,7 @@ On the **Problems** tab of the Visual Studio Code results screen, you can see al
Visual Studio Code Problems tab
-Snyk also includes a feedback mechanism to report false positives so others do not see the same issue (bottom left).
+Snyk also includes a feedback mechanism to report false positives so others do not see the same issue.
## Snyk Code editor window
diff --git a/developer-tools/snyk-ide-plugins-and-extensions/visual-studio-code-extension/visual-studio-code-extension-configuration-environment-variables-and-proxy.md b/developer-tools/snyk-ide-plugins-and-extensions/visual-studio-code-extension/visual-studio-code-extension-configuration-environment-variables-and-proxy.md
index d29bb30c20a6..56f3f6e48987 100644
--- a/developer-tools/snyk-ide-plugins-and-extensions/visual-studio-code-extension/visual-studio-code-extension-configuration-environment-variables-and-proxy.md
+++ b/developer-tools/snyk-ide-plugins-and-extensions/visual-studio-code-extension/visual-studio-code-extension-configuration-environment-variables-and-proxy.md
@@ -8,8 +8,8 @@ After the plugin is installed, you can set the following configurations for the
* **Authentication method:** Specify whether to authenticate with OAuth2 or with an API token. `OAuth2` is the default
* **Custom Endpoint**: Specify the Snyk API endpoint for a custom multi-tenant or single-tenant setup. If you are using `https://api.snyk.io`, no configuration is required. For details, see the list of [IDE URLs](https://app.gitbook.com/s/ELvljsaLKPkSpffOkmsQ/regional-hosting-and-data-residency#ides-urls).\
- Multi-tenant users who do not belong to the `SNYK-US-01` region will be automatically redirected to the correct domain for the email with which the user authenticated. The redirect does not occur for cases where the users are expected to use a custom URL, such as companies with single-tenant setups.
-* **Organization**: Sets the Organization to run `snyk test` against, similar to the `--org=` option in the CLI. Snyk recommends using the `ORG_ID`. If you specify an Organization slug name, the value must match the URL slug as displayed in the URL of your Organization in the Snyk UI: `https://app.snyk.io/org/[orgslugname]`. If the Organization value is blank or invalid, the preferred Organization defined in your [web account settings](https://app.snyk.io/account) will be used. Setting the Organization at the Folder level is Experimental.
+ Snyk automatically redirects multi-tenant users who do not belong to the `SNYK-US-01` region to the correct domain for the email with which the user authenticated. The redirect does not occur for cases where the users are expected to use a custom URL, such as companies with single-tenant setups.
+* **Organization**: Sets the Organization to run `snyk test` against, similar to the `--org=` option in the CLI. Snyk recommends using the `ORG_ID`. If you specify an Organization slug name, the value must match the URL slug as displayed in the URL of your Organization in the Snyk UI: `https://app.snyk.io/org/[orgslugname]`. If the Organization value is blank or invalid, Snyk uses the preferred Organization defined in your [web account settings](https://app.snyk.io/account). Setting the Organization at the Folder level is Experimental.
* **Auto-select Organization**: When enabled, Snyk automatically selects the most appropriate Organization for your Project using context found in your repository and your authentication. If an Organization is configured manually, this feature is overridden. If an appropriate Organization cannot be identified automatically, the preferred Organization defined in your [web account settings](https://app.snyk.io/account) is used as a fallback.
* **Send error reports to Snyk**: Help Snyk to improve the stability of the plugin by analyzing such reports.
@@ -43,7 +43,7 @@ These settings are not part of the stable functionality and are not officially s
## CLI and Language Server
-* When **Automatic Dependency Management** is checked, the plugin will download the [CLI](../../snyk-cli/) and update it regularly to the defined CLI path, if defined. Uncheck this option if downloading the CLI is not possible due to your network configuration, for example, due to firewall rules, and you need to obtain this dependency through other means.
+* When **Automatic Dependency Management** is checked, the plugin downloads the [CLI](../../snyk-cli/) and updates it regularly to the defined CLI path, if defined. Uncheck this option if downloading the CLI is not possible due to your network configuration, for example, due to firewall rules, and you need to obtain this dependency through other means.
* **CLI Path:** Allow changing the file path of the CLI (optional field).
## Environment variables
@@ -59,7 +59,7 @@ Setting these variables only in a shell environment, for example, using `~/.bash
* On macOS, the process `launchd` must know the environment variables to launch the IDE from the Finder directly. You can set environment variables for applications launched using the Finder by using the `launchctl setenv` command, for example, on start-up or through a script you launch at user login.
{% hint style="info" %}
-The provision of environment variables to the `macOS` UI can change between operating system releases, so it may be easier to create a small shell script that launches the IDE to leverage the shell environment that can be defined using `~/.bashrc`.
+The provision of environment variables to the `macOS` UI can change between operating system releases, so it may be easier to create a small shell script that launches the IDE to use the shell environment that can be defined using `~/.bashrc`.
{% endhint %}
* On Linux, updating the `file /etc/environment` can propagate environment variables to the Windows manager and UI.
diff --git a/developer-tools/snyk-ide-plugins-and-extensions/visual-studio-code-extension/visual-studio-code-workspace-trust.md b/developer-tools/snyk-ide-plugins-and-extensions/visual-studio-code-extension/visual-studio-code-workspace-trust.md
index ef681fc90671..010e38039ce3 100644
--- a/developer-tools/snyk-ide-plugins-and-extensions/visual-studio-code-extension/visual-studio-code-workspace-trust.md
+++ b/developer-tools/snyk-ide-plugins-and-extensions/visual-studio-code-extension/visual-studio-code-workspace-trust.md
@@ -2,10 +2,10 @@
As part of examining the codebase for vulnerabilities, Snyk may automatically execute code on your computer to obtain additional data for analysis. This includes invoking the package manager, for example, pip, Gradle, Maven, Yarn, npm, and so on, to get dependency information for Snyk Open Source. Invoking these programs on untrusted code that has malicious configurations may expose your system to malicious code execution and exploits.
-In addition to the built-in [Workspace Trust](https://code.visualstudio.com/docs/editor/workspace-trust) feature of Visual Studio Code, the Snyk extension will ask for folder trust before allowing you to run any scans against your code. When in doubt, do not proceed with a scan.
+In addition to the built-in [Workspace Trust](https://code.visualstudio.com/docs/editor/workspace-trust) feature of Visual Studio Code, the Snyk extension asks for folder trust before allowing you to run any scans against your code. When in doubt, do not proceed with a scan.
Request to trust folders
-After a single Project trust is granted, Snyk will not ask for trust on the opened folder and its subfolders again. If you did not grant trust the first time, the extension will ask again the next time when you restart your Visual Studio Code instance.
+After a single Project trust is granted, Snyk does not ask for trust on the opened folder and its subfolders again. If you did not grant trust the first time, the extension asks again the next time you restart your Visual Studio Code instance.
To revoke an existing folder trust or grant trust to more folders, you can navigate to the Snyk extension settings and edit the **Trusted Folders** (`snyk.trustedFolders`) setting.
diff --git a/developer-tools/snyk-ide-plugins-and-extensions/visual-studio-extension/README.md b/developer-tools/snyk-ide-plugins-and-extensions/visual-studio-extension/README.md
index 6401efd9dd2d..1515940efad7 100644
--- a/developer-tools/snyk-ide-plugins-and-extensions/visual-studio-extension/README.md
+++ b/developer-tools/snyk-ide-plugins-and-extensions/visual-studio-extension/README.md
@@ -6,9 +6,9 @@ Visual Studio 2026 not supported.
## Scan early, fix as you develop: elevate your security posture
-Integrating security checks early in your development lifecycle helps you pass security reviews seamlessly and avoid expensive fixes down the line.
+Integrating security checks early in your development lifecycle helps you pass security reviews and avoid expensive fixes down the line.
-The Snyk Visual Studio extension allows you to analyze your code, infrastructure configuration, and open-source dependencies. With actionable insights directly in your IDE, you can address issues as they arise.
+The Snyk Visual Studio extension lets you analyze your code, infrastructure configuration, and open-source dependencies. With actionable insights directly in your IDE, you can address issues as they arise.
**Key features**:
@@ -25,7 +25,7 @@ The Snyk Visual Studio extension allows you to analyze your code, infrastructure
You can use the Snyk Visual Studio extension in the following environments:
* Windows: 386, AMD64, and ARM64
-* MacOS: Visual Studio Windows plugin in a Windows virtual machine inside a Mac with an ARM64 processor
+* macOS: Visual Studio Windows plugin in a Windows virtual machine inside a Mac with an ARM64 processor
Install the plugin at any time free of charge from the [Visual Studio marketplace](https://marketplace.visualstudio.com/items?itemName=snyk-security.snyk-vulnerability-scanner-vs-2022) and use it with any Snyk account, including the Free plan. For more information, see the [VS extension installation guide](https://learn.microsoft.com/en-us/visualstudio/ide/finding-and-using-visual-studio-extensions?view=vs-2022#find-and-install-extensions).
@@ -35,7 +35,7 @@ After the extension is installed, use Snyk through the **Extensions > Snyk** men
You can also open the Snyk tool window using **View** > **Other Windows** > **Snyk**.
-When the extension is installed, it automatically downloads the [Snyk CLI,](https://docs.snyk.io/snyk-cli) which includes the [Language Server](https://docs.snyk.io/scm-ide-and-ci-cd-integrations/snyk-ide-plugins-and-extensions/snyk-language-server).
+When you install the extension, it automatically downloads the [Snyk CLI,](https://docs.snyk.io/snyk-cli) which includes the [Language Server](https://docs.snyk.io/scm-ide-and-ci-cd-integrations/snyk-ide-plugins-and-extensions/snyk-language-server).
Continue by following the instructions in the other Visual Studio extension docs:
diff --git a/developer-tools/snyk-ide-plugins-and-extensions/visual-studio-extension/authentication-for-visual-studio-extension.md b/developer-tools/snyk-ide-plugins-and-extensions/visual-studio-extension/authentication-for-visual-studio-extension.md
index ccef2a0dedd2..ed3173830ff7 100644
--- a/developer-tools/snyk-ide-plugins-and-extensions/visual-studio-extension/authentication-for-visual-studio-extension.md
+++ b/developer-tools/snyk-ide-plugins-and-extensions/visual-studio-extension/authentication-for-visual-studio-extension.md
@@ -14,7 +14,7 @@ Snyk supports the following protocols for authentication:
Follow the next steps to authenticate:
-1. After the extension is installed, navigate to **Extensions** > **Snyk** > **Windows**, and then **Snyk** to open the Snyk panel.
+1. After you install the extension, navigate to **Extensions** > **Snyk** > **Windows**, and then **Snyk** to open the Snyk panel.
Snyk extension navigation
@@ -29,7 +29,7 @@ Follow the next steps to authenticate:
The analysis starts automatically. The IDE reads and saves the authentication on your local machine.
{% hint style="info" %}
-You might encounter the browser redirecting to 127.0.0.1:8080. This is normal, and you would need to retry the steps above.
+You might encounter the browser redirecting to 127.0.0.1:8080. This is normal; retry the authentication steps.
{% endhint %}
@@ -45,7 +45,7 @@ If you have problems, see [OAuth 2.0 authentication does not work](../troublesho
{% include "../../.gitbook/includes/this-method-is-inferior-to-....md" %}
{% hint style="warning" %}
-The Personal Access Token (PAT) authentication is progressively rolled out to all Enterprise customers. To check if this feature is available for your Organization at this time, please reach out to your Snyk account team.
+Snyk is progressively rolling out Personal Access Token (PAT) authentication to all Enterprise customers. To check whether this feature is available for your Organization at this time, contact your Snyk account team.
{% endhint %}
To authenticate using the Personal Access token, follow these steps:
@@ -65,7 +65,7 @@ To authenticate using the Personal Access token, follow these steps:
Follow these steps to authenticate:
-1. After the extension is installed, navigate to **Extensions** > **Snyk** > **Settings**:
+1. After you install the extension, navigate to **Extensions** > **Snyk** > **Settings**:
Snyk Settings navigation
diff --git a/developer-tools/snyk-ide-plugins-and-extensions/visual-studio-extension/run-an-analysis-with-visual-studio-extension.md b/developer-tools/snyk-ide-plugins-and-extensions/visual-studio-extension/run-an-analysis-with-visual-studio-extension.md
index de034b4733ce..5f4ea47642f7 100644
--- a/developer-tools/snyk-ide-plugins-and-extensions/visual-studio-extension/run-an-analysis-with-visual-studio-extension.md
+++ b/developer-tools/snyk-ide-plugins-and-extensions/visual-studio-extension/run-an-analysis-with-visual-studio-extension.md
@@ -11,7 +11,7 @@ The extension provides two kinds of results:
## Open Source vulnerabilities
-Note that your solution must be built successfully in order to allow the CLI to pick up the dependencies and find the vulnerabilities.
+Note that your solution must be built successfully to allow the CLI to pick up the dependencies and find the vulnerabilities.
If you see only npm vulnerabilities or vulnerabilities that are not related to your C#/.NET Projects, your Project may not have been built successfully and thus not detected by the CLI. If you have difficulty or questions, submit a request to [Snyk Support](https://support.snyk.io).
diff --git a/developer-tools/snyk-ide-plugins-and-extensions/visual-studio-extension/troubleshooting-and-known-issues-with-visual-studio-extension.md b/developer-tools/snyk-ide-plugins-and-extensions/visual-studio-extension/troubleshooting-and-known-issues-with-visual-studio-extension.md
index c099679e0d21..0827e4c5c95b 100644
--- a/developer-tools/snyk-ide-plugins-and-extensions/visual-studio-extension/troubleshooting-and-known-issues-with-visual-studio-extension.md
+++ b/developer-tools/snyk-ide-plugins-and-extensions/visual-studio-extension/troubleshooting-and-known-issues-with-visual-studio-extension.md
@@ -31,7 +31,7 @@ To enable Snyk Language Server debug logs in Visual Studio, add `-d` parameter t
Adding the debug parameter
-Press OK and restart the IDE after adding the parameter.
+Click **OK** and restart the IDE after adding the parameter.
#### View Log file
@@ -82,7 +82,7 @@ If a user has a bug with the Snyk plugin, especially bugs where the plugin fails
### Snyk Code ignores
-Snyk Code allows developers to ignore files in their codebase. This is done through the use of Snyk Code Ignores. However, in Visual Studio, the `.snyk` file cannot be used to manage Snyk Code Ignores for C# Projects. Instead, developers must use `.dcignore` or `.gitignore` files to manage Code Ignores for C# Projects in Visual Studio.
+Snyk Code lets developers ignore files in their codebase using Snyk Code Ignores. However, in Visual Studio, you cannot use the `.snyk` file to manage Snyk Code Ignores for C# Projects. Instead, developers must use `.dcignore` or `.gitignore` files to manage Code Ignores for C# Projects in Visual Studio.
### Settings storage
diff --git a/developer-tools/snyk-ide-plugins-and-extensions/visual-studio-extension/view-analysis-results-from-visual-studio-extension.md b/developer-tools/snyk-ide-plugins-and-extensions/visual-studio-extension/view-analysis-results-from-visual-studio-extension.md
index 9fa84441cbd0..db057d4fdb3c 100644
--- a/developer-tools/snyk-ide-plugins-and-extensions/visual-studio-extension/view-analysis-results-from-visual-studio-extension.md
+++ b/developer-tools/snyk-ide-plugins-and-extensions/visual-studio-extension/view-analysis-results-from-visual-studio-extension.md
@@ -20,7 +20,7 @@ Users can configure the Snyk extension using the **Solution settings** in the **
For Projects using Git repositories or when you specify a reference folder, Snyk can filter the displayed issues to show only issues introduced in the working branch.
-This functionality reduces noise and allows you to focus only on current changes. This helps prevent issues early, thus unblocking your CI/CD pipeline and speeding up your deliveries.
+This functionality reduces noise and lets you focus only on current changes. This helps prevent issues early, unblocking your CI/CD pipeline and speeding up your deliveries.
The logic uses your local Git repository or any folder to compare the current findings with those in a base branch or reference folder. Net new issues scanning (delta scanning) shows you the difference between the two branches or folders, highlighting only the new issues.
@@ -32,7 +32,7 @@ To apply the filter and only see the new issues, use the **total/new** toggle in
You can also enable net new issues feature in the [scan settings](visual-studio-extension-configuration-environment-variables-and-proxy.md#scan-configuration) for the Visual Studio extension.
-For newly created feature branches, there will be no reported issues. That is an intended state that developers would aim for, as shown in the screen image that follows:
+For newly created feature branches, Snyk reports no issues. That is an intended state that developers aim for, as shown in the screen image that follows:
Successful state, no net new issiues found
diff --git a/developer-tools/snyk-ide-plugins-and-extensions/visual-studio-extension/visual-studio-extension-configuration-environment-variables-and-proxy.md b/developer-tools/snyk-ide-plugins-and-extensions/visual-studio-extension/visual-studio-extension-configuration-environment-variables-and-proxy.md
index 106b2508d613..dd9822f906fd 100644
--- a/developer-tools/snyk-ide-plugins-and-extensions/visual-studio-extension/visual-studio-extension-configuration-environment-variables-and-proxy.md
+++ b/developer-tools/snyk-ide-plugins-and-extensions/visual-studio-extension/visual-studio-extension-configuration-environment-variables-and-proxy.md
@@ -6,7 +6,7 @@ After the plugin is installed, you can set the following configurations for the
* **Authentication method**: Specify whether to authenticate with OAuth2 or with an API token. `OAuth2` is the default.
* **Custom endpoint**: Specify the Snyk API endpoint for a custom multi-tenant or single-tenant setup. If you are using `https://api.snyk.io`, no configuration is required. For details, see the list of [IDE URLs](https://app.gitbook.com/s/ELvljsaLKPkSpffOkmsQ/regional-hosting-and-data-residency#ides-urls).\
- Multi-tenant users who do not belong to the `SNYK-US-01` region will be automatically redirected to the correct domain for the email with which the user authenticated. The redirect will not occur for cases where the users are expected to use a custom URL, such as companies with single-tenant setups.
+ Snyk automatically redirects multi-tenant users who do not belong to the `SNYK-US-01` region to the correct domain for the email with which the user authenticated. The redirect does not occur for cases where the users are expected to use a custom URL, such as companies with single-tenant setups.
* **Ignore unknown CA**: Ignore unknown certificate authorities.
* **Organization**: Specify the `ORG_ID` to run Snyk commands tied to a specific Organization. Snyk recommends using the `ORG_ID`. If you specify the `ORG_NAME`, that is, the Organization slug name, the value must match the URL slug as displayed in the URL of your Organization in the Snyk Web UI: `https://app.snyk.io/org/[orgslugname]`.\
Organization selection follows this order:
@@ -27,19 +27,19 @@ After the plugin is installed, you can set the following configurations for the
**Scanning mode**: The auto option activates automatic scans when saving files and when opening a Project. This works with Snyk Code and Snyk IaC.
-**Snyk Window Recommendation**: The Snyk window should be docked either to the bottom or to the side of the IDE, to enable smoother navigation. It should not be used in full-screen mode.
+**Snyk Window Recommendation**: Dock the Snyk window either to the bottom or to the side of the IDE to enable smoother navigation. Do not use it in full-screen mode.
## Experimental
-This section contains experimental features that may change at any time.
+This section contains experimental features that can change at any time.
These settings are not part of the stable functionality and are not officially supported.
## CLI settings
-You may opt to either use a CLI instance downloaded and managed by the extension or to use your own installation of the CLI.
+You can opt to either use a CLI instance downloaded and managed by the extension or to use your own installation of the CLI.
-* **Base URL to download the CLI**: The URL that the extension will use to download the CLI.
+* **Base URL to download the CLI**: The URL that the extension uses to download the CLI.
* **CLI path**: Allow changing the file path to the CLI (optional field).
* **Update and install Snyk dependencies automatically**: Specify whether or not the extension should download and use its own CLI instance. If this is disabled, you must provide a valid path to your own CLI instance.
* **CLI release channel**: For CLI instances managed by the extension, choose whether to use the stable, rc (release candidate), or preview versions of the CLI. For details on the CLI release channels, see [Releases and channels for the Snyk CLI](../../snyk-cli/releases-and-channels-for-the-snyk-cli.md).
@@ -56,7 +56,7 @@ Settings on this page are scoped to the active solution
* **Additional parameters**: Passed to `snyk test` [CLI options](../../snyk-cli/commands/test.md) for **Snyk Open Source** scanning.\
For example, to enable unmanaged [C/C++](https://app.gitbook.com/s/L7HyJj9FsK1W4pNt8Gzl/supported-languages/supported-languages-list/c-c++) scanning to find vulnerabilities in open-source packages, use the CLI option `--unmanaged`. Note that `--unmanaged` works only for unmanaged C/C++ scanning.
-* **Auto-select Organization**: When enabled, Snyk will automatically select the most appropriate Organization for your Project using context found in your repository and your authentication. If an Organization is configured manually, this feature is overridden. If an appropriate Organization cannot be identified automatically, the preferred Organization defined in your [web account settings](https://app.snyk.io/account) is used as a fallback.
+* **Auto-select Organization**: When enabled, Snyk automatically selects the most appropriate Organization for your Project using context found in your repository and your authentication. If an Organization is configured manually, this feature is overridden. If an appropriate Organization cannot be identified automatically, the preferred Organization defined in your [web account settings](https://app.snyk.io/account) is used as a fallback.
* **Organization**: Specify the Organization (ID or name) for Snyk to run scans against for this specific IDE project. Retrieve the Organization ID from the Organization settings in the Snyk Web UI: `https://app.snyk.io/org/[ORG_NAME]/manage/settings` and copy the ID from the Organization ID section. If the Organization is provided manually, automatic Organization selection is overridden. If the Organization value is blank or invalid, the value from the global Organization field is used.
VS Extension Solution settings
diff --git a/developer-tools/snyk-ide-plugins-and-extensions/visual-studio-extension/visual-studio-workspace-trust.md b/developer-tools/snyk-ide-plugins-and-extensions/visual-studio-extension/visual-studio-workspace-trust.md
index cc0969684485..c6753c7190ed 100644
--- a/developer-tools/snyk-ide-plugins-and-extensions/visual-studio-extension/visual-studio-workspace-trust.md
+++ b/developer-tools/snyk-ide-plugins-and-extensions/visual-studio-extension/visual-studio-workspace-trust.md
@@ -4,6 +4,6 @@ As part of examining the codebase for vulnerabilities, Snyk may automatically ex
To safeguard against using the extension on untrusted folders, the Snyk extension asks for folder trust before allowing you to run any scans against your code. When in doubt, do not proceed with a scan.
-After a single folder trust is granted, Snyk will not ask for trust on the opened folder and its subfolders again. To revoke an existing folder trust, manually edit the `trustedFolders` JSON element in the `settings.json` file located in the following path:
+After a single folder trust is granted, Snyk does not ask for trust on the opened folder and its subfolders again. To revoke an existing folder trust, manually edit the `trustedFolders` JSON element in the `settings.json` file located in the following path:
`%LocalAppData%\Microsoft\VisualStudio\\Extensions\Snyk\Snyk Security\`
diff --git a/discover-snyk/getting-started/README.md b/discover-snyk/getting-started/README.md
index 215dec795d14..363cc69ef80e 100644
--- a/discover-snyk/getting-started/README.md
+++ b/discover-snyk/getting-started/README.md
@@ -25,17 +25,17 @@ To create a free account or sign up for a pricing plan, navigate to [snyk.io](ht
If your company has an existing Snyk account and uses single sign-on (SSO), use the SSO link provided by your administrators.
-If your company requires an invitation to use Snyk, when you log in for the first time, you may see a list of Organizations, which in Snyk control access to Projects. To request access to an Organization, select the name of an Organization Admin in order to request access.
+If your company requires an invitation to use Snyk, when you log in for the first time, you see a list of Organizations, which in Snyk control access to Projects. To request access to an Organization, select the name of an Organization Admin.
{% hint style="info" %}
-If you log in with a different authentication provider from the one your company uses for the Snyk account, you create a new account. You will not be logged in to the correct Organization for your company.
+If you log in with a different authentication provider from the one your company uses for the Snyk account, you create a new account. You are not logged in to the correct Organization for your company.
{% endhint %}
When you log in to the Snyk Web UI, Snyk shows your preferred (default) Organization. Snyk also uses the settings for your preferred Organization when you test a Project locally using the CLI.
## Set up a Snyk integration
-For Snyk to know where to scan, you must provide it with access to your environment. The type of integration you need depends on what systems you use, what you want to scan, and where you want to add the integrations - [Organization](https://app.gitbook.com/s/IEEjSXQQu36y0vmFV8zf/integrations/integrate-with-snyk) or [Group](https://app.gitbook.com/s/IEEjSXQQu36y0vmFV8zf/integrations/integrate-with-snyk). For information about available integrators, see [Snyk SCM integrations](https://app.gitbook.com/s/IEEjSXQQu36y0vmFV8zf/integrations/scm-integrations/organization-level-integrations) and [Integrate with Snyk](https://app.gitbook.com/s/IEEjSXQQu36y0vmFV8zf/integrations/integrate-with-snyk).
+For Snyk to know where to scan, you must provide it with access to your environment. The type of integration you need depends on what systems you use, what you want to scan, and where you want to add the integrations — [Organization](https://app.gitbook.com/s/IEEjSXQQu36y0vmFV8zf/integrations/integrate-with-snyk) or [Group](https://app.gitbook.com/s/IEEjSXQQu36y0vmFV8zf/integrations/integrate-with-snyk). For information about available integrators, see [Snyk SCM integrations](https://app.gitbook.com/s/IEEjSXQQu36y0vmFV8zf/integrations/scm-integrations/organization-level-integrations) and [Integrate with Snyk](https://app.gitbook.com/s/IEEjSXQQu36y0vmFV8zf/integrations/integrate-with-snyk).
To scan your code, you must first integrate Snyk with the repository holding that code.
@@ -43,7 +43,7 @@ To scan your code, you must first integrate Snyk with the repository holding tha
After creating a Snyk account, you can follow the optional getting-started walkthrough prompts to provide information and help Snyk guide your experience. This includes choosing an integration method, setting access permissions, configuring automation settings, and authenticating that integration.
-Alternatively, if you want to scan your code without authenticating to your source code repository, you can select the CLI integration. This allows you to run scans from your local machine and upload results to your Organization in Snyk.
+Alternatively, if you want to scan your code without authenticating to your source code repository, you can select the CLI integration. This lets you run scans from your local machine and upload results to your Organization in Snyk.
### Manual process
@@ -61,7 +61,7 @@ Before authenticating, be sure you have set your region properly. For details, s
Your Snyk API token is a personal token available under your user profile. The Snyk API token is associated with your Snyk Account and not with a specific Organization.
-Free and Team plan and trial users have access only to tokens under the user profile. Your personal tokens can be used to authenticate with the Snyk CLI running on a local or a build machine and an IDE when you are setting a token manually. Use a personal token with caution if you are authenticating for CI/CD or with the API, which is available for Enterprise plan users only.
+Free and Team plan and trial users have access only to tokens under the user profile. You can use your personal tokens to authenticate with the Snyk CLI running on a local or a build machine and an IDE when you are setting a token manually. Use a personal token with caution if you are authenticating for CI/CD or with the API, which is available for Enterprise plan users only.
#### Personal Access Tokens (recommended)
@@ -84,7 +84,7 @@ To obtain your personal Snyk API token:
2. In your **General** settings, under API Token, select **click to show**.
3. Highlight and copy your API key.
-If you want a new API token, select **Revoke & Regenerate**, but this will make the previous API token invalid.
+If you want a new API token, select **Revoke & Regenerate**, but this makes the previous API token invalid.
{% hint style="info" %}
For information on when to use an API token and when to use a service account token, available to Enterprise plan users only, visit [Authentication for API](https://app.gitbook.com/s/IEEjSXQQu36y0vmFV8zf/snyk-api/authentication-for-api).
@@ -107,7 +107,7 @@ Importing a Project also does the following:
Snyk Essentials is available only with Enterprise plans. For more information, see [plans and pricing](https://snyk.io/plans/).
{% endhint %}
-Snyk Essentials enables Application Security teams to implement, manage, and scale a modern, high-performing, developer security program. It covers use cases under Application Security Posture Management (ASPM).
+Snyk Essentials lets Application Security teams implement, manage, and scale a modern, high-performing, developer security program. It covers use cases under Application Security Posture Management (ASPM).
For more information, see [Snyk Essentials](https://app.gitbook.com/s/BJO0IZx7zB6bOkotxQP2/scan-with-snyk/snyk-essentials).
diff --git a/discover-snyk/getting-started/glossary.md b/discover-snyk/getting-started/glossary.md
index 81cc25c9a2e6..fd28be089e35 100644
--- a/discover-snyk/getting-started/glossary.md
+++ b/discover-snyk/getting-started/glossary.md
@@ -4,7 +4,7 @@
### ADE
-An Agentic Development Environment (ADE), also known as an Agentic IDE, is a engineering workspace where AI agents execute defined tasks.
+An Agentic Development Environment (ADE), also known as an Agentic IDE, is an engineering workspace where AI agents execute defined tasks.
### Advisor
@@ -104,7 +104,7 @@ A Command directive is a type of [Directive](glossary.md#directive) that is manu
### Container
-Containers allow you to package applications and their dependencies together to be deployed as a single runnable unit. A container is an abstraction provided by the operating system kernel that allows a process to be isolated from other processes running on the system. See also [Snyk Container.](glossary.md#snyk-container)
+Containers let you package applications and their dependencies together to be deployed as a single runnable unit. A container is an abstraction provided by the operating system kernel that allows a process to be isolated from other processes running on the system. See also [Snyk Container.](glossary.md#snyk-container)
### Container engine
@@ -128,7 +128,7 @@ The security controls associated with the asset. Navigate to the Snyk Essentials
### Coverage (Snyk Essentials)
-An assessment of whether applicable assets are scanned and tested by security tools (like Snyk Open Source, for instance), as it relates to an application security program. A type of policy that allows you to specify what controls should be applied and, optionally, how often it needs to be run.
+An assessment of whether applicable assets are scanned and tested by security tools (like Snyk Open Source, for instance), as it relates to an application security program. A type of policy that lets you specify what controls to apply and, optionally, how often it needs to be run.
### Coverage gap (Snyk **Essentials**)
@@ -136,7 +136,7 @@ An assessment of all assets that fall "out of policy" and do not satisfy the cov
### CVE
-Common Vulnerabilities and Exposures. A widely-used identifier for a well-known vulnerability.
+Common Vulnerabilities and Exposures. A widely used identifier for a well-known vulnerability.
### CVSS
@@ -177,7 +177,7 @@ A set of cultural philosophies, practices, and tools that combine software devel
### DevSecOps
-Integrate security seamlessly and transparently into emerging agile IT and DevOps development.
+Integrate security transparently into emerging agile IT and DevOps development.
### Docker
@@ -209,7 +209,7 @@ A measure of how practical an exploit for a vulnerability is, based on whether t
### Fixable / Partially fixable
-A measure of whether a vulnerability can be fixed by Sny by applying a patch, upgrade, or pin. See [Vulnerability fix types](https://app.gitbook.com/o/-M4tdxG8qotLgGZnLpFR/s/BJO0IZx7zB6bOkotxQP2/scan-with-snyk/snyk-open-source/manage-vulnerabilities/vulnerability-fix-types).
+A measure of whether Snyk can fix a vulnerability by applying a patch, upgrade, or pin. See [Vulnerability fix types](https://app.gitbook.com/o/-M4tdxG8qotLgGZnLpFR/s/BJO0IZx7zB6bOkotxQP2/scan-with-snyk/snyk-open-source/manage-vulnerabilities/vulnerability-fix-types).
### Fix PR
@@ -327,7 +327,7 @@ Natural Language Processing.The technology that enables computers to understand,
### NPX
-`npx` (Node Package Execute) is a command-line tool bundled with `npm` that allows you to run `Node.js` packages without requiring installation.
+`npx` (Node Package Execute) is a command-line tool bundled with `npm` that lets you run `Node.js` packages without requiring installation.
## O
@@ -503,7 +503,7 @@ A platform providing Cloud Native Application Security (CNAS) solutions, allowin
### Snyk Advisor
-A free web application that allows you to compare software packages across open-source ecosystems. It provides insights into the overall health of a particular package by combining community and security data into a single unified view. See [Snyk Advisor](https://snyk.io/advisor/).
+A free web application that lets you compare software packages across open-source ecosystems. It provides insights into the overall health of a particular package by combining community and security data into a single unified view. See [Snyk Advisor](https://snyk.io/advisor/).
### Snyk API
@@ -551,14 +551,14 @@ A library used by the Snyk CLI to scan a certain language or build system.
### Snyk Studio
-Snyk Studio embeds Snyk's AI security platform capabilities into any AI-native workflow. Snyk Studio is built on two core use cases: '[Secure at Inception](glossary.md#secure-at-inception),' which proactively prevents new, AI-generated vulnerabilities using configurable directives, and 'Intelligent Remediation,' which clears existing security backlogs at scale.
+Snyk Studio embeds the AI security platform capabilities of Snyk into any AI-native workflow. Snyk Studio is built on two core use cases: '[Secure at Inception](glossary.md#secure-at-inception),' which proactively prevents new, AI-generated vulnerabilities using configurable directives, and 'Intelligent Remediation,' which clears existing security backlogs at scale.
### Snyk Security Intelligence
A component powering the Snyk cloud-native application security platform.\
Incorporates the Snyk Intel Vulnerability DB: the Snyk database of vulnerabilities, providing detailed information and fix advice for known vulnerabilities. See [Vulnerability DB](https://snyk.io/vuln).
-### Snyk web UI
+### Snyk Web UI
The browser-based environment that provides users access to Snyk functions.
diff --git a/discover-snyk/getting-started/pilot-guide/access-and-deployment/configure-cloud-based-scm/README.md b/discover-snyk/getting-started/pilot-guide/access-and-deployment/configure-cloud-based-scm/README.md
index 5f271ff87c5c..efd2f56d3f52 100644
--- a/discover-snyk/getting-started/pilot-guide/access-and-deployment/configure-cloud-based-scm/README.md
+++ b/discover-snyk/getting-started/pilot-guide/access-and-deployment/configure-cloud-based-scm/README.md
@@ -2,7 +2,7 @@
{% include "../../../../.gitbook/includes/pilot-guide-navigation.md" %}
-### Set up SCM integrations and Snyk Essentials by following the steps for all relevant SCMs:
+### Set up SCM integrations and Snyk Essentials by following the steps for all relevant SCMs
* [GitHub](github.md)
* [GitLab](gitlab.md)
diff --git a/discover-snyk/getting-started/pilot-guide/access-and-deployment/configure-cloud-based-scm/azure-devops.md b/discover-snyk/getting-started/pilot-guide/access-and-deployment/configure-cloud-based-scm/azure-devops.md
index 51afc49b1552..28e167443490 100644
--- a/discover-snyk/getting-started/pilot-guide/access-and-deployment/configure-cloud-based-scm/azure-devops.md
+++ b/discover-snyk/getting-started/pilot-guide/access-and-deployment/configure-cloud-based-scm/azure-devops.md
@@ -2,7 +2,7 @@
{% include "../../../../.gitbook/includes/pilot-guide-navigation.md" %}
-Review the steps below to configure the Azure DevOps integration with Snyk. For more details about setting up the GitHub integration, contact your Snyk account team.
+Review the following steps to configure the Azure DevOps integration with Snyk. For more details about setting up the integration, contact your Snyk account team.
## Generate an Azure DevOps PAT
@@ -34,7 +34,7 @@ Configure the Group-level integration by following these steps:
* If relevant, you can also include the Backstage catalog. See the [Backstage file for SCM integrations](https://app.gitbook.com/s/IEEjSXQQu36y0vmFV8zf/integrations/scm-integrations/application-context-for-scm-integrations#backstage-file-for-scm-integrations) page for more details.
{% hint style="info" %}
-After the integration is configured, the Group-level integration shifts to a **Partially connected** status. During the next synchronization, it will transition to the connected state, and the Inventory view will be filled with data from the GitHub source.
+After the integration is configured, the Group-level integration shifts to a **Partially connected** status. During the next synchronization, it transitions to the connected state, and the Inventory view fills with data from the Azure DevOps source.
{% endhint %}
## Configure the Organization-level integration
diff --git a/discover-snyk/getting-started/pilot-guide/access-and-deployment/configure-cloud-based-scm/bitbucket.md b/discover-snyk/getting-started/pilot-guide/access-and-deployment/configure-cloud-based-scm/bitbucket.md
index dfa7dbdc3386..8b8c04236dad 100644
--- a/discover-snyk/getting-started/pilot-guide/access-and-deployment/configure-cloud-based-scm/bitbucket.md
+++ b/discover-snyk/getting-started/pilot-guide/access-and-deployment/configure-cloud-based-scm/bitbucket.md
@@ -2,7 +2,7 @@
{% include "../../../../.gitbook/includes/pilot-guide-navigation.md" %}
-Review the steps below to configure the Bitbucket integration with Snyk. For more details about setting up the GitHub integration, contact your Snyk account team.\\
+Review the following steps to configure the Bitbucket integration with Snyk. For more details about setting up the integration, contact your Snyk account team.
## Generate a BitBucket PAT
@@ -35,7 +35,7 @@ Configure the Group-level integration by following these steps:
* If relevant, you can also include the Backstage catalog. See the [Backstage file for SCM integrations](https://app.gitbook.com/s/IEEjSXQQu36y0vmFV8zf/integrations/scm-integrations/application-context-for-scm-integrations#backstage-file-for-scm-integrations) page for more details.
{% hint style="info" %}
-After the integration is configured, the Group-level integration shifts to a **Partially connected** status. During the next synchronization, it will transition to the connected state, and the Inventory view will be filled with data from the GitHub source.
+After the integration is configured, the Group-level integration shifts to a **Partially connected** status. During the next synchronization, it transitions to the connected state, and the Inventory view fills with data from the Bitbucket source.
{% endhint %}
## Configure the Organization-level integration
diff --git a/discover-snyk/getting-started/pilot-guide/access-and-deployment/configure-cloud-based-scm/github.md b/discover-snyk/getting-started/pilot-guide/access-and-deployment/configure-cloud-based-scm/github.md
index b605cfa3444c..99a53c9d1ab2 100644
--- a/discover-snyk/getting-started/pilot-guide/access-and-deployment/configure-cloud-based-scm/github.md
+++ b/discover-snyk/getting-started/pilot-guide/access-and-deployment/configure-cloud-based-scm/github.md
@@ -2,7 +2,7 @@
{% include "../../../../.gitbook/includes/pilot-guide-navigation.md" %}
-Review the steps below to configure the GitHub integration with Snyk. For more details about setting up the GitHub integration, contact your Snyk account team.
+Review the following steps to configure the GitHub integration with Snyk. For more details about setting up the integration, contact your Snyk account team.
## Generate a GitHub PAT
@@ -32,7 +32,7 @@ Configure the Group-level integration by following these steps:
* Configure the integration and populate all mandatory fields, including the PAT details. For more details, see the [Integrate GitHub using Snyk Essentials](https://app.gitbook.com/s/IEEjSXQQu36y0vmFV8zf/integrations/scm-integrations/group-level-integrations/github-for-snyk-essentials#github-integrate-using-snyk-apprisk) page.
{% hint style="info" %}
-After the integration is configured, the Group-level integration shifts to a **Partially connected** status. During the next synchronization, it will transition to the connected state, and the Inventory view will be filled with data from the GitHub source.
+After the integration is configured, the Group-level integration shifts to a **Partially connected** status. During the next synchronization, it transitions to the connected state, and the Inventory view fills with data from the GitHub source.
{% endhint %}
## Configure the Organization-level integration
diff --git a/discover-snyk/getting-started/pilot-guide/access-and-deployment/configure-cloud-based-scm/gitlab.md b/discover-snyk/getting-started/pilot-guide/access-and-deployment/configure-cloud-based-scm/gitlab.md
index e60dfd6078b5..40cf976e5515 100644
--- a/discover-snyk/getting-started/pilot-guide/access-and-deployment/configure-cloud-based-scm/gitlab.md
+++ b/discover-snyk/getting-started/pilot-guide/access-and-deployment/configure-cloud-based-scm/gitlab.md
@@ -2,11 +2,11 @@
{% include "../../../../.gitbook/includes/pilot-guide-navigation.md" %}
-Review the steps below to configure the GitLab integration with Snyk. For more details about setting up the GitHub integration, contact your Snyk account team.
+Review the following steps to configure the GitLab integration with Snyk. For more details about setting up the integration, contact your Snyk account team.
## Generate a GitLab PAT
-Generate a GitHub PAT with the following permissions enabled:\\
+Generate a GitLab PAT with the following permissions enabled:\\
* `api`
* `read_api`
@@ -26,12 +26,12 @@ Configure the Group-level integration by following these steps:
-* Search and select the GitHub integration
+* Search and select the GitLab integration
* Configure the integration and populate all mandatory fields, including the PAT details. For more details, see the [Integrate GitLab using Snyk Essentials](https://app.gitbook.com/s/IEEjSXQQu36y0vmFV8zf/integrations/scm-integrations/group-level-integrations/gitlab-for-snyk-essentials#gitlab-integrate-using-snyk-apprisk) page.
* If relevant, you can also include the Backstage catalog. See the [Backstage file for SCM integrations](https://app.gitbook.com/s/IEEjSXQQu36y0vmFV8zf/integrations/scm-integrations/application-context-for-scm-integrations#backstage-file-for-scm-integrations) page for more details.
{% hint style="info" %}
-After the integration is configured, the Group-level integration shifts to a **Partially connected** status. During the next synchronization, it will transition to the connected state, and the Inventory view will be filled with data from the GitHub source.
+After the integration is configured, the Group-level integration shifts to a **Partially connected** status. During the next synchronization, it transitions to the connected state, and the Inventory view fills with data from the GitLab source.
{% endhint %}
## Configure the Organization-level integration
diff --git a/discover-snyk/getting-started/pilot-guide/access-and-deployment/import-repositories.md b/discover-snyk/getting-started/pilot-guide/access-and-deployment/import-repositories.md
index fb08aff4e9fa..0495358e743d 100644
--- a/discover-snyk/getting-started/pilot-guide/access-and-deployment/import-repositories.md
+++ b/discover-snyk/getting-started/pilot-guide/access-and-deployment/import-repositories.md
@@ -2,7 +2,7 @@
{% include "../../../.gitbook/includes/pilot-guide-navigation.md" %}
-After setting up your SCM integration, you are ready to import repositories to Snyk. If you have not imported any repos yet, click on the **Import projects** button to start.
+After setting up your SCM integration, you are ready to import repositories to Snyk. If you have not imported any repos yet, click **Import projects** to start.
* Open the Snyk Web UI
* Navigate to the Organization-level
diff --git a/discover-snyk/getting-started/pilot-guide/access-and-deployment/invite-team-members.md b/discover-snyk/getting-started/pilot-guide/access-and-deployment/invite-team-members.md
index 3bd005f71615..a710e60e4ea3 100644
--- a/discover-snyk/getting-started/pilot-guide/access-and-deployment/invite-team-members.md
+++ b/discover-snyk/getting-started/pilot-guide/access-and-deployment/invite-team-members.md
@@ -14,8 +14,8 @@ Invite members to the Organization you configured. Follow these steps to invite
* Add the emails of all team members in the text box
* Select their role from the dropdown menu.
* Select **Send invite**
-* New members will receive a welcome email from Snyk with a link to sign up and join your organization.
+* New members receive a welcome email from Snyk with a link to sign up and join your Organization.

-Alternatively, SSO can be configured as self-serve in the Group settings. More details on that can be found on the [Configure Self-Serve Single Sign-On (SSO)](https://app.gitbook.com/s/IgtgtomLQ2TUgSKOMSAm/user-management/single-sign-on-sso-for-authentication-to-snyk) page.
+Alternatively, you can configure SSO as self-serve in the Group settings. For more details, visit [Configure Self-Serve Single Sign-On (SSO)](https://app.gitbook.com/s/IgtgtomLQ2TUgSKOMSAm/user-management/single-sign-on-sso-for-authentication-to-snyk).
diff --git a/discover-snyk/getting-started/pilot-guide/access-and-deployment/provision-your-account.md b/discover-snyk/getting-started/pilot-guide/access-and-deployment/provision-your-account.md
index 6fa522ce9a32..56175413e4bb 100644
--- a/discover-snyk/getting-started/pilot-guide/access-and-deployment/provision-your-account.md
+++ b/discover-snyk/getting-started/pilot-guide/access-and-deployment/provision-your-account.md
@@ -4,4 +4,4 @@
Provide your Snyk account team with the email of the desired Snyk tenant admin.
-Your account team will provision your Snyk tenant, which you will be able to access after receiving a welcome email from Snyk. More details on this process can be found in the [Auto-provisioning guide](../../../implementation-and-setup/enterprise-setup/auto-provisioning-guide.md).
+Your account team provisions your Snyk tenant, which you can access after you receive a welcome email from Snyk. For more details on this process, visit the [Auto-provisioning guide](../../../implementation-and-setup/enterprise-setup/auto-provisioning-guide.md).
diff --git a/discover-snyk/getting-started/pilot-guide/access-and-deployment/set-up-snyk-essentials.md b/discover-snyk/getting-started/pilot-guide/access-and-deployment/set-up-snyk-essentials.md
index ef85ea66b1d5..010e61e84f7d 100644
--- a/discover-snyk/getting-started/pilot-guide/access-and-deployment/set-up-snyk-essentials.md
+++ b/discover-snyk/getting-started/pilot-guide/access-and-deployment/set-up-snyk-essentials.md
@@ -9,6 +9,6 @@
## Configuration steps
-Verify that Snyk Essentials is configured by navigating to the Group level > Integrations. If not set up yet, follow the in-product instructions for your SCM(s).
+Verify that Snyk Essentials is configured. Navigate to the Group level and select **Integrations**. If you have not set up Snyk Essentials yet, follow the in-product instructions for your SCMs.
diff --git a/discover-snyk/getting-started/pilot-guide/during-the-pilot/assign-a-lesson-in-snyk-learn.md b/discover-snyk/getting-started/pilot-guide/during-the-pilot/assign-a-lesson-in-snyk-learn.md
index 1c09f8925d5a..a37372a80b26 100644
--- a/discover-snyk/getting-started/pilot-guide/during-the-pilot/assign-a-lesson-in-snyk-learn.md
+++ b/discover-snyk/getting-started/pilot-guide/during-the-pilot/assign-a-lesson-in-snyk-learn.md
@@ -4,15 +4,15 @@
The Snyk platform includes access to Snyk Learn, the Snyk security education platform. With resources on Snyk Learn, developers can learn how to stay secure through interactive lessons that explore vulnerabilities across various languages and ecosystems.
-Throughout the platform, such as in the IDE extensions, PR checks, and Web UI, Snyk links out to relevant lessons in Snyk Learn that help the developer fix that vulnerability. These lessons can also be accessed directly at [learn.snyk.io](http://learn.snyk.io).
+Throughout the platform, such as in the IDE extensions, PR checks, and Web UI, Snyk links out to relevant lessons in Snyk Learn that help the developer fix that vulnerability. You can also access these lessons directly at [learn.snyk.io](http://learn.snyk.io).
Start by navigating to [Snyk Learn](http://learn.snyk.io) and browsing the set of available lessons.
You can then filter by category to see lessons related to your programming language or topic of interest.
-Choose a lesson that interests you and complete it. You will see progress of the lesson on the right of the page and confirmation after the lesson has been completed.
+Choose a lesson that interests you and complete it. Snyk shows the progress of the lesson and confirms when you complete the lesson.
-Next, review all of your completed and in-progress lessons by clicking on “Learning progress”.
+Next, review all of your completed and in-progress lessons by selecting **Learning progress**.
Admins in Snyk can also review progress for the entire Organization by accessing the Reports.
diff --git a/discover-snyk/getting-started/pilot-guide/during-the-pilot/fix-a-vulnerability.md b/discover-snyk/getting-started/pilot-guide/during-the-pilot/fix-a-vulnerability.md
index efdcccb82dc1..2ac6d2f54c1d 100644
--- a/discover-snyk/getting-started/pilot-guide/during-the-pilot/fix-a-vulnerability.md
+++ b/discover-snyk/getting-started/pilot-guide/during-the-pilot/fix-a-vulnerability.md
@@ -2,7 +2,7 @@
{% include "../../../.gitbook/includes/pilot-guide-navigation.md" %}
-Vulnerabilities can be fixed from multiple integration points in Snyk. This guide reviews how to fix vulnerabilities in the IDE and the Web UI.
+You can fix vulnerabilities from multiple integration points in Snyk. This guide reviews how to fix vulnerabilities in the IDE and the Web UI.
## Fix issues using the IDE
@@ -20,11 +20,11 @@ For Snyk Code issues, you can view fix examples. If available, you can automatic
With Snyk Agent Fix, click **Generate AI fix** to generate up to five example fixes you can review and apply. After you apply the fix and rescan, Snyk resolves the vulnerability.
-From the Web UI, any vulnerability that can be fixed with a Snyk-generated PR has a “Fix this vulnerability” button, which can be used to initiate a fix.
+From the Web UI, any vulnerability that Snyk can fix with a generated PR has a **Fix this vulnerability** button to initiate a fix.
-After confirming the fix-PR, Snyk opens a PR, which can be reviewed, approved, and merged to resolve the vulnerability.
+After you confirm the fix-PR, Snyk opens a PR that you can review, approve, and merge to resolve the vulnerability.
-Not all languages support fix-PRs, but fix data is still available. For language-specific details and support, please review the [Supported languages, package managers, and frameworks](../../../supported-languages/supported-languages-package-managers-and-frameworks.md) page.
+Not all languages support fix-PRs, but fix data is still available. For language-specific details and support, review the [Supported languages, package managers, and frameworks](../../../supported-languages/supported-languages-package-managers-and-frameworks.md) page.
{% hint style="info" %}
Additional Resources
diff --git a/discover-snyk/getting-started/pilot-guide/during-the-pilot/local-scanning-with-the-ide.md b/discover-snyk/getting-started/pilot-guide/during-the-pilot/local-scanning-with-the-ide.md
index 17e8559a834f..d4c924648e0d 100644
--- a/discover-snyk/getting-started/pilot-guide/during-the-pilot/local-scanning-with-the-ide.md
+++ b/discover-snyk/getting-started/pilot-guide/during-the-pilot/local-scanning-with-the-ide.md
@@ -4,7 +4,7 @@
## Configure the Snyk IDE
-To start scanning code in the IDE, navigate to your IDE plugin or extension marketplace and search for Snyk. This guide focuses on VS Code, but the [other supported IDEs](https://app.gitbook.com/s/IEEjSXQQu36y0vmFV8zf/integrations/snyk-ide-plugins-and-extensions) follow a very similar setup flow.
+To start scanning code in the IDE, navigate to your IDE plugin or extension marketplace and search for Snyk. This guide focuses on VS Code, but the [other supported IDEs](https://app.gitbook.com/s/IEEjSXQQu36y0vmFV8zf/integrations/snyk-ide-plugins-and-extensions) follow a similar setup flow.
* Open VS Code, Extensions and search for Snyk.
* Install the Snyk extension.
@@ -15,7 +15,7 @@ To start scanning code in the IDE, navigate to your IDE plugin or extension mark
-* After being redirected to Snyk, you can click **Grant app access**. This authenticates your Snyk IDE extension.
+* After Snyk redirects you, click **Grant app access**. This authenticates your Snyk IDE extension.
@@ -31,13 +31,13 @@ You can see the results are broken out by scan type. All the Open Source issues
### Filter issues
-Issues can be filtered in a number of ways to tune what gets presented to you while coding. Two of the most common settings to adjust are **Severity** and **Total vs. new**.
+You can filter issues in a number of ways to tune what Snyk presents to you while coding. Two of the most common settings to adjust are **Severity** and **Total vs. new**.
To adjust which severity is shown, navigate to the **Severity** section in the extension settings.
-You can also change from looking at the total set of issues in the codebase to just new issues. This method scans the main branch and the version that the developer is working on, then reports only the new vulnerabilities. This mode can be easily toggled at the top of the extension menu.
+You can also change from looking at the total set of issues in the codebase to new issues only. This method scans the main branch and the version that the developer is working on, then reports only the new vulnerabilities. You can toggle this mode at the top of the extension menu.
@@ -45,11 +45,11 @@ This option helps developers avoid introducing new vulnerabilities without getti
### Check the vulnerabilities
-The results for each scan type and vulnerability type vary, but expect to see inline feedback as well as a more detailed window that can be accessed by clicking on the vulnerability.
+The results for each scan type and vulnerability type vary, but expect to see inline feedback as well as a more detailed window that you can open by clicking the vulnerability.
-For Snyk Code issues, you can see the Fix Analysis, Data Flow, and an Issue Overview. You can also click “Learn about this issue type” which brings you to a more detailed lesson in Snyk’s developer education platform, [Snyk Learn](https://learn.snyk.io/).
+For Snyk Code issues, you can see the Fix Analysis, Data Flow, and an Issue Overview. You can also click **Learn about this issue type**, which brings you to a more detailed lesson in the Snyk developer education platform, [Snyk Learn](https://learn.snyk.io/).
diff --git a/discover-snyk/getting-started/pilot-guide/during-the-pilot/review-reporting.md b/discover-snyk/getting-started/pilot-guide/during-the-pilot/review-reporting.md
index 3b80c3098aac..6bd1580ec482 100644
--- a/discover-snyk/getting-started/pilot-guide/during-the-pilot/review-reporting.md
+++ b/discover-snyk/getting-started/pilot-guide/during-the-pilot/review-reporting.md
@@ -8,25 +8,25 @@ The Snyk platform has a variety of [available reports](https://app.gitbook.com/s
## Issues Detail
-The Issues Detail report displays all known issues in all of your Projects that Snyk is monitoring. It is a great place to review and prioritize issues across all of your repositories.
+The Issues Detail report displays all known issues in all of your Projects that Snyk is monitoring. Use it to review and prioritize issues across all of your repositories.
-Applying filters such as fixability, exploit maturity, asset class, and severity are a great way to focus on the most important issues that affect your Organization.
+Apply filters such as fixability, exploit maturity, asset class, and severity to focus on the most important issues that affect your Organization.
## SLA Management
-The SLA Management report allows you to stay on top of any SLAs your company is required to adhere to. The SLA time can be adjusted for each severity and then saved as a new view to monitor in the future.
+The SLA Management report lets you stay on top of any SLAs your company must adhere to. You can adjust the SLA time for each severity and then save it as a new view to monitor in the future.
## Analytics
[Analytics](https://app.gitbook.com/s/BJO0IZx7zB6bOkotxQP2/prevent/analytics) can be accessed at the Group or Organization level. This view breaks down the total issue count into baseline, preventable, and non-preventable issues. The most important thing to know is that:
* Baseline issues are the issues identified during the first import of the repository.
-* Preventable issues are known issues that could have been identified earlier on in the SDLC. In other words, the issue could have been caught by a Snyk PR check.
-* Non-preventable issues are the result of an external factor, such as a new vulnerability being published or a new security rule being created, in contrast to developers not shifting left. for example, a new zero-day vulnerability is identified.
+* Preventable issues are known issues that Snyk could have identified earlier in the SDLC. That is, a Snyk PR check could have caught the issue.
+* Non-preventable issues are the result of an external factor, such as a new vulnerability being published or a new security rule being created, in contrast to developers not shifting left. For example, Snyk identifies a new zero-day vulnerability.
-This is a small taste of what reporting has to offer. Check out more of the Snyk reports, available at both the Organization and Group levels by clicking “Change Report”:\
+This is a small taste of what reporting has to offer. To see more of the Snyk reports, available at both the Organization and Group levels, click **Change Report**:\

{% hint style="info" %}
diff --git a/discover-snyk/getting-started/pilot-guide/during-the-pilot/review-scan-coverage.md b/discover-snyk/getting-started/pilot-guide/during-the-pilot/review-scan-coverage.md
index 993ed233a5c9..8bb2688a53f5 100644
--- a/discover-snyk/getting-started/pilot-guide/during-the-pilot/review-scan-coverage.md
+++ b/discover-snyk/getting-started/pilot-guide/during-the-pilot/review-scan-coverage.md
@@ -18,13 +18,13 @@ The **All Assets** page shows a complete list of all repositories, including the
-Click on the 'Not tested' section of the first pie chart on the overview page, or use coverage filters on the 'All Assets' page to view all repositories that the selected Snyk product has not tested.
+Click the 'Not tested' section of the first pie chart on the overview page, or use coverage filters on the 'All Assets' page to view all repositories that the selected Snyk product has not tested.
-## Classifying Assets
+## Classifying assets
-The Class column is available for each repository. This class is meant to reflect the business criticality of the asset from A (most critical) to D (least critical). Try setting a few of your most important repos manually to Class A. This attribute can be used in reporting to help focus on issues from your company’s most important repositories.
+The Class column is available for each repository. This class reflects the business criticality of the asset from A (most critical) to D (least critical). Try setting a few of your most important repos manually to Class A. You can use this attribute in reporting to help focus on issues from your company’s most important repositories.
\\
@@ -34,7 +34,7 @@ In the following example, the policy filters on all repositories where there is
-The asset class is a great way to filter on the most critical repositories in your organization, and help take a risk-based approach to prioritization by accounting for business impact. The asset class can be used when reviewing scan coverage and in all available Snyk reports.
+The asset class lets you filter on the most critical repositories in your organization and helps you take a risk-based approach to prioritization by accounting for business impact. You can use the asset class when reviewing scan coverage and in all available Snyk reports.
{% hint style="info" %}
Additional Resources
diff --git a/discover-snyk/getting-started/pilot-guide/during-the-pilot/test-pr-checks.md b/discover-snyk/getting-started/pilot-guide/during-the-pilot/test-pr-checks.md
index bf3405fe880d..b7e8d1aba726 100644
--- a/discover-snyk/getting-started/pilot-guide/during-the-pilot/test-pr-checks.md
+++ b/discover-snyk/getting-started/pilot-guide/during-the-pilot/test-pr-checks.md
@@ -25,7 +25,7 @@ Follow these steps to enable the PR Checks feature:
## Use PR Checks
-After PR Checks are enabled, you will begin to see new PRs decorated with three additional Snyk checks:
+After you enable PR Checks, you see new PRs decorated with three additional Snyk checks:
* code/snyk: Snyk Code vulnerabilities
* license/snyk: Open Source license issues
@@ -33,13 +33,13 @@ After PR Checks are enabled, you will begin to see new PRs decorated with three
-Try introducing a vulnerability in the PR so that you can walk through a scenario where a check fails. From the PR, clicking on the details of any failed check presents the list of issues that have been introduced in the PR.
+Try introducing a vulnerability in the PR so that you can walk through a scenario where a check fails. From the PR, click the details of any failed check to see the list of issues introduced in the PR.
Click into the full details of the issue to better understand the vulnerability and get remediation advice. In the situation where you need to force the check to pass, either to get a hotfix out or if you accept the risk, you can click **Mark as successful in SCM**. This button is only available to Org Admins. For Org Collaborators, this option is grayed out. See the [User role management](https://app.gitbook.com/s/IgtgtomLQ2TUgSKOMSAm/user-management/user-role-management) page for more details.
-With inline comments enabled, you will see comments added for each Snyk Code vulnerability identified.
+With inline comments enabled, you see comments added for each Snyk Code vulnerability identified.
diff --git a/discover-snyk/getting-started/snyk-2.0-platform-improvements.md b/discover-snyk/getting-started/snyk-2.0-platform-improvements.md
index 98445f1bc3e2..25758c622374 100644
--- a/discover-snyk/getting-started/snyk-2.0-platform-improvements.md
+++ b/discover-snyk/getting-started/snyk-2.0-platform-improvements.md
@@ -2,7 +2,7 @@
## What is Snyk 2.0?
-Snyk 2.0 is a series of platform improvements rolling out gradually from April 2026 throughout the year to address navigation complexity, asset visibility, and triage inefficiency. As Snyk completes each component, users will gradually see Snyk platform interface updates. During the transition period, users can toggle between the new and classic interfaces.
+Snyk 2.0 is a series of platform improvements rolling out gradually from April 2026 throughout the year to address navigation complexity, asset visibility, and triage inefficiency. As Snyk completes each component, you gradually see Snyk platform interface updates. During the transition period, you can toggle between the new and classic interfaces.
| Improvement | Description | Availability |
| ---------------- | ---------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------------------- |
@@ -10,7 +10,7 @@ Snyk 2.0 is a series of platform improvements rolling out gradually from April 2
| Dark mode | Full dark mode across the platform. | In development |
| Asset management | View all repositories, containers, configurations, and AI models in a single inventory. | In development |
| Issue triage |
Snyk prioritizes issues based on exploitability, reachability, and business impact.
Use bulk actions to fix similar issues across Snyk Projects.
| In development |
-| Day2Operations | Snyk 2.0 rduces operational friction between finding a vulnerability and acting on it, through grouped navigation, issue deduplication, and bulk triage actions. | In development |
+| Day2Operations | Snyk 2.0 reduces operational friction between finding a vulnerability and acting on it, through grouped navigation, issue deduplication, and bulk triage actions. | In development |
## What is Snyk 2.0 trying to solve?
diff --git a/discover-snyk/getting-started/snyk-release-process.md b/discover-snyk/getting-started/snyk-release-process.md
index 1dc2c29f9b61..45d5f352a190 100644
--- a/discover-snyk/getting-started/snyk-release-process.md
+++ b/discover-snyk/getting-started/snyk-release-process.md
@@ -40,7 +40,7 @@ Brownouts occur when Snyk temporarily suspends an API endpoint or a feature, mak
### Deprecated features
-Deprecated features are outdated and will be removed in the future. The documentation page will announce the transition of a feature to Deprecated six months before its start date.
+Deprecated features are outdated and Snyk removes them in the future. The documentation page announces the transition of a feature to Deprecated six months before its start date.
* Snyk Code Quality is deprecated.
* Snyk Code Local Engine is deprecated.
@@ -73,9 +73,9 @@ Deprecated features are outdated and will be removed in the future. The document
### End of support features
-When a feature transitions to end-of-support, both development and support work are terminated.
+When a feature transitions to end-of-support, Snyk terminates both development and support work.
-The documentation page will announce the transition of a feature to End of Support six months before its start date.
+The documentation page announces the transition of a feature to End of Support six months before its start date.
### End of Life features
diff --git a/discover-snyk/implementation-and-setup/enterprise-implementation-guide/README.md b/discover-snyk/implementation-and-setup/enterprise-implementation-guide/README.md
index 9111edba7b52..20acfa3cceaf 100644
--- a/discover-snyk/implementation-and-setup/enterprise-implementation-guide/README.md
+++ b/discover-snyk/implementation-and-setup/enterprise-implementation-guide/README.md
@@ -1,6 +1,6 @@
# Enterprise implementation guide
-Rolling out a developer security platform across a large organization requires a consistent, repeatable approach to account configuration. In this guide, you will learn how to streamline your enterprise rollout in Snyk by creating a dedicated template Organization and altering settings for each individual Organization created from that original template.
+Rolling out a developer security platform across a large organization requires a consistent, repeatable approach to account configuration. This guide shows you how to streamline your enterprise rollout in Snyk by creating a dedicated template Organization and altering settings for each individual Organization created from that original template.
To have a successful Snyk rollout, you need to:
@@ -18,7 +18,7 @@ To have a successful Snyk rollout, you need to:
6. [Initial team rollout](initial-team-rollout.md).
7. [Automate prevention measures](automate-prevention-measures.md).
-By the end of this guide, you will have successfully configured a baseline template Org, used it to easily copy your global settings and integrations to provision new Organizations, and learned how to customize individual settings in those new environments to support specific team workflows.
+By the end of this guide, you will have configured a baseline template Org, used it to copy your global settings and integrations to provision new Organizations, and learned how to customize individual settings in those new environments to support specific team workflows.
{% hint style="info" %}
To understand how AI is used at Snyk and how this may affect your implementation decisions, visit [AI Data and Governance](https://app.gitbook.com/o/-M4tdxG8qotLgGZnLpFR/s/ELvljsaLKPkSpffOkmsQ/how-snyk-incorporates-generative-ai-into-the-platform).
@@ -102,13 +102,13 @@ Depending on your tech stack and workflows, you can choose from three primary im
* Snyk CLI for granular control within your CI/CD pipelines
* Snyk API for large-scale programmatic automation
-Once you import your Projects, you can apply specific tags and attributes to easily categorize, filter, and generate targeted reports across your entire portfolio.
+After you import your Projects, you can apply specific tags and attributes to categorize, filter, and generate targeted reports across your entire portfolio.
To learn more, visit [Gain visibility by importing repositories](phase-3-gain-visibility/).
## Initial team rollout
-Successfully rolling out Snyk to your development team requires clear communication, targeted education, and seamless workflow integration.
+Successfully rolling out Snyk to your development team requires clear communication, targeted education, and smooth workflow integration.
Start by using customizable templates to announce the launch, tailoring your messaging and feature rollout to match your team's comfort level with security automation.
diff --git a/discover-snyk/implementation-and-setup/enterprise-implementation-guide/automate-prevention-measures.md b/discover-snyk/implementation-and-setup/enterprise-implementation-guide/automate-prevention-measures.md
index dee1ebe56ff8..6da7447833db 100644
--- a/discover-snyk/implementation-and-setup/enterprise-implementation-guide/automate-prevention-measures.md
+++ b/discover-snyk/implementation-and-setup/enterprise-implementation-guide/automate-prevention-measures.md
@@ -1,6 +1,6 @@
# Automate prevention measures
-Once you have visibility into your existing security posture, implement prevention and gating systems to stop new vulnerabilities from entering your applications. By automating these checks, you empower developers to take responsibility for the security of their specific changes without manually triaging every issue.
+After you have visibility into your existing security posture, implement prevention and gating systems to stop new vulnerabilities from entering your applications. By automating these checks, you empower developers to take responsibility for the security of their specific changes without manually triaging every issue.
Implementing prevention measures involves the following key stages:
@@ -19,13 +19,13 @@ Implementing prevention measures involves the following key stages:
You can prevent new issues using two main functions:
-* **PR/MR checks**: Available for Snyk Open Source and Snyk Code. These test code changes are immediately upon submission.
+* **PR/MR checks**: Available for Snyk Open Source and Snyk Code. These test code changes immediately upon submission.
* **CI/CD pipelines**: Integrate Snyk into your build pipeline to gate Open Source, Code, IaC, and Container vulnerabilities.
## Establish exception processes
{% hint style="success" %}
-**Key decision**: Define who can override security gates. Clear authority prevents development bottlenecks during urgent releases.:
+**Key decision**: Define who can override security gates. Clear authority prevents development bottlenecks during urgent releases.
{% endhint %}
Ensure teams understand how to address blocked PRs or failed builds:
@@ -52,7 +52,7 @@ PR checks prevent issues from entering the codebase.
Adding Snyk to your pipeline acts as a gatekeeper:
-* **No import is required**: Unlike PR checks, pipeline tests do not require repositories to be imported via SCM integration.
+* **No import is required**: Unlike PR checks, pipeline tests do not require repositories to be imported through SCM integration.
* **Use CLI tools**: Use `snyk-delta` to identify only the new vulnerabilities introduced in a specific build.
## Secure custom images and IaC
diff --git a/discover-snyk/implementation-and-setup/enterprise-implementation-guide/configure-group-settings-and-policies/README.md b/discover-snyk/implementation-and-setup/enterprise-implementation-guide/configure-group-settings-and-policies/README.md
index 110bf08c25ee..35dbee06ee25 100644
--- a/discover-snyk/implementation-and-setup/enterprise-implementation-guide/configure-group-settings-and-policies/README.md
+++ b/discover-snyk/implementation-and-setup/enterprise-implementation-guide/configure-group-settings-and-policies/README.md
@@ -1,6 +1,6 @@
# Configure Group settings and policies
-This page is designed to help you plan your Snyk account structure and policies at Group-level to ensure efficient asset management, precise access control, and accurate reporting.
+This page helps you plan your Snyk account structure and policies at Group level to ensure efficient asset management, precise access control, and accurate reporting.
## Confirm points of contact
@@ -37,7 +37,7 @@ To identify priority applications, categorize them based on:
* Define who can provision users and grant Snyk access to external platforms, such as Git repositories.
{% endhint %}
-Snyk uses a hierarchical structure to manage all assets and security policies. This section will help you map your business to the Snyk architecture.
+Snyk uses a hierarchical structure to manage all assets and security policies. This section helps you map your business to the Snyk architecture.
* **Understanding the hierarchy:** Learn the purpose of the Tenant, Group, Organization, and Project levels.
* **Group structure:** Decide how many top-level Group accounts your company requires.
@@ -46,7 +46,7 @@ To learn more, visit [Structure your account](structure-your-account.md).
## Authentication and access: set up SSO
-Implement Single Sign-On (SSO) at the Group level before rolling Snyk out to your organization. While pilot teams often start with personal authentication, transitioning to SSO is required for broad adoption, consistent login access, and centralized control.
+Implement Single Sign-On (SSO) at the Group level before rolling Snyk out to your organization. While pilot teams often start with personal authentication, you must transition to SSO for broad adoption, consistent login access, and centralized control.
Choose a provisioning strategy that defines the user experience and access level for new users.
@@ -88,7 +88,7 @@ To learn more, visit [Authentication and access.](authentication-and-access.md)
* Decide how to automate the governance, tracking, and remediation workflows for your assets to ensure continuous security visibility and compliance
{% endhint %}
-Policies allow you to automate business context, compliance checks, and notification workflows.
+Policies let you automate business context, compliance checks, and notification workflows.
* **License policies:** Decide which specific license types to explicitly allow or disallow to match your specific legal and compliance requirements.
* **License severity:** Understand and configure how Snyk assigns High or Medium severity to problematic commercial licenses.
diff --git a/discover-snyk/implementation-and-setup/enterprise-implementation-guide/configure-group-settings-and-policies/authentication-and-access.md b/discover-snyk/implementation-and-setup/enterprise-implementation-guide/configure-group-settings-and-policies/authentication-and-access.md
index 133e51cc1ee0..98cc1c668626 100644
--- a/discover-snyk/implementation-and-setup/enterprise-implementation-guide/configure-group-settings-and-policies/authentication-and-access.md
+++ b/discover-snyk/implementation-and-setup/enterprise-implementation-guide/configure-group-settings-and-policies/authentication-and-access.md
@@ -46,7 +46,7 @@ Custom mapping requires Snyk professional services. Contact your account team fo
**Key decision**: Determine if you need to pre-allocate users to specific Organizations and roles before their first login to prevent broad default access.
{% endhint %}
-If you need to define specific permissions before users first log in, use the Snyk API. This allows you to:
+If you need to define specific permissions before users first log in, use the Snyk API. This lets you:
* Assign a specific role to each user.
* Grant access to specific Organizations automatically.
@@ -70,7 +70,7 @@ The Tenant is the highest level of the Snyk hierarchy, and it encompasses all Gr
* **Tenant Admin:** Can manage users across the entire Tenant, assign roles, and remove members.
* **Tenant Viewer:** Provides read-only access to Tenant-level features like Snyk Analytics.
-* **Tenant Member**: Allows access to the Tenant level but requires specific Group or Organization permissions to take action.
+* **Tenant Member**: Provides access to the Tenant level but requires specific Group or Organization permissions to take action.
{% hint style="info" %}
Features like Snyk Analytics are available only on Enterprise plans. You can switch between Tenants by selecting the Tenant name in the navigation menu.
@@ -89,7 +89,7 @@ Pre-defined roles at these levels have fixed permissions that cannot be modified
**Group-level roles**
* **Group Admin**: Provides full permissions at the Group and Organization levels. Assign this role to Snyk administrators.
-* **Group Member**: Allows access to the Group but requires specific Organization-level permissions to interact with Projects.
+* **Group Member**: Provides access to the Group but requires specific Organization-level permissions to interact with Projects.
* **Group Viewer**: Provides read-only access to the Group level. Use this to audit Group settings without making changes.
{% endstep %}
{% endstepper %}
diff --git a/discover-snyk/implementation-and-setup/enterprise-implementation-guide/configure-group-settings-and-policies/define-policies.md b/discover-snyk/implementation-and-setup/enterprise-implementation-guide/configure-group-settings-and-policies/define-policies.md
index 0bfd5e4a5ec4..4ebbc416d54a 100644
--- a/discover-snyk/implementation-and-setup/enterprise-implementation-guide/configure-group-settings-and-policies/define-policies.md
+++ b/discover-snyk/implementation-and-setup/enterprise-implementation-guide/configure-group-settings-and-policies/define-policies.md
@@ -1,6 +1,6 @@
# Define policies
-Policies define how Snyk behaves when identifying issues. Policies give you a quick and automated way to identify, prioritize, and triage issues. This saves valuable development time and allows developers to take more responsibility and ownership for security, reducing the “noise” level.
+Policies define how Snyk behaves when identifying issues. Policies give you an automated way to identify, prioritize, and triage issues. This saves development time and lets developers take more responsibility and ownership for security, reducing the “noise” level.
## Security policies
@@ -8,10 +8,10 @@ Policies define how Snyk behaves when identifying issues. Policies give you a qu
**Key decision:** Decide which conditions automatically increase or decrease the priority or severity of an issue to match your risk appetite, and which specific issues or types of issues are automatically ignored to reduce "noise" and save development time.
{% endhint %}
-Group administrators can define security policies, thus providing an automated way to identify certain issues or types of issues, and apply actions like changing the severity or ignoring the issue based on your conditions.
+Group administrators can define security policies, providing an automated way to identify certain issues or types of issues, and apply actions like changing the severity or ignoring the issue based on your conditions.
* Configure policies to increase priority or decrease it as needed.
-* Create ignores where needed
+* Create ignores where needed.
## License policies
@@ -24,14 +24,14 @@ Group administrators can set license policies to define Snyk behavior for treati
By default, Snyk determines the severity of licenses as follows:
* **High severity**: licenses that definitely present issues for commercial software.
-* **Medium severity**: licenses that have clauses that may be of concern and should be reviewed.
+* **Medium severity**: licenses that have clauses that may be of concern and that you should review.
Configure policies to match your requirements.
## Asset policies
{% hint style="success" %}
-**Key decision:** Decide how to automate the governance, tracking, and remediation workflows for your assets to ensure continuous security visibility and compliance
+**Key decision:** Decide how to automate the governance, tracking, and remediation workflows for your assets to ensure continuous security visibility and compliance.
{% endhint %}
Asset policies in Snyk Essentials automate business context and notification workflows. Use policies to identify coverage gaps and manage assets at scale.
@@ -42,7 +42,7 @@ Asset policies in Snyk Essentials automate business context and notification wor
A policy consists of the following elements:
-* Filters: Define criteria (for example tags or asset names) to group specific assets.
+* Filters: Define criteria (for example, tags or asset names) to group specific assets.
* Actions: Define what happens to filtered assets, for example, assigning a classification or sending a Slack notification.
### Key filter types
diff --git a/discover-snyk/implementation-and-setup/enterprise-implementation-guide/create-a-template-organization/README.md b/discover-snyk/implementation-and-setup/enterprise-implementation-guide/create-a-template-organization/README.md
index 08cda11c3cb8..34f1f8a16af3 100644
--- a/discover-snyk/implementation-and-setup/enterprise-implementation-guide/create-a-template-organization/README.md
+++ b/discover-snyk/implementation-and-setup/enterprise-implementation-guide/create-a-template-organization/README.md
@@ -1,6 +1,6 @@
# Create a template Organization
-This guide section is designed to help you plan your Snyk account structure at the Organization-level to ensure efficient asset management, precise access control, and accurate reporting. This Organization will be the template you copy to create additional Organizations from which have standards settings for all your Orgs.
+This guide section helps you plan your Snyk account structure at the Organization level to ensure efficient asset management, precise access control, and accurate reporting. This Organization is the template you copy to create additional Organizations that have standard settings for all your Orgs.
{% embed url="https://res.cloudinary.com/snyk/video/upload/v1775661970/4._Creating_your_Template_Organization_vf1x0b.mp4" %}
Create a template Organization video guide
@@ -17,7 +17,7 @@ Below is an outline of the key topics and decisions covered in this guide.
* Define who can provision users and grant Snyk access to external platforms, such as Git repositories.
{% endhint %}
-Snyk uses a hierarchical structure to manage all assets and security policies. This section will help you map your business to the Snyk architecture.
+Snyk uses a hierarchical structure to manage all assets and security policies. This section helps you map your business to the Snyk architecture.
* **Organization structure:** Determine if your Organization structure should be team-based, product-based, or SCM organization-based to best support your policy and access needs.
@@ -47,9 +47,9 @@ To learn more, visit [Authentication and access](authentication-and-access.md).
* **Architecture and connectivity:** Select your primary SCM platform and identify where your production container registries (for example, Docker Hub, Amazon ECR) reside. Determine if you need to deploy Snyk Broker (using Docker or Kubernetes) to securely bypass firewalls, segment network traffic, or if you require custom proxy/CA configurations.
* **Authentication and access management:** Commit to using dedicated, least-privilege service accounts rather than personal tokens (OAuth/PAT) to guarantee stable connections. Decide whether to use broad, centralized Group-level credentials for global asset discovery or require unique tokens at the Organization level. Verify you have the correct administrative roles to manage this inventory.
-* **Developer workflow & remediation:** Define your PR check behaviors and automated fix strategies to match specific team workflows. Establish a monitoring frequency that provides adequate security visibility without overwhelming your developers' capacity to remediate.
-* **Snyk Code enablement:** Decide whether to roll out Snyk Code globally or phase it in for high-priority teams. It's crucial to enable Snyk Code before importing your first Projects. If managing at a massive scale, plan to use the Snyk API rather than the UI for this step.
+* **Developer workflow and remediation:** Define your PR check behaviors and automated fix strategies to match specific team workflows. Establish a monitoring frequency that provides adequate security visibility without overwhelming your developers' capacity to remediate.
+* **Snyk Code enablement:** Decide whether to roll out Snyk Code globally or phase it in for high-priority teams. Enable Snyk Code before importing your first Projects. If managing at a massive scale, plan to use the Snyk API rather than the UI for this step.
* **Project import strategy:** Choose the import method that provides the best dependency resolution for your specific programming languages to ensure accurate scanning.
{% endhint %}
-By configuring your core tools, source control integrations, and default security behaviors now, you establish a standardized baseline that can be easily cloned: either manually or using the API, across your entire business.
+By configuring your core tools, source control integrations, and default security behaviors now, you establish a standardized baseline that you can clone, either manually or using the API, across your entire business.
diff --git a/discover-snyk/implementation-and-setup/enterprise-implementation-guide/create-a-template-organization/authentication-and-access.md b/discover-snyk/implementation-and-setup/enterprise-implementation-guide/create-a-template-organization/authentication-and-access.md
index af066be92002..b63f98466dba 100644
--- a/discover-snyk/implementation-and-setup/enterprise-implementation-guide/create-a-template-organization/authentication-and-access.md
+++ b/discover-snyk/implementation-and-setup/enterprise-implementation-guide/create-a-template-organization/authentication-and-access.md
@@ -12,7 +12,7 @@ Determine if Snyk pre-defined roles meet your requirements or if you must create
Pre-defined roles at these levels have fixed permissions that cannot be modified.
-* **Organization Admin**: Allows users to add or delete Projects, override Snyk checks, and provision users. Assign this role to Team Leads.
+* **Organization Admin**: Lets users add or delete Projects, override Snyk checks, and provision users. Assign this role to Team Leads.
* **Organization Collaborator**: Grants standard developer access. Use this for small teams or a developer-first rollout.
## Align roles with your Organization structure
diff --git a/discover-snyk/implementation-and-setup/enterprise-implementation-guide/create-a-template-organization/connect-your-development-tools.md b/discover-snyk/implementation-and-setup/enterprise-implementation-guide/create-a-template-organization/connect-your-development-tools.md
index 9f76ee15e69d..24c254fff670 100644
--- a/discover-snyk/implementation-and-setup/enterprise-implementation-guide/create-a-template-organization/connect-your-development-tools.md
+++ b/discover-snyk/implementation-and-setup/enterprise-implementation-guide/create-a-template-organization/connect-your-development-tools.md
@@ -1,8 +1,8 @@
# Connect your development tools
-To roll out Snyk efficiently at scale, your first major milestone is configuring a Template Organization. Rather than setting up every new team from scratch, this template acts as your master blueprint. By configuring your core tools, source control integrations, and default security behaviors here first, you establish a standardized baseline that can be easily cloned, either manually or using the API, across your entire business.
+To roll out Snyk efficiently at scale, your first major milestone is configuring a Template Organization. Rather than setting up every new team from scratch, this template acts as your master blueprint. By configuring your core tools, source control integrations, and default security behaviors here first, you establish a standardized baseline that you can clone, either manually or using the API, across your entire business.
-As you work through this page, you will:
+As you work through this page, you complete these tasks:
1. [Configure SCM integrations for Groups.](connect-your-development-tools.md#configure-scm-integrations-for-groups)
2. [Configure SCM integrations for Organizations.](connect-your-development-tools.md#configure-scm-integrations-for-organizations)
@@ -26,7 +26,7 @@ The following table outlines the difference between these two implementation lev
### Configure SCM integrations for Groups
-Configure your Source Control Manager (SCM) at the Group level to centralize authentication. This allows Snyk to access your repositories across multiple Organizations without requiring individual configuration for each one.
+Configure your Source Control Manager (SCM) at the Group level to centralize authentication. This lets Snyk access your repositories across multiple Organizations without requiring individual configuration for each one.
{% embed url="https://res.cloudinary.com/snyk/video/upload/v1775661962/3._Group-Level_Repository_Discovery_jvicn7.mp4" %}
Group level repository discovery video guide
@@ -69,7 +69,7 @@ Your integration approach should match the structure you selected during the pla
* **SCM organization-based structure**: If you have 10+ SCM organizations and are using the `snyk-api-import` tool, ensure your Group-level integration has the scope to access all relevant repositories.
* **Team-based structure**: Use Group-level authentication to ensure consistency across different developer teams while maintaining isolated Organizations.
-* **Product-based structure**: Centralizing at the Group level allows developers to seamlessly access Projects across multiple product Organizations.
+* **Product-based structure**: Centralizing at the Group level lets developers access Projects across multiple product Organizations.
| Structure type | Integration strategy |
| ----------------- | --------------------------------------------------------------------------- |
@@ -95,7 +95,7 @@ If you are using multiple SCMs, Snyk recommends using separate Organizations for
**Key decision:** Determine if this specific Organization requires a unique access token or a different service account than the one used at the Group level.
{% endhint %}
-Unlike Group-level setup, Organization-level integrations allow you to:
+Unlike Group-level setup, Organization-level integrations let you:
* **Isolate access:** Use a unique Personal Access Token (PAT) or OAuth connection that only has access to a specific team's repositories.
* **Override Group defaults:** If a specific business unit uses a different SCM instance (for example, a separate GitHub Org or GitLab Group), you can configure it here without affecting the rest of the company.
@@ -113,7 +113,7 @@ Set up your Org-level integrations by navigating to your Organization **Integrat
When configuring at the Organization level, consider:
* **Token segmentation:** You can assign a unique Broker token to an Organization. This is useful if different teams operate in different VPCs or data centers.
-* **Granular troubleshooting:** Dedicated tokens allow you to monitor and troubleshoot connectivity issues for a specific team without impacting the entire Group.
+* **Granular troubleshooting:** Dedicated tokens let you monitor and troubleshoot connectivity issues for a specific team without impacting the entire Group.
{% hint style="info" %}
If you are using Azure Repos, Snyk recommends using Universal Broker to avoid Azure limitations on organization mapping.
@@ -136,7 +136,7 @@ While the Group integration provides the connection, the Organization level is w
| ------------------- | ---------------------------------------------------------------------- |
| Access control | Limits repository visibility to only the members of that Organization. |
| Snyk Broker mapping | Maps specific SCM instances to specific internal network segments. |
-| Customized rollout | Allows for different "prevention" settings (PR checks) per team. |
+| Customized rollout | Allows different "prevention" settings (PR checks) per team. |
{% endstep %}
{% endstepper %}
@@ -180,7 +180,7 @@ For Amazon ECR, Snyk recommends using Cross-Account Role authentication for enha
**Key decision:** Decide on a monitoring frequency that balances security visibility with your team's remediation capacity.
{% endhint %}
-Once integrated, Snyk allows you to manage how often images are re-tested:
+After integration, Snyk lets you manage how often images are re-tested:
* **Continuous monitoring**: Snyk automatically rescans imported images daily to detect new vulnerabilities.
* **Avoid duplication**: If you already scan images in your CI/CD pipeline using the Snyk CLI, decide if you also need registry-level monitoring. Registry integration provides a last line of defense for images currently in storage.
@@ -199,9 +199,9 @@ As with SCM integrations, ensure email notifications are disabled at the Organiz
Snyk strongly recommends integrating your container registry if your organization fits any of the following profiles:
-* **Empowering AppSec autonomy**: This solution enables Application Security (AppSec) teams to manage and scan container images independently. It allows security teams to maintain oversight without bottlenecking developers or requiring them to change existing workflows.
+* **Empowering AppSec autonomy**: This solution lets Application Security (AppSec) teams manage and scan container images independently. It lets security teams maintain oversight without bottlenecking developers or requiring them to change existing workflows.
* **Scanning legacy and offline images:** If you have a large number of older images or multiple legacy tags that no longer have an active build pipeline, registry integration is the most efficient way to ensure they are still scanned for vulnerabilities.
-* **Small-scale repositories:** Direct integration and UI management work best for smaller volumes of images (under 1,000). A smaller inventory makes the import process seamless and keeps the user interface fast and responsive.
+* **Small-scale repositories:** Direct integration and UI management work best for smaller volumes of images (under 1,000). A smaller inventory simplifies the import process and keeps the user interface responsive.
* **Limited developer bandwidth:** If your development team lacks the availability to update build pipelines or integrate new security tools into their current processes, direct registry scanning provides a frictionless alternative.
### Use cases for CI/CD or CLI
@@ -251,7 +251,7 @@ This configuration is specific to asset management and is separate from the Orga
**Key decision**: Choose which metadata (tags) and application structures are most critical for your risk assessment and reporting.
{% endhint %}
-Once assets are imported, use the following features to organize your inventory:
+After you import assets, use the following features to organize your inventory:
* **Automatic tags**: Snyk automatically adds tags for detected technologies (for example, Python, Terraform).
@@ -303,7 +303,7 @@ Before installation, verify your environment:
1. Install the setup CLI tool: `npm install -g snyk-broker-config`
2. Start the interactive creation workflow: `snyk-broker-config workflows connections create`
3. Follow the on-screen prompts to input your Snyk Token, Tenant or Org ID, and select the specific integration type you want to connect (for example, GitHub Enterprise, GitLab, or Artifactory).
-4. The CLI will generate your `DEPLOYMENT_ID`, `CLIENT_ID`, and `CLIENT_SECRET`. It will also prompt you to create a credential reference name (for example, `MY_GITHUB_TOKEN`) that maps to your actual secret. Keep these values secure for the next step.
+4. The CLI generates your `DEPLOYMENT_ID`, `CLIENT_ID`, and `CLIENT_SECRET`. It also prompts you to create a credential reference name (for example, `MY_GITHUB_TOKEN`) that maps to your actual secret. Keep these values secure for the next step.
{% hint style="info" %}
If you are setting up Snyk Essentials for asset management with over 1,000 repositories, Snyk recommends a dedicated Broker and Organization.
diff --git a/discover-snyk/implementation-and-setup/enterprise-implementation-guide/create-a-template-organization/structure-your-account.md b/discover-snyk/implementation-and-setup/enterprise-implementation-guide/create-a-template-organization/structure-your-account.md
index bc4ef05b4ebd..74cc5965dad5 100644
--- a/discover-snyk/implementation-and-setup/enterprise-implementation-guide/create-a-template-organization/structure-your-account.md
+++ b/discover-snyk/implementation-and-setup/enterprise-implementation-guide/create-a-template-organization/structure-your-account.md
@@ -12,4 +12,4 @@ Snyk Organizations (Orgs) are the primary level for managing Projects and user a
| -------------------------- | --------------------------------------------------------------------------------------------------------- | --------------------------------------------------------------------------------------------- | ----------------------------------------------------------------------------------- |
| **Team-based** | Linked to a specific developer or security team. | Strict security ownership and reporting by team. | Multiple teams need access to the exact same set of projects (leads to complexity). |
| **Product-based** | Set up for distinct applications or product lines (for example, product a front-end, product a back-end). | Product-centric reporting and access control. | You have hundreds of small, unrelated products. |
-| **SCM Organization-based** | Mimics your SCM hosting platform structure (for example Github orgs, Gitlab groups). | Automated onboarding using the Snyk API, when you have more than 10 SCM-related integrations. | Your SCM organization names are not intuitive or don't align with business units. |
+| **SCM Organization-based** | Mimics your SCM hosting platform structure (for example, GitHub orgs, GitLab groups). | Automated onboarding using the Snyk API, when you have more than 10 SCM-related integrations. | Your SCM organization names are not intuitive or don't align with business units. |
diff --git a/discover-snyk/implementation-and-setup/enterprise-implementation-guide/create-your-snyk-structure.md b/discover-snyk/implementation-and-setup/enterprise-implementation-guide/create-your-snyk-structure.md
index 6f11dabdfee6..431ffbc2c254 100644
--- a/discover-snyk/implementation-and-setup/enterprise-implementation-guide/create-your-snyk-structure.md
+++ b/discover-snyk/implementation-and-setup/enterprise-implementation-guide/create-your-snyk-structure.md
@@ -27,7 +27,7 @@ Use the following table to understand which configurations transfer to the new O
| ------------------------------------------------------ | --------------------------------------------------- |
| All integrations and settings | Members and Service Accounts |
| SCM and Container settings | Existing Projects |
-| Notification integrations (for example Slack, or Jira) | Custom policies and ignore settings |
+| Notification integrations (for example, Slack or Jira) | Custom policies and ignore settings |
| PaaS and serverless integrations | Infrastructure as Code (IaC) and Snyk Code settings |
## Configure scan and notification behavior
diff --git a/discover-snyk/implementation-and-setup/enterprise-implementation-guide/initial-team-rollout.md b/discover-snyk/implementation-and-setup/enterprise-implementation-guide/initial-team-rollout.md
index 670700af9d11..071729d39fd5 100644
--- a/discover-snyk/implementation-and-setup/enterprise-implementation-guide/initial-team-rollout.md
+++ b/discover-snyk/implementation-and-setup/enterprise-implementation-guide/initial-team-rollout.md
@@ -18,7 +18,7 @@ Follow these steps to roll out Snyk to your teams:
Managing notifications ensures that developers only see high-priority issues that require action.
* Instruct administrators to manually enable the critical alerts through their personal settings if they need to monitor progress.
-* Once the environment is stable, enable notifications in bulk for **High** and **Critical** severities only.
+* After the environment is stable, enable notifications in bulk for **High** and **Critical** severities only.
* Disable all email notifications for new Organizations.
Navigate to **Group** > **Settings** to view the notification defaults overview.
@@ -58,7 +58,7 @@ Use these templates to introduce Snyk. Replace the bracketed text with your spec
**Key decision**: Evaluate the maturity of your AppSec program. For new programs, introduce plugins as a tool to validate fixes for prioritized issues. For mature programs, provide immediate access to prevent new issues from entering the codebase.
{% endhint %}
-Snyk IDE plugins allow developers to find and fix vulnerabilities before they reach the CI/CD pipeline. This shift-left approach reduces the time spent on security reviews.
+Snyk IDE plugins let developers find and fix vulnerabilities before they reach the CI/CD pipeline. This shift-left approach reduces the time spent on security reviews.
1. Identify the primary IDEs used by your teams (VS Code, JetBrains, Visual Studio, or Eclipse).
2. Provide installation guides for the relevant Snyk IDE extension.
diff --git a/discover-snyk/implementation-and-setup/enterprise-implementation-guide/manage-and-remediate-issues.md b/discover-snyk/implementation-and-setup/enterprise-implementation-guide/manage-and-remediate-issues.md
index da4021a7341d..5f173e2b0071 100644
--- a/discover-snyk/implementation-and-setup/enterprise-implementation-guide/manage-and-remediate-issues.md
+++ b/discover-snyk/implementation-and-setup/enterprise-implementation-guide/manage-and-remediate-issues.md
@@ -1,6 +1,6 @@
# Manage and remediate issues
-After establishing visibility and prevention measures, focus on managing your existing vulnerability backlog. This stage involves defining a fix strategy, prioritizing issues based on risk, and operationalizing the remediation process in your development teams. Effective management ensures that your security posture improves over time rather than just maintaining the status quo.
+After establishing visibility and prevention measures, focus on managing your existing vulnerability backlog. This stage involves defining a fix strategy, prioritizing issues based on risk, and operationalizing the remediation process in your development teams. Effective management ensures that your security posture improves over time rather than maintaining the status quo.
To manage and remediate issues, follow these stages:
@@ -30,7 +30,7 @@ Key decision: Choose a primary metric for triage. Use **Priority Score** (900+)
Use Snyk filters iteratively to build your plan:
* **Risk and priority scores**: Start with scores of 900–1000 and work downward.
-* **Severity**: filter for **Critical** and **High** issues.
+* **Severity**: Filter for **Critical** and **High** issues.
{% hint style="info" %}
For Snyk Open Source, prioritize critical issues with a **Fixable** filter to identify quick wins.
@@ -51,7 +51,7 @@ Operationalize the fix process using:
* **Ignore policy**: Use the **Ignore** feature for issues that cannot be fixed immediately due to environmental context or breaking changes.
{% hint style="info" %}
-Ensure to always include a detailed reason and always set an expiration date (monthly or quarterly) for review.
+Always include a detailed reason and set an expiration date (monthly or quarterly) for review.
{% endhint %}
* **Permissions**: Restrict ignore permissions to Organization admins in the general settings to maintain oversight.
diff --git a/discover-snyk/implementation-and-setup/enterprise-implementation-guide/phase-3-gain-visibility/README.md b/discover-snyk/implementation-and-setup/enterprise-implementation-guide/phase-3-gain-visibility/README.md
index ca41b4f9989a..9dee76ee7043 100644
--- a/discover-snyk/implementation-and-setup/enterprise-implementation-guide/phase-3-gain-visibility/README.md
+++ b/discover-snyk/implementation-and-setup/enterprise-implementation-guide/phase-3-gain-visibility/README.md
@@ -1,6 +1,6 @@
# Gain visibility by importing repositories
-Gaining visibility over your Organization security begins with importing Projects. This process allows Snyk to monitor your code, dependencies, containers, and infrastructure.
+Gaining visibility over your Organization security begins with importing Projects. This process lets Snyk monitor your code, dependencies, containers, and infrastructure.
There are several ways you can import Projects, depending on your tech stack and package managers:
@@ -63,11 +63,11 @@ Use the API to trigger scans and handle results programmatically across a large
## Add Projects tags and attributes
-After importing Projects, use Project attributes and tags to categorize your data. This metadata allows you to filter and report on specific subsets of your Organization.
+After importing Projects, use Project attributes and tags to categorize your data. This metadata lets you filter and report on specific subsets of your Organization.
For example, apply the `frontend` attribute and a `Team:Unicorn` tag to your Projects. You can then generate a report specifically for critical frontend vulnerabilities in production owned by Team Unicorn.
-Attributes and tags also allow you to:
+Attributes and tags also let you:
* Group related Projects for easier management.
* Customize how you view and access Project data.
diff --git a/discover-snyk/implementation-and-setup/enterprise-implementation-guide/trial-limitations.md b/discover-snyk/implementation-and-setup/enterprise-implementation-guide/trial-limitations.md
index 2f7419a5fd8b..4d71d6a2d176 100644
--- a/discover-snyk/implementation-and-setup/enterprise-implementation-guide/trial-limitations.md
+++ b/discover-snyk/implementation-and-setup/enterprise-implementation-guide/trial-limitations.md
@@ -1,12 +1,12 @@
# Trial limitations
-You can try out Snyk functionalities in several ways:
+You can try out Snyk functionality in several ways:
* Using the limited Free plan
* Using a self-serve 14-day trial
-* By piloting the full product with the Enterprise plan
+* Piloting the full product with the Enterprise plan
-The Snyk 14-day trial offers a sample of the features available in the paid Enterprise plan. However, certain features will have limited functionality or be entirely unavailable in order to provide a seamless experience when the trial concludes.
+The Snyk 14-day trial offers a sample of the features available in the paid Enterprise plan. However, certain features have limited functionality or are entirely unavailable to provide a smooth experience when the trial concludes.
{% hint style="info" %}
After implementing Snyk Essentials, you must access the Inventory page to ensure it is populated with all the necessary information. Depending on the number of repositories you have imported, the update may take up to several hours.
diff --git a/discover-snyk/implementation-and-setup/enterprise-setup/auto-provisioning-guide.md b/discover-snyk/implementation-and-setup/enterprise-setup/auto-provisioning-guide.md
index 9e3a03b03a85..bdfaef429390 100644
--- a/discover-snyk/implementation-and-setup/enterprise-setup/auto-provisioning-guide.md
+++ b/discover-snyk/implementation-and-setup/enterprise-setup/auto-provisioning-guide.md
@@ -32,26 +32,26 @@ This email contains two links:
2. **Create and activate a new account** - To be used if you're entirely new to Snyk or want to start from scratch with a different user.
{% hint style="warning" %}
-Once provisioning is complete, these links will become invalid and you will see an "Access denied" error page.
+After provisioning is complete, these links become invalid and you see an "Access denied" error page.
-If you have not completed provisioning but still see this error, make sure someone else in your organization has not already completed the flow themselves, in case the welcome email has more recipients.
+If you have not completed provisioning but still see this error, ensure someone else in your organization has not already completed the flow themselves, in case the welcome email has more recipients.
{% endhint %}
## Sign up - start from scratch
-Clicking the sign-up link in your welcome email will take you to the sign-up page in the provisioning app.
+Clicking the sign-up link in your welcome email takes you to the sign-up page in the provisioning app.
{% hint style="warning" %}
-The provisioning app is only accessible through a unique link, all other access is disabled and will show an error page.
+The provisioning app is only accessible through a unique link. All other access is disabled and shows an error page.
{% endhint %}
Sign up page on provision.snyk.io
### Step 1: Enter the company name
-The company name you enter here will be used to create the [Tenant](https://app.gitbook.com/o/-M4tdxG8qotLgGZnLpFR/s/IgtgtomLQ2TUgSKOMSAm/snyk-hierarchy/tenant), the top-level instance you'll see in the Snyk Platform. It is a required field and has 60-character limit.
+The company name you enter here creates the [Tenant](https://app.gitbook.com/o/-M4tdxG8qotLgGZnLpFR/s/IgtgtomLQ2TUgSKOMSAm/snyk-hierarchy/tenant), the top-level instance you'll see in the Snyk Platform. It is a required field and has a 60-character limit.
-Provisioning will also create a [Group](https://app.gitbook.com/o/-M4tdxG8qotLgGZnLpFR/s/IgtgtomLQ2TUgSKOMSAm/snyk-hierarchy/groups) and a default [Organization](https://app.gitbook.com/o/-M4tdxG8qotLgGZnLpFR/s/IgtgtomLQ2TUgSKOMSAm/snyk-hierarchy/organizations) using the same name.
+Provisioning also creates a [Group](https://app.gitbook.com/o/-M4tdxG8qotLgGZnLpFR/s/IgtgtomLQ2TUgSKOMSAm/snyk-hierarchy/groups) and a default [Organization](https://app.gitbook.com/o/-M4tdxG8qotLgGZnLpFR/s/IgtgtomLQ2TUgSKOMSAm/snyk-hierarchy/organizations) using the same name.
### Step 2: Choose where to host the account
@@ -65,10 +65,10 @@ Provisioning is enabled for these [three regions](https://app.gitbook.com/o/-M4t
* :flag\_eu: **Europe**: SNYK-EU-01
* :flag\_au: **Australia**: SNYK-AU-01
-In the case of [multiple instances](https://app.gitbook.com/o/-M4tdxG8qotLgGZnLpFR/s/ELvljsaLKPkSpffOkmsQ/regional-hosting-and-data-residency#regional-multi-and-single-tenant-hosting) being available in a chosen region (United States), Snyk reserves the right to chose the specific instance where your account will be created. For more information see [Regional Hosting and data residency](https://app.gitbook.com/o/-M4tdxG8qotLgGZnLpFR/s/ELvljsaLKPkSpffOkmsQ/regional-hosting-and-data-residency).
+In the case of [multiple instances](https://app.gitbook.com/o/-M4tdxG8qotLgGZnLpFR/s/ELvljsaLKPkSpffOkmsQ/regional-hosting-and-data-residency#regional-multi-and-single-tenant-hosting) being available in a chosen region (United States), Snyk reserves the right to choose the specific instance where Snyk creates your account. For more information see [Regional Hosting and data residency](https://app.gitbook.com/o/-M4tdxG8qotLgGZnLpFR/s/ELvljsaLKPkSpffOkmsQ/regional-hosting-and-data-residency).
{% hint style="warning" %}
-Automated provisioning is only possible for multi-tenant environments. For single-tenant availability (Snyk Private Cloud), reach out to your account team in advance of provisioning.
+Automated provisioning is only possible for multi-tenant environments. For single-tenant availability (Snyk Private Cloud), reach out to your account team before provisioning.
{% endhint %}
### Step 3: Select an authentication method
@@ -88,7 +88,7 @@ The available authentication methods are either Single sign-on (SSO) or Third-pa
| :flag\_eu: Europe | :heavy\_check\_mark: | :heavy\_multiplication\_x: |
| :flag\_au: Australia | :heavy\_check\_mark: | :heavy\_multiplication\_x: |
-Snyk recommends selecting SSO since it is best supported across all environments. Selecting this option will then prompt you to enter a valid, work-issued email address, used to create an initial Snyk Admin user. No extra configuration for SSO is required at this point.
+Snyk recommends selecting SSO since it is best supported across all environments. Selecting this option then prompts you to enter a valid, work-issued email address, used to create an initial Snyk Admin user. No extra configuration for SSO is required at this point.
Email address input
@@ -96,32 +96,32 @@ Snyk recommends selecting SSO since it is best supported across all environments
As a final step, you must confirm the details entered are correct.
-* If you have selected SSO as the authentication method, clicking "Sign up" will then show a loading page while Snyk does the background work.
-* If you have selected Third-party authentication, clicking "Continue to sign up options" will redirect you to the Snyk Login page where you can choose your identity provider (Github, Google, and so on.). Once you have completed signing up you will be redirected back to the provisioning application where the loading page will indicate in-progress background work.
+* If you have selected SSO as the authentication method, clicking "Sign up" then shows a loading page while Snyk does the background work.
+* If you have selected Third-party authentication, clicking "Continue to sign up options" redirects you to the Snyk Login page where you can choose your identity provider (GitHub, Google, and so on). After you complete signing up, Snyk redirects you back to the provisioning application, where the loading page indicates in-progress background work.
Snyk advises you to not close the page, otherwise you risk not seeing the process complete successfully.
### Step 5: Access the Snyk platform
-If you have selected SSO as the authentication method, once plan activation is done, you will see a success message and a verification button. Snyk also sends an email to indicate a successful provisioning containing the same login verification link. This link does not expire and it can be used for multiple authentications if needed.\
+If you have selected SSO as the authentication method, after plan activation is done, you see a success message and a verification button. Snyk also sends an email to indicate a successful provisioning containing the same login verification link. This link does not expire and you can use it for multiple authentications if needed.\
\
-Once clicked, a login code will be sent to the email address previously entered. This is known as a Passwordless Login. Enter the code where prompted and you are ready to start using Snyk!
+After you click it, Snyk sends a login code to the email address you previously entered. This is known as a Passwordless Login. Enter the code where prompted and you are ready to start using Snyk.
Successful provisioning for SSO
-If you have selected **Third-party authentication**, once plan activation is done you are all set! You can click "Continue to your account" and start using the platform.
+If you have selected **Third-party authentication**, after plan activation is done you are all set. You can click "Continue to your account" and start using the platform.
{% hint style="info" %}
-Your plan might not have all the features enabled if your contract's start date is in the future. You will gain full access to all features when the start date is met.
+Your plan might not have all the features enabled if your contract's start date is in the future. You gain full access to all features when the start date is met.
{% endhint %}
## Logging in - provision using an existing user account
-Clicking the sign-up link in your welcome email will take you to the log in page in the provisioning app.
+Clicking the sign-up link in your welcome email takes you to the log in page in the provisioning app.
### Step 1: Logging in
-If you have a user account connected through a third-party provider, you will need to use SNYK-US-01
+If you have a user account connected through a third-party provider, you must use SNYK-US-01
You can find the links for all the regions in the [Login and Web UI URLs section](https://app.gitbook.com/o/-M4tdxG8qotLgGZnLpFR/s/ELvljsaLKPkSpffOkmsQ/regional-hosting-and-data-residency#login-and-web-ui-urls).
@@ -140,17 +140,17 @@ If you already have a Snyk User, you can choose how you activate your Enterprise
### **Step 3: Access the Snyk platform**
-This step is the same as [#step-5-access-the-snyk-platform](auto-provisioning-guide.md#step-5-access-the-snyk-platform "mention") when signing up. Once the process is done you can "Continue to your account" and begin using Snyk.
+This step is the same as [#step-5-access-the-snyk-platform](auto-provisioning-guide.md#step-5-access-the-snyk-platform "mention") when signing up. After the process is done you can "Continue to your account" and begin using Snyk.
{% hint style="info" %}
-Your plan might not have all the features enabled if your contract's start date is in the future. You will gain full access to all features when the start date is met.
+Your plan might not have all the features enabled if your contract's start date is in the future. You gain full access to all features when the start date is met.
{% endhint %}
## Error types and solutions
### Validation errors
-When creating a new Tenant or User Snyk checks for duplicates and surfaces any issues.
+When creating a new Tenant or User, Snyk checks for duplicates and surfaces any issues.
* **The business name provided is already in use.** - Use a different name or reach out to your account executive if you want to link your plan to that existing Tenant but you are not a member of it.
diff --git a/discover-snyk/implementation-and-setup/implement-snyk.md b/discover-snyk/implementation-and-setup/implement-snyk.md
index 6a9e7fc88e7a..4f0e5c389c63 100644
--- a/discover-snyk/implementation-and-setup/implement-snyk.md
+++ b/discover-snyk/implementation-and-setup/implement-snyk.md
@@ -5,8 +5,8 @@ Implementing a developer security tool like Snyk is critical to ensuring the sec
Here is a brief overview of the process:
1. **Assessment**: Evaluate your current security practices and identify areas for improvement.
-2. **Planning**: use the provided Project plans to outline your goals, timelines, and necessary resources.
-3. **Configuration**: Follow configuration guidance to tailor the security platform to your needs, ensuring it integrates seamlessly with your existing tools and workflows.
+2. **Planning**: Use the provided Project plans to outline your goals, timelines, and necessary resources.
+3. **Configuration**: Follow configuration guidance to tailor the security platform to your needs, ensuring it integrates with your existing tools and workflows.
4. **Rollout**: Implement the platform across your development teams, following the specific guidance for small teams or enterprise environments.
5. **Training**: Educate your developers on the importance of security and how to use the platform effectively.
6. **Monitoring and iteration**: Continuously monitor the health and performance of your applications and make adjustments as needed to maintain optimal security.
diff --git a/discover-snyk/implementation-and-setup/team-implementation-guide/README.md b/discover-snyk/implementation-and-setup/team-implementation-guide/README.md
index b7eea6f097b0..d154cfec2146 100644
--- a/discover-snyk/implementation-and-setup/team-implementation-guide/README.md
+++ b/discover-snyk/implementation-and-setup/team-implementation-guide/README.md
@@ -9,7 +9,7 @@ We start with the awareness that most businesses:
## **Typical timelines**
-Once your Snyk Organization is set up, you can immediately start gaining visibility into your code by integrating your code repositories (with PR checks disabled), CI/CD pipelines, or container registries.
+After you set up your Snyk Organization, you can immediately start gaining visibility into your code by integrating your code repositories (with PR checks disabled), CI/CD pipelines, or container registries.
To minimize disruption, Snyk recommends a gradual rollout of your "shift left" security strategy, focusing on backlog remediation and prevention. Key recommendations include providing developers with access to the IDE and piloting on a single Project before expanding best practices to the wider team.
@@ -35,15 +35,15 @@ This visibility helps build trust while rolling out Snyk. With the Team plan, th
### Achieve prevention and drive developer adoption
-Next is the prevention stage. You should stop new security issues from being added to your applications. During this stage, you can put controls in place to allow developers to see issues in their pipelines using Pull Request (PR)/Merge Request (MR) checks, and checks in the pipeline that may block.
+Next is the prevention stage. Stop new security issues from being added to your applications. During this stage, you can put controls in place to let developers see issues in their pipelines using Pull Request (PR)/Merge Request (MR) checks, and checks in the pipeline that can block.
-As part of this, developers may use IDE plugins and other tools like [Snyk Advisor](https://snyk.io/advisor) to select secure packages and [Snyk Learn](https://learn.snyk.io/) to educate on secure coding, security, and the product. It's quite common to see developers download and use IDE plugins. Provide guides indicating the settings they should use and guidelines on what they should fix to start often Criticals and Highs, where fixes are available.
+As part of this, developers can use IDE plugins and other tools like [Snyk Advisor](https://snyk.io/advisor) to select secure packages and [Snyk Learn](https://learn.snyk.io/) to educate on secure coding, security, and the product. Developers commonly download and use IDE plugins. Provide guides indicating the settings they should use and guidelines on what to fix to start, often Criticals and Highs, where fixes are available.
### Fix the backlog and triage issues
Finally, you can focus on fixing your backlog of security issues. This can take several forms:
-* As part of the initial rollout, security or initial stakeholder may triage the initial results for the existing portfolio, create tickets for priority items to investigate or address, or have the teams do that for their applications as part of the weekly triage process.
+* As part of the initial rollout, security or initial stakeholders can triage the initial results for the existing portfolio, create tickets for priority items to investigate or address, or have the teams do that for their applications as part of the weekly triage process.
* After gaining visibility and achieving prevention, you can review your backlog of issues. For example, a weekly triage process with the key stakeholders can guide the teams on what to address.
## Use enhanced resources with Snyk
diff --git a/discover-snyk/implementation-and-setup/team-implementation-guide/invite-users.md b/discover-snyk/implementation-and-setup/team-implementation-guide/invite-users.md
index f685a21bdd1d..193b3d6a06f6 100644
--- a/discover-snyk/implementation-and-setup/team-implementation-guide/invite-users.md
+++ b/discover-snyk/implementation-and-setup/team-implementation-guide/invite-users.md
@@ -1,7 +1,7 @@
-# Invite Users
+# Invite users
Click **Members** and invite your team members, applying the role alignments decided in Phase 1 for each member.
{% hint style="info" %}
-Inviting members is generally suggested after importing your Projects. You may bring in a few initial members to start and then do a wider rollout. This can be done at any time as part of stages four and five. It is strongly recommended to communicate what is expected prior to the actual invitation and then communicate throughout the various stages as pull request checks are turned on, pipelines enabled, and as policies/practices change.
+Inviting members is generally suggested after importing your Projects. You can bring in a few initial members to start and then do a wider rollout at any time as part of stages four and five. Communicate what is expected before the invitation, then communicate throughout the various stages as pull request checks are turned on, pipelines enabled, and policies and practices change.
{% endhint %}
diff --git a/discover-snyk/implementation-and-setup/team-implementation-guide/phase-1-discovery-and-planning/choose-rollout-integrations.md b/discover-snyk/implementation-and-setup/team-implementation-guide/phase-1-discovery-and-planning/choose-rollout-integrations.md
index 1a9d4a0b0a32..28d0b65040a6 100644
--- a/discover-snyk/implementation-and-setup/team-implementation-guide/phase-1-discovery-and-planning/choose-rollout-integrations.md
+++ b/discover-snyk/implementation-and-setup/team-implementation-guide/phase-1-discovery-and-planning/choose-rollout-integrations.md
@@ -2,7 +2,7 @@
## **SDLC integration points**
-Snyk offers many integrations that seamlessly integrate into every stage of the SDLC.
+Snyk offers many integrations across every stage of the SDLC.
Many businesses typically roll out automated solutions first, then slowly introduce tools to enable the developers. In addition, gating features are gradually turned on over a period of time to minimize disruption.
@@ -16,7 +16,7 @@ Below are typical early integrations.
### Source Code Management (SCM) integrations
-Integrations with popular version control platforms like GitHub, GitLab, Azure Repos, and Bitbucket seamlessly integrate Snyk security checks into the code review process. This ensures that potential vulnerabilities are identified and addressed before the code is merged into the main branch. Important features include:
+Integrations with popular version control platforms like GitHub, GitLab, Azure Repos, and Bitbucket integrate Snyk security checks into the code review process. This ensures that Snyk identifies and addresses potential vulnerabilities before the code is merged into the main branch. Important features include:
* Daily testing/monitoring of a specified branch (typically "development" branch),
* (optional) Pull Request/Merge Request checks against any branch of the repository.
@@ -43,7 +43,7 @@ If you have a non-cloud-facing or your own instance of a Git SCM:
### Continuous Integration/Continuous Deployment (CI/CD) pipeline integrations
-Integrating Snyk into CI/CD pipelines, such as Jenkins, Travis CI, or CircleCI, automates security checks during the build and deployment process. This ensures that vulnerabilities are detected early in the software development lifecycle and prevents their propagation into production. Typical features include:
+Integrating Snyk into CI/CD pipelines, such as Jenkins, Travis CI, or CircleCI, automates security checks during the build and deployment process. This ensures that Snyk detects vulnerabilities early in the software development lifecycle and prevents their propagation into production. Typical features include:
* (Optional) Ability to passively monitor results during build and view results in Snyk
* (Optional) Ability to test and potentially break the build based on criteria you specified
@@ -59,13 +59,13 @@ For more details, see [Snyk CI/CD integrations](https://app.gitbook.com/o/-M4tdx
### Integrated Development Environment (IDE) integrations
-IDE integrations like Visual Studio Code, IntelliJ IDEA, and Eclipse allow developers to access Snyk's security features directly within their coding environment. This enables real-time scanning and issue remediation as developers write code at the earliest possible stages.
+IDE integrations like Visual Studio Code, IntelliJ IDEA, and Eclipse let developers access the security features in Snyk directly within their coding environment. This enables real-time scanning and issue remediation as developers write code at the earliest possible stages.
For more details, see [Use Snyk in your IDE](https://app.gitbook.com/o/-M4tdxG8qotLgGZnLpFR/s/IEEjSXQQu36y0vmFV8zf/integrations/snyk-ide-plugins-and-extensions).
## Considerations for import strategies
-
Project Import Strategy
Considerations
Advantages
Disadvantages
CLI (automated CI/CD)
Must be configured for each application within CI/CD.
Can select what to test and when (i.e. which package managers, where in the process, which language to analyze.
May need development effort for integration.
It requires configuration per application.
CLI (Run locally by user)
User can use CLI to perform testing locally while working on an application, very configurable per scan type.
Local use case
Not meant for visibility or automation. Can require buildable code or dependencies to be installed (For example Gradle without Lockfile, Scala).
Git Code Repository Integration
Onboarding and daily monitoring: rapid vulnerability assessment across application portfolio.
Continuous monitoring of repositories (even when you are not working on it).
Centralized visibility for teams.
Monitors specified branch
Code does not need to be built.
Can be initiated via UI
Some languages/package managers have better resolution utilizing the CLI (Gradle without lockfile, Scala).
Pull request (PR)/merge request (MR) scanning
Immediate feedback on introduced issues on the PR/MR against any branch on repository.
Configurable rules for pass/fail
+
Project Import Strategy
Considerations
Advantages
Disadvantages
CLI (automated CI/CD)
Must be configured for each application within CI/CD.
Can select what to test and when (that is, which package managers, where in the process, which language to analyze).
May need development effort for integration.
It requires configuration per application.
CLI (Run locally by user)
User can use CLI to perform testing locally while working on an application, configurable per scan type.
Local use case
Not meant for visibility or automation. Can require buildable code or dependencies to be installed (For example Gradle without Lockfile, Scala).
Git Code Repository Integration
Onboarding and daily monitoring: rapid vulnerability assessment across application portfolio.
Continuous monitoring of repositories (even when you are not working on it).
Centralized visibility for teams.
Monitors specified branch
Code does not need to be built.
Can be initiated through the UI
Some languages/package managers have better resolution using the CLI (Gradle without lockfile, Scala).
Pull request (PR)/merge request (MR) scanning
Immediate feedback on introduced issues on the PR/MR against any branch on repository.
Configurable rules for pass/fail
## Additional considerations
@@ -73,8 +73,8 @@ For more details, see [Use Snyk in your IDE](https://app.gitbook.com/o/-M4tdxG8q
For Snyk Infrastructure as Code, it is common that your Terraform or YAML configuration files are held in your SCM, but they may be in a separate area or repository. As a result, consider if there are other areas you need to import. You may also want to integrate with Terraform Cloud (if applicable) to enable Snyk tests as part of your "Terraform run" processes.
-For complex environments, modules, and highly templated implementations, utilizing the CLI on your Terraform Plan file may provide the best results.
+For complex environments, modules, and highly templated implementations, using the CLI on your Terraform Plan file can provide the best results.
### CR (Container Registries)
-Snyk also integrates with various [Container Registries](https://app.gitbook.com/o/-M4tdxG8qotLgGZnLpFR/s/BJO0IZx7zB6bOkotxQP2/scan-with-snyk/snyk-container/container-registry-integrations) to enable you to import and monitor your containers for vulnerabilities. Snyk tests the containers you have imported for any known security vulnerabilities found at a frequency you control.
+Snyk also integrates with various [Container Registries](https://app.gitbook.com/o/-M4tdxG8qotLgGZnLpFR/s/BJO0IZx7zB6bOkotxQP2/scan-with-snyk/snyk-container/container-registry-integrations) so you can import and monitor your containers for vulnerabilities. Snyk tests the containers you have imported for any known security vulnerabilities found at a frequency you control.
diff --git a/discover-snyk/implementation-and-setup/team-implementation-guide/phase-1-discovery-and-planning/create-rollout-plan.md b/discover-snyk/implementation-and-setup/team-implementation-guide/phase-1-discovery-and-planning/create-rollout-plan.md
index d6f7bfff5721..985ee383174c 100644
--- a/discover-snyk/implementation-and-setup/team-implementation-guide/phase-1-discovery-and-planning/create-rollout-plan.md
+++ b/discover-snyk/implementation-and-setup/team-implementation-guide/phase-1-discovery-and-planning/create-rollout-plan.md
@@ -4,7 +4,7 @@ Every business is different. If your teams have already used security tools and
## Suggested onboarding approach
-When you are introducing Snyk to your business, Snyk suggests the following phased rollout after configuring integrations.
+When you are introducing Snyk to your business, Snyk suggests the following phased rollout after configuring integrations.
### 1. Kick off with a pilot team
@@ -14,14 +14,14 @@ Start by selecting a small group of engaged pilot users from:
* Project teams building new applications
* Developers of business-critical applications.
-This allows you to:
+This lets you:
* Thoroughly onboard initial users
* Gather feedback to refine processes
* Identify issues before the broader rollout
* Build success stories to promote Snyk.
-Typically, importing everything using a repository integration for visibility and working through the rollout with a small pilot team allows you to identify the best processes and ways to implement Snyk within your environment.
+Typically, importing everything using a repository integration for visibility and working through the rollout with a small pilot team lets you identify the best processes and ways to implement Snyk in your environment.
### 2. Gain visibility with Git repository integration
@@ -51,7 +51,7 @@ The key advantages of using this process are:
With priorities addressed and processes refined, start expanding access more broadly across teams.
-This phased approach allows thoughtful onboarding while rapidly gaining visibility and control.
+This phased approach supports thoughtful onboarding while rapidly gaining visibility and control.
### 5. Turn on gating
@@ -60,7 +60,7 @@ After the first month, gradually turn on gating measures.
* Pull Request/Merge Request Checks using criteria such as `severity` and `is fixable`.
* Fail builds based on criteria such as `High` or `Critical`, `CVSS`, `Mature Exploit` for Open Source and other criteria using the [Snyk Filter](https://github.com/snyk-labs/snyk-filter) plugin.
-It's recommended to start with a few applications, especially during the pilot team phase, work through the processes then roll out more widely.
+Snyk recommends starting with a few applications, especially during the pilot team phase, working through the processes, then rolling out more widely.
## Exception handling
diff --git a/discover-snyk/implementation-and-setup/team-implementation-guide/phase-1-discovery-and-planning/determine-member-roles.md b/discover-snyk/implementation-and-setup/team-implementation-guide/phase-1-discovery-and-planning/determine-member-roles.md
index a8cd1b0fc11b..91091011819b 100644
--- a/discover-snyk/implementation-and-setup/team-implementation-guide/phase-1-discovery-and-planning/determine-member-roles.md
+++ b/discover-snyk/implementation-and-setup/team-implementation-guide/phase-1-discovery-and-planning/determine-member-roles.md
@@ -1,6 +1,6 @@
# Determine user roles
-## Default roles
+## Default roles
A key consideration when setting up Snyk is determining which [default user roles](https://app.gitbook.com/o/-M4tdxG8qotLgGZnLpFR/s/IgtgtomLQ2TUgSKOMSAm/snyk-platform-administration/user-roles/pre-defined-roles) align with your needs.
@@ -9,7 +9,7 @@ The Team plan has the following fixed roles in Snyk, each with a fixed set of pe
The following are the default roles:
* **Org Admin**: Typically assigned to team leads. Users with this role can add/delete Projects, override Snyk checks, and provision users. It is common to assign this to team leads, admins, and security team users.
-* **Org Collaborator**: This is the default role in Snyk used for developers. This role is ideal for small teams or for a very developer-first organizational approach.
+* **Org Collaborator**: This is the default role in Snyk used for developers. This role is ideal for small teams or for a developer-first organizational approach.
{% hint style="info" %}
If you need more granularity in roles/permissions, consider upgrading to Snyk Enterprise Plan to access Custom Roles and SSO functionality.
diff --git a/discover-snyk/implementation-and-setup/team-implementation-guide/phase-1-discovery-and-planning/discovery.md b/discover-snyk/implementation-and-setup/team-implementation-guide/phase-1-discovery-and-planning/discovery.md
index 02ec62a42825..0f637117a9d2 100644
--- a/discover-snyk/implementation-and-setup/team-implementation-guide/phase-1-discovery-and-planning/discovery.md
+++ b/discover-snyk/implementation-and-setup/team-implementation-guide/phase-1-discovery-and-planning/discovery.md
@@ -4,7 +4,7 @@
Identifying key applications early helps you identify important contacts to make, helps define success metrics, and helps early prioritization. Your business may have thousands of applications, but can you identify a few key applications to benchmark progress and priority?
-For large enterprises, you can import everything, but that additional information can be collected in parallel to help prioritize work and measure success. This should not be a blocker or delay, it can be done in parallel in the planning and implementation phases.
+For large enterprises, you can import everything, but you can collect that additional information in parallel to help prioritize work and measure success. This should not be a blocker or delay. You can do it in parallel in the planning and implementation phases.
## For implementations in smaller organizations/startups - confirm internal points of contact and roles
@@ -19,7 +19,7 @@ To successfully implement Snyk, you must identify the skills needed and the stak
## For implementations for a Team plan within an Enterprise - identify stakeholders with a RACI matrix
-In smaller organizations where a few individuals may have the necessary access, involving the stakeholders can be quick and easy. For a small team, early startup, it can be as simple as finding who can create credentials for Snyk to access the system or update a CI/CD script. In a larger enterprise, where you may have a single team using Snyk, this tends to be more organizationally complex, and the following RACI matrix can assist in determining:
+In smaller organizations where a few individuals have the necessary access, involving the stakeholders can be quick. For a small team or early startup, it can be as simple as finding who can create credentials for Snyk to access the system or update a CI/CD script. In a larger enterprise, where you may have a single team using Snyk, this tends to be more organizationally complex, and the following RACI matrix can assist in determining:
* **R**esponsible: the person ultimately accountable for carrying out the task or deliverable.
* **A**ccountable: the approver who must sign off on work before it is considered complete.
@@ -30,6 +30,6 @@ For large enterprises, the following RACI matrix is useful to clearly define rol
Task
Champion
Admin
Security
DevOps
Onboarding
Responsible
Responsible
Responsible
Responsible
Admin Training
Accountable
Responsible
Consulted
Responsible
Security Training
Responsible
Consulted
Accountable
Responsible
DevOps Training
Responsible
Consulted
Consulted
Accountable
Source Control/IDE/PIPELINE Setup
Responsible
Responsible
Responsible
Accountable
License Policy Management
Responsible
Responsible
Responsible
Accountable
Security Triage
Responsible
Consulted
Accountable
Consulted
-This ensures all stakeholders are engaged in suitable capacities without duplicated or neglected efforts. Following the matrix enables smooth collaboration, with individuals contributing specialized skills within their designated areas.
+This ensures all stakeholders are engaged in suitable capacities without duplicated or neglected efforts. Following the matrix enables smooth collaboration, with individuals contributing specialized skills in their designated areas.
-The clear delineation of duties promotes productivity, efficiency, and accountability. Overall, the RACI framework is an effective method for orchestrating a structured, well-coordinated onboarding process resulting in the successful implementation of Snyk.
+The clear delineation of duties promotes productivity, efficiency, and accountability. Overall, the RACI framework is an effective method for orchestrating a structured, well-coordinated onboarding process that results in the successful implementation of Snyk.
diff --git a/discover-snyk/implementation-and-setup/team-implementation-guide/phase-1-discovery-and-planning/name-your-organization.md b/discover-snyk/implementation-and-setup/team-implementation-guide/phase-1-discovery-and-planning/name-your-organization.md
index 70256ebb5e4f..8c761cff487b 100644
--- a/discover-snyk/implementation-and-setup/team-implementation-guide/phase-1-discovery-and-planning/name-your-organization.md
+++ b/discover-snyk/implementation-and-setup/team-implementation-guide/phase-1-discovery-and-planning/name-your-organization.md
@@ -24,5 +24,5 @@ All customers have a Group and at least one Organization. On the Free and Team p
For more details, visit [Manage Groups and Organizations](https://app.gitbook.com/o/-M4tdxG8qotLgGZnLpFR/s/IgtgtomLQ2TUgSKOMSAm/snyk-hierarchy/groups-and-organizations).
{% hint style="info" %}
-If you have hundreds or thousands of repositories, consider the Snyk Enterprise plan for access to additional organizations to restrict access, separate reporting, and manageable lists to interact with.
+If you have hundreds or thousands of repositories, consider the Snyk Enterprise plan for access to additional Organizations to restrict access, separate reporting, and manageable lists to interact with.
{% endhint %}
diff --git a/discover-snyk/implementation-and-setup/team-implementation-guide/phase-1-discovery-and-planning/plan-for-success.md b/discover-snyk/implementation-and-setup/team-implementation-guide/phase-1-discovery-and-planning/plan-for-success.md
index a6a4054842c3..1145c861484e 100644
--- a/discover-snyk/implementation-and-setup/team-implementation-guide/phase-1-discovery-and-planning/plan-for-success.md
+++ b/discover-snyk/implementation-and-setup/team-implementation-guide/phase-1-discovery-and-planning/plan-for-success.md
@@ -2,19 +2,19 @@
## Determine success metrics with Snyk
-Implementing Snyk provides an opportunity to enhance your application security. But how do you know if you're getting the most out of it? Key Performance Indicators (KPIs) are essential measurements that track Snyk's impact and help guide your security journey.
+Implementing Snyk provides an opportunity to enhance your application security. But how do you know if you're getting the most out of it? Key Performance Indicators (KPIs) are essential measurements that track the impact of Snyk and help guide your security journey.
KPIs give you valuable insights by monitoring key metrics at each adoption phase - from raising awareness to preventing new issues. They help you:
* Assess progress toward security goals
* Identify areas needing improvement
-* Demonstrate Snyk's value to stakeholders
+* Demonstrate the value of Snyk to stakeholders
Tracking metrics aligned to each stage provides tangible insights into what's working well and where improvements may be needed. KPIs help optimize your use of Snyk and progress your application security program.
## Example metrics
-These are just some potential examples of success metrics to consider. Analyzing relevant data points at each stage can provide insight into what's working well and identify areas for improvement.
+These are some potential examples of success metrics to consider. Analyzing relevant data points at each stage can provide insight into what's working well and identify areas for improvement.
### Gain visibility
diff --git a/discover-snyk/implementation-and-setup/team-implementation-guide/phase-1-discovery-and-planning/validate-your-snyk-plan.md b/discover-snyk/implementation-and-setup/team-implementation-guide/phase-1-discovery-and-planning/validate-your-snyk-plan.md
index cdb4f7aa41d0..4c33bec5850e 100644
--- a/discover-snyk/implementation-and-setup/team-implementation-guide/phase-1-discovery-and-planning/validate-your-snyk-plan.md
+++ b/discover-snyk/implementation-and-setup/team-implementation-guide/phase-1-discovery-and-planning/validate-your-snyk-plan.md
@@ -1,5 +1,5 @@
# Validate your Snyk plan
-Confirm your Snyk license has been applied correctly. Navigate to your Organization by clicking the Organization name on the left menu and click **Settings**. Confirm the license has been applied to this Organization by reviewing Usage, Plans, and Billing. Tests should be unlimited for the products purchased, and a Team plan should be indicated.
+Confirm your Snyk license is applied correctly. Navigate to your Organization by clicking the Organization name in the menu and click **Settings**. Confirm the license is applied to this Organization by reviewing Usage, Plans, and Billing. Tests should be unlimited for the products purchased, and a Team plan should be indicated.
-The proper license setup ensures you can fully use Snyk capabilities without limitations. It also guarantees you remain compliant with Snyk terms of use. If the license was incorrectly assigned, contact Snyk support.
+The proper license setup ensures you can fully use Snyk capabilities without limitations. It also guarantees you remain compliant with Snyk terms of use. If the license was incorrectly assigned, contact Snyk support.
diff --git a/discover-snyk/implementation-and-setup/team-implementation-guide/phase-2-configure-your-organization/README.md b/discover-snyk/implementation-and-setup/team-implementation-guide/phase-2-configure-your-organization/README.md
index ae0275f7036a..2de3c1e25ad4 100644
--- a/discover-snyk/implementation-and-setup/team-implementation-guide/phase-2-configure-your-organization/README.md
+++ b/discover-snyk/implementation-and-setup/team-implementation-guide/phase-2-configure-your-organization/README.md
@@ -2,9 +2,9 @@
## Name your Organization
-This step is easiest performed prior to purchasing the license. If you did not, Snyk support can assist you.
+This step is easiest performed before purchasing the license. If you did not, Snyk support can assist you.
-### Changing the name prior to purchase
+### Changing the name before purchase
Click the arrows next to your Organization name, click **Create New Organization**. From the **Settings-Plans and Billing** page, purchase a team plan.
diff --git a/discover-snyk/implementation-and-setup/team-implementation-guide/phase-2-configure-your-organization/configure-integrations.md b/discover-snyk/implementation-and-setup/team-implementation-guide/phase-2-configure-your-organization/configure-integrations.md
index 4c326dd0705e..fb1b4eea0503 100644
--- a/discover-snyk/implementation-and-setup/team-implementation-guide/phase-2-configure-your-organization/configure-integrations.md
+++ b/discover-snyk/implementation-and-setup/team-implementation-guide/phase-2-configure-your-organization/configure-integrations.md
@@ -26,14 +26,14 @@ The CLI provides:
* Supports private packages without having to configure an additional integration, providing that your build environment will have access to your private packages.
* Give visibility to components that are pushed to production by either breaking builds and reporting to Snyk or only reporting to Snyk.
-There are several [CI/CD integrations](https://app.gitbook.com/o/-M4tdxG8qotLgGZnLpFR/s/IEEjSXQQu36y0vmFV8zf/integrations/snyk-ci-cd-integrations) available, or you can use the [Snyk CLI](https://app.gitbook.com/o/-M4tdxG8qotLgGZnLpFR/s/IEEjSXQQu36y0vmFV8zf/snyk-cli/snyk-cli) as part of your pipeline, in order to have more flexibility in the tests you are running.
+There are several [CI/CD integrations](https://app.gitbook.com/o/-M4tdxG8qotLgGZnLpFR/s/IEEjSXQQu36y0vmFV8zf/integrations/snyk-ci-cd-integrations) available, or you can use the [Snyk CLI](https://app.gitbook.com/o/-M4tdxG8qotLgGZnLpFR/s/IEEjSXQQu36y0vmFV8zf/snyk-cli/snyk-cli) as part of your pipeline, to have more flexibility in the tests you are running.
In the initial phase, Snyk recommends using the “monitor” feature to import information into Snyk so you can see any discovered issues (unless you are already importing your repos using a source control integration to achieve this). Later, when you want to start gating/blocking new vulnerabilities from being added, you can introduce “test” features - initially failing builds on critical issues and then gradually adapting the fail criteria over time.
{% hint style="info" %}
For `snyk iac test --report`, finding issues will result in the build possibly stopping with a non-zero response code. \
\
-If you want to test passively, the inclusion of the `--report` argument requires either setting the build step to always continue or an alternative like concatenating logic equating to "or true" (for example `snyk iac test --report || true`). The exact syntax depends on the ecosystem the CLI is run in.
+If you want to test passively, the inclusion of the `--report` argument requires either setting the build step to always continue or an alternative like concatenating logic equating to "or true" (for example `snyk iac test --report || true`). The exact syntax depends on the ecosystem the CLI is run in.
{% endhint %}
When configuring pipelines, you can use popular plugins like [`snyk-filter`](https://app.gitbook.com/o/-M4tdxG8qotLgGZnLpFR/s/IEEjSXQQu36y0vmFV8zf/snyk-cli/snyk-cli/scan-and-maintain-projects-using-the-cli/cli-tools/snyk-filter) for advanced filtering.
diff --git a/discover-snyk/implementation-and-setup/team-implementation-guide/phase-3-gain-visibility/add-project-attributes.md b/discover-snyk/implementation-and-setup/team-implementation-guide/phase-3-gain-visibility/add-project-attributes.md
index 7bbcd81c8d2d..8485841ad6a4 100644
--- a/discover-snyk/implementation-and-setup/team-implementation-guide/phase-3-gain-visibility/add-project-attributes.md
+++ b/discover-snyk/implementation-and-setup/team-implementation-guide/phase-3-gain-visibility/add-project-attributes.md
@@ -1,6 +1,6 @@
# Add project attributes
-After importing your projects, you can add metadata to your Projects using [Project Attributes](https://app.gitbook.com/o/-M4tdxG8qotLgGZnLpFR/s/BJO0IZx7zB6bOkotxQP2/scan-with-snyk/snyk-projects/project-attributes). This allows you to filter and report on specific subsets of your Organization.
+After importing your Projects, you can add metadata to your Projects using [Project Attributes](https://app.gitbook.com/o/-M4tdxG8qotLgGZnLpFR/s/BJO0IZx7zB6bOkotxQP2/scan-with-snyk/snyk-projects/project-attributes). This lets you filter and report on specific subsets of your Organization.
-For example, if you add Project Attributes to all of your Projects, you can easily filter Projects to those that are "frontend critical vulnerabilities in production" from the Projects page.
+For example, if you add Project Attributes to all of your Projects, you can filter Projects to those that are "frontend critical vulnerabilities in production" from the Projects page.
diff --git a/discover-snyk/implementation-and-setup/team-implementation-guide/phase-3-gain-visibility/import-projects.md b/discover-snyk/implementation-and-setup/team-implementation-guide/phase-3-gain-visibility/import-projects.md
index 5428de59a71b..15ef7a50620e 100644
--- a/discover-snyk/implementation-and-setup/team-implementation-guide/phase-3-gain-visibility/import-projects.md
+++ b/discover-snyk/implementation-and-setup/team-implementation-guide/phase-3-gain-visibility/import-projects.md
@@ -1,6 +1,6 @@
# Import Projects
-Depending on the integrations you have configured, and the language / package managers in your tech stack, you can import Projects into Snyk using:
+Depending on the integrations you have configured, and the languages and package managers in your tech stack, you can import Projects into Snyk using:
* A source control integration with your Git repositories
* The Snyk CLI with CI/CD.
@@ -35,14 +35,14 @@ For a small number of applications, typically under a hundred:
For hundreds or thousands of repositories:
* At scale, Snyk recommends using the API. APIs are available with the Snyk Enterprise plan.
- * Use the [Snyk API](https://app.gitbook.com/o/-M4tdxG8qotLgGZnLpFR/s/IEEjSXQQu36y0vmFV8zf/snyk-api/snyk-api) to import your Projects. This leverages an existing source control integration and can be used to automate processes.
- * The [API-import](https://app.gitbook.com/o/-M4tdxG8qotLgGZnLpFR/s/IEEjSXQQu36y0vmFV8zf/snyk-apps/tool-snyk-api-import) tool uses the API to manage onboarding at scale for large enterprises and is the suggested tool to use at scale. The source control structure will need to be mirrored.
+ * Use the [Snyk API](https://app.gitbook.com/o/-M4tdxG8qotLgGZnLpFR/s/IEEjSXQQu36y0vmFV8zf/snyk-api/snyk-api) to import your Projects. This uses an existing source control integration and can automate processes.
+ * The [API-import](https://app.gitbook.com/o/-M4tdxG8qotLgGZnLpFR/s/IEEjSXQQu36y0vmFV8zf/snyk-apps/tool-snyk-api-import) tool uses the API to manage onboarding at scale for large enterprises and is the suggested tool to use at scale. You must mirror the source control structure.
## Snyk CLI
For details, see [Snyk CLI](https://app.gitbook.com/o/-M4tdxG8qotLgGZnLpFR/s/IEEjSXQQu36y0vmFV8zf/snyk-cli/snyk-cli).
-The CLI allows granular scanning of individual Projects.
+The CLI lets you scan individual Projects granularly.
{% hint style="info" %}
A command must be formulated for each type of test to perform (open source, code, infrastructure as code, and container).
@@ -55,9 +55,9 @@ To use the Snyk CLI:
3. In the script, navigate to the Project folder.
4. Run the appropriate `snyk test` or `snyk monitor` commands and options for the type of scan you want to run.\
\
- Where to implement testing in your scripts is generally flexible but most commonly prior to deployment. Use the monitor command alone for Snyk Open Source and Snyk Container to passively report. When you are using gating through the `test` command, the purpose is to break the build if issues are found that meet particular criteria like `--severity-threshold` or any number of options in the CLI or the `snyk-filter` plugin.\
+ Where to implement testing in your scripts is generally flexible but most commonly before deployment. Use the monitor command alone for Snyk Open Source and Snyk Container to passively report. When you are using gating through the `test` command, the purpose is to break the build if issues are found that meet particular criteria like `--severity-threshold` or any number of options in the CLI or the `snyk-filter` plugin.\
\
- In general, Snyk Open source is typically run in `test` and/or `monitor` after the dependencies are installed on the build system.\
+ In general, Snyk Open Source is typically run in `test` and `monitor` after the dependencies are installed on the build system.\
\
A typical command can look as follows:
* Code: `snyk code test --org=[org-id]`
@@ -65,7 +65,7 @@ To use the Snyk CLI:
* `snyk test --all-projects --org=[org-id]`
* `snyk monitor --all-projects --org=[org-id]`\
Replace `[org-id]` with the ID of your Organization.
- * For Container and Infrastructure as Code scans, see [Container](https://app.gitbook.com/o/-M4tdxG8qotLgGZnLpFR/s/BJO0IZx7zB6bOkotxQP2/scan-with-snyk/snyk-container/scan-container-images) and [Infrastructure as Code](https://app.gitbook.com/o/-M4tdxG8qotLgGZnLpFR/s/BJO0IZx7zB6bOkotxQP2/scan-with-snyk/snyk-iac), as this will vary based on the type being scanned.
+ * For Container and Infrastructure as Code scans, see [Container](https://app.gitbook.com/o/-M4tdxG8qotLgGZnLpFR/s/BJO0IZx7zB6bOkotxQP2/scan-with-snyk/snyk-container/scan-container-images) and [Infrastructure as Code](https://app.gitbook.com/o/-M4tdxG8qotLgGZnLpFR/s/BJO0IZx7zB6bOkotxQP2/scan-with-snyk/snyk-iac), as this varies based on the type being scanned.
5. Review results either locally when running `snyk test`, or on the Snyk Web UI when using `monitor` or report.
For demonstrations of various pipeline integrations, see [Snyk-Labs](https://github.com/snyk-labs/snyk-cicd-integration-examples).
diff --git a/discover-snyk/implementation-and-setup/team-implementation-guide/phase-4-create-a-fix-strategy.md b/discover-snyk/implementation-and-setup/team-implementation-guide/phase-4-create-a-fix-strategy.md
index b95672f22f8f..03da0a0c8e8a 100644
--- a/discover-snyk/implementation-and-setup/team-implementation-guide/phase-4-create-a-fix-strategy.md
+++ b/discover-snyk/implementation-and-setup/team-implementation-guide/phase-4-create-a-fix-strategy.md
@@ -9,7 +9,7 @@ Before diving into specific vulnerabilities, consider your Organizations and rep
In your Organization, you can then consider the repositories that make up the application's different parts. Areas that handle sensitive data or are public-facing may be more important to secure, so this could be another way to narrow down your initial list of Projects to review.
{% hint style="info" %}
-If you have used **Attributes** to add metadata to your Projects, these can be a great way to filter down the number of Projects that you are considering.
+If you have used **Attributes** to add metadata to your Projects, these can help you filter down the number of Projects that you are considering.
{% endhint %}
## Group work by development teams
@@ -20,17 +20,17 @@ After you have your reduced set of Projects to prioritize, you may want to split
Filters are available to help prioritize what issues need to be fixed more urgently. The following search criteria are most commonly used when building a prioritization plan and can be used iteratively or in combination as you analyze results.
-* Severity (Start with **High** and **Critical**). It is common to filter by critical severity. However, Snyk Code, Snyk code only goes up to High, so if you are using Snyk Code, start there for Code Analysis results.
-* [Exploit Maturity](https://snyk.io/blog/whats-so-wild-about-exploits-in-the-wild-and-how-can-we-prioritize-accordingly/) (Issues with **Mature** or **Proof of Concept** are more exploitable). By choosing this filter, you implicitly only filter the results to Open Source.
-* Fixable (if there’s a fix available by upgrading a package, it’s much faster to fix).
+* Severity (Start with **High** and **Critical**). It is common to filter by critical severity. However, Snyk Code only goes up to High, so if you are using Snyk Code, start there for Code Analysis results.
+* [Exploit Maturity](https://snyk.io/blog/whats-so-wild-about-exploits-in-the-wild-and-how-can-we-prioritize-accordingly/) (Issues with **Mature** or **Proof of Concept** are more exploitable). By choosing this filter, you implicitly filter the results to Open Source only.
+* Fixable (if there’s a fix available by upgrading a package, it’s much faster to fix)
* CVSS Score for Open Source Vulnerabilities
-* [Priority Score](https://app.gitbook.com/o/-M4tdxG8qotLgGZnLpFR/s/BJO0IZx7zB6bOkotxQP2/fix/prioritize-issues-for-fixing/priority-score) (The above values are used to calculate this score). One strategy is to eliminate the vulnerabilities with a score of 900-1000, and then move to vulnerabilities with a score of 800-900, and so on.
+* [Priority Score](https://app.gitbook.com/o/-M4tdxG8qotLgGZnLpFR/s/BJO0IZx7zB6bOkotxQP2/fix/prioritize-issues-for-fixing/priority-score) (Snyk uses the preceding values to calculate this score). One strategy is to eliminate the vulnerabilities with a score of 900-1000, and then move to vulnerabilities with a score of 800-900, and so on.
-Decide which metrics will be used when planning your fix strategy, and get specific with your timeline. If you choose to fix by severity, for example, estimate the time it will take to resolve a vulnerability per severity. It’s recommended to be specific with your fix strategy.
+Decide which metrics to use when planning your fix strategy, and get specific with your timeline. If you choose to fix by severity, for example, estimate the time it takes to resolve a vulnerability per severity. Snyk recommends being specific with your fix strategy.
**Example**
-If there are fifty critical-severity issues and one hundred high-severity issues, you may plan on two weeks to fix critical vulnerabilities and then four weeks to fix high-severity, based on the size of your team and workload.
+If there are 50 critical-severity issues and 100 high-severity issues, you may plan on two weeks to fix critical vulnerabilities and then four weeks to fix high-severity, based on the size of your team and workload.
Alternatively, you can fix by issue type.
@@ -62,8 +62,8 @@ DevSecOps-led implementation, focusing on securing your custom images and enviro
## Targeted Vulnerabilities Campaigns
-As you operationalize security testing in your development process, another option for your fix strategy is to have campaigns to eliminate vulnerability types, for example, SQL injection. Using CWE in your search filters can be very useful in reporting to identify and log issues.
+As you operationalize security testing in your development process, another option for your fix strategy is to have campaigns to eliminate vulnerability types, for example, SQL injection. Using CWE in your search filters can be useful in reporting to identify and log issues.
## Update your timeline
-Once you have created your fix strategy, update the timeline for Phase 7.
+After you have created your fix strategy, update the timeline for Phase 7.
diff --git a/discover-snyk/implementation-and-setup/team-implementation-guide/phase-5-rolling-out-the-prevention-stage/README.md b/discover-snyk/implementation-and-setup/team-implementation-guide/phase-5-rolling-out-the-prevention-stage/README.md
index 4831f895f481..bc1deccee241 100644
--- a/discover-snyk/implementation-and-setup/team-implementation-guide/phase-5-rolling-out-the-prevention-stage/README.md
+++ b/discover-snyk/implementation-and-setup/team-implementation-guide/phase-5-rolling-out-the-prevention-stage/README.md
@@ -4,11 +4,11 @@ After you gain visibility on your security issues, you can now start to implemen
## Common prevention methods
-Below are the two common areas that allow you to "prevent new issues":
+The two common areas that let you "prevent new issues" are:
-* Snyk tests on pull request (PR)/merge checks (MR), currently available for Open Source.
+* Snyk tests on pull request (PR)/merge checks (MR), available for Open Source.
* Adding "Snyk test" to your CI/CD pipelines (you may have already implemented "Snyk monitor" to import your Projects as part of the pipeline).
- * Additionally, open source, code, infrastructure as code, and container vulnerabilities can all be gated.
+ * Additionally, Snyk can gate open source, code, infrastructure as code, and container vulnerabilities.
In either case, Snyk suggests that you communicate these changes clearly to your developers before implementing any form of gating.
@@ -24,7 +24,7 @@ To block new issues, you can use PR checks. For details, see [Run PR Checks](htt
### Communicate exception processes
-It is important to ensure the teams know the exception processes and how to address if a PR is blocked or a build fails.
+Ensure the teams know the exception processes and how to respond if a PR is blocked or a build fails.
For example:
diff --git a/discover-snyk/implementation-and-setup/team-implementation-guide/phase-5-rolling-out-the-prevention-stage/add-and-configure-snyk-to-your-ci-cd-pipeline.md b/discover-snyk/implementation-and-setup/team-implementation-guide/phase-5-rolling-out-the-prevention-stage/add-and-configure-snyk-to-your-ci-cd-pipeline.md
index 3723bd81c0ae..6da9a92ab15c 100644
--- a/discover-snyk/implementation-and-setup/team-implementation-guide/phase-5-rolling-out-the-prevention-stage/add-and-configure-snyk-to-your-ci-cd-pipeline.md
+++ b/discover-snyk/implementation-and-setup/team-implementation-guide/phase-5-rolling-out-the-prevention-stage/add-and-configure-snyk-to-your-ci-cd-pipeline.md
@@ -6,7 +6,7 @@ After your teams understand the vulnerabilities in their applications and develo
## No import requirement
-A benefit of adding tests to your pipeline is that you do not need to import the repository to Snyk using the source control integration (which is required for Snyk PR Checks). It can also be used as an additional gate, even if you are testing PRs, to further decrease the chance of new vulnerabilities entering your production builds.
+A benefit of adding tests to your pipeline is that you do not need to import the repository to Snyk using the source control integration (which Snyk PR Checks require). You can also use it as an additional gate, even if you are testing PRs, to further decrease the chance of new vulnerabilities entering your production builds.
## Pipeline options
@@ -15,7 +15,7 @@ When adding Snyk to a build pipeline, there are common options:
* Using the specific [pipeline integration](https://app.gitbook.com/o/-M4tdxG8qotLgGZnLpFR/s/IEEjSXQQu36y0vmFV8zf/integrations/snyk-ci-cd-integrations) for your tool.
* Using the [Snyk CLI](https://app.gitbook.com/o/-M4tdxG8qotLgGZnLpFR/s/IEEjSXQQu36y0vmFV8zf/snyk-cli/snyk-cli) and running the specific commands directly.
-Each option has benefits - using an existing pipeline integration may be faster and easier to configure, but using the Snyk CLI will give you a greater range of options and flexibility in your "fail" criteria.
+Each option has benefits — using an existing pipeline integration may be faster to configure, but using the Snyk CLI gives you a greater range of options and flexibility in your "fail" criteria.
## Pipeline test filters
@@ -23,7 +23,7 @@ When running a test in your pipeline, there are filters available to determine w
## CLI supporting tools
-If you use the Snyk CLI in your pipeline, a range of supporting [Snyk Tools](https://app.gitbook.com/o/-M4tdxG8qotLgGZnLpFR/s/IEEjSXQQu36y0vmFV8zf/snyk-apps/snyk-tools) provide additional functionality, including [`snyk-filter`](https://app.gitbook.com/o/-M4tdxG8qotLgGZnLpFR/s/IEEjSXQQu36y0vmFV8zf/snyk-cli/snyk-cli/scan-and-maintain-projects-using-the-cli/cli-tools/snyk-filter), which can be used for more complex "fail" criteria, such as “fail if more than three High severity vulnerabilities are found”.
+If you use the Snyk CLI in your pipeline, a range of supporting [Snyk Tools](https://app.gitbook.com/o/-M4tdxG8qotLgGZnLpFR/s/IEEjSXQQu36y0vmFV8zf/snyk-apps/snyk-tools) provide additional functionality, including [`snyk-filter`](https://app.gitbook.com/o/-M4tdxG8qotLgGZnLpFR/s/IEEjSXQQu36y0vmFV8zf/snyk-cli/snyk-cli/scan-and-maintain-projects-using-the-cli/cli-tools/snyk-filter), which you can use for more complex "fail" criteria, such as “fail if more than three High severity vulnerabilities are found”.
## Also see
diff --git a/discover-snyk/implementation-and-setup/team-implementation-guide/phase-5-rolling-out-the-prevention-stage/enable-and-configure-snyk-on-prs.md b/discover-snyk/implementation-and-setup/team-implementation-guide/phase-5-rolling-out-the-prevention-stage/enable-and-configure-snyk-on-prs.md
index 93be26a462f6..51a7508b7a72 100644
--- a/discover-snyk/implementation-and-setup/team-implementation-guide/phase-5-rolling-out-the-prevention-stage/enable-and-configure-snyk-on-prs.md
+++ b/discover-snyk/implementation-and-setup/team-implementation-guide/phase-5-rolling-out-the-prevention-stage/enable-and-configure-snyk-on-prs.md
@@ -2,40 +2,40 @@
## Use PR Checks to introduce gating
-[Snyk Pull Request(PR)/Merge Request (MR) Checks](https://app.gitbook.com/o/-M4tdxG8qotLgGZnLpFR/s/BJO0IZx7zB6bOkotxQP2/prevent/pull-request-checks) allow you to prevent new security issues from entering your codebase, by automatically scanning code changes when you submit a pull request (PR). PR Checks are available for open-source vulnerabilities, license compliance issues, and your own code issues.
+[Snyk Pull Request(PR)/Merge Request (MR) Checks](https://app.gitbook.com/o/-M4tdxG8qotLgGZnLpFR/s/BJO0IZx7zB6bOkotxQP2/prevent/pull-request-checks) let you prevent new security issues from entering your codebase, by automatically scanning code changes when you submit a pull request (PR). PR Checks are available for open-source vulnerabilities, license compliance issues, and your own code issues.
If you import Projects through a source control integration, then Snyk Open Source and Snyk Code PR Checks is a good place to start introducing gating.
{% hint style="info" %}
-Snyk recommendes announcing the changes prior to rolling out the changes. See [Announce prevention measures](../../enterprise-implementation-guide/automate-prevention-measures.md#announce-prevention-measures) for examples of how to message your developers.
+Snyk recommends announcing the changes before rolling out the changes. See [Announce prevention measures](../../enterprise-implementation-guide/automate-prevention-measures.md#announce-prevention-measures) for examples of how to message your developers.
{% endhint %}
### Implementing Open Source PR Checks
There are a number of different features available that can be used to help you gradually introduce the feature to avoid friction with your development teams:
-* Fail conditions: You can control whether the test will "fail" if the PR itself is adding a dependency with issues (most common) or if the repository as a whole has any issues.
+* Fail conditions: You can control whether the test "fails" if the PR itself is adding a dependency with issues (most common) or if the repository as a whole has any issues.
-The criteria of what constitutes a "failed test" can also be customized. By default, the test does not filter based on severity or fixability, which can mean that PR tests will regularly fail. For Snyk Open Source you can customize what the criteria are to fail the test:
+You can also customize the criteria of what constitutes a "failed test". By default, the test does not filter based on severity or fixability, which can mean that PR tests regularly fail. For Snyk Open Source you can customize the criteria to fail the test:
* **Only fail for high or critical severity issues**
* **Only fail when the issues found have a fix available**
-When you first enable this feature, Snyk suggests ticking both of these boxes so that a test would fail if a **High or Critical** and **fixable** issue is found. In this case, you would want to encourage to developer to fix the issue before proceeding.
+When you first enable this feature, Snyk suggests selecting both of these check boxes so that a test fails if a **High or Critical** and **fixable** issue is found. In this case, encourage the developer to fix the issue before proceeding.
-These PR tests are optional by default, meaning that even if the test fails, the developer may be able to continue and merge the PR. Controlling whether a PR test is optional or blocking is configured within your source control management platform, such as GitHub’s branch protection rules.
+These PR tests are optional by default, meaning that even if the test fails, the developer can continue and merge the PR. You configure whether a PR test is optional or blocking in your source control management platform, such as GitHub’s branch protection rules.
### Implementing Code PR Checks
When enabling static analysis of code changes and therefore new vulnerabilities, you can select the fail criteria to be **High** (the highest severity).
-When you first enable this feature, Snyk suggests selecting **High** if an issue is found. In this case, you would want to encourage developers to fix the issue before proceeding. As your code base stabilizes and you have worked through the backlog, you can change the fail criteria to lower the severity (to either **Medium** or **Low)** in order to address broader issues or to match your internal policies.
+When you first enable this feature, Snyk suggests selecting **High** if an issue is found. In this case, encourage developers to fix the issue before proceeding. As your codebase stabilizes and you have worked through the backlog, you can change the fail criteria to lower the severity (to either **Medium** or **Low)** to address broader issues or to match your internal policies.
### Using PR Checks for a phased rollout
It is common to have a phased rollout of these features. Using PR checks as an example:
-* You may initially run Snyk tests and set, via your source control settings, as optional checks. The results are displayed, but the developer is not blocked from merging the PR.
+* You may initially run Snyk tests and set them, through your source control settings, as optional checks. The results are displayed, but the developer is not blocked from merging the PR.
* Over time, as developers adapt to seeing these results and begin addressing the high issues proactively, you can choose to start blocking PRs from being merged if there are any new highest severity issues or, in the case of Snyk Open Source, if a fix is available.
This phased rollout helps to decrease friction between your security and development teams.
diff --git a/discover-snyk/implementation-and-setup/team-implementation-guide/phase-6-triages-ignores-and-fixes.md b/discover-snyk/implementation-and-setup/team-implementation-guide/phase-6-triages-ignores-and-fixes.md
index e7837c456854..308e4daa5e4a 100644
--- a/discover-snyk/implementation-and-setup/team-implementation-guide/phase-6-triages-ignores-and-fixes.md
+++ b/discover-snyk/implementation-and-setup/team-implementation-guide/phase-6-triages-ignores-and-fixes.md
@@ -5,7 +5,7 @@
After you implement a strategy to prevent new issues from entering your repositories, whether blocking builds or running in a non-blocking/advisory mode, the next step is to prioritize and start fixing issues in your backlog.
* In [Phase 4: Create a Fix strategy](phase-4-create-a-fix-strategy.md), you created a plan for prioritizing your Projects and issues. To implement this, you can schedule regular meetings with development team leads, to assist them with this process.
-* If you use Jira Cloud, you can download and install the [Snyk Security in Jira Cloud](https://marketplace.atlassian.com/apps/1230482/snyk-security-in-jira-cloud) plugin from the Atlassian marketplace. This allows you to view information on your Snyk Vulnerabilities directly in Jira, and use Jira Automation to create new tickets when new vulnerabilities are identified.
+* If you use Jira Cloud, you can download and install the [Snyk Security in Jira Cloud](https://marketplace.atlassian.com/apps/1230482/snyk-security-in-jira-cloud) plugin from the Atlassian marketplace. This lets you view information on your Snyk Vulnerabilities directly in Jira, and use Jira Automation to create new tickets when new vulnerabilities are identified.
## When should you ignore an issue?
@@ -25,7 +25,7 @@ Confirm ignore with an Organization Admin (they may need to complete this step t
When adding the ignore:
* Ensure you add a detailed reason, so the ignore reason is clear to others who see this issue.
-* Set an expiration date for the ignored rather than having a permanent ignore. This is essential, as whilst the issue may not be fixable/relevant today, it should be reviewed regularly (monthly or quarterly) to see if it is possible to implement a fix.
+* Set an expiration date for the ignore rather than having a permanent ignore. This is essential, as while the issue may not be fixable or relevant today, review it regularly (monthly or quarterly) to see if it is possible to implement a fix.
{% hint style="info" %}
In **Settings-General** it's common to limit access to who can ignore an issue and require a reason.
diff --git a/discover-snyk/implementation-and-setup/team-implementation-guide/prerequisites-project-plan-templates.md b/discover-snyk/implementation-and-setup/team-implementation-guide/prerequisites-project-plan-templates.md
index 7c916cbb9b2c..87493033abce 100644
--- a/discover-snyk/implementation-and-setup/team-implementation-guide/prerequisites-project-plan-templates.md
+++ b/discover-snyk/implementation-and-setup/team-implementation-guide/prerequisites-project-plan-templates.md
@@ -4,7 +4,7 @@ The templates provided below are the basis of the following sections of this gui
You can download and use these templates in your project management system.
{% hint style="info" %}
-The suggested timelines are typically for individual teams and small companies, which may involve a small team or company. Adjust accordingly for what makes sense for your company.
+The suggested timelines are typically for individual teams and small companies. Adjust accordingly for what makes sense for your company.
{% endhint %}
You can download or import these plans:
diff --git a/discover-snyk/snyk-api/rest-api/getting-started-with-the-rest-api.md b/discover-snyk/snyk-api/rest-api/getting-started-with-the-rest-api.md
index ccb760027f8b..5f57bd157ba7 100644
--- a/discover-snyk/snyk-api/rest-api/getting-started-with-the-rest-api.md
+++ b/discover-snyk/snyk-api/rest-api/getting-started-with-the-rest-api.md
@@ -6,7 +6,7 @@ Follow these steps to make a simple call to the REST API using `curl` in the com
2. In your account, use the left navigation to find an **Organization** where you have Projects you can list.
3. Navigate to your **Organization Settings**, and on the **General** settings page, find your **Organization ID** and copy the value.
4. Navigate to your personal [General Account Settings](https://app.snyk.io/account/) and copy your **API Token**. For instructions, see [Authentication for API](https://app.gitbook.com/o/-M4tdxG8qotLgGZnLpFR/s/IEEjSXQQu36y0vmFV8zf/snyk-api/authentication-for-api).
-5. Use a `curl` command to make your request. Replace the `{orgId}` and API\_TOKEN with your **Organization ID** and **API Token**, respectively. Snyk recommends using 2024-10-15 for the version number unless you are using an earlier version for a specific reason. Using the current day's date will call the most recent version of the API. An example follows:
+5. Use a `curl` command to make your request. Replace the `{orgId}` and API\_TOKEN with your **Organization ID** and **API Token**, respectively. Snyk recommends using 2024-10-15 for the version number unless you are using an earlier version for a specific reason. Using the current day's date calls the most recent version of the API. An example follows:
```sh
curl --request GET \
diff --git a/discover-snyk/snyk-learn/README.md b/discover-snyk/snyk-learn/README.md
index e7a902234e64..97b3dc70ea44 100644
--- a/discover-snyk/snyk-learn/README.md
+++ b/discover-snyk/snyk-learn/README.md
@@ -2,7 +2,7 @@
[Snyk Learn](https://learn.snyk.io) offers lessons for developer [security education](./#security-education) and Snyk [product training](./#product-training) with short and interactive content. Snyk Learn also has[ learning paths](https://learn.snyk.io/catalog/?format=learning_path\&type=security-education) for learners to take a predefined set of lessons following a structured flow. These lessons and learning plans are designed to help you start using Snyk, implement a [DevSecOps](../getting-started/glossary.md#devsecops) framework, and also to help you implement an ongoing security education and training program.
-Snyk Learn is one component of learning available for users and customers. The Snyk [customer resource page](https://snyk.io/customer-resources/) will help you learn the best practices for implementing Snyk in your Organization.
+Snyk Learn is one component of learning available for users and customers. The Snyk [customer resource page](https://snyk.io/customer-resources/) helps you learn the best practices for implementing Snyk in your Organization.
Snyk Learn is integrated into the Snyk Platform, giving learners the ability to [track their progress](your-learning/) and Organizations the ability to manage users through Snyk.
@@ -14,13 +14,13 @@ The following table shows the features available for each plan. For more informa
### Learning Management add-on
-The Snyk Learning Management add-on allows AppSec and compliance teams to easily [assign](snyk-learn-assignments.md) lessons, track progress, and download reports for proof of completion. These capabilities are also supported through the [Snyk Learn API](snyk-learn-api.md).
+The Snyk Learning Management add-on lets AppSec and compliance teams [assign](snyk-learn-assignments.md) lessons, track progress, and download reports for proof of completion. The [Snyk Learn API](snyk-learn-api.md) also supports these capabilities.
For more information and to add this capability to your Snyk plan, contact your Snyk account team.
## Regional hosting
-Snyk Learn also allows for regional hosting and data residency. Multi-tenant support enables seamless operation across multiple deployment environments, specifically tailored to meet the needs of Snyk users in the US, AU, and EU.
+Snyk Learn also supports regional hosting and data residency. Multi-tenant support enables operation across multiple deployment environments, specifically tailored to meet the needs of Snyk users in the US, AU, and EU.
Snyk customers have access to Snyk Learn resources according to their region in the Snyk application. There is no need to create an additional user. For more information, see [Regional hosting and data residency](https://app.gitbook.com/o/-M4tdxG8qotLgGZnLpFR/s/ELvljsaLKPkSpffOkmsQ/regional-hosting-and-data-residency).
@@ -44,6 +44,6 @@ Snyk[ product training](https://learn.snyk.io/catalog/?type=product-training) pr
* How to configure and manage Snyk organizations
* How to use Snyk to find and fix issues
-The platform provides an easy way for teams to get an introduction to Snyk tools and user best practices. Most courses take between three and ten minutes.
+The platform provides a way for teams to get an introduction to Snyk tools and user best practices. Most courses take between three and 10 minutes.
Snyk offers product training[ learning paths](https://learn.snyk.io/catalog/?type=product-training\&format=learning_path), including Implementing Snyk, Managing application security with Snyk, and Developing using Snyk.
diff --git a/discover-snyk/snyk-learn/snyk-assist.md b/discover-snyk/snyk-learn/snyk-assist.md
index 163ab34106d7..3d23b352b6d1 100644
--- a/discover-snyk/snyk-learn/snyk-assist.md
+++ b/discover-snyk/snyk-learn/snyk-assist.md
@@ -9,21 +9,21 @@ Snyk Assist for Learn is an AI-powered learning assistant integrated into the Sn
Snyk Assist enhances your learning experience within the Snyk Learn platform by:
* Providing immediate answers to questions about Snyk products, features, and general application security concepts.
-* Delivering context-aware replies based on Snyk's extensive knowledge base.
+* Delivering context-aware replies based on the extensive knowledge base in Snyk.
* Suggesting relevant follow-on learning opportunities available within Snyk Learn, Snyk Docs and the Snyk Blog.
Snyk Assist on Snyk Learn
## How Snyk Assist works
-Snyk Assist utilizes Generative AI to respond to questions based on information retrieved from trusted Snyk sources:
+Snyk Assist uses Generative AI to respond to questions based on information retrieved from trusted Snyk sources:
* [Snyk Learn lessons](https://learn.snyk.io/catalog/?format=lesson)
* [Snyk Documentation](../)
Snyk Assist **does not** have access to your Snyk tenant data, such as issue and asset information, or Snyk Learn learning history. While interacting with Snyk Assist, we collect and process your queries and conversation history to provide responses and improve our service.
-The technology leverages Snyk-managed services and selected third-party Large Language Model (LLM) providers to respond with helpful and informative answers.
+The technology uses Snyk-managed services and selected third-party Large Language Model (LLM) providers to respond with helpful and informative answers.
{% hint style="info" %}
**Capabilities and Limitations**
@@ -32,7 +32,7 @@ The technology leverages Snyk-managed services and selected third-party Large La
* Snyk Assist **does not** perform security analysis, check your code for vulnerabilities, comment on code quality, or provide specific code samples. For code scanning and analysis, continue using the Snyk CLI, Snyk IDE extensions, or recurring SCM tests integrated with your repositories.
* Snyk Assist provides information from its body of knowledge, but responses should not be considered legal, security, or compliance advice. While we strive for accuracy, Snyk is not liable for decisions made based on information provided by Snyk Assist. Always verify critical security information through official Snyk documentation and tools.
-See the usage disclaimer [here](https://snyk.io/policies/snyk-assist-disclaimer).
+See the [usage disclaimer](https://snyk.io/policies/snyk-assist-disclaimer).
{% endhint %}
## Using Snyk Assist
@@ -43,7 +43,7 @@ Snyk Assist is accessible directly within the Snyk Learn interface for users wit
2. Click the **Snyk Assist** icon to open the chat window. This is found in the bottom right of the page.
3. Type your questions about Snyk products or application security concepts into the chat prompt.
-Snyk Assist will answer based on its knowledge base, potentially including links to relevant documentation, Learn lessons, and Snyk blogs.
+Snyk Assist answers based on its knowledge base, potentially including links to relevant documentation, Learn lessons, and Snyk blogs.
{% hint style="info" %}
If you do not see the chat icon, your Snyk admin may not have enabled this functionality for your Group. Additionally, ensure that the default Org in your Snyk settings is set to your company's Snyk Org and not a personal Snyk Org.
@@ -63,6 +63,6 @@ After Snyk Assist is enabled, it is visible and accessible on Snyk Learn for the
Snyk Assist settings page
-## Data Handling and Safeguards
+## Data handling and safeguards
See [How Snyk handles your data](https://app.gitbook.com/o/-M4tdxG8qotLgGZnLpFR/s/ELvljsaLKPkSpffOkmsQ/how-snyk-handles-your-data#snyk-learn) for more information on this topic.
diff --git a/discover-snyk/snyk-learn/snyk-learn-access-controls.md b/discover-snyk/snyk-learn/snyk-learn-access-controls.md
index 5ecf262e5a5f..1389a6e05394 100644
--- a/discover-snyk/snyk-learn/snyk-learn-access-controls.md
+++ b/discover-snyk/snyk-learn/snyk-learn-access-controls.md
@@ -12,7 +12,7 @@ description: >-
Assignment permissions are available in the Snyk Learning Management add-on offering. Report permissions are available to Snyk Enterprise plan customers. For more information, contact your Snyk account team.
{% endhint %}
-**Snyk Learn Access Controls** functionality enables you to manage user permissions for Snyk Learn using the same [access control model](https://app.gitbook.com/o/-M4tdxG8qotLgGZnLpFR/s/IgtgtomLQ2TUgSKOMSAm/snyk-platform-administration/user-roles/user-role-management) as the Snyk Platform. A Group Admin can create custom roles with a set of permissions related to Snyk Learn Assignments. These roles can reflect users and functions in the Organization. For example, you can limit permissions for education and training management functionality for Snyk Learn to the user who is the education and training manager at your organization.
+**Snyk Learn Access Controls** functionality lets you manage user permissions for Snyk Learn using the same [access control model](https://app.gitbook.com/o/-M4tdxG8qotLgGZnLpFR/s/IgtgtomLQ2TUgSKOMSAm/snyk-platform-administration/user-roles/user-role-management) as the Snyk Platform. A Group Admin can create custom roles with a set of permissions related to Snyk Learn Assignments. These roles can reflect users and functions in the Organization. For example, you can limit permissions for education and training management functionality for Snyk Learn to the user who is the education and training manager at your organization.
{% hint style="info" %}
Group and Organization Admins have access to Snyk Learn Reports and Assignments by default without extra permissions.
@@ -20,7 +20,7 @@ Group and Organization Admins have access to Snyk Learn Reports and Assignments
#### Assignments
-To grant permissions for access to Assignments beyond the default Organization and Group Admin roles, you must create a [custom role](https://app.gitbook.com/o/-M4tdxG8qotLgGZnLpFR/s/IgtgtomLQ2TUgSKOMSAm/snyk-platform-administration/user-roles/custom-role-templates/snyk-learn-learning-admin) with a set of permissions for assignments. The custom role must have the View Users permission in order for managing assignments to work. The following lists the permissions for managing assignments:
+To grant permissions for access to Assignments beyond the default Organization and Group Admin roles, you must create a [custom role](https://app.gitbook.com/o/-M4tdxG8qotLgGZnLpFR/s/IgtgtomLQ2TUgSKOMSAm/snyk-platform-administration/user-roles/custom-role-templates/snyk-learn-learning-admin) with a set of permissions for assignments. The custom role must have the View Users permission for managing assignments to work. The following lists the permissions for managing assignments:
* View Organization assignments
* Edit Organization assignments
diff --git a/discover-snyk/snyk-learn/snyk-learn-api.md b/discover-snyk/snyk-learn/snyk-learn-api.md
index a4bae19636a9..fe1f019956b0 100644
--- a/discover-snyk/snyk-learn/snyk-learn-api.md
+++ b/discover-snyk/snyk-learn/snyk-learn-api.md
@@ -6,7 +6,7 @@
The Snyk Learn API endpoints are [Beta](https://app.gitbook.com/o/-M4tdxG8qotLgGZnLpFR/s/IEEjSXQQu36y0vmFV8zf/snyk-api/rest-api/about-the-rest-api#versioning) endpoints.
{% endhint %}
-The Snyk Learn API endpoints are part of the [Snyk REST API](https://app.gitbook.com/o/-M4tdxG8qotLgGZnLpFR/s/IEEjSXQQu36y0vmFV8zf/snyk-api/rest-api/about-the-rest-api) and allow for programmatic interaction with Snyk Learn.
+The Snyk Learn API endpoints are part of the [Snyk REST API](https://app.gitbook.com/o/-M4tdxG8qotLgGZnLpFR/s/IEEjSXQQu36y0vmFV8zf/snyk-api/rest-api/about-the-rest-api) and let you interact programmatically with Snyk Learn.
The Snyk REST API requires authentication. For information about authentication, see [Authentication for API](https://app.gitbook.com/o/-M4tdxG8qotLgGZnLpFR/s/IEEjSXQQu36y0vmFV8zf/snyk-api/authentication-for-api).
diff --git a/discover-snyk/snyk-learn/snyk-learn-assignments.md b/discover-snyk/snyk-learn/snyk-learn-assignments.md
index cdb5f59472d1..82773cb30e2a 100644
--- a/discover-snyk/snyk-learn/snyk-learn-assignments.md
+++ b/discover-snyk/snyk-learn/snyk-learn-assignments.md
@@ -6,7 +6,7 @@
Assignments are available in the Snyk Learning Management add-on offering. For more information, contact your Snyk account team.
{% endhint %}
-Assignments streamline training management by empowering admins to assign, track, and manage learning efficiently. The Assignments feature enhances accountability by allowing customers to set due dates for completion and seamlessly integrate with organizational goals, for example, compliance timelines, ensuring alignment across training initiatives.
+Assignments streamline training management by empowering admins to assign, track, and manage learning efficiently. The Assignments feature enhances accountability by letting you set due dates for completion and integrate with organizational goals, for example, compliance timelines, ensuring alignment across training initiatives.
Using Assignments, your company can gain:
@@ -17,7 +17,7 @@ Using Assignments, your company can gain:
* Compliance: Get help with meeting regulatory requirements through the timely completion of mandatory training.
{% hint style="info" %}
-Snyk Learn Assignments support Organizations with up to 5000 members.
+Snyk Learn Assignments support Organizations with up to 5,000 members.
{% endhint %}
## Use cases for assignments
@@ -66,7 +66,7 @@ By default, only Snyk Org or Group admins can create assignments. Group admins c
Creating new assignments button on the Assignments Dashboard page
-The **New Assignments** page opens, which allows you to create assignments for Snyk Organization users. On the **New Assignments** page:
+The **New Assignments** page opens, where you can create assignments for Snyk Organization users. On the **New Assignments** page:
1. Verify that the selected Organization is correct.
@@ -88,7 +88,7 @@ The **New Assignments** page opens, which allows you to create assignments for S
-6. Optionally reset user learning progress. If selected this forces users to retake lessons that have already been completed.
+6. Optionally reset user learning progress. If selected, this forces users to retake lessons that have already been completed.
Optionally reset user learning progress
diff --git a/discover-snyk/snyk-learn/snyk-learn-learning-programs.md b/discover-snyk/snyk-learn/snyk-learn-learning-programs.md
index 0e4b5d8d26f1..fdd2fe251f45 100644
--- a/discover-snyk/snyk-learn/snyk-learn-learning-programs.md
+++ b/discover-snyk/snyk-learn/snyk-learn-learning-programs.md
@@ -8,11 +8,11 @@ This feature is available in Early Access as part of the Snyk Learning Managemen
Send feedback to your Snyk account team, or email [support@snyk.io](mailto:support@snyk.io).
{% endhint %}
-Learning programs allow Snyk administrators to curate specific paths of security education and Snyk product training, and assign them to groups of developers or Snyk users. By grouping lessons into programs and setting deadlines, organizations can automate security onboarding, meet compliance requirements, and drive targeted remediation.
+Learning programs let Snyk administrators curate specific paths of security education and Snyk product training, and assign them to groups of developers or Snyk users. By grouping lessons into programs and setting deadlines, organizations can automate security onboarding, meet compliance requirements, and drive targeted remediation.
## Prerequisites
-To create and manage learning programs, you must must be a [Tenant Admin](https://app.gitbook.com/o/-M4tdxG8qotLgGZnLpFR/s/IgtgtomLQ2TUgSKOMSAm/snyk-hierarchy/tenant) or have a custom role with the `tenant.learning_program.edit` and `tenant.learning_program.read` permissions.
+To create and manage learning programs, you must be a [Tenant Admin](https://app.gitbook.com/o/-M4tdxG8qotLgGZnLpFR/s/IgtgtomLQ2TUgSKOMSAm/snyk-hierarchy/tenant) or have a custom role with the `tenant.learning_program.edit` and `tenant.learning_program.read` permissions.
### Example: Creating a custom role
@@ -52,7 +52,7 @@ curl --location --globoff --request POST "https://api.snyk.io/rest/tenants/{tena
## Creating a new learning program
{% hint style="info" %}
-Programs cannot be edited once they have started. Ensure your lesson list and participant list are final before the start date of the program.
+Programs cannot be edited after they have started. Ensure your lesson list and participant list are final before the start date of the program.
During Early Access, there is a limit to 300 participants per program.
{% endhint %}
@@ -61,7 +61,7 @@ Follow these steps to build and launch a new training initiative:
1. Navigate to [Learning Programs](https://learn.snyk.io/admin/management/).
2. Click **Create new learning program**. Enter a unique name (for example, `New Joiners 2026`) and a description.
-3. Browse the available Snyk Learn catalog and select the modules you wish to include in the learning program.
+3. Browse the available Snyk Learn catalog and select the modules you want to include in the learning program.
4. Download the participants `.csv` template provided in the UI, add the email addresses of your learners, and upload the file.
5. Set the start date and duration for your learning program, and choose whether to send reminders to your users.
6. If needed, you can reset progress for lessons to have your users retake those lessons.
@@ -97,6 +97,6 @@ The progress state for each user is displayed:
## Completing a learning program
-Learning programs complete automatically once the scheduled end date is reached.
+Learning programs complete automatically after the scheduled end date is reached.
If needed, you can click **Mark as Completed** on the program details page to end the program early.
diff --git a/discover-snyk/snyk-learn/snyk-learn-reports/README.md b/discover-snyk/snyk-learn/snyk-learn-reports/README.md
index 57b776d0f726..673b23c20a3e 100644
--- a/discover-snyk/snyk-learn/snyk-learn-reports/README.md
+++ b/discover-snyk/snyk-learn/snyk-learn-reports/README.md
@@ -3,14 +3,14 @@
{% hint style="info" %}
**Feature availability**
-Snyk Learn organization reports are available only with Enterprise plans. Snyk Learn assignment reports and program reports are available only in the Learning Management add-on offering.
+Snyk Learn organization reports are available only with Enterprise plans. Snyk Learn assignment reports and program reports are available only in the Learning Management add-on offering.
-For more information, see [plans and pricing](https://snyk.io/plans/).
+For more information, visit [plans and pricing](https://snyk.io/plans/).
{% endhint %}
Snyk Learn offers reports to help you track learning progress across your Snyk tenant.
-Snyk Learn offers [organization-level reports](organization-reports.md) to understand on an org by org basis how your teams are engaging with the Snyk Learn content. This is useful for team leads or security champions to track the progress of their teams.
+Snyk Learn offers [organization-level reports](organization-reports.md) to understand on an Organization by Organization basis how your teams are engaging with the Snyk Learn content. This is useful for team leads or security champions to track the progress of their teams.
You can use the [assignments report](assignment-reports.md) to track individual [Snyk Learn assignments](../snyk-learn-assignments.md).
diff --git a/discover-snyk/snyk-learn/snyk-learn-reports/assignment-reports.md b/discover-snyk/snyk-learn/snyk-learn-reports/assignment-reports.md
index d66cc603e423..b407e3530c88 100644
--- a/discover-snyk/snyk-learn/snyk-learn-reports/assignment-reports.md
+++ b/discover-snyk/snyk-learn/snyk-learn-reports/assignment-reports.md
@@ -4,24 +4,24 @@
Snyk Learn assignment reporting is available only in the Learning Management add-on offering. For more information, contact your Snyk account team.
{% endhint %}
-After you have created your first [Assignments](../snyk-learn-assignments.md) with Snyk Learn, you can use the Assignment reporting to track progress at an organization level. This is useful for team managers, security champions, AppSec engineers, and compliance team members to follow up on detailed progress and to extract reports for compliance usage.
+After you have created your first [Assignments](../snyk-learn-assignments.md) with Snyk Learn, you can use the Assignment reporting to track progress at an organization level. This is useful for team managers, security champions, AppSec engineers, and compliance team members to follow up on detailed progress and to extract reports for compliance use.
## Assignment report
By navigating to your [assignment](https://learn.snyk.io/admin/assignments/) dashboard, you can find reports showing your organizational progress against assignments.
-You can also use the filter to drill down further, and the buttons below the filter allow you to change the due date, delete assignments, and also trigger email reminders for your users.
+You can also use the filter to drill down further. The buttons next to the filter let you change the due date, delete assignments, and trigger email reminders for your users.
### Changing the due date
-First, select the assignments you would like to change the due date for, and then press the icon highlighted in the image below. You will then be asked to pick a new date. This updates the due date, and also updates the user's Learning Progress dashboard.
+First, select the assignments you want to change the due date for, and then click the highlighted icon. Snyk asks you to pick a new date. This updates the due date and the Learning Progress dashboard of the user.
### Sending a reminder email
-By selecting an assignment and then pressing the button highlighted you can trigger a reminder email to be sent. You will be offered the chance to add a custom message before the reminder is sent.
+Select an assignment and then click the highlighted button to trigger a reminder email. You can add a custom message before Snyk sends the reminder.
diff --git a/discover-snyk/snyk-learn/snyk-learn-reports/organization-reports.md b/discover-snyk/snyk-learn/snyk-learn-reports/organization-reports.md
index a023357202a8..572bd16b6392 100644
--- a/discover-snyk/snyk-learn/snyk-learn-reports/organization-reports.md
+++ b/discover-snyk/snyk-learn/snyk-learn-reports/organization-reports.md
@@ -9,7 +9,7 @@ Snyk Learn organization reports are available only with Enterprise plans. For mo
By default, only Snyk Org or Group admins can view and export reports. Group admins can create custom roles by using the standard Snyk workflow. Learn more about the access controls for reports at [Snyk Learn Access Controls](../snyk-learn-access-controls.md).
{% hint style="info" %}
-Snyk Learn organization reports support Organizations with up to 5000 members.
+Snyk Learn organization reports support Organizations with up to 5,000 members.
{% endhint %}
## Organization Overview report
diff --git a/discover-snyk/snyk-learn/snyk-learn-reports/program-reporting.md b/discover-snyk/snyk-learn/snyk-learn-reports/program-reporting.md
index 2f5a876277ea..7e23e6418272 100644
--- a/discover-snyk/snyk-learn/snyk-learn-reports/program-reporting.md
+++ b/discover-snyk/snyk-learn/snyk-learn-reports/program-reporting.md
@@ -10,7 +10,7 @@ Snyk Learn provides a Snyk in-app reporting powered report to give you insights
The goal of the engagement report is to provide insights into the overall progress of your security education and training programs, and give you insights into which parts of your Organization are engaging with Snyk Learn content. You can use the data and insights to better optimize your program, find security champions, generate reports for compliance, and show progress to your executive sponsors. This report is available at the Group level.
-Read more about this report [here](https://app.gitbook.com/o/-M4tdxG8qotLgGZnLpFR/s/BJO0IZx7zB6bOkotxQP2/prevent/analytics/reports-tab/education-reports#learn-engagement).
+Learn more in the [Learn engagement report documentation](https://app.gitbook.com/o/-M4tdxG8qotLgGZnLpFR/s/BJO0IZx7zB6bOkotxQP2/prevent/analytics/reports-tab/education-reports#learn-engagement).
{% hint style="info" %}
[Learning Programs](../snyk-learn-learning-programs.md) are not included in the Engagement Report
@@ -24,9 +24,9 @@ Read more about this report [here](https://app.gitbook.com/o/-M4tdxG8qotLgGZnLpF
The Learning Impact & Opportunities report is available in Early Access.
{% endhint %}
-The goal of the Impact and Opportunities report is to provide insights into the impact your security education and training programs have on code issue remediation and prevention. In addition, the report gives recommendations for future training based on your code issue backlog and issues that were introduced during the selected time period of the report. This report is available at the Group level.
+The goal of the Impact and Opportunities report is to provide insights into the impact your security education and training programs have on code issue remediation and prevention. In addition, the report gives recommendations for future training based on your code issue backlog and issues introduced during the selected time period of the report. This report is available at the Group level.
-Read more about this report [here](https://app.gitbook.com/o/-M4tdxG8qotLgGZnLpFR/s/BJO0IZx7zB6bOkotxQP2/prevent/analytics/reports-tab/education-reports#learning-impact-and-opportunities).
+Learn more in the [Learning Impact and Opportunities report documentation](https://app.gitbook.com/o/-M4tdxG8qotLgGZnLpFR/s/BJO0IZx7zB6bOkotxQP2/prevent/analytics/reports-tab/education-reports#learning-impact-and-opportunities).
diff --git a/discover-snyk/snyk-learn/your-learning/README.md b/discover-snyk/snyk-learn/your-learning/README.md
index f799cdd373cf..bcc5eaa59f5e 100644
--- a/discover-snyk/snyk-learn/your-learning/README.md
+++ b/discover-snyk/snyk-learn/your-learning/README.md
@@ -20,7 +20,7 @@ In your profile, you can set your learning preferences, including the preferred
## In progress learning
-The [Learning Progress](https://learn.snyk.io/user/learning-progress/) area lets you see your in-progress learning and start where you left off. You will also receive recommendations for what to learn next.
+The [Learning Progress](https://learn.snyk.io/user/learning-progress/) area lets you see your in-progress learning and start where you left off. You also receive recommendations for what to learn next.
## Vulnerabilities in your code
@@ -58,4 +58,4 @@ Some Snyk Learn lessons include a quiz at the end to test your knowledge. You mu
## Certificates of completion
-For all Snyk Learn security learning paths, you will be awarded a Certificate of Completion upon completion. The certificate recognizes your time and effort to improve your security skills and knowledge. You can download a PDF of the certificate from the Learning Path page.
+For all Snyk Learn security learning paths, Snyk awards you a Certificate of Completion upon completion. The certificate recognizes your time and effort to improve your security skills and knowledge. You can download a PDF of the certificate from the Learning Path page.
diff --git a/discover-snyk/snyk-learn/your-learning/claiming-cpe-credits-with-snyk-learn.md b/discover-snyk/snyk-learn/your-learning/claiming-cpe-credits-with-snyk-learn.md
index cc93e2d957c8..3c4fed44e0a1 100644
--- a/discover-snyk/snyk-learn/your-learning/claiming-cpe-credits-with-snyk-learn.md
+++ b/discover-snyk/snyk-learn/your-learning/claiming-cpe-credits-with-snyk-learn.md
@@ -4,7 +4,7 @@ description: >-
and learning paths.
---
-# Claiming CPE Credits with Snyk Learn
+# Claiming CPE credits with Snyk Learn
Snyk Learn offers a range of security education lessons and learning paths designed to enhance your application security skills. While these lessons provide valuable knowledge, they do not automatically grant Continuing Professional Education (CPE) credits. To claim CPE credits for your participation in Snyk Learn lessons and learning paths, follow these steps.
@@ -22,7 +22,7 @@ The specific process for claiming CPE credits may vary depending on your certify
* Duration: Time spent on the module
3. Submit to your certification body.
1. Access the CPE submission portal of your certifying organization, such as ISC2 or ISACA.
- 2. Enter the recorded details and provide any required documentation, such as completion certificates (available for Learning Paths) or screenshots of the completed lesson in your Learning Progress dashboard or the lesson page, see examples below.
+ 2. Enter the recorded details and provide any required documentation, such as completion certificates (available for Learning Paths) or screenshots of the completed lesson in your Learning Progress dashboard or the lesson page. See the following examples.
4. Provide additional information if requested. You may be asked to supply further details or respond to inquiries from your certifying body to verify your CPE claim.
### Examples
diff --git a/discover-snyk/snyk-platform-administration/structure-your-account-for-high-application-performance.md b/discover-snyk/snyk-platform-administration/structure-your-account-for-high-application-performance.md
index cee177b1526b..1feb7cfcf55d 100644
--- a/discover-snyk/snyk-platform-administration/structure-your-account-for-high-application-performance.md
+++ b/discover-snyk/snyk-platform-administration/structure-your-account-for-high-application-performance.md
@@ -10,11 +10,11 @@ Snyk recommends structuring your Organizations so that there are no more than 2,
If you have more than 2,000 users in an Organization, you begin to risk performance issues. When the application must load a large number of users, performance is slowed for the dashboard and the Group members management page.
-If users have a large number of memberships in a given Group, all requests--in the Snyk Web UI and through the CLI and the API, are slowed because, on most requests, calculations and queries occur to check access and permissions.
+If users have a large number of memberships in a given Group, all requests — in the Snyk Web UI and through the CLI and the API — are slowed because, on most requests, calculations and queries occur to check access and permissions.
## Structure of Groups
-A small number of Snyk customers have more than one Group, for example, to keep different business units completely separate. However, anyone considering multiple Groups must understand the limitations of setting up their account with multiple groups.
+A small number of Snyk customers have more than one Group, for example, to keep different business units completely separate. However, anyone considering multiple Groups must understand the limitations of setting up their account with multiple Groups.
Specifically, each Group is a standalone entity. This has the following consequences:
diff --git a/discover-snyk/supported-languages-package-managers-and-frameworks/apex.md b/discover-snyk/supported-languages-package-managers-and-frameworks/apex.md
index b81862429f37..a562e7553cd0 100644
--- a/discover-snyk/supported-languages-package-managers-and-frameworks/apex.md
+++ b/discover-snyk/supported-languages-package-managers-and-frameworks/apex.md
@@ -19,7 +19,7 @@ For Apex, Snyk supports the following features:
* CLI and IDE: test or monitor your app. For more information, see [Snyk CLI for Snyk Code](https://app.gitbook.com/o/-M4tdxG8qotLgGZnLpFR/s/IEEjSXQQu36y0vmFV8zf/snyk-cli/snyk-cli/scan-and-maintain-projects-using-the-cli/snyk-cli-for-snyk-code).
{% hint style="info" %}
-The **Snyk fix PR** feature is not available for Apex. This means that you will not be notified if the PR checks fail when the following conditions are met:
+The **Snyk fix PR** feature is not available for Apex. This means that Snyk does not notify you if the PR checks fail when the following conditions are met:
* The **PR checks** feature is enabled and configured to **Only fail when the issues found have a fix available.**
* "**Fixed in" available** is set to **Yes.**
diff --git a/discover-snyk/supported-languages-package-managers-and-frameworks/java-and-kotlin/README.md b/discover-snyk/supported-languages-package-managers-and-frameworks/java-and-kotlin/README.md
index 8e7f18e389e2..fa7355cdbb1c 100644
--- a/discover-snyk/supported-languages-package-managers-and-frameworks/java-and-kotlin/README.md
+++ b/discover-snyk/supported-languages-package-managers-and-frameworks/java-and-kotlin/README.md
@@ -133,7 +133,7 @@ Available features:
## Validating, monitoring, alerting, and gating for Java and Kotlin
-For SCM integrations, Snyk allows you to [run PR Checks](https://app.gitbook.com/o/-M4tdxG8qotLgGZnLpFR/s/BJO0IZx7zB6bOkotxQP2/prevent/pull-request-checks) to validate submitted changes to code and open source packages before merging. Snyk can also retest and alert on the default branch on a scheduled basis. You can see the results on the **Projects** page.
+For SCM integrations, Snyk lets you [run PR Checks](https://app.gitbook.com/o/-M4tdxG8qotLgGZnLpFR/s/BJO0IZx7zB6bOkotxQP2/prevent/pull-request-checks) to validate submitted changes to code and open source packages before merging. Snyk can also retest and alert on the default branch on a scheduled basis. You can see the results on the **Projects** page.
For CI/CD integrations, Snyk can passively monitor and provide a QA gate by failing build checks during testing for policy violations.
@@ -150,7 +150,7 @@ Snyk provides flexible capabilities, including:
Snyk can monitor container images and their open source or Linux based packages being used in production using Kubernetes integration, to notify customers of known vulnerabilities for applications in production. This feature is available for Enterprise plans only.
-Where a production integration does not exist, use the [snyk monitor](https://app.gitbook.com/o/-M4tdxG8qotLgGZnLpFR/s/IEEjSXQQu36y0vmFV8zf/snyk-cli/snyk-cli/commands/monitor) CLI command to take a snapshot and monitor what is being pushed to production (available for all plans).
+Where a production integration does not exist, use the [snyk monitor](https://app.gitbook.com/o/-M4tdxG8qotLgGZnLpFR/s/IEEjSXQQu36y0vmFV8zf/snyk-cli/snyk-cli/commands/monitor) CLI command to take a snapshot and monitor what you push to production (available for all plans).
## Java support for BOM
@@ -198,7 +198,7 @@ Example of a BOM file:
The `dependencyManagement` section contains dependency elements. Each dependency is a lookup reference for Maven to determine the version to select for transitive (and direct) dependencies.
-Defining a dependency in the `dependencyManagement` section ia used only for lookup reference, it does not add it to the dependency tree of the Project.
+Defining a dependency in the `dependencyManagement` section is used only for lookup reference. It does not add the dependency to the dependency tree of the Project.
You can run `mvn dependency:tree` on the previous BOM example to show that Maven does not treat the contents as dependencies of the file itself.
diff --git a/discover-snyk/supported-languages-package-managers-and-frameworks/java-and-kotlin/git-repositories-with-maven-and-gradle.md b/discover-snyk/supported-languages-package-managers-and-frameworks/java-and-kotlin/git-repositories-with-maven-and-gradle.md
index b9e1c83daa8f..f35834ad46e1 100644
--- a/discover-snyk/supported-languages-package-managers-and-frameworks/java-and-kotlin/git-repositories-with-maven-and-gradle.md
+++ b/discover-snyk/supported-languages-package-managers-and-frameworks/java-and-kotlin/git-repositories-with-maven-and-gradle.md
@@ -40,7 +40,7 @@ If you are using Maven or Gradle with a gradle.lockfile, the Git code repository
Typically you can instrument testing as part of a build system or adopt a lockfile as part of their process.
-* It is quite common for large organizations to monitor applications via Git integration, to begin with, daily monitoring, turning on PR checks for only key applications at the start.
+* It is quite common for large organizations to monitor applications through Git integration, to begin with, daily monitoring, turning on PR checks for only key applications at the start.
* As developers become familiar with Snyk capabilities, they widen the scope of applications with PR checks for gating.
* Use CI/CD to passively monitor and then turn on gating by using the [snyk \[product\] test and monitor commands](https://app.gitbook.com/o/-M4tdxG8qotLgGZnLpFR/s/IEEjSXQQu36y0vmFV8zf/integrations/snyk-ci-cd-integrations/snyk-ci-cd-integration-deployment-and-strategies/snyk-test-and-snyk-monitor-in-ci-cd-integration).
@@ -81,12 +81,12 @@ Improved Gradle SCM scanning is in Early Access. You can enable the feature by u
The following Gradle features are not supported:
* Custom configuration in [buildSrc](https://docs.gradle.org/current/userguide/organizing_gradle_projects.html#sec:build_sources) directories
-* Dependencies introduced via [plugins](https://docs.gradle.org/current/userguide/plugins.html).
+* Dependencies introduced through [plugins](https://docs.gradle.org/current/userguide/plugins.html).
### Enable improved Gradle SCM scanning
{% hint style="warning" %}
-Improved Gradle SCM scanning supports importing a maximum limit of 5,000 `build.gradle(.kts)` files per SCM repository. Attempts to import repos with more than 5,000 Gradle build files will fail.
+Improved Gradle SCM scanning supports importing a maximum limit of 5,000 `build.gradle(.kts)` files per SCM repository. Attempts to import repos with more than 5,000 Gradle build files fail.
{% endhint %}
To enable this feature, follow these steps for your Snyk Organization:
@@ -104,7 +104,7 @@ After Improved Gradle SCM scanning is enabled:
If your application build uses private package repositories, you must configure the relevant Snyk integration to get the most accurate results.
-To use package repository integrations with the Improved Gradle scanning feature, use the configuration instructions and settings for Maven. These will be detected and used in improved Gradle scans.
+To use package repository integrations with the Improved Gradle scanning feature, use the configuration instructions and settings for Maven. Snyk detects and uses these in improved Gradle scans.
In the Java language settings, you can integrate Snyk with your private package repositories (for example, Artifactory or Nexus). This enables Snyk to build a complete dependency tree when scanning Maven or Gradle Projects that reference private packages.
@@ -145,4 +145,4 @@ You can configure language settings for your open source libraries and licensing
Customers develop advanced dependency management strategies and can choose not to use the standard and frequently used package managers.
-For on-time testing using the Snyk API, you can use the [Test](https://app.gitbook.com/o/-M4tdxG8qotLgGZnLpFR/s/IEEjSXQQu36y0vmFV8zf/snyk-api/reference/test-v1) endpoints. Examples include [Test for issues in a (Maven) public package by group id, artifact id and version](https://app.gitbook.com/o/-M4tdxG8qotLgGZnLpFR/s/IEEjSXQQu36y0vmFV8zf/snyk-api/reference/test-v1#test-maven-groupid-artifactid-version) and [List issues for a package](https://app.gitbook.com/o/-M4tdxG8qotLgGZnLpFR/s/IEEjSXQQu36y0vmFV8zf/snyk-api/reference/issues#orgs-org_id-packages-purl-issues).
+For one-time testing using the Snyk API, you can use the [Test](https://app.gitbook.com/o/-M4tdxG8qotLgGZnLpFR/s/IEEjSXQQu36y0vmFV8zf/snyk-api/reference/test-v1) endpoints. Examples include [Test for issues in a (Maven) public package by group id, artifact id and version](https://app.gitbook.com/o/-M4tdxG8qotLgGZnLpFR/s/IEEjSXQQu36y0vmFV8zf/snyk-api/reference/test-v1#test-maven-groupid-artifactid-version) and [List issues for a package](https://app.gitbook.com/o/-M4tdxG8qotLgGZnLpFR/s/IEEjSXQQu36y0vmFV8zf/snyk-api/reference/issues#orgs-org_id-packages-purl-issues).
diff --git a/discover-snyk/supported-languages/supported-languages-list/.net/README.md b/discover-snyk/supported-languages/supported-languages-list/.net/README.md
index eea590219ad1..4c286351eca5 100644
--- a/discover-snyk/supported-languages/supported-languages-list/.net/README.md
+++ b/discover-snyk/supported-languages/supported-languages-list/.net/README.md
@@ -31,7 +31,7 @@ For .NET with Snyk Code, the following frameworks and libraries are supported:
### Supported file formats
-* For C#, Snyk supports the `.aspx` & `.cs` file formats.
+* For C#, Snyk supports the `.aspx` and `.cs` file formats.
* For VB.NET, Snyk supports the `.vb` file format.
### Available features
@@ -103,7 +103,7 @@ To include developer dependencies in NuGet SCM imports, navigate to **Settings**
When scanning through an SCM integration, the methodology varies based on your Project format:
-* Modern Projects (SDK-style): For modern `.csproj` formats, the scanner utilises the .NET SDK directly to resolve dependencies, resulting in higher accuracy. This also provides the capability of scanning any Project that can be successfully restored by the `dotnet` SDK itself including `Directory.Build.props` files, `global.json`, or Central Package Management (`Directory.Packages.props`).
+* Modern Projects (SDK-style): For modern `.csproj` formats, the scanner uses the .NET SDK directly to resolve dependencies, resulting in higher accuracy. This also provides the capability of scanning any Project that can be successfully restored by the `dotnet` SDK itself including `Directory.Build.props` files, `global.json`, or Central Package Management (`Directory.Packages.props`).
* Legacy Projects (Non-SDK style): For Projects relying on `packages.config`, `project.json`, or XML-style `*.csproj` , `*.vbproj` or `*.fproj` files. The scanner uses static analysis to approximate the dependency graph based on standard NuGet algorithms.
To improve accuracy, migrate to the [Universal Broker](https://app.gitbook.com/o/-M4tdxG8qotLgGZnLpFR/s/IgtgtomLQ2TUgSKOMSAm/snyk-broker/universal-broker) and [enable](https://app.gitbook.com/o/-M4tdxG8qotLgGZnLpFR/s/IgtgtomLQ2TUgSKOMSAm/snyk-broker/universal-broker/basic-steps-to-install-and-configure-universal-broker#enabling-the-universal-broker-for-enhanced-sca-scanning) it for Open Source Scanning.
@@ -116,7 +116,7 @@ By default, Microsoft enables the `RestoreEnablePackagePruning` property for the
Snyk respects your Project configuration. If you set `RestoreEnablePackagePruning` to `false` in your Project file or `Directory.Build.props`, Snyk does not prune these references during the scan.
-For Projects targeting .NET 10.0 and later, Snyk SCM and CLI scanners align with the default Microsoft build behaviour.
+For Projects targeting .NET 10.0 and later, Snyk SCM and CLI scanners align with the default Microsoft build behavior.
By default, Microsoft enables the `RestoreEnablePackagePruning` property for these target frameworks. This setting prunes framework-provided package references during the restore operation.
diff --git a/discover-snyk/supported-languages/supported-languages-list/.net/snyk-cli-for-.net.md b/discover-snyk/supported-languages/supported-languages-list/.net/snyk-cli-for-.net.md
index 259b7e07d695..dc9bc2dc6caa 100644
--- a/discover-snyk/supported-languages/supported-languages-list/.net/snyk-cli-for-.net.md
+++ b/discover-snyk/supported-languages/supported-languages-list/.net/snyk-cli-for-.net.md
@@ -36,10 +36,7 @@ Snyk supports `packages.config` files. To scan these Projects:
1. Run `nuget install -OutputDirectory packages` to install dependencies into the `packages` folder.
2. Ensure the command created the `packages` directory.
-3. Run `snyk test` as follows:
- 1. Install the dependencies into the packages folder by running `nuget install -OutputDirectory packages`
- 2. Ensure that the packages directory has been created by the previous command.
- 3. Run `snyk test`.
+3. Run `snyk test`.
## Paket
diff --git a/discover-snyk/supported-languages/supported-languages-list/.net/troubleshooting-snyk-for-.net.md b/discover-snyk/supported-languages/supported-languages-list/.net/troubleshooting-snyk-for-.net.md
index d156c2457b74..731b15708bf7 100644
--- a/discover-snyk/supported-languages/supported-languages-list/.net/troubleshooting-snyk-for-.net.md
+++ b/discover-snyk/supported-languages/supported-languages-list/.net/troubleshooting-snyk-for-.net.md
@@ -11,19 +11,19 @@ To improve accuracy, migrate to the Universal Broker.
### Static analysis limitations
-The following functionality is not supported when using static analysis:
+Static analysis does not support the following functionality:
* Private dependencies: Snyk cannot access private dependencies, including brokered and non-brokered. Transitive dependencies are not resolved.
* Build configuration: Snyk ignores `Directory.Build.props`, `Directory.Build.targets`, and `global.json` files.
-* Runtime precision: Snyk cannot reliably identify the specific runtime, which may increase false positives
+* Runtime precision: Snyk cannot reliably identify the specific runtime, which can increase false positives.
### Handle runtime false positives
-Static analysis may flag vulnerabilities already patched in your environment because it may not detect your specific runtime patch version.
+Static analysis can flag vulnerabilities already patched in your environment because it might not detect your specific runtime patch version.
#### Vulnerabilities in SCM
-If your application runs on a system updated with the latest Microsoft patches, a flagged vulnerability may not be relevant. You can ignore these vulnerabilities in the Snyk Web UI.
+If your application runs on a system updated with the latest Microsoft patches, a flagged vulnerability might not be relevant. You can ignore these vulnerabilities in the Snyk Web UI.
#### Vulnerabilities in CLI
diff --git a/discover-snyk/supported-languages/supported-languages-list/bazel.md b/discover-snyk/supported-languages/supported-languages-list/bazel.md
index 83ff82dff847..17da8e01a4ba 100644
--- a/discover-snyk/supported-languages/supported-languages-list/bazel.md
+++ b/discover-snyk/supported-languages/supported-languages-list/bazel.md
@@ -28,7 +28,7 @@ The Dep Graph API requires specific permissions. If you do not have access, cont
You can test Bazel dependencies across any supported ecosystem, except C++, which is not supported by these endpoints.
-Use the Snyk Dep Graph API endpoints [Test Dep Graph](https://app.gitbook.com/o/-M4tdxG8qotLgGZnLpFR/s/IEEjSXQQu36y0vmFV8zf/snyk-api/reference/test-v1) and [Monitor Dep Graph](https://app.gitbook.com/o/-M4tdxG8qotLgGZnLpFR/s/IEEjSXQQu36y0vmFV8zf/snyk-api/reference/monitor-v1) to test and monitor dependencies managed by Bazel. The monitor capability allows you to submit a tree for Snyk to monitor for vulnerabilities.
+Use the Snyk Dep Graph API endpoints [Test Dep Graph](https://app.gitbook.com/o/-M4tdxG8qotLgGZnLpFR/s/IEEjSXQQu36y0vmFV8zf/snyk-api/reference/test-v1) and [Monitor Dep Graph](https://app.gitbook.com/o/-M4tdxG8qotLgGZnLpFR/s/IEEjSXQQu36y0vmFV8zf/snyk-api/reference/monitor-v1) to test and monitor dependencies managed by Bazel. The monitor capability lets you submit a tree for Snyk to monitor for vulnerabilities.
### Test and monitor dependencies
diff --git a/discover-snyk/supported-languages/supported-languages-list/c-c++.md b/discover-snyk/supported-languages/supported-languages-list/c-c++.md
index 8477593399b5..85b918710703 100644
--- a/discover-snyk/supported-languages/supported-languages-list/c-c++.md
+++ b/discover-snyk/supported-languages/supported-languages-list/c-c++.md
@@ -17,7 +17,7 @@ For C/C++, the following frameworks and libraries are supported:
* argparse parser
* Asio Library
* Boost Library
-* Botan LIbrary
+* Botan Library
* C Standard Library
* C++ Standard Library
* Curl library
@@ -36,7 +36,7 @@ For C/C++, the following frameworks and libraries are supported:
{% column %}
* MySQL framework
* OpenSSL framework
-* POSIX LIbrary
+* POSIX Library
* pugixml library
* SQLite library
* WinHTTP framework
@@ -61,13 +61,13 @@ For C/C++ with Snyk Code, Snyk supports the following file formats: `.c`, `.cc`,
* SCM import
* Support for interfile analysis
-If you use macros, it is possible that your results include false positives and false negatives.
+If you use macros, your results can include false positives and false negatives.
For C/C++ Projects:
* Snyk does not require compilation or a build to perform analysis.
* Snyk Code analyzes the source code directly.
-* If you have precompile components, ensure the source code is available during the scan.
+* If you have precompiled components, ensure the source code is available during the scan.
When using the IDE, you do not need additional options. The Snyk plugin displays results in the IDE views.
@@ -80,7 +80,7 @@ When using the IDE, you do not need additional options. The Snyk plugin displays
* Test your app's SBOM and packages using `pkg:generic` or `pkg:conan` PURLs through [SBOM test](https://app.gitbook.com/o/-M4tdxG8qotLgGZnLpFR/s/IEEjSXQQu36y0vmFV8zf/snyk-cli/snyk-cli/commands/sbom-test) CLI command.
{% hint style="info" %}
-The **Snyk FixPR** feature is not available for C/C++. This means that you will not be notified if the PR checks fail when the following conditions are met:
+The **Snyk FixPR** feature is not available for C/C++. This means Snyk does not notify you if the PR checks fail when the following conditions are met:
* The **PR checks** feature is enabled and configured to **Only fail when the issues found have a fix available.**
* "**Fixed in" available** is set to **Yes.**
@@ -103,7 +103,7 @@ To scan for C/C++ Open Source dependencies using the IDE, add the `--unmanaged`
### Troubleshooting
-Your Snyk Open Source code is not sent to Snyk severs. Snyk converts the files to a list of hashes before sending them for scanning.
+Snyk does not send your Snyk Open Source code to Snyk servers. Snyk converts the files to a list of hashes before sending them for scanning.
Snyk matches your code against a database of official open-source releases. If a scan returns no results, check these common causes:
@@ -152,7 +152,7 @@ To monitor and share reports, run the following command:
snyk monitor --unmanaged --org=*org-id*
```
-Find your org-id under **Organization settings** in the Snyk web UI. Although the Organization ID is optional, Snyk recommends using it. You can use the `snyk-to-html` plugin to generate reports.
+Find your org-id under **Organization settings** in the Snyk Web UI. Although the Organization ID is optional, Snyk recommends using it. You can use the `snyk-to-html` plugin to generate reports.
For individual scans, use the CLI or IDE and run `snyk monitor --unmanaged` to upload results. This displays license and policy information.
@@ -440,7 +440,7 @@ Explore this snapshot at https://app.snyk.io/org/example-org/project/8ac0e233-d0
Notifications about newly disclosed issues related to these dependencies will be emailed to you.
```
-Snyk creates a snapshot of dependencies and vulnerabilities and imports them into the Snyk web UI. You can review the issues and view them in your reports.
+Snyk creates a snapshot of dependencies and vulnerabilities and imports them into the Snyk Web UI. You can review the issues and view them in your reports.
Importing a Snyk Project with unmanaged dependencies creates a new Snyk Project on the **Projects** page:
diff --git a/discover-snyk/supported-languages/supported-languages-list/dart-and-flutter.md b/discover-snyk/supported-languages/supported-languages-list/dart-and-flutter.md
index 7c7cfef4a105..909175536efd 100644
--- a/discover-snyk/supported-languages/supported-languages-list/dart-and-flutter.md
+++ b/discover-snyk/supported-languages/supported-languages-list/dart-and-flutter.md
@@ -69,11 +69,11 @@ The following file formats are supported: `.dart`
### Available features
* Test your app's SBOM and packages using `pkg:pub` PURLs through the [SBOM test](https://app.gitbook.com/o/-M4tdxG8qotLgGZnLpFR/s/IEEjSXQQu36y0vmFV8zf/snyk-cli/snyk-cli/commands/sbom-test) CLI command
-* Test & monitor your Flutter apps native platform dependencies using [`snyk test`](https://app.gitbook.com/o/-M4tdxG8qotLgGZnLpFR/s/IEEjSXQQu36y0vmFV8zf/snyk-cli/snyk-cli/commands/test) and [`snyk monitor`](https://app.gitbook.com/o/-M4tdxG8qotLgGZnLpFR/s/IEEjSXQQu36y0vmFV8zf/snyk-cli/snyk-cli/commands/monitor) commands
+* Test and monitor your Flutter apps native platform dependencies using [`snyk test`](https://app.gitbook.com/o/-M4tdxG8qotLgGZnLpFR/s/IEEjSXQQu36y0vmFV8zf/snyk-cli/snyk-cli/commands/test) and [`snyk monitor`](https://app.gitbook.com/o/-M4tdxG8qotLgGZnLpFR/s/IEEjSXQQu36y0vmFV8zf/snyk-cli/snyk-cli/commands/monitor) commands
### Testing a Dart applications pub dependency tree
-Activate the pub [`sbom`](https://pub.dev/packages/sbom) package & create a minimal `sbom.yaml` file in the root folder of the repository:
+Activate the pub [`sbom`](https://pub.dev/packages/sbom) package and create a minimal `sbom.yaml` file in the root folder of the repository:
```
dart pub global activate sbom
@@ -84,7 +84,7 @@ spdx:
EOF
```
-Use the dart `sbom` command to create a SBOM file & test it using the [`sbom test`](https://app.gitbook.com/o/-M4tdxG8qotLgGZnLpFR/s/IEEjSXQQu36y0vmFV8zf/snyk-cli/snyk-cli/commands/sbom-test) command:
+Use the dart `sbom` command to create a SBOM file and test it using the [`sbom test`](https://app.gitbook.com/o/-M4tdxG8qotLgGZnLpFR/s/IEEjSXQQu36y0vmFV8zf/snyk-cli/snyk-cli/commands/sbom-test) command:
```
dart pub global run sbom
@@ -95,7 +95,7 @@ snyk sbom test --experimental --file sbom-pub.json
Flutter applications rely on native platform dependencies to handle lower-level tasks, such as analytics, hardware access, or integrating existing functionality. These dependencies can be added through pub packages to extend functionality or integrated directly into build systems like Gradle or Cocoapods.
-Snyk’s regular open-source support can scan these packages; however, a complete app build is necessary to make them available in the repository and accessible to CLI tools.
+The regular open-source support in Snyk can scan these packages. However, a complete app build is necessary to make them available in the repository and accessible to CLI tools.
You can start by building the application for all relevant platforms. This ensures that `pub` fetches all required packages, and the Flutter build system establishes the necessary links for the native build systems.
@@ -113,6 +113,6 @@ snyk monitor --all-projects --exclude=example,.symlinks
The `--exclude` parameter removes duplicates and ignores example applications, which are part of the plugin source code but not included in regular application builds.
-You are now able to view in the Snyk Web UI all native dependencies, including those introduced by third-party plugins.
+You can now view in the Snyk Web UI all native dependencies, including those introduced by third-party plugins.
Snyk Project page showing dependencies in Flutter apps
diff --git a/discover-snyk/supported-languages/supported-languages-list/elixir.md b/discover-snyk/supported-languages/supported-languages-list/elixir.md
index 6f489e85b0ec..aaa5084b5266 100644
--- a/discover-snyk/supported-languages/supported-languages-list/elixir.md
+++ b/discover-snyk/supported-languages/supported-languages-list/elixir.md
@@ -19,7 +19,7 @@ For Elixir, the following features are available:
* Test your app's SBOM and packages using `pkg:hex` PURLs through the [SBOM test](https://app.gitbook.com/o/-M4tdxG8qotLgGZnLpFR/s/IEEjSXQQu36y0vmFV8zf/snyk-cli/snyk-cli/commands/sbom-test) CLI command
{% hint style="info" %}
-The **Snyk Fix PR** feature is not available for Elixir. This means that you will not be notified if the PR checks fail when the following conditions are met:
+The **Snyk Fix PR** feature is not available for Elixir. This means Snyk does not notify you if the PR checks fail when the following conditions are met:
* The **PR checks** feature is enabled and configured to **Only fail when the issues found have a fix available.**
* "**Fixed in" available** is set to **Yes.**
diff --git a/discover-snyk/supported-languages/supported-languages-list/go.md b/discover-snyk/supported-languages/supported-languages-list/go.md
index bc9596eaaa69..2f74a1dbeb62 100644
--- a/discover-snyk/supported-languages/supported-languages-list/go.md
+++ b/discover-snyk/supported-languages/supported-languages-list/go.md
@@ -55,7 +55,7 @@ Available features for Go Projects with dependencies managed by Go Modules and d
* Test your app's SBOM and packages using `pkg:golang` PURLs through the [SBOM test](https://app.gitbook.com/o/-M4tdxG8qotLgGZnLpFR/s/IEEjSXQQu36y0vmFV8zf/snyk-cli/snyk-cli/commands/sbom-test) command.
{% hint style="info" %}
-If the **Snyk Fix PR** feature is enabled, this means that you will be notified if the PR checks fail when the following conditions are met:
+If the **Snyk Fix PR** feature is enabled, this means Snyk notifies you if the PR checks fail when the following conditions are met:
* The **PR checks** feature is enabled and configured to **Only fail when the issues found have a fix available.**
* "**Fixed in" available** is set to **Yes.**
@@ -63,12 +63,12 @@ If the **Snyk Fix PR** feature is enabled, this means that you will be notified
Snyk supports all versions of Go, including the latest stable version listed on the Go [All releases](https://go.dev/dl/) page.
-Snyk tracks only official releases. Snyk does not identify commits, including those in the default branch, unless they are included in an official release or tag. For Projects with a package manager, Snyk requires a release to the package manager. For Go and unamanaged scans (C/C++), Snyk requires an official release or tag in the GitHub repository.
+Snyk tracks only official releases. Snyk does not identify commits, including those in the default branch, unless they are included in an official release or tag. For Projects with a package manager, Snyk requires a release to the package manager. For Go and unmanaged scans (C/C++), Snyk requires an official release or tag in the GitHub repository.
{% hint style="warning" %}
Since January 1, 2023, Snyk has not supported govendor Projects. As a general security best practice, Snyk recommends using tools that are consistently maintained and up-to-date.
-Since Snyk no longer supports scanning of govendor Projects, a warning is issued and no results are provided.
+Because Snyk no longer supports scanning of govendor Projects, Snyk issues a warning and provides no results.
{% endhint %}
### Go Modules and dep support
@@ -141,7 +141,7 @@ For more details on levels of access to your repository required by different Sn
Go modules Projects that rely on modules from private SCM repositories are supported if those repositories are in the same SCM organization as the main project repository.
-If you have private modules in repositories from other SCM organizations, it is possible that your Project imports do not work properly. The same is true if your code uses SCM submodules from another organization.
+If you have private modules in repositories from other SCM organizations, your Project imports might not work properly. The same is true if your code uses SCM submodules from another organization.
If your private modules have other private modules from another SCM organization, your Project imports do not work. All private modules, including the ones within other modules, need to be part of the same SCM organization as the main project repository.
diff --git a/discover-snyk/supported-languages/supported-languages-list/java-and-kotlin/snyk-cli-for-java-and-kotlin.md b/discover-snyk/supported-languages/supported-languages-list/java-and-kotlin/snyk-cli-for-java-and-kotlin.md
index b1b025610a44..c7f0b14cebaf 100644
--- a/discover-snyk/supported-languages/supported-languages-list/java-and-kotlin/snyk-cli-for-java-and-kotlin.md
+++ b/discover-snyk/supported-languages/supported-languages-list/java-and-kotlin/snyk-cli-for-java-and-kotlin.md
@@ -52,7 +52,7 @@ snyk test -- -Dpkg_version=1.4
## CLI help for Gradle Projects
-Gradle build can consist of several sub-projects, where each sub-project has its own build.gradle, while the root Project is the only one that also includes a `settings.gradle` file. Sub-projects depend on the root ProjectProjects but can be configured otherwise.
+Gradle build can consist of several sub-projects, where each sub-project has its own build.gradle, while the root Project is the only one that also includes a `settings.gradle` file. Sub-projects depend on the root Project but you can configure them otherwise.
By default, Snyk CLI scans only the current Project, the Project in the root of the current folder, or the Project that is specified by `--file=path/to/build.gradle`).
@@ -62,7 +62,7 @@ To scan all Projects at once (recommended), use the `--all-sub-projects` option:
snyk test --all-sub-projects
```
-Each of the individual sub-projects appears as a separate Snyk Project in the eb UI.
+Each of the individual sub-projects appears as a separate Snyk Project in the Web UI.
To scan a specific Project (for example, "myapp"), use the following command:
@@ -136,7 +136,7 @@ By default, Snyk passes `gradle build --no-daemon` in the background when runnin
If you see `snyk test` or `snyk monitor` fail on other operating systems because of daemon-related issues, try adding the `--no-daemon` flag to the Snyk command or set `GRADLE_OPTS: '-Dorg.gradle.daemon=false'`.
-For tips on disabling the daemon, the [Gradle documentation](https://docs.gradle.org/current/userguide/gradle_daemon.html#sec:disabling_the_daemon).
+For tips on disabling the daemon, visit the [Gradle documentation](https://docs.gradle.org/current/userguide/gradle_daemon.html#sec:disabling_the_daemon).
### Lockfiles
@@ -190,7 +190,7 @@ Such a dependency file is typically evaluated using an `ant` task defined in `bu
```
-Using the command `ant resolve-dependencies`, dependencies will be downloaded from Maven Central, just like regular Maven dependencies.
+Using the command `ant resolve-dependencies`, Maven Central downloads the dependencies, like regular Maven dependencies.
To let Snyk know about the dependency tree, you must first convert to the Maven POM format. Start by configuring a new `makepom` task in `build.xml`
@@ -210,7 +210,7 @@ ant makepom
snyk test --file=pom.xml
```
-The `pom.xml` file does not need to be checked in and can be deleted after a test is done using `snyk`. Additionally, the dependency tree can be monitored using:
+You do not need to check in the `pom.xml` file, and you can delete it after a test using `snyk`. You can also monitor the dependency tree using:
```
snyk monitor --file=pom.xml
@@ -218,7 +218,7 @@ snyk monitor --file=pom.xml
## Snyk CLI tips and tricks
-the [CLI commands and options summary](https://app.gitbook.com/o/-M4tdxG8qotLgGZnLpFR/s/IEEjSXQQu36y0vmFV8zf/snyk-cli/snyk-cli/cli-commands-and-options-summary) and the [CLI cheat sheet](https://snyk.io/blog/snyk-cli-cheat-sheet/). Use the `--help` option in the CLI for details of Snyk CLI commands.
+See the [CLI commands and options summary](https://app.gitbook.com/o/-M4tdxG8qotLgGZnLpFR/s/IEEjSXQQu36y0vmFV8zf/snyk-cli/snyk-cli/cli-commands-and-options-summary) and the [CLI cheat sheet](https://snyk.io/blog/snyk-cli-cheat-sheet/). Use the `--help` option in the CLI for details of Snyk CLI commands.
### Testing your own code
@@ -248,27 +248,27 @@ By default, Snyk CLI scans only the current project (the project in the root of
`--all-projects` can be used across all package managers, which also includes the behaviors of `--all-sub-projects`, mentioned below.
* To scan all projects at once (recommended), use the `--all-sub-projects` option:\
- (that is, `snyk test --all-sub-projects`). Each of the individual sub-projects appears as a separate Snyk Project in the eb UI.
+ (that is, `snyk test --all-sub-projects`). Each of the individual sub-projects appears as a separate Snyk Project in the Web UI.
* To scan a specific project (for example, myapp), use `--sub-project=` (that is, `snyk test --sub-project=myapp`).
-specific configurations, [Snyk for Java and Kotlin](../../../supported-languages-package-managers-and-frameworks/java-and-kotlin/).
+For specific configurations, see [Snyk for Java and Kotlin](../../../supported-languages-package-managers-and-frameworks/java-and-kotlin/).
#### Unmanaged
-For more details on unmanaged Jars, [Scan all unmanaged JAR files](https://app.gitbook.com/o/-M4tdxG8qotLgGZnLpFR/s/IEEjSXQQu36y0vmFV8zf/snyk-cli/snyk-cli/scan-and-maintain-projects-using-the-cli/scan-all-unmanaged-jar-files).
+For more details on unmanaged Jars, see [Scan all unmanaged JAR files](https://app.gitbook.com/o/-M4tdxG8qotLgGZnLpFR/s/IEEjSXQQu36y0vmFV8zf/snyk-cli/snyk-cli/scan-and-maintain-projects-using-the-cli/scan-all-unmanaged-jar-files).
### Testing containers
-Snyk automatically looks for application (such as open source, maven, and npm) vulnerabilities as part of a container scan. Snyk recommends integrating via CLI or Registry earlier in the pipeline and use this as an additional signal or insight into what is in production. [Snyk CLI for container security](https://app.gitbook.com/o/-M4tdxG8qotLgGZnLpFR/s/IEEjSXQQu36y0vmFV8zf/snyk-cli/snyk-cli/scan-and-maintain-projects-using-the-cli/snyk-cli-for-snyk-container).
+Snyk automatically looks for application (such as open source, maven, and npm) vulnerabilities as part of a container scan. Snyk recommends integrating through the CLI or Registry earlier in the pipeline and using this as an additional signal or insight into what is in production. See [Snyk CLI for container security](https://app.gitbook.com/o/-M4tdxG8qotLgGZnLpFR/s/IEEjSXQQu36y0vmFV8zf/snyk-cli/snyk-cli/scan-and-maintain-projects-using-the-cli/snyk-cli-for-snyk-container).
-To test Infrastructure as Code, [Infrastructure as Code security](https://snyk.io/product/infrastructure-as-code-security/).
+To test Infrastructure as Code, see [Infrastructure as Code security](https://snyk.io/product/infrastructure-as-code-security/).
-To fix vulnerabilities, [Fixing vulnerabilities on Maven projects](https://snyk.io/blog/fixing-vulnerabilities-in-maven-projects/).
+To fix vulnerabilities, see [Fixing vulnerabilities on Maven projects](https://snyk.io/blog/fixing-vulnerabilities-in-maven-projects/).
### Options and plugins
-To help generate reports locally or at build time, [snyk-to-html plugin](https://app.gitbook.com/o/-M4tdxG8qotLgGZnLpFR/s/IEEjSXQQu36y0vmFV8zf/snyk-cli/snyk-cli/scan-and-maintain-projects-using-the-cli/cli-tools/snyk-to-html).
+To help generate reports locally or at build time, see the [snyk-to-html plugin](https://app.gitbook.com/o/-M4tdxG8qotLgGZnLpFR/s/IEEjSXQQu36y0vmFV8zf/snyk-cli/snyk-cli/scan-and-maintain-projects-using-the-cli/cli-tools/snyk-to-html).
-See `--json` and `--sarif` options for generating output that can be programmatically accessed.
+Use the `--json` and `--sarif` options to generate output that you can access programmatically.
-For advanced filtering options, [snyk-filter](https://app.gitbook.com/o/-M4tdxG8qotLgGZnLpFR/s/IEEjSXQQu36y0vmFV8zf/snyk-cli/snyk-cli/scan-and-maintain-projects-using-the-cli/cli-tools/snyk-filter).
+For advanced filtering options, see [snyk-filter](https://app.gitbook.com/o/-M4tdxG8qotLgGZnLpFR/s/IEEjSXQQu36y0vmFV8zf/snyk-cli/snyk-cli/scan-and-maintain-projects-using-the-cli/cli-tools/snyk-filter).
diff --git a/discover-snyk/supported-languages/supported-languages-list/javascript/README.md b/discover-snyk/supported-languages/supported-languages-list/javascript/README.md
index be932b6401f7..10e5851a8b16 100644
--- a/discover-snyk/supported-languages/supported-languages-list/javascript/README.md
+++ b/discover-snyk/supported-languages/supported-languages-list/javascript/README.md
@@ -116,7 +116,7 @@ Snyk supports the following package managers and versions:
* pnpm: `pnpm 7`, `pnpm 8`, `pnpm 9`, `pnpm 10`
* Yarn: `Yarn 1`, `Yarn 2`, `Yarn 3`, `Yarn 4`
-Snyk's default package registry is [npmjs.org](https://www.npmjs.org/). Private package registries are supported. For more information, visit [Package repository integrations.](https://app.gitbook.com/o/-M4tdxG8qotLgGZnLpFR/s/BJO0IZx7zB6bOkotxQP2/scan-with-snyk/snyk-open-source/package-repository-integrations)
+The default package registry in Snyk is [npmjs.org](https://www.npmjs.org/). Snyk supports private package registries. For more information, visit [Package repository integrations.](https://app.gitbook.com/o/-M4tdxG8qotLgGZnLpFR/s/BJO0IZx7zB6bOkotxQP2/scan-with-snyk/snyk-open-source/package-repository-integrations)
### Available integrations
@@ -143,9 +143,9 @@ Lerna is partially supported.
### Language and package manager considerations
{% hint style="info" %}
-Only official releases are tracked. Commits, including into the default branch, are not identified unless included in an official release or tag.
+Snyk tracks only official releases. Snyk does not identify commits, including those into the default branch, unless they are included in an official release or tag.
-In the case of JavaScript packages this means a release to the npmjs.org package registry.
+For JavaScript packages, this means a release to the npmjs.org package registry.
{% endhint %}
#### devDependencies analysis
@@ -161,7 +161,7 @@ optionalDependencies are included by default for CLI and CI/CD, as well as SCM i
#### Unmanaged JavaScript
-If you are on the Enterprise plan and thus have access to the Snyk API, can use the API to get a full list of dependencies and their transitive dependencies.
+If you are on the Enterprise plan and have access to the Snyk API, you can use the API to get a full list of dependencies and their transitive dependencies.
To test for vulnerabilities, you can use the following API endpoints:
@@ -171,7 +171,7 @@ To test for vulnerabilities, you can use the following API endpoints:
#### Out of sync lockfiles
-Control behavior when the lockfile and package file are in sync can be done using:
+Control the behavior for when the lockfile and package file are in sync using:
* CLI additional values: `--strict-out-of-sync`, `--fail-on`
* Web UI for SCM scans: **Settings** > **Language** > **JavaScript**
@@ -188,7 +188,7 @@ For all supported lockfile versions, the following features are available:
Snyk can build a dependency tree with or without a lockfile. If a lockfile is present, Snyk uses it as follows:
* Locally and with CI/CD: if a lockfile is not present and the scan is performed with the CLI or an IDE, Snyk looks at `node_modules` to determine what is installed.
-* With SCM integrations: if a lockfile is not present, Snyk approximates what the tree will look like at build time. This is highly valuable for getting insights into Projects in development or what the next build will look like when there is no lockfile present
+* With SCM integrations: if a lockfile is not present, Snyk approximates what the tree looks like at build time. This is valuable for getting insights into Projects in development or what the next build looks like when no lockfile is present.
As a user of npm, even though npm-audit is at hand anytime you are working with your dependencies, Snyk provides the following capabilities. These are designed for both individuals and companies:
@@ -273,7 +273,7 @@ Snyk uses the Yarn lockfile (`yarn.lock`) to generate a representation of Projec
The files Snyk relies on to scan a Project may change on version upgrades of the package manager. Snyk lists only versions verified internally as supported.
-If you are using a newer version of Yarn than is not listed on this page, it is possible that Snyk performs as expected because Yarn is using a lockfile version that is already supported. That version of Yarn has likely not been evaluated and, thus not added to this page.
+If you are using a newer version of Yarn that is not listed on this page, Snyk might perform as expected because Yarn is using a lockfile version that is already supported. That version of Yarn has likely not been evaluated and so was not added to this page.
For all supported Yarn versions, the following features are available:
@@ -283,7 +283,7 @@ For all supported Yarn versions, the following features are available:
* Automatic and Manual Fix PRs
{% hint style="info" %}
-Because different versions of Yarn have different feature sets, there are differences in Snyk support in order to match how the package manager works.
+Because different versions of Yarn have different feature sets, Snyk support differs to match how the package manager works.
Resolutions are supported in Yarn v2 and above. Yarn v1 resolutions are not supported.
{% endhint %}
@@ -341,11 +341,11 @@ Pnpm workspaces must have the `package.json`, `pnpm-lock.yaml` and `pnpm-workspa
Pnpm [workspace protocol](https://pnpm.io/workspaces#workspace-protocol-workspace) is not supported for SCM scans.
-Dependencies should be defined explicitly with specific versions, or versions using standard semver. (eg `"foo": "^1.1.0"` )
+Define dependencies explicitly with specific versions, or versions using standard semver (for example, `"foo": "^1.1.0"`).
-Dependencies that are defined using workspace protocol for the version (eg `"foo" : "workspace:*"` ) will be listed in SCM scans as undefined version.
+Dependencies that you define using workspace protocol for the version (for example, `"foo" : "workspace:*"`) appear in SCM scans as undefined version.
-For all workspaces, Fix PRs and Upgrade PRs do not support workspaces lockfile updates. PRs for these Projects will update the `package.json` only.
+For all workspaces, Fix PRs and Upgrade PRs do not support workspaces lockfile updates. PRs for these Projects update the `package.json` only.
#### CLI scanning considerations
@@ -386,7 +386,7 @@ pnpm workspaces must have the `package.json`, `pnpm-lock.yaml` and `pnpm-workspa
To detect and scan all workspaces in your Yarn Project, use the CLI options identified for monorepos and workspaces, as well as this Yarn-specific option.
-`--yarn-workspaces` : Uses instead of `--all-projects` to detect and scan only Yarn workspaces Projects when a lockfile is present in the root. Other ecosystems will be ignored.
+`--yarn-workspaces` : Use instead of `--all-projects` to detect and scan only Yarn workspaces Projects when a lockfile is present in the root. Snyk ignores other ecosystems.
## Validating, monitoring, alerting, and gating for JavaScript
diff --git a/discover-snyk/supported-languages/supported-languages-list/javascript/scm-integrations-for-javascript.md b/discover-snyk/supported-languages/supported-languages-list/javascript/scm-integrations-for-javascript.md
index 46ccd0b6e105..ca3ac7d12415 100644
--- a/discover-snyk/supported-languages/supported-languages-list/javascript/scm-integrations-for-javascript.md
+++ b/discover-snyk/supported-languages/supported-languages-list/javascript/scm-integrations-for-javascript.md
@@ -11,7 +11,7 @@ You can configure language settings for open source and licensing at the Organiz
3. Configure the settings based on your package manager - npm, pnpm, or Yarn.
* **Scan and fix dev dependencies**: if you check this option, Snyk reads the `devDependencies` property on the `package.json` and reports and fixes any vulnerabilities accordingly.
* **Require package.json and package-lock.json/yarn.lock files to be in sync**: when this is checked if the `package.json` and `package-lock.json`/`yarn.lock/pnpm-lock.yaml` files are out-of-sync, Snyk fails the import.
- * **Exclude package-lock.json from being generated when fixing vulnerabilities**: if you are using private mirrors or registries, it is possible that a Snyk-generated lockfile is not appropriate for you because Snyk uses the npm registry to update the lockfile. Enterprise customers can use [package repository integrations](https://app.gitbook.com/o/-M4tdxG8qotLgGZnLpFR/s/BJO0IZx7zB6bOkotxQP2/scan-with-snyk/snyk-open-source/package-repository-integrations) to ensure lockfiles are updated correctly. Alternatively, this setting allows you to opt out of getting lockfiles generated for you in Snyk fix pull requests and merge requests.
+ * **Exclude package-lock.json from being generated when fixing vulnerabilities**: if you are using private mirrors or registries, a Snyk-generated lockfile might not be appropriate for you because Snyk uses the npm registry to update the lockfile. Enterprise customers can use [package repository integrations](https://app.gitbook.com/o/-M4tdxG8qotLgGZnLpFR/s/BJO0IZx7zB6bOkotxQP2/scan-with-snyk/snyk-open-source/package-repository-integrations) to ensure lockfiles are updated correctly. Alternatively, this setting allows you to opt out of getting lockfiles generated for you in Snyk fix pull requests and merge requests.
4. Click **Update Settings** to save changes.
## Package registry integrations (Artifactory/Nexus)
@@ -20,7 +20,7 @@ You can configure language settings for open source and licensing at the Organiz
Artifactory, Nexus, npm Teams, and npm Enterprise Package Registry integrations are available only for Snyk Enterprise plans.
{% endhint %}
-Snyk Open Source Gatekeeper plugins integrates with Artifactory to block builds from downloading packages with vulnerability and license issues.
+Snyk Open Source Gatekeeper plugins integrate with Artifactory to block builds from downloading packages with vulnerability and license issues.
Snyk Open Source can also integrate with Artifactory, Nexus, npm Teams, and npm Enterprise to assist in the security testing of your applications. Snyk uses this integration for dependency resolution, fix calculation, and re-locking lock files.
@@ -35,13 +35,13 @@ For more information, see the following external resources:
When creating a fix for vulnerabilities using npm v7+ Projects, Snyk uses the default npm `save-prefix` rather than inferring it from your Project.
-This means that if you have dependencies using a range format other than the caret range (`^`), it is possible that you see additional changes to the `version` fields in the `package-lock.json` file.
+This means that if you have dependencies using a range format other than the caret range (`^`), you might see additional changes to the `version` fields in the `package-lock.json` file.
-These changes do not affect day-to-day functionality, as the ranges will be read from the `package.json`.
+These changes do not affect day-to-day functionality, as Snyk reads the ranges from the `package.json`.
## Fix PRs for Yarn zero-installs users
-In Yarn v2, the [zero-installs](https://yarnpkg.com/features/zero-installs) feature was released, which allowed Yarn developers to work on a Project without having to run `yarn` to install dependencies on their machine.
+Yarn v2 introduced the [zero-installs](https://yarnpkg.com/features/zero-installs) feature, which lets Yarn developers work on a Project without having to run `yarn` to install dependencies on their machine.
Zero-installs achieved this by installing all the dependencies of a Project inside of the `.yarn/cache` directory and asking users to commit this to their version control system, allowing the next developer to pull any new dependencies directly from the repository.
diff --git a/discover-snyk/supported-languages/supported-languages-list/javascript/snyk-cli-for-javascript.md b/discover-snyk/supported-languages/supported-languages-list/javascript/snyk-cli-for-javascript.md
index fe60e8128d23..a19dca3eb4e9 100644
--- a/discover-snyk/supported-languages/supported-languages-list/javascript/snyk-cli-for-javascript.md
+++ b/discover-snyk/supported-languages/supported-languages-list/javascript/snyk-cli-for-javascript.md
@@ -2,7 +2,7 @@
To help generate reports locally or at build time, see the [snyk-to-html plugin](https://app.gitbook.com/o/-M4tdxG8qotLgGZnLpFR/s/IEEjSXQQu36y0vmFV8zf/snyk-cli/snyk-cli/scan-and-maintain-projects-using-the-cli/cli-tools/snyk-to-html).
-See `--json` and `--sarif` options for generating output that can be programmatically accessed.
+Use the `--json` and `--sarif` options to generate output that you can access programmatically.
For advanced filtering options, see[ snyk-filter](https://app.gitbook.com/o/-M4tdxG8qotLgGZnLpFR/s/IEEjSXQQu36y0vmFV8zf/snyk-cli/snyk-cli/scan-and-maintain-projects-using-the-cli/cli-tools/snyk-filter).
@@ -14,7 +14,7 @@ The `snyk test` command tests the first manifest it can find and performs a test
* `--yarn-workspaces`: For Yarn Workspaces use the `--all-projects` flag to test and monitor your packages with other package managers or Yarn workspaces or use `--yarn-workspaces` to specifically scan Yarn Workspaces Projects only.
{% hint style="info" %}
-If you are using a package manager that requires options, it is suggested to target them individually with `--file=`
+If you are using a package manager that requires options, Snyk suggests targeting them individually with `--file=`
{% endhint %}
### Codebase
@@ -24,8 +24,8 @@ If you are using a package manager that requires options, it is suggested to tar
### Containers
-* Snyk will automatically look for application (open source) vulnerabilities as part of a container scan. Consider having Snyk integrated through CLI earlier in the pipeline and utilize this for an additional signal of and insight into what is in production.
-* If you ship your Node.JS application in a container, be aware that you might also be bundling insecure packages (Linux, open source), alongside your application in addition to what is brought in by the container base image. The Snyk Container CLI can help you identify a base image that minimizes the attack surface of your application.
+* Snyk automatically looks for application (open source) vulnerabilities as part of a container scan. Consider integrating Snyk through the CLI earlier in the pipeline and use this for an additional signal of and insight into what is in production.
+* If you ship your Node.js application in a container, be aware that you might also be bundling insecure packages (Linux, open source) alongside your application, in addition to what the container base image brings in. The Snyk Container CLI can help you identify a base image that minimizes the attack surface of your application.
* For more information on how you can filter to the layer you wish to work on, such as identifying a secure base image to build off of, the layers you are responsible for, or application (OS) vulnerabilities, see [Snyk CLI for container security](https://app.gitbook.com/o/-M4tdxG8qotLgGZnLpFR/s/IEEjSXQQu36y0vmFV8zf/snyk-cli/snyk-cli/scan-and-maintain-projects-using-the-cli/snyk-cli-for-snyk-container)
### Infrastructure as Code
diff --git a/discover-snyk/supported-languages/supported-languages-list/php.md b/discover-snyk/supported-languages/supported-languages-list/php.md
index 6c68c013dc90..10b652c5c4a5 100644
--- a/discover-snyk/supported-languages/supported-languages-list/php.md
+++ b/discover-snyk/supported-languages/supported-languages-list/php.md
@@ -55,7 +55,7 @@ For PHP with Snyk Open Source, the following file formats are supported: `compos
* Test your app's SBOM and packages using `pkg:composer` PURLs through the [SBOM test](https://app.gitbook.com/o/-M4tdxG8qotLgGZnLpFR/s/IEEjSXQQu36y0vmFV8zf/snyk-cli/snyk-cli/commands/sbom-test) CLI command.
{% hint style="info" %}
-The **Snyk Fix PR** feature is not available for PHP. This means that you will not be notified if the PR checks fail when the following conditions are met:
+The **Snyk Fix PR** feature is not available for PHP. This means that Snyk does not notify you if the PR checks fail when the following conditions are met:
* The **PR checks** feature is enabled and configured to **Only fail when the issues found have a fix available.**
* "**Fixed in" available** is set to **Yes.**
@@ -74,7 +74,7 @@ After you select a Project for import, Snyk builds the dependency tree based on
* `composer.json`
* `composer.lock`
-If the `composer.lock` file is not present in the repository, the import will not process the `composer.json` manifest.
+If the `composer.lock` file is not present in the repository, the import does not process the `composer.json` manifest.
By default, Snyk scans your production dependencies. Using the Snyk Web UI, you can configure whether or not to include your development dependencies, such as `require_dev` \[...] in the scan for vulnerabilities.
@@ -82,7 +82,7 @@ To update language preferences:
1. Log in to your account and navigate to the relevant Group and Organization that you want to manage.
2. Select **Settings** > **Languages**.
-3. Select **Edit settings** for PHP and select **Scan dev dependencies** to set your PHP projects in the specific Organization to include both development and production dependencies.
+3. Select **Edit settings** for PHP and select **Scan dev dependencies** to set your PHP Projects in the specific Organization to include both development and production dependencies.
4. Select **Update settings**.
These settings are applied to all newly imported Projects and to all existing Projects when they are re-tested.
diff --git a/discover-snyk/supported-languages/supported-languages-list/python/README.md b/discover-snyk/supported-languages/supported-languages-list/python/README.md
index 436b54cb352f..e32bbdee8ad9 100644
--- a/discover-snyk/supported-languages/supported-languages-list/python/README.md
+++ b/discover-snyk/supported-languages/supported-languages-list/python/README.md
@@ -79,9 +79,9 @@ For Python, the following frameworks and libraries are supported:
### Directory layout
-Snyk Code relies on Python projects to follow a standard directory layout for accurate analysis. Specifically, Snyk Code expects Projects to be compatible with [`setuptools` automatic discovery](https://setuptools.pypa.io/en/latest/userguide/package_discovery.html#auto-discovery), which identifies packages and modules automatically based on the directory structure. This includes support for `init.py` files to ensure that symbols defined in package initialization files are imported correctly, leading to a more accurate and deeper analysis.
+Snyk Code relies on Python Projects to follow a standard directory layout for accurate analysis. Specifically, Snyk Code expects Projects to be compatible with [`setuptools` automatic discovery](https://setuptools.pypa.io/en/latest/userguide/package_discovery.html#auto-discovery), which identifies packages and modules automatically based on the directory structure. This includes support for `init.py` files to ensure that symbols defined in package initialization files are imported correctly, leading to a more accurate and deeper analysis.
-Both `src-layout` and `flat-layout` are supported. Proper adherence to these conventions allows the scanner to trace code effectively and provide accurate results.
+Both `src-layout` and `flat-layout` are supported. Proper adherence to these conventions lets the scanner trace code effectively and provide accurate results.
## Python for Snyk Open Source
@@ -155,5 +155,5 @@ If you have manifest files in other directories within the root of the Project,
In your Snyk integration settings, locate the **Additional Options** field. Enable a recursive search and add the `--all-projects` option in the **Additional Options** field.
{% hint style="warning" %}
-If each directory needs a different virtual environment, it is possible that the Snyk scan fails because it uses a single virtual environment for dependency detection. In such cases, Snyk recommends using the CLI or SCM integration instead of an IDE , in order to gather vulnerability details for all dependencies in each Project directory.
+If each directory needs a different virtual environment, it is possible that the Snyk scan fails because it uses a single virtual environment for dependency detection. In such cases, Snyk recommends using the CLI or SCM integration instead of an IDE, to gather vulnerability details for all dependencies in each Project directory.
{% endhint %}
diff --git a/discover-snyk/supported-languages/supported-languages-list/python/cli-support-for-uv.md b/discover-snyk/supported-languages/supported-languages-list/python/cli-support-for-uv.md
index a14357b5459a..f2b10750810a 100644
--- a/discover-snyk/supported-languages/supported-languages-list/python/cli-support-for-uv.md
+++ b/discover-snyk/supported-languages/supported-languages-list/python/cli-support-for-uv.md
@@ -6,7 +6,7 @@
CLI support for uv is in Early Access and available only with Enterprise plans. To enable the feature, visit [Snyk Preview](https://app.gitbook.com/o/-M4tdxG8qotLgGZnLpFR/s/IgtgtomLQ2TUgSKOMSAm/snyk-platform-administration/snyk-preview).
{% endhint %}
-## Prerequites
+## Prerequisites
Ensure you have `uv` version 0.9.29 or later installed.
diff --git a/discover-snyk/supported-languages/supported-languages-list/python/scm-integrations-and-python.md b/discover-snyk/supported-languages/supported-languages-list/python/scm-integrations-and-python.md
index a0c3c0d3b808..48f75eb6eb3f 100644
--- a/discover-snyk/supported-languages/supported-languages-list/python/scm-integrations-and-python.md
+++ b/discover-snyk/supported-languages/supported-languages-list/python/scm-integrations-and-python.md
@@ -21,8 +21,8 @@ By default, Snyk tests Pip Projects using Python 3.7.
{% hint style="warning" %}
The behavior of imports, re-tests, and PR checks for Projects with dependencies requiring a higher version of Python varies according to the version specified:
-* Python 3.8 or above: scans will fail with an [error](https://app.gitbook.com/o/-M4tdxG8qotLgGZnLpFR/s/BJO0IZx7zB6bOkotxQP2/scan-with-snyk/error-catalog) message that includes details of the first failed package, the Python version it requires, and the Python version used.
-* Python 2.7 or 3.7: scans will succeed, but the incompatible dependencies are omitted from the results.
+* Python 3.8 or above: scans fail with an [error](https://app.gitbook.com/o/-M4tdxG8qotLgGZnLpFR/s/BJO0IZx7zB6bOkotxQP2/scan-with-snyk/error-catalog) message that includes details of the first failed package, the Python version it requires, and the Python version used.
+* Python 2.7 or 3.7: scans succeed, but the incompatible dependencies are omitted from the results.
{% endhint %}
To define which Python minor version Snyk uses to test your Pip Projects imported using SCM integrations, you can use Organization settings and [`.snyk` policy file](https://app.gitbook.com/o/-M4tdxG8qotLgGZnLpFR/s/BJO0IZx7zB6bOkotxQP2/prevent/policies/the-.snyk-file).
@@ -45,7 +45,7 @@ language-settings:
The `.snyk` file must be in the same directory as the Project manifest file.
-Snyk will select which Python version to use according to the `major`, `minor` and `patch` versions specified in the `.snyk` file.
+Snyk selects which Python version to use according to the `major`, `minor` and `patch` versions specified in the `.snyk` file.
* `Major` version only (for example, 2 or 3): scanned with default `minor` versions - 2.7 or 3.7
* `Major` and `minor` version (for example, 3.7, 3.8, 3.9, 3.10, 3.11, 3.12, 3.13, 3.14): scanned with 3.7, 3.8, 3.9, 3.10, 3.11, 3.12, 3.13, or 3.14
@@ -67,7 +67,7 @@ The following dependencies are not supported and are removed before the file is
To scan Pip Projects, Snyk analyzes your `requirements.txt` files using native `pip` tooling in an isolated Linux environment.
-Pip Projects scanned using the SCM integration will be given the same name as the directory where they are located.
+Pip Projects scanned using the SCM integration are given the same name as the directory where they are located.
Snyk imports any file that follows the `**/*req*.txt` pattern. This can help if you have renamed the `requirements.txt` files, for example, to `requirements-dev.txt`.
@@ -106,7 +106,7 @@ Poetry scans fail with an unparsable manifest / unable to parse `pyproject.toml`
Under `[tool.poetry]`, Poetry allows `include` to mix plain path strings and `{ path = "...", format = [...] }` inline tables in one array. That is valid TOML 1.0 and a valid Poetry configuration.
-Snyk’s Poetry analysis parses `pyproject.toml` with a TOML implementation that does not accept mixed-type inline arrays. Parsing stops at that array, so the file is treated as invalid before dependency logic runs.
+The Poetry analysis in Snyk parses `pyproject.toml` with a TOML implementation that does not accept mixed-type inline arrays. Parsing stops at that array, so Snyk treats the file as invalid before running the dependency logic.
Example of a failing configuration:
@@ -129,7 +129,7 @@ include = [
## SCM repositories and Pipenv
{% hint style="warning" %}
-Private PyPI mirrors are not supported. `Pipfiles` specifying a private mirror as their only source will not be imported.
+Private PyPI mirrors are not supported. `Pipfiles` specifying a private mirror as their only source are not imported.
{% endhint %}
To scan Pipenv Projects, Snyk analyzes your `Pipfile` and `Pipfile.lock` files using native `pipenv` tooling in an isolated Linux environment.
diff --git a/discover-snyk/supported-languages/supported-languages-list/python/snyk-cli-for-python.md b/discover-snyk/supported-languages/supported-languages-list/python/snyk-cli-for-python.md
index 1a573b78e733..dc1e98932af4 100644
--- a/discover-snyk/supported-languages/supported-languages-list/python/snyk-cli-for-python.md
+++ b/discover-snyk/supported-languages/supported-languages-list/python/snyk-cli-for-python.md
@@ -34,7 +34,7 @@ Poetry v1 and v2 are supported.
To build the dependency tree for a Poetry application, Snyk uses `pyproject.toml` and `poetry.lock` files. Both files must be present for Snyk to scan Poetry dependencies and identify issues.
-If no `poetry.lock` file is present; you should run `poetry lock` to generate one before scanning.
+If no `poetry.lock` file is present, run `poetry lock` to generate one before scanning.
For Poetry, it is possible to get mixed `include` entries in `pyproject.toml`
@@ -74,7 +74,7 @@ Run `pipenv install` to ensure the CLI can build an up-to-date, accurate depende
To build the dependency tree, Snyk analyzes the `setup.py` file, and detects packages listed in the `install_requires` key.
-This file will not be discovered automatically by the CLI. It must be specified manually using the `--file` option, for example:
+The CLI does not discover this file automatically. You must specify it manually using the `--file` option, for example:
```python
snyk test --file=setup.py
diff --git a/discover-snyk/supported-languages/supported-languages-list/ruby.md b/discover-snyk/supported-languages/supported-languages-list/ruby.md
index 9e94035bd4d0..ebc2687a8758 100644
--- a/discover-snyk/supported-languages/supported-languages-list/ruby.md
+++ b/discover-snyk/supported-languages/supported-languages-list/ruby.md
@@ -97,7 +97,7 @@ Snyk requires both files to be present to correctly test, monitor, and fix Ruby
If your Gemfile needs access to private Gem sources, see [Private gem sources for Ruby configuration](https://app.gitbook.com/o/-M4tdxG8qotLgGZnLpFR/s/BJO0IZx7zB6bOkotxQP2/scan-with-snyk/snyk-open-source/package-repository-integrations/private-gem-sources-for-ruby-configuration).
-Using private Gem sources should work normally when you are using the Snyk CLI.
+Using private Gem sources works normally when you use the Snyk CLI.
When creating Fix PRs for Ruby Projects using private Gem sources, Snyk may need access to the service hosting the Gems to update the file correctly.
diff --git a/discover-snyk/supported-languages/supported-languages-list/scala.md b/discover-snyk/supported-languages/supported-languages-list/scala.md
index 5bd9a8d649a5..114a58542339 100644
--- a/discover-snyk/supported-languages/supported-languages-list/scala.md
+++ b/discover-snyk/supported-languages/supported-languages-list/scala.md
@@ -43,7 +43,7 @@ Available features:
* Interfile analysis
{% hint style="info" %}
-The **Snyk Fix PR** feature is not available for Swift and Objective-C. This means that you will not be notified if the PR checks fail when the following conditions are met:
+The **Snyk Fix PR** feature is not available for Swift and Objective-C. This means that Snyk does not notify you if the PR checks fail when the following conditions are met:
* The **PR checks** feature is enabled and configured to **Only fail when the issues found have a fix available.**
* "**Fixed in" available** is set to **Yes.**
diff --git a/discover-snyk/supported-languages/supported-languages-list/swift-and-objective-c.md b/discover-snyk/supported-languages/supported-languages-list/swift-and-objective-c.md
index 94669f145d24..a5c2a9fa9b7c 100644
--- a/discover-snyk/supported-languages/supported-languages-list/swift-and-objective-c.md
+++ b/discover-snyk/supported-languages/supported-languages-list/swift-and-objective-c.md
@@ -77,7 +77,7 @@ For Objective-C, Snyk supports `.m` files, and implicitly supports `.h` files.
## Swift and Objective-C for Snyk Open Source
-For Swift with Snyk Open Source, Snyk supports Swifts versions from 3.0 up to 6.2.x.
+For Swift with Snyk Open Source, Snyk supports Swift versions from 3.0 up to 6.2.x.
### Supported package managers and registries
@@ -98,7 +98,7 @@ For Swift and Objective-C with Snyk Open Source, Snyk provides support for packa
* For Swift Package Manager: CLI support
{% hint style="info" %}
-The **Snyk Fix PR** feature is not available for Swift and Objective-C. This means that you will not be notified if the PR checks fail when the following conditions are met:
+The **Snyk Fix PR** feature is not available for Swift and Objective-C. This means that Snyk does not notify you if the PR checks fail when the following conditions are met:
* The **PR checks** feature is enabled and configured to **Only fail when the issues found have a fix available**.
* **"Fixed in" available** is set to **Yes**.
@@ -110,9 +110,9 @@ The **Snyk Fix PR** feature is not available for Swift and Objective-C. This mea
Snyk supports only Projects using Swift 3.0 or higher.
{% endhint %}
-In order for Snyk to discover a Project, a `Package.swift` file must be present. Also, Snyk uses the `swift package show-dependencies` command to build the dependency graph.
+For Snyk to discover a Project, a `Package.swift` file must be present. Also, Snyk uses the `swift package show-dependencies` command to build the dependency graph.
-When the .build folder of your Project is not present - in a pipeline, for example, it is possible that Snyk takes longer to scan your Swift Projects. When the CLI runs the command `swift package show-dependencies`, Swift must resolve the dependencies as part of this process, which can add to the overall time it takes Snyk to complete the scan. Therefore, ensuring that you have your Projects built first and that the .build folder is present can speed up the CLI processing time.
+When the .build folder of your Project is not present — in a pipeline, for example — Snyk can take longer to scan your Swift Projects. When the CLI runs the command `swift package show-dependencies`, Swift must resolve the dependencies as part of this process, which can add to the overall time it takes Snyk to complete the scan. Therefore, ensuring that you have your Projects built first and that the .build folder is present can speed up the CLI processing time.
Swift Package Manager supports pre-processing and post-processing. For post-processing, custom commands can add extra dependencies. Detecting such dependencies is not supported.
diff --git a/discover-snyk/supported-languages/supported-languages-list/typescript.md b/discover-snyk/supported-languages/supported-languages-list/typescript.md
index 26b311c31b54..47541fc58989 100644
--- a/discover-snyk/supported-languages/supported-languages-list/typescript.md
+++ b/discover-snyk/supported-languages/supported-languages-list/typescript.md
@@ -53,7 +53,7 @@ Available features:
* Test your app's SBOM and packages using `pkg:npm` PURLs through the [SBOM test](https://app.gitbook.com/o/-M4tdxG8qotLgGZnLpFR/s/IEEjSXQQu36y0vmFV8zf/snyk-cli/snyk-cli/commands/sbom-test) CLI command
{% hint style="info" %}
-The **Snyk Fix PR** feature is not available for TypeScript. This means that you will not be notified if the PR checks fail when the following conditions are met:
+The **Snyk Fix PR** feature is not available for TypeScript. This means that Snyk does not notify you if the PR checks fail when the following conditions are met:
* The **PR checks** feature is enabled and configured to **Only fail when the issues found have a fix available.**
* "**Fixed in" available** is set to **Yes.**
diff --git a/discover-snyk/supported-languages/technical-specifications-and-guidance.md b/discover-snyk/supported-languages/technical-specifications-and-guidance.md
index fd0f796c194b..79eb17607458 100644
--- a/discover-snyk/supported-languages/technical-specifications-and-guidance.md
+++ b/discover-snyk/supported-languages/technical-specifications-and-guidance.md
@@ -79,7 +79,7 @@ For more information, see [Snyk Code AI Engine](https://app.gitbook.com/o/-M4tdx
## Language support and CLI, CI/CD, and SCM integrations
-Snyk supports a variety of programming languages, enabling seamless integration into your development workflow through CLI commands, CI/CD pipelines, and SCM integrations.
+Snyk supports a variety of programming languages, enabling integration into your development workflow through CLI commands, CI/CD pipelines, and SCM integrations.
You can use these tools to automatically check your code for security issues as you develop your software. This ensures that strong security practices are part of your development process.
diff --git a/discover-snyk/whats-new.md b/discover-snyk/whats-new.md
index 92919bf726a6..d9c6a5964dc8 100644
--- a/discover-snyk/whats-new.md
+++ b/discover-snyk/whats-new.md
@@ -562,7 +562,7 @@ Information has been added about Snyk support for the Model Context Protocol (MC
**Snyk Broker**
-The Universal Broker feature is now available in Early Access. The Universal Broker separates deployment and container concerns from connection concerns. It allows for a smaller or a single deployment to support numerous connections of varied types.
+The Universal Broker feature is now available in Early Access. The Universal Broker separates deployment and container concerns from connection concerns. It lets a smaller or single deployment support numerous connections of varied types.
**Snyk CLI**
diff --git a/discover-snyk/whats-snyk.md b/discover-snyk/whats-snyk.md
index bf177dee7cde..2c3a87185db3 100644
--- a/discover-snyk/whats-snyk.md
+++ b/discover-snyk/whats-snyk.md
@@ -1,6 +1,6 @@
# What's Snyk?
-Snyk is a platform that allows you to scan, prioritize, and fix security vulnerabilities in your code, open-source dependencies, container images, infrastructure as code configurations, and after your web application or API is live. The Snyk platform uses a risk-based approach, focusing security efforts on issues that matter, and eliminating the noise of vulnerabilities that have no meaningful impact.
+Snyk is a platform that lets you scan, prioritize, and fix security vulnerabilities in your code, open-source dependencies, container images, infrastructure as code configurations, and after your web application or API is live. The Snyk platform uses a risk-based approach, focusing security efforts on issues that matter, and eliminating the noise of vulnerabilities that have no meaningful impact.
To manage and govern the security program, Snyk gives security teams immediate visibility into coverage and business context across all application assets, smart policies to automate and scale in large environments, and analytics and reporting to measure the performance of your security program.
@@ -30,13 +30,13 @@ A robust security process secures each component where they are built and mainta
You can run Snyk in the following ways:
* Web: the Snyk Web UI ([app.snyk.io](https://app.snyk.io)) provides a browser-based experience with functions such as configuration settings, filtering and fixing discovered issues, and reports.
-* [CLI](https://app.gitbook.com/o/-M4tdxG8qotLgGZnLpFR/s/IEEjSXQQu36y0vmFV8zf/snyk-cli): the Snyk Command Line Interface enables you to run vulnerability scans on your local machine and integrate Snyk into your pipeline.
-* [IDEs](https://app.gitbook.com/o/-M4tdxG8qotLgGZnLpFR/s/IEEjSXQQu36y0vmFV8zf/integrations/snyk-ide-plugins-and-extensions): the Snyk IDE integrations enable you to embed Snyk in your development environment.
-* [API](https://app.gitbook.com/o/-M4tdxG8qotLgGZnLpFR/s/IEEjSXQQu36y0vmFV8zf/snyk-api/snyk-api): the Snyk API enables you to integrate with Snyk programmatically, tuning Snyk security automation to your specific workflows.
+* [CLI](https://app.gitbook.com/o/-M4tdxG8qotLgGZnLpFR/s/IEEjSXQQu36y0vmFV8zf/snyk-cli): the Snyk Command Line Interface lets you run vulnerability scans on your local machine and integrate Snyk into your pipeline.
+* [IDEs](https://app.gitbook.com/o/-M4tdxG8qotLgGZnLpFR/s/IEEjSXQQu36y0vmFV8zf/integrations/snyk-ide-plugins-and-extensions): the Snyk IDE integrations let you embed Snyk in your development environment.
+* [API](https://app.gitbook.com/o/-M4tdxG8qotLgGZnLpFR/s/IEEjSXQQu36y0vmFV8zf/snyk-api/snyk-api): the Snyk API lets you integrate with Snyk programmatically, tuning Snyk security automation to your specific workflows.
## What can Snyk integrate with?
-Snyk integrations for your software development process allow you to integrate Snyk into your development and security processes, including source control, IDE, CI/CD, and many others.
+Snyk integrations for your software development process let you integrate Snyk into your development and security processes, including source control, IDE, CI/CD, and many others.
For details, see [Integrate with Snyk](https://app.gitbook.com/o/-M4tdxG8qotLgGZnLpFR/s/IEEjSXQQu36y0vmFV8zf/integrations/integrate-with-snyk).
diff --git a/platform-administration/README.md b/platform-administration/README.md
index 776b6a2d17f6..d954bc663f56 100644
--- a/platform-administration/README.md
+++ b/platform-administration/README.md
@@ -60,7 +60,7 @@ You can manage users and permissions in your Groups. For details, see [Manage us
### Manage Tenant, Groups, and Organizations
-Snyk groups and organizations help to maintain collaboration across teams. For details, see [Tenant, Groups, and Organizations](snyk-platform-administration/groups-and-organizations/).
+Snyk Groups and Organizations help to maintain collaboration across teams. For details, see [Tenant, Groups, and Organizations](snyk-platform-administration/groups-and-organizations/).
### Define notifications
diff --git a/platform-administration/enterprise-setup/snyk-broker/classic-broker/install-and-configure-snyk-broker/bitbucket-server-data-center-prerequisites-and-steps-to-install-and-configure-broker/README.md b/platform-administration/enterprise-setup/snyk-broker/classic-broker/install-and-configure-snyk-broker/bitbucket-server-data-center-prerequisites-and-steps-to-install-and-configure-broker/README.md
index eec36b0c205f..3ef7bf7fa19a 100644
--- a/platform-administration/enterprise-setup/snyk-broker/classic-broker/install-and-configure-snyk-broker/bitbucket-server-data-center-prerequisites-and-steps-to-install-and-configure-broker/README.md
+++ b/platform-administration/enterprise-setup/snyk-broker/classic-broker/install-and-configure-snyk-broker/bitbucket-server-data-center-prerequisites-and-steps-to-install-and-configure-broker/README.md
@@ -5,13 +5,13 @@
PR Checks for Bitbucket Server integrations require Bitbucket Server version 7.4 and above, or Bitbucket Data Center version 8 or above.\
\
-When using a brokered connection, Snyk Broker version 5.4.9 and above is required.
+When using a brokered connection, you must use Snyk Broker version 5.4.9 and above.
{% endhint %}
Review the general instructions for the installation method you plan to use, [Helm](../install-and-configure-broker-using-helm.md) or [Docker](../install-and-configure-broker-using-docker.md).
Before installing the Bitbucket Server/Data Center Broker, ensure your Snyk account team provides you with a Broker token.
-Docker or an equivalent method is required to run Docker Linux containers. Some Docker setups for Windows only support Windows containers. Ensure your deployment can run Linux containers.
+You must have Docker or an equivalent method to run Docker Linux containers. Some Docker setups for Windows support only Windows containers. Ensure your deployment can run Linux containers.
After you meet all the prerequisites, you can continue with the steps to install using [Docker](bitbucket-server-data-center-install-and-configure-using-docker.md) or [Helm](bitbucket-server-data-center-install-and-configure-using-helm.md).
diff --git a/platform-administration/enterprise-setup/snyk-broker/classic-broker/install-and-configure-snyk-broker/bitbucket-server-data-center-prerequisites-and-steps-to-install-and-configure-broker/bitbucket-server-data-center-install-and-configure-using-docker.md b/platform-administration/enterprise-setup/snyk-broker/classic-broker/install-and-configure-snyk-broker/bitbucket-server-data-center-prerequisites-and-steps-to-install-and-configure-broker/bitbucket-server-data-center-install-and-configure-using-docker.md
index 701d58e88f24..e5ea24d9dedf 100644
--- a/platform-administration/enterprise-setup/snyk-broker/classic-broker/install-and-configure-snyk-broker/bitbucket-server-data-center-prerequisites-and-steps-to-install-and-configure-broker/bitbucket-server-data-center-install-and-configure-using-docker.md
+++ b/platform-administration/enterprise-setup/snyk-broker/classic-broker/install-and-configure-snyk-broker/bitbucket-server-data-center-prerequisites-and-steps-to-install-and-configure-broker/bitbucket-server-data-center-install-and-configure-using-docker.md
@@ -4,13 +4,13 @@ Before installing, review the [prerequisites](./) and the general instructions f
This integration is useful to ensure a secure connection with your on-premise Bitbucket deployment.
-This page describes two distinct authentication schemes: using [Basic Auth](bitbucket-server-data-center-install-and-configure-using-docker.md#configure-broker-to-be-used-with-bitbucket-using-basic-auth) and [using an API token](bitbucket-server-data-center-install-and-configure-using-docker.md#configure-broker-to-be-used-with-bitbucket-using-an-api-token). Your Bitbucket Server settings might preclude Basic Auth usage, in which case Bearer Auth is preferred.
+This page describes two distinct authentication schemes: using [Basic Auth](bitbucket-server-data-center-install-and-configure-using-docker.md#configure-broker-to-be-used-with-bitbucket-using-basic-auth) and [using an API token](bitbucket-server-data-center-install-and-configure-using-docker.md#configure-broker-to-be-used-with-bitbucket-using-an-api-token). Your Bitbucket Server settings might preclude use of Basic Auth, in which case Bearer Auth is preferred.
## Configure Broker to be used with Bitbucket using Basic Auth
The following explains how to configure Snyk Broker to use the Broker Client with a Bitbucket Server deployment.
-To use the Snyk Broker Client with BitBucket, run `docker pull snyk/broker:bitbucket-server`. Refer to [BitBucket Server/Data Center - environment variables](../../../../../implementation-and-setup/enterprise-setup/snyk-broker/classic-broker/install-and-configure-snyk-broker/bitbucket-server-data-center-prerequisites-and-steps-to-install-and-configure-broker/bitbucket-server-data-center-environment-variables-for-snyk-broker-basic-auth.md) for Snyk Broker for definitions of the environment variables.
+To use the Snyk Broker Client with Bitbucket, run `docker pull snyk/broker:bitbucket-server`. Refer to [BitBucket Server/Data Center - environment variables](../../../../../implementation-and-setup/enterprise-setup/snyk-broker/classic-broker/install-and-configure-snyk-broker/bitbucket-server-data-center-prerequisites-and-steps-to-install-and-configure-broker/bitbucket-server-data-center-environment-variables-for-snyk-broker-basic-auth.md) for Snyk Broker for definitions of the environment variables.
If necessary, navigate to the [Advanced configuration page](../../../../../implementation-and-setup/enterprise-setup/snyk-broker/classic-broker/install-and-configure-snyk-broker/advanced-configuration-for-snyk-broker-docker-installation/) and make any configuration changes needed, such as providing the CA (Certificate Authority) to the Broker Client configuration if the Bitbucket instance is using a private certificate, and setting up [proxy support](../../../../../implementation-and-setup/enterprise-setup/snyk-broker/classic-broker/install-and-configure-snyk-broker/advanced-configuration-for-snyk-broker-docker-installation/proxy-support-with-docker.md).
@@ -48,7 +48,7 @@ Snyk Essentials is set by default to **`false`**. Enable it by setting the flag
The following explains how to configure Snyk Broker to use the Broker Client with a Bitbucket Server deployment using an API token.
-To use the Snyk Broker Client with BitBucket, **run** `docker pull snyk/broker:bitbucket-server-bearer-auth`. For definitions of the environment variables, refer to [Bitbucket Server/Data Center - environment variables for Snyk Broker Basic Auth](../../../../../implementation-and-setup/enterprise-setup/snyk-broker/classic-broker/install-and-configure-snyk-broker/bitbucket-server-data-center-prerequisites-and-steps-to-install-and-configure-broker/bitbucket-server-data-center-environment-variables-for-snyk-broker-basic-auth.md) and [Bitbucket Server/Data Center - environment variables for Snyk Broker Personal Access Token (PAT)](../../../../../implementation-and-setup/enterprise-setup/snyk-broker/classic-broker/install-and-configure-snyk-broker/bitbucket-server-data-center-prerequisites-and-steps-to-install-and-configure-broker/bitbucket-server-data-center-environment-variables-for-snyk-broker-personal-access-token-pat.md).
+To use the Snyk Broker Client with Bitbucket, **run** `docker pull snyk/broker:bitbucket-server-bearer-auth`. For definitions of the environment variables, refer to [Bitbucket Server/Data Center - environment variables for Snyk Broker Basic Auth](../../../../../implementation-and-setup/enterprise-setup/snyk-broker/classic-broker/install-and-configure-snyk-broker/bitbucket-server-data-center-prerequisites-and-steps-to-install-and-configure-broker/bitbucket-server-data-center-environment-variables-for-snyk-broker-basic-auth.md) and [Bitbucket Server/Data Center - environment variables for Snyk Broker Personal Access Token (PAT)](../../../../../implementation-and-setup/enterprise-setup/snyk-broker/classic-broker/install-and-configure-snyk-broker/bitbucket-server-data-center-prerequisites-and-steps-to-install-and-configure-broker/bitbucket-server-data-center-environment-variables-for-snyk-broker-personal-access-token-pat.md).
If necessary, go to the [Advanced configuration page](../../../../../implementation-and-setup/enterprise-setup/snyk-broker/classic-broker/install-and-configure-snyk-broker/advanced-configuration-for-snyk-broker-docker-installation/) and make any configuration changes needed, such as providing the CA (Certificate Authority) to the Broker Client configuration if the Bitbucket instance is using a private certificate, and setting up [proxy support](../../../../../implementation-and-setup/enterprise-setup/snyk-broker/classic-broker/install-and-configure-snyk-broker/advanced-configuration-for-snyk-broker-docker-installation/proxy-support-with-docker.md).
@@ -79,9 +79,9 @@ Snyk Essentials is set by default to `false`. Enable it by setting the flag to `
Paste the Broker Client configuration to start the Broker Client container.
-Once the container is up, the Bitbucket Integrations page shows the connection to Bitbucket, and you can `Add Projects`
+After the container is up, the Bitbucket Integrations page shows the connection to Bitbucket, and you can `Add Projects`.
-## Basic troubleshooting for Broker with BitBucket
+## Basic troubleshooting for Broker with Bitbucket
* Run `docker logs ` to look for any errors, where `container id` is the Bitbucket Broker container ID.
* Ensure relevant ports are exposed to Bitbucket.
diff --git a/platform-administration/enterprise-setup/snyk-broker/classic-broker/install-and-configure-snyk-broker/github-prerequisites-and-steps-to-install-and-configure-broker/github-install-and-configure-using-docker.md b/platform-administration/enterprise-setup/snyk-broker/classic-broker/install-and-configure-snyk-broker/github-prerequisites-and-steps-to-install-and-configure-broker/github-install-and-configure-using-docker.md
index ba0f8655d39e..8e910ef471ce 100644
--- a/platform-administration/enterprise-setup/snyk-broker/classic-broker/install-and-configure-snyk-broker/github-prerequisites-and-steps-to-install-and-configure-broker/github-install-and-configure-using-docker.md
+++ b/platform-administration/enterprise-setup/snyk-broker/classic-broker/install-and-configure-snyk-broker/github-prerequisites-and-steps-to-install-and-configure-broker/github-install-and-configure-using-docker.md
@@ -16,7 +16,7 @@ Copy the following command to set up a fully configured Broker Client to analyze
{% hint style="info" %}
**Multi-tenant settings for regions**\
-When installing, you must add a command in your script to set the `BROKER_SERVER_URL`.This is the URL of the Broker server for the region where your data is hosted. For the commands and URLs to use, see [Broker URLs](https://app.gitbook.com/s/ELvljsaLKPkSpffOkmsQ/regional-hosting-and-data-residency#broker-server-urls).
+When installing, you must add a command in your script to set the `BROKER_SERVER_URL`. This is the URL of the Broker server for the region where your data is hosted. For the commands and URLs to use, see [Broker URLs](https://app.gitbook.com/s/ELvljsaLKPkSpffOkmsQ/regional-hosting-and-data-residency#broker-server-urls).
{% endhint %}
```bash
diff --git a/platform-administration/enterprise-setup/snyk-broker/classic-broker/install-and-configure-snyk-broker/install-and-configure-broker-using-docker.md b/platform-administration/enterprise-setup/snyk-broker/classic-broker/install-and-configure-snyk-broker/install-and-configure-broker-using-docker.md
index 137f66727bc3..2e9911f532a1 100644
--- a/platform-administration/enterprise-setup/snyk-broker/classic-broker/install-and-configure-snyk-broker/install-and-configure-broker-using-docker.md
+++ b/platform-administration/enterprise-setup/snyk-broker/classic-broker/install-and-configure-snyk-broker/install-and-configure-broker-using-docker.md
@@ -1,7 +1,7 @@
# Install and configure Broker using Docker
{% hint style="info" %}
-[Broker version 4.205.1](https://github.com/snyk/broker/blob/cb4f89e05eb42605f076321b952cdb7e57bf4111/config.default.json#L8) has been [released](https://updates.snyk.io). In this version, all `ACCEPT` rule flags will be enabled by default. This reduces needed configuration. If you do not want a specific `ACCEPT` rule flag to be enabled, you can opt out of the default `ACCEPT` all behavior by adding `ACCEPT_=false` to your Broker client configuration.
+[Broker version 4.205.1](https://github.com/snyk/broker/blob/cb4f89e05eb42605f076321b952cdb7e57bf4111/config.default.json#L8) has been [released](https://updates.snyk.io). In this version, all `ACCEPT` rule flags are enabled by default. This reduces needed configuration. If you do not want a specific `ACCEPT` rule flag to be enabled, you can opt out of the default `ACCEPT` all behavior by adding `ACCEPT_=false` to your Broker client configuration.
{% endhint %}
{% hint style="info" %}
@@ -21,7 +21,7 @@ The following pages explain how to install these special integrations.
* [GitHub](github-prerequisites-and-steps-to-install-and-configure-broker/github-install-and-configure-using-docker.md)
* [GitHub Enterprise](github-enterprise-prerequisites-and-steps-to-install-and-configure-broker/github-enterprise-install-and-configure-using-docker.md)
-* [Bitbucket Server/Data Centre](bitbucket-server-data-center-prerequisites-and-steps-to-install-and-configure-broker/bitbucket-server-data-center-install-and-configure-using-docker.md)
+* [Bitbucket Server/Data Center](bitbucket-server-data-center-prerequisites-and-steps-to-install-and-configure-broker/bitbucket-server-data-center-install-and-configure-using-docker.md)
* [Gitlab](../../../../implementation-and-setup/enterprise-setup/snyk-broker/classic-broker/install-and-configure-snyk-broker/gitlab-prerequisites-and-steps-to-install-and-configure-broker/gitlab-install-and-configure-using-docker.md)
* [Azure Repos](../../../../implementation-and-setup/enterprise-setup/snyk-broker/classic-broker/install-and-configure-snyk-broker/azure-repos-prerequisites-and-steps-to-install-and-configure-broker/azure-repos-install-and-configure-using-docker.md)
* [JFrog Artifactory Repository](../../../../implementation-and-setup/enterprise-setup/snyk-broker/classic-broker/install-and-configure-snyk-broker/artifactory-repository-install-and-configure-broker/artifactory-repository-install-and-configure-using-docker.md)
@@ -31,7 +31,7 @@ The following pages explain how to install these special integrations.
You can customize the configuration using the environment variables in the Docker images. For this reason, install separate, multiple instances of the Broker Client for different integration types to ensure proper configuration as well as redundancy.
-You can verify that the Broker is running by looking at the settings for your brokered integration in [the Snyk Web UI](https://app.snyk.io) to see a confirmation message that you are connected. You can start importing Projects once you are connected.
+You can verify that the Broker is running by looking at the settings for your brokered integration in [the Snyk Web UI](https://app.snyk.io) to see a confirmation message that you are connected. You can start importing Projects after you are connected.
## Advanced configuration using Docker
diff --git a/platform-administration/enterprise-setup/snyk-broker/classic-broker/install-and-configure-snyk-broker/install-and-configure-broker-using-helm.md b/platform-administration/enterprise-setup/snyk-broker/classic-broker/install-and-configure-snyk-broker/install-and-configure-broker-using-helm.md
index 156679d45a88..5d7952262767 100644
--- a/platform-administration/enterprise-setup/snyk-broker/classic-broker/install-and-configure-snyk-broker/install-and-configure-broker-using-helm.md
+++ b/platform-administration/enterprise-setup/snyk-broker/classic-broker/install-and-configure-snyk-broker/install-and-configure-broker-using-helm.md
@@ -1,7 +1,7 @@
# Install and configure Broker using Helm
{% hint style="info" %}
-[Broker version 4.205.1](https://github.com/snyk/broker/blob/cb4f89e05eb42605f076321b952cdb7e57bf4111/config.default.json#L8) has been [released](https://updates.snyk.io). In this version, all `ACCEPT` rule flags will be enabled by default. This reduces needed configuration. If you do not want a specific `ACCEPT` rule flag to be enabled, you can opt out of the default `ACCEPT` all behavior by adding `ACCEPT_=false` to your Broker client configuration.
+[Broker version 4.205.1](https://github.com/snyk/broker/blob/cb4f89e05eb42605f076321b952cdb7e57bf4111/config.default.json#L8) has been [released](https://updates.snyk.io). In this version, all `ACCEPT` rule flags are enabled by default. This reduces needed configuration. If you do not want a specific `ACCEPT` rule flag to be enabled, you can opt out of the default `ACCEPT` all behavior by adding `ACCEPT_=false` to your Broker client configuration.
{% endhint %}
{% hint style="info" %}
@@ -22,7 +22,7 @@ When you set up Snyk Broker for use in regions other than the default, additiona
## Install using the Snyk Broker Helm Chart
-The Helm chart does not manage connectivity, and thus, you will be responsible for managing [ingress](../../../../implementation-and-setup/enterprise-setup/snyk-broker/classic-broker/install-and-configure-snyk-broker/advanced-configuration-for-helm-chart-installation/ingress-options-with-snyk-broker-helm-installation.md) in the Kubernetes cluster.
+The Helm chart does not manage connectivity, so you are responsible for managing [ingress](../../../../implementation-and-setup/enterprise-setup/snyk-broker/classic-broker/install-and-configure-snyk-broker/advanced-configuration-for-helm-chart-installation/ingress-options-with-snyk-broker-helm-installation.md) in the Kubernetes cluster.
To use this chart, you must first add the Snyk Broker Helm Chart by adding the repo:
@@ -48,7 +48,7 @@ Beginning with version 2.0.0, all created objects have a suffix based on the rel
Additional commands are available to install [Snyk Broker - Container Registry Agent](../../../../implementation-and-setup/enterprise-setup/snyk-broker/snyk-broker-container-registry-agent/), needed to connect to Container Registries; `scmType`: `container-registry-agent`\\
-You can verify that the Broker is running by looking at the settings for your brokered integration in [the Snyk Web UI](https://app.snyk.io) to see a confirmation message that you are connected. You can start importing Projects once you are connected.
+You can verify that the Broker is running by looking at the settings for your brokered integration in [the Snyk Web UI](https://app.snyk.io) to see a confirmation message that you are connected. You can start importing Projects after you are connected.
## Advanced configuration using Helm
diff --git a/platform-administration/enterprise-setup/snyk-broker/classic-broker/prepare-snyk-broker-for-deployment/obtain-the-tokens-required-to-set-up-snyk-broker.md b/platform-administration/enterprise-setup/snyk-broker/classic-broker/prepare-snyk-broker-for-deployment/obtain-the-tokens-required-to-set-up-snyk-broker.md
index fb9aecfc332b..fd63dc8d7a1c 100644
--- a/platform-administration/enterprise-setup/snyk-broker/classic-broker/prepare-snyk-broker-for-deployment/obtain-the-tokens-required-to-set-up-snyk-broker.md
+++ b/platform-administration/enterprise-setup/snyk-broker/classic-broker/prepare-snyk-broker-for-deployment/obtain-the-tokens-required-to-set-up-snyk-broker.md
@@ -20,7 +20,7 @@ For code repository (SCM) integrations, you can generate a Broker token by using
1. Use the endpoint [Update Existing Integration](https://app.gitbook.com/s/IEEjSXQQu36y0vmFV8zf/snyk-api/reference/integrations-v1#org-orgid-integrations-type) to enable Snyk Broker for a specific Organization and a specific SCM. Follow the example under "Set up a broker for an existing integration." This generates a Broker token in the UI.
2. To generate a Broker token programmatically after enabling Snyk Broker, use the endpoint [Provision new Broker token](https://app.gitbook.com/s/IEEjSXQQu36y0vmFV8zf/snyk-api/reference/integrations-v1#org-orgid-integrations-integrationid-authentication-provision-token) to generate a Broker token.\
You can see the generated Broker token in the API response body and on the Web UI.
-3. Verify the Broker token is generated in the Snyk Web UI under the specified SCM integration. by selecting **Settings** > **Integrations** for that specific integration to see the Broker token.
+3. Verify the Broker token is generated in the Snyk Web UI under the specified SCM integration by selecting **Settings** > **Integrations** for that specific integration to see the Broker token.
4. After generating the Broker token, copy and save it and store it in a secure location for future use, or obtain it later using the Web UI.
## **Generate a Broker token in the Web UI**
diff --git a/platform-administration/enterprise-setup/snyk-broker/universal-broker/README.md b/platform-administration/enterprise-setup/snyk-broker/universal-broker/README.md
index 8d0ca543f1e5..0e0aa68e6f6b 100644
--- a/platform-administration/enterprise-setup/snyk-broker/universal-broker/README.md
+++ b/platform-administration/enterprise-setup/snyk-broker/universal-broker/README.md
@@ -8,7 +8,7 @@ A deployment can support multiple connections of any type, as shown in the diagr
Universal Broker deployment example
-Connections are integrated with Organizations to provide access to your private resources for the appropriate Snyk Organization(s). These Organizations can be in the same or different Snyk Groups.
+Connections are integrated with Organizations to provide access to your private resources for the appropriate Snyk Organizations. These Organizations can be in the same or different Snyk Groups.
In the diagram, Group 1 includes Organizations A through D, and Group 2 includes Organizations E and F.
diff --git a/platform-administration/enterprise-setup/snyk-broker/universal-broker/add-a-new-connection-to-your-universal-broker.md b/platform-administration/enterprise-setup/snyk-broker/universal-broker/add-a-new-connection-to-your-universal-broker.md
index 680a491e8b1e..ed9fb82875c5 100644
--- a/platform-administration/enterprise-setup/snyk-broker/universal-broker/add-a-new-connection-to-your-universal-broker.md
+++ b/platform-administration/enterprise-setup/snyk-broker/universal-broker/add-a-new-connection-to-your-universal-broker.md
@@ -14,4 +14,4 @@ You can share credentials references across connections by selecting a credentia
After the connection is created, run `snyk-broker-config workflows connections integrate` and select the desired deployment and connection. Then enter the Organization ID for the Organization with which you want to integrate. For details, see [Integrate a connection with an Organization](../../../implementation-and-setup/enterprise-setup/snyk-broker/universal-broker/setting-up-and-integrating-your-universal-broker-connections.md#integrate-a-connection-with-an-organization).
-If you integrate a connection already integrated with an Organization, the previous integration will be lost in favor of the new one. Be sure to paste the correct Organization ID.
+If you integrate a connection already integrated with an Organization, the previous integration is lost in favor of the new one. Be sure to paste the correct Organization ID.
diff --git a/platform-administration/enterprise-setup/snyk-broker/universal-broker/basic-steps-to-install-and-configure-universal-broker.md b/platform-administration/enterprise-setup/snyk-broker/universal-broker/basic-steps-to-install-and-configure-universal-broker.md
index d081767e7d49..733b73682216 100644
--- a/platform-administration/enterprise-setup/snyk-broker/universal-broker/basic-steps-to-install-and-configure-universal-broker.md
+++ b/platform-administration/enterprise-setup/snyk-broker/universal-broker/basic-steps-to-install-and-configure-universal-broker.md
@@ -46,7 +46,7 @@ A typical workflow for adding a new Broker connection using the CLI involves the
snyk-broker-config workflows connections create
```
- The CLI will then guide you through the process, prompting for:
+ The CLI then guides you through the process, prompting for:
* Your Snyk API Token, required for authentication if you did not already export it as an environment variable.
* The Snyk Organization ID where the Broker connection is used.
@@ -95,7 +95,7 @@ You will need them to run your Broker Client.
Have you saved these credentials? (Y/N)
```
-The tool displays the credentials for the Broker App just installed. Be sure to store these safely like any other credentials. This is the only time the client secret will be displayed. If you lose these credentials, you must either delete and recreate the Snyk Broker Admin Organization and start over, or use the API to reinstall Universal Broker manually.
+The tool displays the credentials for the Broker App just installed. Be sure to store these safely like any other credentials. This is the only time the client secret is displayed. If you lose these credentials, you must either delete and recreate the Snyk Broker Admin Organization and start over, or use the API to reinstall Universal Broker manually.
* When you have saved your credentials, type Y and press Enter.
diff --git a/platform-administration/enterprise-setup/snyk-broker/universal-broker/deployment-tips-and-reference-architectures.md b/platform-administration/enterprise-setup/snyk-broker/universal-broker/deployment-tips-and-reference-architectures.md
index 549db34cf2d9..23c3fc1fce87 100644
--- a/platform-administration/enterprise-setup/snyk-broker/universal-broker/deployment-tips-and-reference-architectures.md
+++ b/platform-administration/enterprise-setup/snyk-broker/universal-broker/deployment-tips-and-reference-architectures.md
@@ -4,13 +4,13 @@
You can learn more about deployment and architecture, and more, with the [Universal Broker Snyk Learn ](https://learn.snyk.io/lesson/universal-broker/#3f799f7f-58a9-4225-53fb-9cc5b6913920)course.
{% endhint %}
-The Universal Broker allows you to run multiple connections of any type using a single container. Snyk recommends running in High Availability Mode (on by default), to run multiple replicas.
+The Universal Broker lets you run multiple connections of any type using a single container. Snyk recommends running in High Availability Mode (on by default), to run multiple replicas.
On Kubernetes, the Helm chart creates a stateful set with numerous members, automatically creating multiple replicas.
When using Docker Compose, you must create multiple replicas explicitly in your deployment configuration. See the [Docker Compose example](../../../implementation-and-setup/enterprise-setup/snyk-broker/universal-broker/running-your-universal-broker-client.md#docker-compose-example) for more info.
-Usage of resources varies based on a number of factors, making it difficult to model the actual use of resources (CPU and memory) for the container. Each deployment is limited to a maximum of 25 connections to avoid exhaustion of resources.
+Use of resources varies based on a number of factors, making it difficult to model the actual use of resources (CPU and memory) for the container. Each deployment is limited to a maximum of 25 connections to avoid exhaustion of resources.
If you find you need more resource segregation or allocation that does not fit well into a single container setup, you can create a new deployment with its set of connections to split the load across numerous Broker clients and containers.
diff --git a/platform-administration/enterprise-setup/snyk-broker/universal-broker/preparing-for-creating-universal-broker-deployments.md b/platform-administration/enterprise-setup/snyk-broker/universal-broker/preparing-for-creating-universal-broker-deployments.md
index cd145609136e..47d21e72b186 100644
--- a/platform-administration/enterprise-setup/snyk-broker/universal-broker/preparing-for-creating-universal-broker-deployments.md
+++ b/platform-administration/enterprise-setup/snyk-broker/universal-broker/preparing-for-creating-universal-broker-deployments.md
@@ -4,7 +4,7 @@ Before creating deployments, ensure you have met the [prerequisites](../../../im
## Prepare hosts for the installation of Universal Broker
-Snyk recommends configuring at least two separate instances of the Broker Client for each integration, either on different hosts or installed using Kubernetes. This ensures that you always have at least two instances running for redundancy. To install the Universal Broker using Helm please see the [Snyk Universal Broker Helm Chart](https://github.com/snyk/snyk-universal-broker-helm).
+Snyk recommends configuring at least two separate instances of the Broker Client for each integration, either on different hosts or installed using Kubernetes. This ensures that you always have at least two instances running for redundancy. To install the Universal Broker using Helm, see the [Snyk Universal Broker Helm Chart](https://github.com/snyk/snyk-universal-broker-helm).
## Configure your network for using Universal Broker
@@ -22,7 +22,7 @@ Use the Universal Broker `snyk-broker-config` CLI tool to configure and manage c
If you have not previously installed the Universal Broker, refer to the Prerequisites for Universal Broker and [Basic steps to install and configure Universal Broker.](basic-steps-to-install-and-configure-universal-broker.md)
-Be sure to set your environment variables to make usage easier, including when you are installing the `snyk-broker-config` CLI tool. Use the following commands:
+Be sure to set your environment variables to make use easier, including when you are installing the `snyk-broker-config` CLI tool. Use the following commands:
Linux/Mac
@@ -34,7 +34,7 @@ Windows
* `set SNYK_TOKEN=`
* `set TENANT_ID=`
-If the Universal Broker has already been installed, set the Install ID as an environment variable for easier usage. Use the following commands:
+If you have already installed the Universal Broker, set the Install ID as an environment variable for easier use. Use the following commands:
Linux/Mac
diff --git a/platform-administration/enterprise-setup/snyk-broker/universal-broker/using-the-api-to-set-up-universal-broker/using-the-api-to-set-up-a-github-connection.md b/platform-administration/enterprise-setup/snyk-broker/universal-broker/using-the-api-to-set-up-universal-broker/using-the-api-to-set-up-a-github-connection.md
index 178e634af9ba..9f39e8b44fd8 100644
--- a/platform-administration/enterprise-setup/snyk-broker/universal-broker/using-the-api-to-set-up-universal-broker/using-the-api-to-set-up-a-github-connection.md
+++ b/platform-administration/enterprise-setup/snyk-broker/universal-broker/using-the-api-to-set-up-universal-broker/using-the-api-to-set-up-a-github-connection.md
@@ -2,7 +2,7 @@
This page provides an example of using the API to set up a GitHub connection with the Universal Broker. Repeat connecting your Organization for as many integrations as needed.
-Using the `snyk-broker-config` CLI tool is recommended for an easier experience. The API allows for automation and more control, and also requires a clear understanding of Broker deployments, credentials, connections, and integrations.
+Snyk recommends using the `snyk-broker-config` CLI tool for an easier experience. The API allows for automation and more control, and also requires a clear understanding of Broker deployments, credentials, connections, and integrations.
{% hint style="info" %}
In any of the calls that follow, replace `api.snyk.io` with your regional equivalent if necessary, for example, `api.eu.snyk.io`. For a list of URLs, see [API URLs](https://app.gitbook.com/s/ELvljsaLKPkSpffOkmsQ/regional-hosting-and-data-residency#api-urls).
@@ -121,7 +121,7 @@ Use the `CLIENT_ID` and `CLIENT_SECRET` values returned when you installed the B
snyk/broker:universal
-When the command is running, you should get the following message in the output:
+When the command is running, you get the following message in the output:
{"name":"snyk-broker","hostname":"c918a4e1535a","pid":1,"level":30,"msg":"Found deployment 12345678-1234-1234-1234-123456789012. Waiting for connections. (polling)","time":"2024-06-18T20:15:20.572Z","v":0}
diff --git a/platform-administration/implementation-and-setup/enterprise-setup/service-accounts/README.md b/platform-administration/implementation-and-setup/enterprise-setup/service-accounts/README.md
index 31c979335471..d0d733684de4 100644
--- a/platform-administration/implementation-and-setup/enterprise-setup/service-accounts/README.md
+++ b/platform-administration/implementation-and-setup/enterprise-setup/service-accounts/README.md
@@ -7,7 +7,7 @@ Service accounts are available only for Enterprise plans. For more information,
Free and Team plan users and Trial users have access to a Snyk user's token under their profile and can use this token to authenticate with a CI/CD, to run the CLI locally or on a build machine, and to authenticate with an IDE manually.
{% endhint %}
-Service accounts are a special type of system user. Creating a service account generates an API token that is the only token associated with the service account and takes the place of standard user credentials. Snyk needs authentication in order to initiate Snyk processes.
+Service accounts are a special type of system user. Creating a service account generates an API token that is the only token associated with the service account and takes the place of standard user credentials. Snyk needs authentication to initiate Snyk processes.
You can set up a service account to use for automation rather than using a Snyk user's token and to help manage integrations.
@@ -48,7 +48,7 @@ Generate single or multiple tokens on the Group or Organization levels to manage
### Prerequisites to set up a service account
{% hint style="info" %}
-Group viewers are not able to create service accounts, regardless of their Org role.
+Group viewers cannot create service accounts, regardless of their Org role.
{% endhint %}
To create a Group service account**,** you must be a Group admin. To create an Organization service account, you must be either a Group member and Org Admin, or a Group admin.
@@ -84,7 +84,7 @@ From the **Role** dropdown list, select an appropriate role.
For Group service accounts, choose from the following list of roles to configure the scope of the token; Snyk recommends selecting Viewer or Admin.
-* **Group Viewer** enables read-only access. Note that to set an API token to be read-only and unable to write to the platform, you must use a service account and set it to Group Viewer. See [Snyk API token permissions users can control](https://app.gitbook.com/s/IEEjSXQQu36y0vmFV8zf/snyk-api/authentication-for-api/snyk-api-token-permissions-users-can-control).
+* **Group Viewer** enables read-only access. To set an API token to be read-only and unable to write to the platform, you must use a service account and set it to Group Viewer. See [Snyk API token permissions users can control](https://app.gitbook.com/s/IEEjSXQQu36y0vmFV8zf/snyk-api/authentication-for-api/snyk-api-token-permissions-users-can-control).
* **Group Admin** enables full administrator access.
* **Group Member** associates a service account with a group but does not grant any specific access.
@@ -93,14 +93,14 @@ For **Organization service accounts**, choose from the standard roles, **Org Adm
### Create the service account
{% hint style="warning" %}
-To align with security best practice, a service account token is only generated once. If you lose this token you will need to create a new service account and safely store that newly generated token.
+To align with security best practice, a service account token is only generated once. If you lose this token, you must create a new service account and safely store that newly generated token.
{% endhint %}
Click **Create**.
The token is generated and displayed.
-Ensure that you copy this token, as you will not see it again. You can click **Close and Hide** once you have copied the token; whether you do or not, when you navigate away from this page, the token will no longer be visible. This is a standard security practice to keep your tokens safe.
+Ensure that you copy this token, as you cannot see it again. You can click **Close and Hide** after you have copied the token. Whether you do or not, when you navigate away from this page, the token is no longer visible. This is a standard security practice to keep your tokens safe.
#### How the token is associated with a Group and Organizations
@@ -165,7 +165,7 @@ When you open a role that is assigned to a service account, the system displays
Warning that you are about to change a role assigned to a service account
{% hint style="warning" %}
-Snyk prevents users from creating Organization service accounts with a role that has more privileges than those the user creating the service account has. If you try to create a service account with a role that has more privileges than you have, you will see the error **Cannot create a service account with a higher privilege role than yours**.
+Snyk prevents users from creating Organization service accounts with a role that has more privileges than those the user creating the service account has. If you try to create a service account with a role that has more privileges than you have, you see the error **Cannot create a service account with a higher privilege role than yours**.
{% endhint %}
User cannot assign a more privileged role to a service account
diff --git a/platform-administration/implementation-and-setup/enterprise-setup/service-accounts/choose-a-service-account-type-to-use-with-snyk-apis.md b/platform-administration/implementation-and-setup/enterprise-setup/service-accounts/choose-a-service-account-type-to-use-with-snyk-apis.md
index 16a1046e145a..14f57ed4ae6c 100644
--- a/platform-administration/implementation-and-setup/enterprise-setup/service-accounts/choose-a-service-account-type-to-use-with-snyk-apis.md
+++ b/platform-administration/implementation-and-setup/enterprise-setup/service-accounts/choose-a-service-account-type-to-use-with-snyk-apis.md
@@ -10,7 +10,7 @@ The permissions granted to a service account depend on the user role type it is
#### Access tokens
-Service accounts use Snyk [access tokens](https://app.gitbook.com/s/IEEjSXQQu36y0vmFV8zf/snyk-api/authentication-for-api/personal-access-tokens-pats) to secure your workflow. You control when the service account is created and can se the expiry date. The maximum expiry for an access token service account is one year, and on expiration you must create a new service account to continue using this authentication method.
+Service accounts use Snyk [access tokens](https://app.gitbook.com/s/IEEjSXQQu36y0vmFV8zf/snyk-api/authentication-for-api/personal-access-tokens-pats) to secure your workflow. You control when the service account is created and can set the expiry date. The maximum expiry for an access token service account is one year, and on expiration you must create a new service account to continue using this authentication method.
Use an [OAuth 2.0 service account](service-accounts-using-oauth-2.0.md) instead of an access token service account, to prevent downtime when a token expires if you are using automation, for example, CI/CD pipeline.
@@ -24,4 +24,4 @@ For more details on implementing this type of service account, visit [Service ac
#### API key (legacy)
-The service account has a Snyk API key associated with it. API keys are quick to implement in a workflow and do not expire. Due to the risk of a token which does not expire, this option is not recommended.
+The service account has a Snyk API key associated with it. API keys are quick to implement in a workflow and do not expire. Due to the risk of a token that does not expire, Snyk does not recommend this option.
diff --git a/platform-administration/implementation-and-setup/enterprise-setup/service-accounts/manage-service-accounts-using-the-snyk-api.md b/platform-administration/implementation-and-setup/enterprise-setup/service-accounts/manage-service-accounts-using-the-snyk-api.md
index a5b5e2b36415..a43e8dbfcc01 100644
--- a/platform-administration/implementation-and-setup/enterprise-setup/service-accounts/manage-service-accounts-using-the-snyk-api.md
+++ b/platform-administration/implementation-and-setup/enterprise-setup/service-accounts/manage-service-accounts-using-the-snyk-api.md
@@ -25,7 +25,7 @@ Specific permissions are required to perform all these tasks. For more informati
`jwks_url` - A JWKs URL hosting your public keys used to verify signed JWT requests. This must be `https`. Required only when `auth_type` is `oauth_private_key_jwt`.
-`access_token_ttl_seconds` - The time, in seconds, that a generated access token will be valid for. Defaults to one hour if unset. Required only when `auth_type` is `oauth_client_secret` or `oauth_private_key_jwt`.
+`access_token_ttl_seconds` - The time, in seconds, that a generated access token is valid for. Defaults to one hour if unset. Required only when `auth_type` is `oauth_client_secret` or `oauth_private_key_jwt`.
## Manage Group-level service accounts
@@ -75,7 +75,7 @@ This call permanently deletes the specified service account and revokes its cred
**API endpoint:** [Manage a group service account’s client secret](https://app.gitbook.com/s/IEEjSXQQu36y0vmFV8zf/snyk-api/reference/serviceaccounts#groups-group_id-service_accounts-serviceaccount_id-secrets)
-This call allows you to manage the client secret for `oauth_client_secret` service accounts. You can perform the following operations:
+This call lets you manage the client secret for `oauth_client_secret` service accounts. You can perform the following operations:
* `create` - generate a new client secret. A service account can have a maximum of two active secrets at a time.
* `delete` - delete an existing client secret. This requires putting `client_secret` in the request body. Deleting an existing client secret would render it invalid. A service account must have at least one active secret; calling delete with your last secret will fail.
@@ -129,7 +129,7 @@ This call permanently deletes the specified service account.
**API endpoint:** [Manage an organization's service account's client secret](https://app.gitbook.com/s/IEEjSXQQu36y0vmFV8zf/snyk-api/reference/serviceaccounts#orgs-org_id-service_accounts-serviceaccount_id-secrets)
-This call allows you to manage the client secret for `oauth_client_secret` service accounts. You can perform the following operations:
+This call lets you manage the client secret for `oauth_client_secret` service accounts. You can perform the following operations:
* `create` - generate a new client secret. A service account can have a maximum of two active secrets at a time.
* `delete` - delete an existing client secret. This requires putting `client_secret` in the request body. Deleting an existing client secret would render it invalid. A service account must have at least one active secret; calling delete with your last secret will fail.
diff --git a/platform-administration/implementation-and-setup/enterprise-setup/service-accounts/service-accounts-using-oauth-2.0.md b/platform-administration/implementation-and-setup/enterprise-setup/service-accounts/service-accounts-using-oauth-2.0.md
index 0be08176b11c..9d03472621b2 100644
--- a/platform-administration/implementation-and-setup/enterprise-setup/service-accounts/service-accounts-using-oauth-2.0.md
+++ b/platform-administration/implementation-and-setup/enterprise-setup/service-accounts/service-accounts-using-oauth-2.0.md
@@ -5,7 +5,7 @@
Service accounts using OAuth 2.0 are available only with Enterprise plans through the Snyk API. For more information, see [Manage service accounts using the Snyk API](manage-service-accounts-using-the-snyk-api.md).
{% endhint %}
-You can create service accounts that authenticate with the [Auth 2.0 `client_credentials` grant flow](https://datatracker.ietf.org/doc/html/rfc6749#section-4.4). OAuth 2.0 access tokens are used the same way another Snyk token is used, but they have added security of a short time-to-live (TTL) and can be automatically refreshed.
+You can create service accounts that authenticate with the [OAuth 2.0 `client_credentials` grant flow](https://datatracker.ietf.org/doc/html/rfc6749#section-4.4). OAuth 2.0 access tokens are used the same way another Snyk token is used, but they have added security of a short time-to-live (TTL) and can be automatically refreshed.
## OAuth 2.0 with client secret
@@ -23,7 +23,7 @@ After the service account is created, you can retrieve an `access_token` through
You can use an`access_token` the same way as you would use a Snyk API key, but with the `Authorization: bearer $access_token` header or the `SNYK_OAUTH_TOKEN` environment variable with the Snyk CLI.
-The `access_token` has a short time-to-live and must be refreshed once it expires. There are many OAuth 2.0 libraries available that greatly simplify this process.
+The `access_token` has a short time-to-live and must be refreshed after it expires. Many OAuth 2.0 libraries are available that greatly simplify this process.
### Authenticate with the Snyk CLI
@@ -34,7 +34,7 @@ You can also use the `client_secret` and the `client_id` to authenticate with th
In addition to creating and managing OAuth service accounts through the API, you can create OAuth-based service accounts through the Web UI. The steps follow.
{% hint style="info" %}
-Note: you cannot modify the lifetime of an OAuth service account through the UI, but you can perform this action through the API.
+You cannot modify the lifetime of an OAuth service account through the UI, but you can perform this action through the API.
{% endhint %}
1. In the Group settings section, select **Service Accounts**.
@@ -45,10 +45,10 @@ Note: you cannot modify the lifetime of an OAuth service account through the UI,
3. Select the **OAuth 2.0 client credentials** radio button and click the **Create service account** button.
OAuth 2.0 client credentials
-4. A window opens, showing your **Client ID** and **Client secret**. Note these credentials and copy them, as you will not be able to retrieve them in the future. After you have copied the credentials to a safe location, click **Close window**.
-5. Your service account will be listed in the service accounts in your Group.
+4. A window opens, showing your **Client ID** and **Client secret**. Note these credentials and copy them, as you cannot retrieve them in the future. After you have copied the credentials to a safe location, click **Close window**.
+5. Your service account is listed in the service accounts in your Group.
-
Service account listed for your Gorup
+
Service account listed for your Group
## Delete an OAuth-based service account through the UI
@@ -59,9 +59,9 @@ Note: you cannot modify the lifetime of an OAuth service account through the UI,
3. A window opens with the prompt **Are you sure you want to delete this service account?** To delete the service account, click the **Delete service account** button.
-
Confirmation screen to keep service account or delete sevice account
+
Confirmation screen to keep service account or delete service account
-Your service account has been deleted.
+Your service account is deleted.
## OAuth 2.0 with Private Key JWT
@@ -92,10 +92,10 @@ The JWT should include the [claims](https://datatracker.ietf.org/doc/html/rfc751
### Retrieve a Private Key JWT access token
-After the service account is created and signed JWT is prepared, you can retrieve an `access_token` using the [Snyk OAuth 2.0 access token endpoint](https://app.gitbook.com/s/IEEjSXQQu36y0vmFV8zf/snyk-api/oauth2-api#token). This access token can be used the same way as a Snyk API key would be used. The request body should include the following:
+After the service account is created and signed JWT is prepared, you can retrieve an `access_token` using the [Snyk OAuth 2.0 access token endpoint](https://app.gitbook.com/s/IEEjSXQQu36y0vmFV8zf/snyk-api/oauth2-api#token). You can use this access token the same way as a Snyk API key. The request body should include the following:
* `grant_type: client_credentials`
* `client_assertion_type: private_key_jwt`
* `client_assertion:` ``
-The `access_token` has a short time to live and must be refreshed once it expires. Many OAuth 2.0 libraries are available that will greatly simplify this process.
+The `access_token` has a short time to live and must be refreshed after it expires. Many OAuth 2.0 libraries are available that greatly simplify this process.
diff --git a/platform-administration/implementation-and-setup/enterprise-setup/single-sign-on-sso-for-authentication-to-snyk/choose-a-provisioning-option.md b/platform-administration/implementation-and-setup/enterprise-setup/single-sign-on-sso-for-authentication-to-snyk/choose-a-provisioning-option.md
index c5a181ee3208..15ab1f3804f0 100644
--- a/platform-administration/implementation-and-setup/enterprise-setup/single-sign-on-sso-for-authentication-to-snyk/choose-a-provisioning-option.md
+++ b/platform-administration/implementation-and-setup/enterprise-setup/single-sign-on-sso-for-authentication-to-snyk/choose-a-provisioning-option.md
@@ -4,7 +4,7 @@
Contact your Snyk account team or Snyk Support to turn on custom mapping once you have completed the setup steps.
{% endhint %}
-Determine how new users in your company will get access to Snyk:
+Determine how new users in your company get access to Snyk:
* [Open to all](choose-a-provisioning-option.md#open-to-all)
* [Invitation required](choose-a-provisioning-option.md#invitation-required)
@@ -12,9 +12,9 @@ Determine how new users in your company will get access to Snyk:
## Open to all
-With the Open option, all users have automatic access to Snyk by using SSO to log in. They will have access to all Organizations in your selected Group. Their accounts will all be provisioned with the same role, with two options:
+With the Open option, all users have automatic access to Snyk by using SSO to log in. They have access to all Organizations in your selected Group. Snyk provisions all their accounts with the same role, with two options:
-* The **Org** **administrator** role allows all new users to manage other Org admins and collaborators, view Group reports, and work with Organizations within the Group as well as perform non-administrative tasks in the Organization.
+* The **Org** **administrator** role lets all new users manage other Org admins and collaborators, view Group reports, and work with Organizations in the Group as well as perform non-administrative tasks in the Organization.
* The **Org** **collaborator** role can perform non-administrative tasks in the Organization.
Let Snyk Support know whether new users will have the administrator role or the collaborator role for the Organization. The selected role applies for all users. For details, see [Pre-defined roles](../../../snyk-platform-administration/user-roles/pre-defined-roles.md).
@@ -25,7 +25,7 @@ With the invitation required or Group Member option, admins can invite users or
There are two ways to invite users to Organizations. Invite members (see [Manage users in Organizations](../../../snyk-platform-administration/groups-and-organizations/organizations/manage-users-in-organizations.md)) or automate the process using the Snyk [API Invite users endpoint](https://app.gitbook.com/s/IEEjSXQQu36y0vmFV8zf/snyk-api/reference/organizations-v1#org-orgid-invite).
-If users who have not been invited use SSO to log in, they will gain access to Snyk, but they will not see any Projects until an admin invites them or manually adds them to the applicable Organizations. You can provide a list of Organizations with the appropriate contact person so that new users can [request access](../../../snyk-platform-administration/groups-and-organizations/organizations/requests-for-access-to-an-organization.md).
+If users who have not been invited use SSO to log in, they gain access to Snyk, but they do not see any Projects until an admin invites them or manually adds them to the applicable Organizations. You can provide a list of Organizations with the appropriate contact person so that new users can [request access](../../../snyk-platform-administration/groups-and-organizations/organizations/requests-for-access-to-an-organization.md).
## Custom mapping
diff --git a/platform-administration/implementation-and-setup/enterprise-setup/single-sign-on-sso-for-authentication-to-snyk/configure-self-serve-single-sign-on-sso/README.md b/platform-administration/implementation-and-setup/enterprise-setup/single-sign-on-sso-for-authentication-to-snyk/configure-self-serve-single-sign-on-sso/README.md
index 905a44b51981..139440e9aab7 100644
--- a/platform-administration/implementation-and-setup/enterprise-setup/single-sign-on-sso-for-authentication-to-snyk/configure-self-serve-single-sign-on-sso/README.md
+++ b/platform-administration/implementation-and-setup/enterprise-setup/single-sign-on-sso-for-authentication-to-snyk/configure-self-serve-single-sign-on-sso/README.md
@@ -24,7 +24,7 @@ The process of establishing trust between your identity provider (IdP) and Snyk
{% hint style="info" %}
After SSO is configured both from Snyk and your company's network, a trust relationship is established with Snyk, Auth0 (on behalf of Snyk), and your network. Any sensitive data is encrypted and stored in Auth0 only for the purposes of enabling user logins.
-Although not all the examples following this page cover verifying the Snyk signature, it is recommended that you improve the trust relationship and ensure integrity even further. Follow your respective IdP's documentation to add SP signature verification where possible.
+Although not all the examples following this page cover verifying the Snyk signature, Snyk recommends that you improve the trust relationship and ensure integrity even further. Follow your respective IdP's documentation to add SP signature verification where possible.
{% endhint %}
## **User login**
@@ -42,7 +42,7 @@ Users are [provisioned ](../choose-a-provisioning-option.md)to Snyk when they lo
### **Configuring Snyk**
-1. In Step 2 of the SSO settings page in the Snyk web UI, enter the details collected from the IdP by providing the sign in URL, sign out URL if available and desired, the IdP signing certificate and domains and subdomains that will be served over the SSO connection.
+1. In Step 2 of the SSO settings page in the Snyk web UI, enter the details collected from the IdP by providing the sign in URL, sign out URL if available and desired, the IdP signing certificate and domains and subdomains that are served over the SSO connection.
2. In case the connection requires HTTP-Redirect protocol binding, change that option from the default HTTP-POST.
3. Finally, verify if an IdP-initiated workflow should be enabled and then select **Create Connection** or **Save changes** if you are modifying an existing connection**.**
diff --git a/platform-administration/implementation-and-setup/enterprise-setup/single-sign-on-sso-for-authentication-to-snyk/configure-self-serve-single-sign-on-sso/azure-ad-enterprise-application-setup.md b/platform-administration/implementation-and-setup/enterprise-setup/single-sign-on-sso-for-authentication-to-snyk/configure-self-serve-single-sign-on-sso/azure-ad-enterprise-application-setup.md
index f2d85f40c275..9462bce45fe9 100644
--- a/platform-administration/implementation-and-setup/enterprise-setup/single-sign-on-sso-for-authentication-to-snyk/configure-self-serve-single-sign-on-sso/azure-ad-enterprise-application-setup.md
+++ b/platform-administration/implementation-and-setup/enterprise-setup/single-sign-on-sso-for-authentication-to-snyk/configure-self-serve-single-sign-on-sso/azure-ad-enterprise-application-setup.md
@@ -57,4 +57,4 @@ If you wish to add signature verification of the incoming Snyk request:
1. Download the **Signing certificate** at step 1 of the Snyk SSO settings.
2. Use the following openssl command to convert it to .cer-format `openssl x509 -outform DER -in snyk.pem -out snyk.cer`
3. At the bottom of the **SAML Certificates** settings of your SSO app in Active Directory, click **Edit** next to **Verification certificates.**
-4. Check **Require verification certificates** and upload the certificate from the output of the above openssl command and click **Save**.
+4. Check **Require verification certificates** and upload the certificate from the output of the preceding openssl command and click **Save**.
diff --git a/platform-administration/implementation-and-setup/enterprise-setup/single-sign-on-sso-for-authentication-to-snyk/configure-self-serve-single-sign-on-sso/google-workspace-setup.md b/platform-administration/implementation-and-setup/enterprise-setup/single-sign-on-sso-for-authentication-to-snyk/configure-self-serve-single-sign-on-sso/google-workspace-setup.md
index 7dbad7bd4643..6bb1bc74a9d5 100644
--- a/platform-administration/implementation-and-setup/enterprise-setup/single-sign-on-sso-for-authentication-to-snyk/configure-self-serve-single-sign-on-sso/google-workspace-setup.md
+++ b/platform-administration/implementation-and-setup/enterprise-setup/single-sign-on-sso-for-authentication-to-snyk/configure-self-serve-single-sign-on-sso/google-workspace-setup.md
@@ -1,6 +1,6 @@
# Google Workspace setup
-This example shows setting up an Google Workspace SAML application and connecting it to Snyk to facilitate SSO.
+This example shows setting up a Google Workspace SAML application and connecting it to Snyk to facilitate SSO.
For details in addition to the information provided on this page, see [Set up your own custom SAML app](https://support.google.com/a/answer/6087519).
@@ -18,11 +18,11 @@ Start by logging into the Google Workspace [admin area](https://admin.google.com
4. Download the certificate and open it in your preferred text editor.
Download signing certificate
-5. Navigate to the Snyk portal, login and from the drop down at the top left select **GROUP OVERVIEW** and then the cog wheel (top right corner) to get to your group settings.
+5. Navigate to the Snyk portal, log in, and from the dropdown at the top left select **GROUP OVERVIEW** and then the cog wheel (top right corner) to get to your group settings.
Open group view in Snyk
6. Click on **SSO**, scroll down to step 2, and paste the Google SSO URL from step 4 into **Sign in URL** and the certificate in your text editor into **X509 signing certificate**.\
- Add the domain name(s) you are configuring this connection for in **Email domains and subdomains that need SSO access**.\
+ Add the domain names you are configuring this connection for in **Email domains and subdomains that need SSO access**.\
Verify if an **IdP-initiated workflow** should be enabled and then save your modifications
Enter details from Google Workspace
diff --git a/platform-administration/implementation-and-setup/enterprise-setup/single-sign-on-sso-for-authentication-to-snyk/configure-self-serve-single-sign-on-sso/okta-saml-application-setup.md b/platform-administration/implementation-and-setup/enterprise-setup/single-sign-on-sso-for-authentication-to-snyk/configure-self-serve-single-sign-on-sso/okta-saml-application-setup.md
index 3acf4ff098eb..a6f26b0a84a7 100644
--- a/platform-administration/implementation-and-setup/enterprise-setup/single-sign-on-sso-for-authentication-to-snyk/configure-self-serve-single-sign-on-sso/okta-saml-application-setup.md
+++ b/platform-administration/implementation-and-setup/enterprise-setup/single-sign-on-sso-for-authentication-to-snyk/configure-self-serve-single-sign-on-sso/okta-saml-application-setup.md
@@ -2,7 +2,7 @@
This example shows setting up an Okta SAML application and connecting this to Snyk to facilitate SSO. To configure your Okta to use SSO with Snyk, you need an entity ID and a reply URL (Assertion Consumer Service URL) from Snyk.
-1. From the drop-down at the top left select **GROUP OVERVIEW** and then the cog wheel (top right corner) to get to your group settings.
+1. From the dropdown at the top left select **GROUP OVERVIEW** and then the cog wheel (top right corner) to get to your group settings.
Select group overview
2. Click on **SSO** and copy the values under **Entity ID** and **ACS URL** or leave the browser tab open for easy access.
diff --git a/platform-administration/implementation-and-setup/enterprise-setup/single-sign-on-sso-for-authentication-to-snyk/configure-self-serve-single-sign-on-sso/onelogin-saml-application-setup.md b/platform-administration/implementation-and-setup/enterprise-setup/single-sign-on-sso-for-authentication-to-snyk/configure-self-serve-single-sign-on-sso/onelogin-saml-application-setup.md
index 1a60894b2c9a..09718effc6d0 100644
--- a/platform-administration/implementation-and-setup/enterprise-setup/single-sign-on-sso-for-authentication-to-snyk/configure-self-serve-single-sign-on-sso/onelogin-saml-application-setup.md
+++ b/platform-administration/implementation-and-setup/enterprise-setup/single-sign-on-sso-for-authentication-to-snyk/configure-self-serve-single-sign-on-sso/onelogin-saml-application-setup.md
@@ -1,4 +1,4 @@
-# OneLogin SAML Application setup
+# OneLogin SAML application setup
This example shows setting up a SAML application in OneLogin and connecting this to Snyk to facilitate SSO. To configure your OneLogin to use SSO with Snyk, start by obtaining an entity ID and a reply URL (Assertion Consumer Service URL) from Snyk.
@@ -14,7 +14,7 @@ This example shows setting up a SAML application in OneLogin and connecting this
4\. Filter by “saml” and select the **SAML Custom Connector (Advanced)** app.
-
Select SAML Cusotm Connector (Advanced) app
+
Select SAML Cusotm Connector (Advanced) app
5\. Enter a **Display Name** for the app, for example, Snyk. Optionally, pick an icon. You can find the Snyk logo on Snyk’s [press kit](https://snyk.io/press-kit/) page.
@@ -34,7 +34,7 @@ For the **Field name**, use **email**. Make sure the checkbox **Include in SAML
On the next screen, select **Email** in the **Value** dropdown list. **Save**.
-
Select Email form the value dropdown
+
Select Email form the value dropdown
Repeat the same steps for the **name** attribute.
diff --git a/platform-administration/implementation-and-setup/enterprise-setup/single-sign-on-sso-for-authentication-to-snyk/configure-self-serve-single-sign-on-sso/ping-identity-setup.md b/platform-administration/implementation-and-setup/enterprise-setup/single-sign-on-sso-for-authentication-to-snyk/configure-self-serve-single-sign-on-sso/ping-identity-setup.md
index e390fa7d319b..94c4e55c9c8f 100644
--- a/platform-administration/implementation-and-setup/enterprise-setup/single-sign-on-sso-for-authentication-to-snyk/configure-self-serve-single-sign-on-sso/ping-identity-setup.md
+++ b/platform-administration/implementation-and-setup/enterprise-setup/single-sign-on-sso-for-authentication-to-snyk/configure-self-serve-single-sign-on-sso/ping-identity-setup.md
@@ -25,7 +25,7 @@ Before configuring your Ping Identity Application to use SSO with Snyk, obtain a
7. Scroll further down and copy the **Single Signon Service** details.
Copy the Single Signon Service details
-8. Return to the the Snyk portal and paste the single sign-in URL copied at step 2 into the **Sign in URL** field. \\
+8. Return to the Snyk portal and paste the single sign-in URL copied at step 2 into the **Sign in URL** field. \\
Paste Sign in URL
9. Open the downloaded certificate in your preferred text editor, copy the text and paste it into the Snyk **X509 signing certificate** field, and add the relevant domains that are supported by this SSO connection.\
@@ -34,7 +34,7 @@ Before configuring your Ping Identity Application to use SSO with Snyk, obtain a
Enter the Ping Identity details
10. In Ping Identity, select **Attribute mappings** and click the pencil to edit.
-
Edit attribue mappings
+
Edit attribue mappings
11. Click the cog icon and add the following attributes:
**email**: Email Address\
diff --git a/platform-administration/implementation-and-setup/enterprise-setup/single-sign-on-sso-for-authentication-to-snyk/custom-mapping/README.md b/platform-administration/implementation-and-setup/enterprise-setup/single-sign-on-sso-for-authentication-to-snyk/custom-mapping/README.md
index 33faa12676ce..81fb2cc55995 100644
--- a/platform-administration/implementation-and-setup/enterprise-setup/single-sign-on-sso-for-authentication-to-snyk/custom-mapping/README.md
+++ b/platform-administration/implementation-and-setup/enterprise-setup/single-sign-on-sso-for-authentication-to-snyk/custom-mapping/README.md
@@ -1,6 +1,6 @@
# Custom mapping
-Custom mapping allows you to dynamically assign users to your Snyk Groups and Organizations based on data provided by your Identity Provider (IdP), in order to implement a scaled user provisioning and access model.
+Custom mapping lets you dynamically assign users to your Snyk Groups and Organizations based on data provided by your Identity Provider (IdP), to implement a scaled user provisioning and access model.
{% hint style="warning" %}
Contact your Snyk account team or Snyk Support to turn on custom mapping once you have completed the setup steps.
@@ -38,8 +38,8 @@ Role assertions should be provided to Snyk in the following format:
Where:
* `snyk` is a fixed prefix for role mapping. **Required**.
-* `scope` can be one of `org`, `group`, or `tenant`. **Required**; if a role mapping does not contain a valid scope, it will be ignored.
-* `target` can be a slug of an `org`, `group`, or `tenant` where the role will be granted. See [slugs](./#slugs) for more information.
+* `scope` can be one of `org`, `group`, or `tenant`. **Required**; if a role mapping does not contain a valid scope, Snyk ignores it.
+* `target` can be a slug of an `org`, `group`, or `tenant` where the role is granted. See [slugs](./#slugs) for more information.
* **Optional**; may be an asterisk `*` or empty string `::`to apply as a [wildcard](./#wildcards) for all resources within the defined `scope` that are associated with the SSO connection.
* **Optional**; an asterisk ( `*`) or an empty string can be used to apply to all resources **t**hat are associated with the SSO connection.
* `role` is the normalized name of the required role. **Required**; if no role is present, the role mapping is ignored. See [Role normalized name](./#role-normalized-name) to find this information.
@@ -54,20 +54,20 @@ Users must only have one role mapped per Organization, Group or Tenant. Mapping
All users with any memberships within a Tenant must have a Tenant membership. If a user has a membership of an Organization, they must also have a Group Membership.
-If only an Organization-level role assertion is provided for a given user, for example, then the user will automatically be assigned the **Tenant Member** and **Group Member** roles. These automatic assignments can be overridden by providing role assertions at the Group or Tenant level.
+If only an Organization-level role assertion is provided for a given user, for example, then Snyk automatically assigns the user the **Tenant Member** and **Group Member** roles. You can override these automatic assignments by providing role assertions at the Group or Tenant level.
Snyk recommends providing explicit Tenant level and Group level role assertions where needed, to ensure that users have the correct role on login.
{% hint style="info" %}
-An SSO connection may only be associated with one Tenant, and all users with any memberships within a tenant must also have a Tenant Membership.
+An SSO connection can only be associated with one Tenant, and all users with any memberships in a tenant must also have a Tenant Membership.
-Therefore, it may be easier to assign Tenant-level roles by using the wildcard syntax (see example below), since the SSO is only linked to the one Tenant.
+Therefore, it may be easier to assign Tenant-level roles by using the wildcard syntax, since the SSO is only linked to the one Tenant.
{% endhint %}
### Example role assertions
-* `snyk:group:*:group_admin` Assigns the user the Group admin role for all groups associated with the SSO connection.
-* `snyk:group::custom:sysadmin` Assigns the user the custom Group-level role `Sys Admin` for all groups associated with the SSO connection.
+* `snyk:group:*:group_admin` Assigns the user the Group admin role for all Groups associated with the SSO connection.
+* `snyk:group::custom:sysadmin` Assigns the user the custom Group-level role `Sys Admin` for all Groups associated with the SSO connection.
* Note that `::` here indicates an empty string for the target, and so is treated as a wildcard in the preceding example.
* Note that this Group-level custom role must be created manually before it can be assigned.
* `snyk:org:my-default-org:org_admin` Assigns the user the **Organization Admin** Organization-level role for the Organization `my-default-org`.
@@ -97,9 +97,9 @@ snyk:org:test-org-N58YhztauHcaMiNfvi5fbL:custom:developer_readonly"
```
{% endhint %}
-These assertions will assign the user:
+These assertions assign the user:
-* The pre-defined Group-level role **Group Viewer** for all groups in the SSO. See [pre-defined roles](../../../../snyk-platform-administration/user-roles/pre-defined-roles.md) for the permission this grants
+* The pre-defined Group-level role **Group Viewer** for all Groups in the SSO. See [pre-defined roles](../../../../snyk-platform-administration/user-roles/pre-defined-roles.md) for the permission this grants
* The pre-defined Organization-level role **Organization Admin** for the Organization with the name **Development**.
* The custom Organization-level role **Developer ReadOnly** for the Organization with the name **Test Org**, which has the slug `test-org-N58YhztauHcaMiNfvi5fbL`.
@@ -116,11 +116,11 @@ roles: [
]
```
-These role assertions will:
+These role assertions:
* Grant the user the pre-defined Organization-level role **Organization Admin** in the **Development** Organization.
-* Grant the user the custom Organization-level role **Developer ReadOnly** on all other organizations within the SSO connection.
-* Grant the user the pre-defined Group-level role **Group Member** on all groups in the SSO connection. For more details, see the note that follows.
+* Grant the user the custom Organization-level role **Developer ReadOnly** on all other Organizations in the SSO connection.
+* Grant the user the pre-defined Group-level role **Group Member** on all Groups in the SSO connection. For more details, see the note that follows.
{% hint style="info" %}
Any user that is granted a role in an Organization within the SSO without an explicit Group-level role in the role assertion, will also be implicitly assigned the **Group Member** Group-level role for that Group. This is the pre-defined Group-level role with the fewest permissions and ensures that the user becomes a member of the Group.
diff --git a/platform-administration/implementation-and-setup/enterprise-setup/single-sign-on-sso-for-authentication-to-snyk/custom-mapping/examples-setting-up-custom-mapping-for-idps/README.md b/platform-administration/implementation-and-setup/enterprise-setup/single-sign-on-sso-for-authentication-to-snyk/custom-mapping/examples-setting-up-custom-mapping-for-idps/README.md
index 0ae43b6c72bf..8433fd68a5de 100644
--- a/platform-administration/implementation-and-setup/enterprise-setup/single-sign-on-sso-for-authentication-to-snyk/custom-mapping/examples-setting-up-custom-mapping-for-idps/README.md
+++ b/platform-administration/implementation-and-setup/enterprise-setup/single-sign-on-sso-for-authentication-to-snyk/custom-mapping/examples-setting-up-custom-mapping-for-idps/README.md
@@ -1,6 +1,6 @@
# Examples: setting up custom mapping for IdPs
-The following examples of how to set up a custom mapping for various identify providers are available here:
+The following examples show how to set up a custom mapping for various identity providers:
* [Example: Setting up custom mapping for Okta](example-setting-up-custom-mapping-for-okta.md)
* [Example: Setting up custom mapping for Entra ID](example-setting-up-custom-mapping-for-entra-id.md)
diff --git a/platform-administration/implementation-and-setup/enterprise-setup/single-sign-on-sso-for-authentication-to-snyk/custom-mapping/examples-setting-up-custom-mapping-for-idps/example-setting-up-custom-mapping-for-an-okta-oidc-app.md b/platform-administration/implementation-and-setup/enterprise-setup/single-sign-on-sso-for-authentication-to-snyk/custom-mapping/examples-setting-up-custom-mapping-for-idps/example-setting-up-custom-mapping-for-an-okta-oidc-app.md
index 4f5372214434..f4aa5a27001e 100644
--- a/platform-administration/implementation-and-setup/enterprise-setup/single-sign-on-sso-for-authentication-to-snyk/custom-mapping/examples-setting-up-custom-mapping-for-idps/example-setting-up-custom-mapping-for-an-okta-oidc-app.md
+++ b/platform-administration/implementation-and-setup/enterprise-setup/single-sign-on-sso-for-authentication-to-snyk/custom-mapping/examples-setting-up-custom-mapping-for-idps/example-setting-up-custom-mapping-for-an-okta-oidc-app.md
@@ -1,6 +1,6 @@
# Example: setting up custom mapping for an Okta OIDC app
-Follow these steps configure an integration for OIDC Okta.
+Follow these steps to configure an integration for OIDC Okta.
## Create an Okta OIDC app
@@ -15,11 +15,11 @@ Follow these steps configure an integration for OIDC Okta.
* If you are not using the Implicit Grant type, the client secret
4. Also, share with Snyk the Issuer URL/domain. This is typically the URL you find in your browser address bar without "-admin", for example, https://customer.example.okta.com. It can also be found under the **Sign-On** tab of your application by editing the **OpenID Connect ID Token** from **Dynamic** Issuer to **Okta URL**.
-If you wish to set up custom mapping, move on to the next section of this guide.
+To set up custom mapping, continue to the next section.
## Add custom mapping
-[Custom mapping](../) for an OIDC application in Okta is easily managed through custom attributes on the Group level.
+Manage [custom mapping](../) for an OIDC application in Okta through custom attributes at the Group level.
### Create a custom app user attribute to contain both the Snyk Organization name and role
@@ -38,10 +38,10 @@ If you wish to set up custom mapping, move on to the next section of this guide.
### Assign the attribute to the relevant Okta groups
1. On the main page of Okta select **Directory** > **Groups**.
-2. Select a **Group**, navigate to the **Applications** tab, click **Assign** **application** if not already assigned, and choose your Snyk OIDC app,. Then click on the pencil next to the displayed Snyk OIDC app.
+2. Select a **Group**, navigate to the **Applications** tab, click **Assign** **application** if not already assigned, and choose your Snyk OIDC app. Then click the pencil next to the displayed Snyk OIDC app.
Group selected for modicification
-3. In the **Edit App Assignment** dialog, add the Snyk org name + role associated with your Okta group (no spaces or capital letter(s)), following the syntax explained in [custom mapping](../) (or [legacy custom mapping](../legacy-custom-mapping.md) if using the legacy mapping option). Example, `snyk:org:*:org_admin`.\\
+3. In the **Edit App Assignment** dialog, add the Snyk org name + role associated with your Okta group (no spaces or capital letters), following the syntax explained in [custom mapping](../) (or [legacy custom mapping](../legacy-custom-mapping.md) if using the legacy mapping option). Example, `snyk:org:*:org_admin`.\\
Adding Snyk roles
4. Repeat the preceding steps for all your applicable Okta groups to assign the org name and role combination to each user within each configured group.
diff --git a/platform-administration/implementation-and-setup/enterprise-setup/single-sign-on-sso-for-authentication-to-snyk/custom-mapping/examples-setting-up-custom-mapping-for-idps/example-setting-up-custom-mapping-for-entra-id.md b/platform-administration/implementation-and-setup/enterprise-setup/single-sign-on-sso-for-authentication-to-snyk/custom-mapping/examples-setting-up-custom-mapping-for-idps/example-setting-up-custom-mapping-for-entra-id.md
index f359cee9f228..38c5bf5a655e 100644
--- a/platform-administration/implementation-and-setup/enterprise-setup/single-sign-on-sso-for-authentication-to-snyk/custom-mapping/examples-setting-up-custom-mapping-for-idps/example-setting-up-custom-mapping-for-entra-id.md
+++ b/platform-administration/implementation-and-setup/enterprise-setup/single-sign-on-sso-for-authentication-to-snyk/custom-mapping/examples-setting-up-custom-mapping-for-idps/example-setting-up-custom-mapping-for-entra-id.md
@@ -1,6 +1,6 @@
# Example: setting up custom mapping for Entra ID
-The following information shows how to configure the custom mapping of roles for Entra ID (formerly Azure AD).
+This page shows how to configure the custom mapping of roles for Entra ID (formerly Azure AD).
{% hint style="info" %}
See the [Entra ID Enterprise Application example](../../configure-self-serve-single-sign-on-sso/azure-ad-enterprise-application-setup.md) for guidance setting up the initial Enterprise application.
@@ -14,7 +14,7 @@ The following are the prerequisites for configuring app roles:
* If you select SAML, there is a requirement to add a custom claim; the step to do that is in these instructions.
* You must have an existing Azure Enterprise application and app registration connected to that SSO configuration.
-The **steps** in **configuring App role**s follow.
+To configure app roles, follow these steps.
1. In your App registration menu, select the name of your Enterprise Application.
@@ -39,9 +39,9 @@ The **steps** in **configuring App role**s follow.
6. Select **Users and groups**; from the dropdown, select a role and select **Assign**.\\
Add assignment
-7. Repeat for all required groups and roles that should be assigned. Then verify that the list looks similar to this.\\
+7. Repeat for all required groups and roles. Then verify that the list looks similar to this.\\
- Note that it is also possible to add multiple Snyk roles to one App role, as the payload can be interpreted as a comma-separated string. However, this can not be used in conjunction with multiple App roles, as only one syntax will be respected (string or array).
+ You can also add multiple Snyk roles to one App role, as the payload can be interpreted as a comma-separated string. However, you cannot use this with multiple App roles, as Snyk respects only one syntax (string or array).
Users and group list
8. If you have configured a SAML connection, add a custom claim to pass the roles array in the SAML payload to Snyk. Select **Single sign-on** in the left-hand menu.
@@ -59,4 +59,4 @@ Ensure you add the claim correctly. If you do not add it or you do it incorrectl
Custom claim
-When you have completed these steps, reach out to your Snyk point of contact to have the configuration completed.
+After you complete these steps, contact your Snyk point of contact to complete the configuration.
diff --git a/platform-administration/implementation-and-setup/enterprise-setup/single-sign-on-sso-for-authentication-to-snyk/custom-mapping/examples-setting-up-custom-mapping-for-idps/example-setting-up-custom-mapping-for-google-workspace.md b/platform-administration/implementation-and-setup/enterprise-setup/single-sign-on-sso-for-authentication-to-snyk/custom-mapping/examples-setting-up-custom-mapping-for-idps/example-setting-up-custom-mapping-for-google-workspace.md
index 01f6215bbe51..f0b0fa782327 100644
--- a/platform-administration/implementation-and-setup/enterprise-setup/single-sign-on-sso-for-authentication-to-snyk/custom-mapping/examples-setting-up-custom-mapping-for-idps/example-setting-up-custom-mapping-for-google-workspace.md
+++ b/platform-administration/implementation-and-setup/enterprise-setup/single-sign-on-sso-for-authentication-to-snyk/custom-mapping/examples-setting-up-custom-mapping-for-idps/example-setting-up-custom-mapping-for-google-workspace.md
@@ -1,10 +1,10 @@
# Example: setting up custom mapping for Google Workspace
-The following shows how to use [custom mapping](../) to map roles for a Google Workspace custom SAML connection.
+This page shows how to use [custom mapping](../) to map roles for a Google Workspace custom SAML connection.
For additional details and guidance, see the [Google documentation, Manage Custom User Fields](https://developers.google.com/admin-sdk/directory/v1/guides/manage-schemas).
-To use the API, either log in to your Google Workspace admin area and from there execute the commands that follow , or for flexibility and automation, use the API with your preferred API client or script. To generate API credentials, refer to the Google documentation, [Create access credentials](https://developers.google.com/workspace/guides/create-credentials).
+To use the API, either log in to your Google Workspace admin area and run the commands that follow, or, for flexibility and automation, use the API with your preferred API client or script. To generate API credentials, refer to the Google documentation, [Create access credentials](https://developers.google.com/workspace/guides/create-credentials).
## Add a user schema
@@ -54,10 +54,11 @@ To expose these roles in the SAML payload, you must modify the attributes in the
1. Log in to your Google Workspace Admin area and go to **Apps** and then **Web and mobile apps** and open your application.
Open Google SAML app
-2. Click on **SAML attribute mapping** and then **ADD MAPPING**.
+2. Click **SAML attribute mapping** and then **ADD MAPPING**.
3. Click **Select field** and scroll to the bottom until you find **Snyk-SSO - roles** and select it.
4. In the **App attributes** value field, enter **roles** and click **Save**.
Adding custom mapping app attribute
After this, log in as a user and have your Snyk contact validate the SAML payload and finalize the setup in the Snyk backend.
+
diff --git a/platform-administration/implementation-and-setup/enterprise-setup/single-sign-on-sso-for-authentication-to-snyk/custom-mapping/examples-setting-up-custom-mapping-for-idps/example-setting-up-custom-mapping-for-okta.md b/platform-administration/implementation-and-setup/enterprise-setup/single-sign-on-sso-for-authentication-to-snyk/custom-mapping/examples-setting-up-custom-mapping-for-idps/example-setting-up-custom-mapping-for-okta.md
index dac9d1ab8c63..17bd14285eb5 100644
--- a/platform-administration/implementation-and-setup/enterprise-setup/single-sign-on-sso-for-authentication-to-snyk/custom-mapping/examples-setting-up-custom-mapping-for-idps/example-setting-up-custom-mapping-for-okta.md
+++ b/platform-administration/implementation-and-setup/enterprise-setup/single-sign-on-sso-for-authentication-to-snyk/custom-mapping/examples-setting-up-custom-mapping-for-idps/example-setting-up-custom-mapping-for-okta.md
@@ -1,12 +1,12 @@
# Example: setting up custom mapping for Okta
-The following shows two different options for custom mapping of Okta roles, using [Legacy custom mapping](../legacy-custom-mapping.md).
+This page shows two different options for custom mapping of Okta roles, using [legacy custom mapping](../legacy-custom-mapping.md).
{% hint style="info" %}
For both of these options to work, the Snyk SSO application must be assigned at the group level, not the user level.
{% endhint %}
-## Option 1: Assign Custom Mapping with Groups
+## Option 1: Assign custom mapping with Groups
In this configuration:
@@ -38,13 +38,13 @@ When you look at a user's Application assignment it should look similar to the i
### Assign the attribute to the relevant Okta groups
1. On the main page of Okta select **Directory** > **Groups**.
-2. Select a **Group**, navigate to the **Applications** tab, click **Assign** **application** if not already assigned, and choose your Snyk SSO app,. Then click on the pencil next to the displayed Snyk SSO app.
-3. In the **Edit App Assignment** dialog, add the Snyk Organization slug, and the Organization role name associated with your Okta group (no spaces or capital letters), following the syntax explained in [custom mapping ](../)(or see [legacy custom mapping](../legacy-custom-mapping.md) if you are using that option).
+2. Select a **Group**, navigate to the **Applications** tab, click **Assign** **application** if not already assigned, and choose your Snyk SSO app. Then click the pencil next to the displayed Snyk SSO app.
+3. In the **Edit App Assignment** dialog, add the Snyk Organization slug and the Organization role name associated with your Okta group (no spaces or capital letters), following the syntax explained in [custom mapping ](../)(or see [legacy custom mapping](../legacy-custom-mapping.md) if you are using that option).
4. Repeat the preceding steps for all your applicable Okta groups to assign the org name and role combination to each user within each configured group.
### Construct a value expression that creates a roles array to be sent to Snyk
-1. Navigate to **Applications** > **Applications** and click on the **Snyk app** you configured.
+1. Navigate to **Applications** > **Applications** and click the **Snyk app** you configured.
2. Select **General Tab** > **Edit SAML Settings** and click **next** to go to the **Configure SAML** step.
3. Add an **Attribute Statement** named “roles” of an unspecified type.
4. Select **Attribute Statements** and set **roles** as the **Name** field with **Name format** **Unspecified** and the **Value** in the following expression:
@@ -53,16 +53,16 @@ When you look at a user's Application assignment it should look similar to the i
5. Reach out to your Snyk point of contact so they can complete the configuration.
{% hint style="info" %}
-If your Snyk representative lets you know that `Arrays.flatten(appuser.snyk_orgs)` is sent to Snyk, instead of the actual roles value(s), you must verify that the App is assigned at the Group level and not the user level. If both user and Group have been assigned, the individual assignment will take precedence, and the roles assignment will not work. Remove the individual assignment if this is the case.
+If your Snyk representative lets you know that `Arrays.flatten(appuser.snyk_orgs)` is sent to Snyk, instead of the actual roles values, you must verify that the App is assigned at the Group level and not the user level. If both user and Group are assigned, the individual assignment takes precedence, and the roles assignment does not work. Remove the individual assignment if this is the case.
{% endhint %}
## Option 2: Assign custom mapping with user roles
-The following describes Custom Mapping with user roles.
+The following describes custom mapping with user roles.
{% hint style="warning" %}
-These instructions show how to map roles using the [legacy custom mapping](../legacy-custom-mapping.md) option. To use Custom mapping, [option 1](example-setting-up-custom-mapping-for-okta.md#option-1-assign-custom-mapping-with-groups) is recommended.\
-Reach out to your Snyk point of contact if you have any questions
+These instructions show how to map roles using the [legacy custom mapping](../legacy-custom-mapping.md) option. To use custom mapping, [option 1](example-setting-up-custom-mapping-for-okta.md#option-1-assign-custom-mapping-with-groups) is recommended.\
+Reach out to your Snyk point of contact if you have any questions.
{% endhint %}
* Okta groups are mapped to Snyk Organizations.
@@ -87,7 +87,7 @@ When your Snyk Groups and users have been set up, follow these steps:
**Display name**: Snyk Orgs\
**Variable name**: snyk\_orgs\
**Group Priority**: Combine values across groups
-4. select **Save and Add Another**.
+4. Select **Save and Add Another**.
### Create a second app attribute that contains roles
@@ -106,24 +106,24 @@ When your Snyk Groups and users have been set up, follow these steps:
### Assign the first attribute to your Okta groups
1. On the main page of Okta select **Directory > Groups**.
-2. Select a **Group**, navigate to the **Applications** tab, click **Assign** **application i**f not already assigned, and choose your Snyk SSO app. Then click on the pencil next to the displayed Snyk app.
-3. In **Edit App Assignment** dialog, add the Snyk Organization name to associate with your Okta group (no spaces or capital letter(s)).
+2. Select a **Group**, navigate to the **Applications** tab, click **Assign** **application** if not already assigned, and choose your Snyk SSO app. Then click the pencil next to the displayed Snyk app.
+3. In **Edit App Assignment** dialog, add the Snyk Organization name to associate with your Okta group (no spaces or capital letters).
4. Repeat the preceding steps to assign the Snyk app to all your applicable Okta groups, modifying the Snyk Organization name as needed.
### Assign the second attribute to your users
1. On the main page of Okta select **Directory** > **People.**
-2. Select a **User,** navigate to the **Applications** tab, and click on the pencil next to the application.
+2. Select a **User,** navigate to the **Applications** tab, and click the pencil next to the application.
3. Select the right user type in group (user role): **Collaborator**, **Admin**, or **Group Admin**.
### Construct a value expression that concatenates these two attributes into string values in a roles array to be sent to Snyk
-1. Navigate to **Applications** > **Applications** and click on the **Snyk app** you configured.
+1. Navigate to **Applications** > **Applications** and click the **Snyk app** you configured.
2. Select **General Tab** > **SAML Settings** > **Edit** and click **next** to go to the Configure SAML step.
3. Select **Attribute Statements** and add an attribute named **roles** with **Name format** **Unspecified** and the **Value** in the following expression:\
`appuser.user_role == "groupadmin" ? "snyk-groupadmin" : Arrays.flatten(String.replace(String.replace(String.append("snyk-",String.append(Arrays.toCsvString(appuser.snyk_orgs),"-"+appuser.user_role)),",",",snyk-"),",","-"+appuser.user_role+","))`
4. Click **Next** > **Finish.**
-5. Reach out to your Snyk point of contact so they can complete the configuration. This process may take four to five days.
+5. Reach out to your Snyk point of contact so they can complete the configuration. This process can take four to five days.
The following explains the roles expression:
diff --git a/platform-administration/implementation-and-setup/enterprise-setup/single-sign-on-sso-for-authentication-to-snyk/custom-mapping/examples-setting-up-custom-mapping-for-idps/example-setting-up-custom-mapping-for-onelogin.md b/platform-administration/implementation-and-setup/enterprise-setup/single-sign-on-sso-for-authentication-to-snyk/custom-mapping/examples-setting-up-custom-mapping-for-idps/example-setting-up-custom-mapping-for-onelogin.md
index 282eead8339b..91022978432f 100644
--- a/platform-administration/implementation-and-setup/enterprise-setup/single-sign-on-sso-for-authentication-to-snyk/custom-mapping/examples-setting-up-custom-mapping-for-idps/example-setting-up-custom-mapping-for-onelogin.md
+++ b/platform-administration/implementation-and-setup/enterprise-setup/single-sign-on-sso-for-authentication-to-snyk/custom-mapping/examples-setting-up-custom-mapping-for-idps/example-setting-up-custom-mapping-for-onelogin.md
@@ -4,14 +4,14 @@ This example shows how to configure user roles after you have [configured OneLog
OneLogin has the concept of groups and roles. However, OneLogin does not support the assignment of multiple groups to a user.
-Therefore, roles will be assigned to users directly instead of indirectly through groups.
+Therefore, assign roles to users directly instead of indirectly through groups.
-1. In OneLogin, go to the **Users** and then to the **Roles** section and create the roles following the naming convention outlined for [custom mapping](../). Each role should have the Snyk SAML app enabled as the role app.\
+1. In OneLogin, navigate to **Users** and then to the **Roles** section and create the roles following the naming convention outlined for [custom mapping](../). Each role must have the Snyk SAML app enabled as the role app.\
Assign the users to their roles as needed.
OneLogin Roles section
-2. To transfer the user roles in the SAML assertion to Snyk, go to **Applications**, select the Snyk SAML app, and select the **Parameters** section on the left.\\
+2. To transfer the user roles in the SAML assertion to Snyk, navigate to **Applications**, select the Snyk SAML app, and select the **Parameters** section.\\
OneLogin Applications Parameters
diff --git a/platform-administration/implementation-and-setup/enterprise-setup/single-sign-on-sso-for-authentication-to-snyk/custom-mapping/examples-setting-up-custom-mapping-for-idps/example-setting-up-custom-mapping-for-ping-identity.md b/platform-administration/implementation-and-setup/enterprise-setup/single-sign-on-sso-for-authentication-to-snyk/custom-mapping/examples-setting-up-custom-mapping-for-idps/example-setting-up-custom-mapping-for-ping-identity.md
index cb9d2ac85c0d..66dbdcca2bf3 100644
--- a/platform-administration/implementation-and-setup/enterprise-setup/single-sign-on-sso-for-authentication-to-snyk/custom-mapping/examples-setting-up-custom-mapping-for-idps/example-setting-up-custom-mapping-for-ping-identity.md
+++ b/platform-administration/implementation-and-setup/enterprise-setup/single-sign-on-sso-for-authentication-to-snyk/custom-mapping/examples-setting-up-custom-mapping-for-idps/example-setting-up-custom-mapping-for-ping-identity.md
@@ -1,6 +1,6 @@
# Example: setting up custom mapping for Ping Identity
-This page explains how to configure the custom mapping of roles for Ping Identity using [Legacy custom mapping](../legacy-custom-mapping.md).
+This page explains how to configure the custom mapping of roles for Ping Identity using [legacy custom mapping](../legacy-custom-mapping.md).
{% hint style="info" %}
This guide assumes your Ping Identity application is configured and functional.
@@ -13,12 +13,12 @@ Any step on the Snyk side in setting up the Enterprise application must be perfo
1. In your application configuration, select **Attribute mappings** and click the pencil to edit the attributes.
Edit mapping attributes
-2. Select **+Add** and enter the following attribute, then save the change,\
+2. Select **+Add**, enter the following attribute, then save the change.\
**roles**: `Group Names`\\
Add roles array
-3. In the left menu, select **Identities/Groups** and add the Snyk Groups needed following the syntax explained on the [Cusom Mapping Option](../) page.
+3. In the menu, select **Identities/Groups** and add the Snyk Groups needed following the syntax explained on the [custom mapping option](../) page.
Adding an example Group
-4. If you so not select a **Population** at the bottom of the previous screen, ensure that you assign the Group to the user(s) who should be part of the role assignment in Snyk. If you select a **Population**, all users in that population will inherit the permissions of the assigned Snyk role.
+4. If you do not select a **Population** on the previous screen, ensure that you assign the Group to the users who should be part of the role assignment in Snyk. If you select a **Population**, all users in that population inherit the permissions of the assigned Snyk role.
5. To finalize the process, reach out to your Snyk contact to validate that the SAML payload contains the role array and to enable the custom mapping feature.
diff --git a/platform-administration/implementation-and-setup/enterprise-setup/single-sign-on-sso-for-authentication-to-snyk/custom-mapping/legacy-custom-mapping.md b/platform-administration/implementation-and-setup/enterprise-setup/single-sign-on-sso-for-authentication-to-snyk/custom-mapping/legacy-custom-mapping.md
index 56c030780ec2..d21e341e16dc 100644
--- a/platform-administration/implementation-and-setup/enterprise-setup/single-sign-on-sso-for-authentication-to-snyk/custom-mapping/legacy-custom-mapping.md
+++ b/platform-administration/implementation-and-setup/enterprise-setup/single-sign-on-sso-for-authentication-to-snyk/custom-mapping/legacy-custom-mapping.md
@@ -5,7 +5,7 @@ To configure this option, send the `roles` array within the SAML attributes or O
snyk-groupadmin
* This role mapping assigns users with the Group Admin role.
-* **groupadmin** configures all users with this role as a Group Admin all Group(s) that the user is assigned to, which grants Organization Admin permissions to all Organizations that fall under the Group(s).
+* **groupadmin** configures all users with this role as a Group Admin in all Groups that the user is assigned to, which grants Organization Admin permissions to all Organizations that fall under the Groups.
snyk-groupviewer
@@ -13,8 +13,8 @@ snyk-groupviewer
snyk-{groupID}
-* This role mapping assigns users with the Org Collaborator roles for all Organizations underneath the specified Group(s).
-* **groupID** is the ID string for a group in Snyk. This can be found in the snyk URL at the Group level: `https://app.snyk.io/group/` or **Group dropdown -> Settings -> General -> Group ID**.
+* This role mapping assigns users with the Org Collaborator roles for all Organizations underneath the specified Groups.
+* **groupID** is the ID string for a Group in Snyk. You can find it in the Snyk URL at the Group level: `https://app.snyk.io/group/` or **Group dropdown -> Settings -> General -> Group ID**.
snyk-{orgslug}-{role}
@@ -34,12 +34,12 @@ Users must only have one role mapped per Organization. Mapping multiple roles fo
### Tenant-level role assertions
{% hint style="info" %}
-With the introduction of Tenants, Snyk has added new possible role assertions at a Tenant level, enabling customers to assign Tenant-level roles.
+With the introduction of Tenants, Snyk has added new possible role assertions at a Tenant level, letting customers assign Tenant-level roles.
{% endhint %}
The following role mappings assign users a tenant role.
-Only one Tenant-Level assertion may be provided for each user. If no Tenant-level assertion is provided, the user will be granted the **Tenant Member** role if they do not already have a Tenant-level membership.
+You can provide only one Tenant-level assertion for each user. If you provide no Tenant-level assertion, the user receives the **Tenant Member** role if they do not already have a Tenant-level membership.
snyk-tenantadmin
@@ -132,7 +132,7 @@ The following example shows how to assign roles to Snyk users under the mapping
* The Business Development team needs access to the ABC group and only the Partner-Plugins Organization as Org Admin.
* Engineering needs access to the ABC Group, the Application-SecurityScanner1 Organization as Org Admin, Partner-Plugins Organization as Org Admin, and Application-Payments as Org Collaborator.
* Security needs access to the ABC group as Group Admin and all three organizations as Org Admin.
- * The Product team needs access to the ABC group and all three organizations as Org Collaborator,
+ * The Product team needs access to the ABC group and all three organizations as Org Collaborator.
For the Business Development Team, Snyk uses the snyk-{orgslug}-{role} mapping:
@@ -166,7 +166,7 @@ For the Security Team, Snyk uses the snyk-groupadmin mapping:
}
```
-For the Product Team, Snyk uses the snyk-{groupID} mapping, where the value of groupID must be inserted;
+For the Product Team, Snyk uses the snyk-{groupID} mapping, where you must insert the value of groupID:
```
{
diff --git a/platform-administration/implementation-and-setup/enterprise-setup/single-sign-on-sso-for-authentication-to-snyk/identity-provider-idp-migration.md b/platform-administration/implementation-and-setup/enterprise-setup/single-sign-on-sso-for-authentication-to-snyk/identity-provider-idp-migration.md
index f181c240fb40..c00d0ce7efe2 100644
--- a/platform-administration/implementation-and-setup/enterprise-setup/single-sign-on-sso-for-authentication-to-snyk/identity-provider-idp-migration.md
+++ b/platform-administration/implementation-and-setup/enterprise-setup/single-sign-on-sso-for-authentication-to-snyk/identity-provider-idp-migration.md
@@ -10,4 +10,4 @@ To migrate identity providers:
To prevent new users from being created within Snyk, you must maintain your SAML protocol and use both the same Entity ID and ACS URL. If you are changing SAML protocols, [contact Snyk Support](https://support.snyk.io).
-After you have done this, the Support team will contact you and confirm the updated metadata has granted access through the new IdP.
+After you have done this, the Support team contacts you and confirms the updated metadata has granted access through the new IdP.
diff --git a/platform-administration/implementation-and-setup/enterprise-setup/single-sign-on-sso-for-authentication-to-snyk/set-up-snyk-single-sign-on-sso.md b/platform-administration/implementation-and-setup/enterprise-setup/single-sign-on-sso-for-authentication-to-snyk/set-up-snyk-single-sign-on-sso.md
index acfc13c7b949..fc18a3b418cf 100644
--- a/platform-administration/implementation-and-setup/enterprise-setup/single-sign-on-sso-for-authentication-to-snyk/set-up-snyk-single-sign-on-sso.md
+++ b/platform-administration/implementation-and-setup/enterprise-setup/single-sign-on-sso-for-authentication-to-snyk/set-up-snyk-single-sign-on-sso.md
@@ -1,10 +1,10 @@
# Set up Snyk Single Sign-On (SSO)
-Set up Single Sign-On (SSO) to allow your developers and teams easy access to Snyk through your existing SSO provider.
+Set up Single Sign-On (SSO) to give your developers and teams access to Snyk through your existing SSO provider.
The information you need to establish trust between Snyk and the identity provider depends on which type of SSO you are using.
-Ensure you have at least one Group and Organization to indicate where new users will be assigned. For details, see [Manage Groups and Organizations](../../../snyk-platform-administration/groups-and-organizations/).
+Ensure you have at least one Group and Organization to indicate where Snyk assigns new users. For details, see [Manage Groups and Organizations](../../../snyk-platform-administration/groups-and-organizations/).
{% hint style="info" %}
After you gather the needed information identified in the following sections, create a support ticket to request SSO setup.
@@ -22,7 +22,7 @@ The process of establishing trust between your identity provider (IdP) and Snyk
* Use the link provided by Snyk to generate a payload.
* After Snyk finalizes the connection, confirm the login process is working correctly.
-Users are provisioned to Snyk when they log in. If an invitation is required, users may only see a list of your Organizations until the admin adds them to the appropriate Organizations.
+Snyk provisions users when they log in. If an invitation is required, users see only a list of your Organizations until the admin adds them to the appropriate Organizations.
After SSO is configured both from Snyk and your company's network, a trust relationship is established with Snyk, Auth0 (on behalf of Snyk), and your network. Any sensitive data is encrypted and stored in Auth0 only for the purposes of enabling user logins.
@@ -172,7 +172,7 @@ To complete your login:
## Resources for SSO setup
-These worksheets include the information to enter in your Identity provider and the information you need to collect before submitting a ticket to Snyk Support to request single sign-on. Please make sure you replace any Snyk URL with the correct regional environment per the tables above.
+These worksheets include the information to enter in your Identity provider and the information you need to collect before submitting a ticket to Snyk Support to request single sign-on. Ensure you replace any Snyk URL with the correct regional environment per the preceding tables.
{% file src="../../../.gitbook/assets/SSO Azure Worksheet (3).pdf" %}
diff --git a/platform-administration/implementation-and-setup/enterprise-setup/snyk-broker/README.md b/platform-administration/implementation-and-setup/enterprise-setup/snyk-broker/README.md
index 196ee3c655a3..4b342b84ceb7 100644
--- a/platform-administration/implementation-and-setup/enterprise-setup/snyk-broker/README.md
+++ b/platform-administration/implementation-and-setup/enterprise-setup/snyk-broker/README.md
@@ -6,7 +6,7 @@
Snyk Broker is available only for Enterprise plans. For more information, see [plans and pricing](https://snyk.io/plans/).
{% endhint %}
-Snyk Broker is an open-source tool that acts as a proxy between Snyk and source integrations, allowing for access by [snyk.io](http://snyk.io/) to scan your code and return results to you. The Broker allows Snyk to connect to remote resources in private repositories, leaving credentials inside the customer's network.
+Snyk Broker is an open-source tool that acts as a proxy between Snyk and source integrations, letting [snyk.io](http://snyk.io/) access and scan your code and return results to you. The Broker lets Snyk connect to remote resources in private repositories, leaving credentials inside the customer's network.
The diagram that follows illustrates the basic components.
@@ -14,17 +14,17 @@ The diagram that follows illustrates the basic components.
## How Snyk Broker works
-Snyk Broker includes a Server and a Client, the basic components that are the same across all integrations. The Broker Server runs on the Snyk SaaS backend and is provided by Snyk; no installation is required. You will install the Broker client and deploy it in your infrastructure.
+Snyk Broker includes a Server and a Client, the basic components that are the same across all integrations. Snyk provides the Broker Server, which runs on the Snyk SaaS backend, so no installation is required. You install the Broker client and deploy it in your infrastructure.
The Broker client and server act together, sending requests by proxy from [snyk.io](http://snyk.io/) to a repository or Jira, fetching the files needed for scanning from repositories and fetching results using webhooks posted by the SCM service.
-The Broker client runs within your internal network, keeping sensitive data such as SCM tokens within the network perimeter. The Broker connection allows for scanning using only requests on an approved data list. This narrows the access permissions to the absolute minimum required for Snyk to monitor a repository. For more information, see [Approved data list for Snyk Broker](broker-inbound-and-outbound-connections-and-allowed-requests.md#approved-data-list-for-snyk-broker).
+The Broker client runs within your internal network, keeping sensitive data such as SCM tokens within the network perimeter. The Broker connection allows scanning using only requests on an approved data list. This narrows the access permissions to the minimum required for Snyk to monitor a repository. For more information, see [Approved data list for Snyk Broker](broker-inbound-and-outbound-connections-and-allowed-requests.md#approved-data-list-for-snyk-broker).
-Using Snyk Broker allows you to manage a fixed private IP for your integration that targets the Broker.
+Using Snyk Broker, you can manage a fixed private IP for your integration that targets the Broker.
All data, both in transit and at rest, is encrypted. There is no need to open incoming ports; the communication is initiated outbound. After the connection is initiated, the secure WebSocket connection is bidirectional between the Client and the Server.
-SCM integrations with Broker Support Snyk Code, Open Source, Container, IaC, and Essentials.
+SCM integrations with Broker support Snyk Code, Open Source, Container, IaC, and Essentials.
## Integrations supported by Snyk Broker
diff --git a/platform-administration/implementation-and-setup/enterprise-setup/snyk-broker/broker-inbound-and-outbound-connections-and-allowed-requests.md b/platform-administration/implementation-and-setup/enterprise-setup/snyk-broker/broker-inbound-and-outbound-connections-and-allowed-requests.md
index c62308db280f..0a66c1cd4bf9 100644
--- a/platform-administration/implementation-and-setup/enterprise-setup/snyk-broker/broker-inbound-and-outbound-connections-and-allowed-requests.md
+++ b/platform-administration/implementation-and-setup/enterprise-setup/snyk-broker/broker-inbound-and-outbound-connections-and-allowed-requests.md
@@ -26,7 +26,7 @@ Thus you do not need to allow inbound connections to the Broker Client from Snyk
### Approved data list for Snyk Broker
-The Broker Client maintains an approved data list for inbound and outbound requests. Only data on this approved list may be requested. This narrows the access permissions to the absolute minimum required for Snyk to monitor a repository.
+The Broker Client maintains an approved data list for inbound and outbound requests. You can request only data on this approved list. This narrows the access permissions to the minimum required for Snyk to monitor a repository.
### Inbound requests allowed
@@ -48,4 +48,4 @@ Webhook notifications are delivered to Snyk through the Broker Client only for e
### Default approved data list and `accept.json` file
-On occasion, you may need to [add and configure an `accept.json`](classic-broker/snyk-broker-infrastructure-as-code-detection.md) file in your Broker deployment. Doing this will remove the ability to apply ACCEPT rules when starting the Broker.
+On occasion, you might need to [add and configure an `accept.json`](classic-broker/snyk-broker-infrastructure-as-code-detection.md) file in your Broker deployment. Doing this removes the ability to apply ACCEPT rules when starting the Broker.
diff --git a/platform-administration/implementation-and-setup/enterprise-setup/snyk-broker/classic-broker/clone-an-integration-across-your-snyk-organizations.md b/platform-administration/implementation-and-setup/enterprise-setup/snyk-broker/classic-broker/clone-an-integration-across-your-snyk-organizations.md
index 8b02740f5de1..25bac00f7f94 100644
--- a/platform-administration/implementation-and-setup/enterprise-setup/snyk-broker/classic-broker/clone-an-integration-across-your-snyk-organizations.md
+++ b/platform-administration/implementation-and-setup/enterprise-setup/snyk-broker/classic-broker/clone-an-integration-across-your-snyk-organizations.md
@@ -4,7 +4,7 @@ You can choose to use the same brokered Git integration across multiple Organiza
For example, you can integrate Snyk Organizations X, Y, and Z with your single Git repo X.
-To clone Organization configurations, you must have teams and groups enabled.
+To clone Organization configurations, you must have teams and Groups enabled.
1. From the **Organization** list, choose an Organization in the Group that you are working with.\
@@ -13,8 +13,8 @@ To clone Organization configurations, you must have teams and groups enabled.
Select +Create new Organization
3. In the next window, enter a name for your new Organization.
4. In the **Copy settings from an existing org** section, choose an Organization that you have already configured for the Broker token.
-5. Review the summary of what will be copied across to the new Organization and click **Create organization** to confirm.
+5. Review the summary of what Snyk copies to the new Organization and click **Create organization** to confirm.
-
Review summary of what will be copied to the new Organization and Create
+
Review summary of what Snyk copies to the new Organization and Create
-The **Dashboard** for the Organization that you just created opens. The Broker integration is duplicated and set up, and the Broker token is identical to the token for the original Organization.
+The **Dashboard** for the Organization that you created opens. The Broker integration is duplicated and set up, and the Broker token is identical to the token for the original Organization.
diff --git a/platform-administration/implementation-and-setup/enterprise-setup/snyk-broker/classic-broker/install-and-configure-snyk-broker/README.md b/platform-administration/implementation-and-setup/enterprise-setup/snyk-broker/classic-broker/install-and-configure-snyk-broker/README.md
index e1998aed510d..3e85742059f7 100644
--- a/platform-administration/implementation-and-setup/enterprise-setup/snyk-broker/classic-broker/install-and-configure-snyk-broker/README.md
+++ b/platform-administration/implementation-and-setup/enterprise-setup/snyk-broker/classic-broker/install-and-configure-snyk-broker/README.md
@@ -7,14 +7,14 @@ Snyk Broker is an open-source tool that acts as a proxy between Snyk and special
For comprehensive information about Snyk Broker, including how it works, how to deploy it, commit signing, upgrading, and troubleshooting, see the full [Snyk Broker user documentation](../../).
{% hint style="info" %}
-[Broker version 4.205.1](https://github.com/snyk/broker/blob/cb4f89e05eb42605f076321b952cdb7e57bf4111/config.default.json#L8) has been [released](https://updates.snyk.io). In this version, all `ACCEPT` rule flags will be enabled by default. This reduces needed configuration. If you do not want a specific `ACCEPT` rule flag to be enabled, you can opt out of the default `ACCEPT` all behavior by adding `ACCEPT_=false` to your Broker client configuration.
+[Broker version 4.205.1](https://github.com/snyk/broker/blob/cb4f89e05eb42605f076321b952cdb7e57bf4111/config.default.json#L8) has been [released](https://updates.snyk.io). In this version, all `ACCEPT` rule flags are enabled by default. This reduces needed configuration. If you do not want a specific `ACCEPT` rule flag enabled, you can opt out of the default `ACCEPT` all behavior by adding `ACCEPT_=false` to your Broker client configuration.
{% endhint %}
## **Deployment options**
-Alternatively, you can use the binaries available for [each Github release](https://github.com/snyk/broker/releases). However, this approach falls outside of Snyk product support and is made available only for specific use cases where containers cannot be used. The containerized version is strongly recommended.
+Alternatively, you can use the binaries available for [each GitHub release](https://github.com/snyk/broker/releases). However, this approach falls outside of Snyk product support and is available only for specific use cases where you cannot use containers. The containerized version is strongly recommended.
## Additional information for developers
diff --git a/platform-administration/implementation-and-setup/enterprise-setup/snyk-broker/classic-broker/install-and-configure-snyk-broker/advanced-configuration-for-helm-chart-installation/custom-additional-options-for-broker-helm-chart-installation.md b/platform-administration/implementation-and-setup/enterprise-setup/snyk-broker/classic-broker/install-and-configure-snyk-broker/advanced-configuration-for-helm-chart-installation/custom-additional-options-for-broker-helm-chart-installation.md
index df6bcbde39d4..007e241f3817 100644
--- a/platform-administration/implementation-and-setup/enterprise-setup/snyk-broker/classic-broker/install-and-configure-snyk-broker/advanced-configuration-for-helm-chart-installation/custom-additional-options-for-broker-helm-chart-installation.md
+++ b/platform-administration/implementation-and-setup/enterprise-setup/snyk-broker/classic-broker/install-and-configure-snyk-broker/advanced-configuration-for-helm-chart-installation/custom-additional-options-for-broker-helm-chart-installation.md
@@ -1,6 +1,6 @@
# Custom additional options for Broker Helm Chart installation
-If you need to inject additional option(s) using environment variables, use the `override.yaml` value file to add any additional environment variable(s) you may need.
+If you need to inject additional options using environment variables, use the `override.yaml` value file to add any additional environment variables you need.
Adding the `--values override.yaml` will load those values into your deployment. For example:
diff --git a/platform-administration/implementation-and-setup/enterprise-setup/snyk-broker/classic-broker/install-and-configure-snyk-broker/advanced-configuration-for-helm-chart-installation/deploying-multiple-brokers-in-the-same-namespace.md b/platform-administration/implementation-and-setup/enterprise-setup/snyk-broker/classic-broker/install-and-configure-snyk-broker/advanced-configuration-for-helm-chart-installation/deploying-multiple-brokers-in-the-same-namespace.md
index 6684b0676cfb..8cd7cce2f283 100644
--- a/platform-administration/implementation-and-setup/enterprise-setup/snyk-broker/classic-broker/install-and-configure-snyk-broker/advanced-configuration-for-helm-chart-installation/deploying-multiple-brokers-in-the-same-namespace.md
+++ b/platform-administration/implementation-and-setup/enterprise-setup/snyk-broker/classic-broker/install-and-configure-snyk-broker/advanced-configuration-for-helm-chart-installation/deploying-multiple-brokers-in-the-same-namespace.md
@@ -2,15 +2,15 @@
## Helm chart versions 2.x.x
-Helm chart versions 2.x.x automatically adds a suffix to all object name based on the release name. Simply use different release name for each broker you want to add into the same namespace.
+Helm chart versions 2.x.x automatically add a suffix to all object names based on the release name. Use a different release name for each Broker you want to add to the same namespace.
{% hint style="info" %}
-For backward compatibility, 2.1.0 introduces a disableSuffixes flag to revert to the 1.x.x behavior listed below, by simply adding --set disableSuffixes=true or disableSuffixes=true in your values file.
+For backward compatibility, 2.1.0 introduces a disableSuffixes flag to revert to the 1.x.x behavior listed in the following section. Add --set disableSuffixes=true or disableSuffixes=true in your values file.
{% endhint %}
## Helm chart versions 1.x.x
-To deploy an additional Broker into the same namespace as an existing broker, follow these examples.
+To deploy an additional Broker into the same namespace as an existing Broker, follow these examples.
### Deploy with existing service account
diff --git a/platform-administration/implementation-and-setup/enterprise-setup/snyk-broker/classic-broker/install-and-configure-snyk-broker/advanced-configuration-for-helm-chart-installation/image-repository-tab-and-image-pull-secret.md b/platform-administration/implementation-and-setup/enterprise-setup/snyk-broker/classic-broker/install-and-configure-snyk-broker/advanced-configuration-for-helm-chart-installation/image-repository-tab-and-image-pull-secret.md
index 1bb819eb7371..14197f71dc01 100644
--- a/platform-administration/implementation-and-setup/enterprise-setup/snyk-broker/classic-broker/install-and-configure-snyk-broker/advanced-configuration-for-helm-chart-installation/image-repository-tab-and-image-pull-secret.md
+++ b/platform-administration/implementation-and-setup/enterprise-setup/snyk-broker/classic-broker/install-and-configure-snyk-broker/advanced-configuration-for-helm-chart-installation/image-repository-tab-and-image-pull-secret.md
@@ -4,4 +4,4 @@ You can choose to use your own container registry and tag instead of the public
If your container registry requires an image pull secret, you can specify an image secret.
-Note that the Image Pull Secret is NOT created by the chart; rather, the image Pull Secret is expected to be present on your cluster.
+Note that the chart does not create the Image Pull Secret. The Image Pull Secret must already be present on your cluster.
diff --git a/platform-administration/implementation-and-setup/enterprise-setup/snyk-broker/classic-broker/install-and-configure-snyk-broker/advanced-configuration-for-helm-chart-installation/ingress-options-with-snyk-broker-helm-installation.md b/platform-administration/implementation-and-setup/enterprise-setup/snyk-broker/classic-broker/install-and-configure-snyk-broker/advanced-configuration-for-helm-chart-installation/ingress-options-with-snyk-broker-helm-installation.md
index eeac859c9f9d..416669cde5d4 100644
--- a/platform-administration/implementation-and-setup/enterprise-setup/snyk-broker/classic-broker/install-and-configure-snyk-broker/advanced-configuration-for-helm-chart-installation/ingress-options-with-snyk-broker-helm-installation.md
+++ b/platform-administration/implementation-and-setup/enterprise-setup/snyk-broker/classic-broker/install-and-configure-snyk-broker/advanced-configuration-for-helm-chart-installation/ingress-options-with-snyk-broker-helm-installation.md
@@ -1,6 +1,6 @@
# Ingress options with Snyk Broker Helm installation
-When you are setting up the Broker using Helm, you may need to configure the `brokerClientUrl` parameter. This parameter enables PR Checks if you are connecting to an SCM and enables connecting to Container Registries.
+When you set up the Broker using Helm, you might need to configure the `brokerClientUrl` parameter. This parameter enables PR Checks if you connect to an SCM and lets you connect to Container Registries.
For this connection to happen, there must be inbound connectivity from the SCM or Container Registry to the Broker. Kubernetes manages this inbound connectivity through ingress.
@@ -8,7 +8,7 @@ Ingress is a way to route incoming network traffic to specific services in a Kub
There are two options available for ingress traffic. By default, the pods are not accessible from outside the cluster.
-To enable a load balancer, add the `--set service.=LoadBalancer`. Allowed values are `brokertype`, `crType`, and `caType`. Servicet ype refers to the type of Broker you are running.
+To enable a load balancer, add the `--set service.=LoadBalancer`. Allowed values are `brokertype`, `crType`, and `caType`. Service type refers to the type of Broker you are running.
Example for Github:
diff --git a/platform-administration/implementation-and-setup/enterprise-setup/snyk-broker/classic-broker/install-and-configure-snyk-broker/advanced-configuration-for-helm-chart-installation/insecure-downstream-mode.md b/platform-administration/implementation-and-setup/enterprise-setup/snyk-broker/classic-broker/install-and-configure-snyk-broker/advanced-configuration-for-helm-chart-installation/insecure-downstream-mode.md
index a534fe20d392..45a773cc4ac1 100644
--- a/platform-administration/implementation-and-setup/enterprise-setup/snyk-broker/classic-broker/install-and-configure-snyk-broker/advanced-configuration-for-helm-chart-installation/insecure-downstream-mode.md
+++ b/platform-administration/implementation-and-setup/enterprise-setup/snyk-broker/classic-broker/install-and-configure-snyk-broker/advanced-configuration-for-helm-chart-installation/insecure-downstream-mode.md
@@ -2,20 +2,20 @@
description: Usage of this mode is discouraged.
---
-# Insecure Downstream Mode
+# Insecure downstream mode
-In some situations, you may need to use only HTTP for your downstream connection. These cases are relatively infrequent and usually occur because of historical http-only setups. Snyk recommends upgrading to use HTTPS instead.
+In some situations, you might need to use only HTTP for your downstream connection. These cases are infrequent and usually occur because of historical HTTP-only setups. Snyk recommends upgrading to use HTTPS instead.
-In the cases where this is not possible in the near term, the insecure downstream mode introduces a way to force downstream requests to your SCM/JIRA/others to take place over HTTP instead of HTTPS.
+If upgrading is not possible in the near term, the insecure downstream mode introduces a way to force downstream requests to your SCM, JIRA, or other service to take place over HTTP instead of HTTPS.
-You should avoid using this mode in most cases; it is opt-in. It makes all requests go over HTTP, thus without the benefit of the safety of TLS encryption. This mode means all your credentials and data will appear unencrypted, which is tolerable only in tightly-secured networks.
+In most cases, avoid this mode; it is opt-in. It makes all requests go over HTTP, without the benefit of TLS encryption. This mode means all your credentials and data appear unencrypted, which is tolerable only in tightly secured networks.
Use the [Custom additional options for Broker Helm Chart installation](custom-additional-options-for-broker-helm-chart-installation.md) to inject this environment variable:
`--set env[0].name=INSECURE_DOWNSTREAM --set env[0].value="true"`
{% hint style="warning" %}
-Using HTTP is highly insecure. Your data and credentials will transit in the clear over the network exchanges.
+Using HTTP is highly insecure. Your data and credentials transit in the clear over the network exchanges.
-Snyk is not responsible for any credential leaks that may occur as a result of the use of HTTP.
+Snyk is not responsible for any credential leaks that occur as a result of the use of HTTP.
{% endhint %}
diff --git a/platform-administration/implementation-and-setup/enterprise-setup/snyk-broker/classic-broker/install-and-configure-snyk-broker/advanced-configuration-for-helm-chart-installation/kubernetes-secrets-and-helm-chart-installation.md b/platform-administration/implementation-and-setup/enterprise-setup/snyk-broker/classic-broker/install-and-configure-snyk-broker/advanced-configuration-for-helm-chart-installation/kubernetes-secrets-and-helm-chart-installation.md
index 869ae17c7626..f2520d9762c3 100644
--- a/platform-administration/implementation-and-setup/enterprise-setup/snyk-broker/classic-broker/install-and-configure-snyk-broker/advanced-configuration-for-helm-chart-installation/kubernetes-secrets-and-helm-chart-installation.md
+++ b/platform-administration/implementation-and-setup/enterprise-setup/snyk-broker/classic-broker/install-and-configure-snyk-broker/advanced-configuration-for-helm-chart-installation/kubernetes-secrets-and-helm-chart-installation.md
@@ -4,7 +4,7 @@ Beginning with version `2.8.0` of the Snyk Broker Helm Chart, external secrets a
To enable this functionality, set `useExternalSecrets` to `true` in `values.yaml` or `--set externalSecrets=true`.
-To obtain a list of required secrets, perform a dry run of a Helm installation. This will not make any changes to your Kubernetes environment, but does require the following:
+To obtain a list of required secrets, perform a dry run of a Helm installation. This does not make any changes to your Kubernetes environment, but does require the following:
```
helm install snyk-broker-chart \
@@ -14,7 +14,7 @@ helm install snyk-broker-chart \
--dry-run=client
```
-A list of secrets with their expected names and values will be generated. The following example uses `scmType=nexus` :
+Snyk generates a list of secrets with their expected names and values. The following example uses `scmType=nexus`:
```
### Secret Creation Disabled ###
@@ -28,7 +28,7 @@ Ensure secrets are present on your cluster in the default namespace:
-> nexus-broker-client-validation-url-snyk-broker-chart:nexus-broker-client-validation-url
```
-In this example, four secrets must exist within the same namespace to which the Broker will be installed, each containing one key-value pair. Any values that are shown in `<>` characters are indicators to add your own secret data.
+In this example, four secrets must exist in the same namespace to which the Broker is installed, each containing one key-value pair. Any values shown in `<>` characters are indicators to add your own secret data.
## Renaming secrets and keys
@@ -64,16 +64,16 @@ brokerTokenSecret:
key: org-x-broker-token
```
-The Helm Chart will reference the contents under the `org-x-broker-token` key in Secret `snyk-broker-secrets` for the Broker token.
+The Helm Chart references the contents under the `org-x-broker-token` key in Secret `snyk-broker-secrets` for the Broker token.
## Partial external secrets
-When `useExternalSecrets` is true, the Broker Helm Chart will check whether a value is provided for a secret (for example, `brokerToken=`)
+When `useExternalSecrets` is true, the Broker Helm Chart checks whether you provide a value for a secret (for example, `brokerToken=`)
* If a value exists, create a secret as usual.
* If no value exists, look for an external secret.
-By this means, some secrets may be controlled by the Broker Helm chart, and others controlled externally:
+By this means, the Broker Helm chart can control some secrets, and you can control others externally:
```
scmType: github-com
@@ -82,12 +82,12 @@ useExternalSecrets: true
githubToken: ""
```
-This set of values will:
+This set of values does the following:
-* Create a secret for the provided Broker token
-* Reference an external secret for the required GitHub token
+* Creates a secret for the provided Broker token
+* References an external secret for the required GitHub token
-Performing a dry run of a Helm installation will provide the required secret names and keys:
+Performing a dry run of a Helm installation provides the required secret names and keys:
```
### Secret Creation Disabled ###
@@ -102,7 +102,7 @@ Note the Broker token secret is excluded from this list as a value is directly p
## Using a single external secret with multiple keys
-A single Kubernetes secret may contain all required credentials for the Snyk Broker to operate. Using a Broker of type `nexus` as an example, assume this secret is present in Kubernetes:
+A single Kubernetes secret can contain all required credentials for the Snyk Broker to operate. Using a Broker of type `nexus` as an example, assume this secret is present in Kubernetes:
```
apiVersion: v1
diff --git a/platform-administration/implementation-and-setup/enterprise-setup/snyk-broker/classic-broker/install-and-configure-snyk-broker/advanced-configuration-for-helm-chart-installation/snyk-open-source-scans-sca-of-large-manifest-files-helm-setup.md b/platform-administration/implementation-and-setup/enterprise-setup/snyk-broker/classic-broker/install-and-configure-snyk-broker/advanced-configuration-for-helm-chart-installation/snyk-open-source-scans-sca-of-large-manifest-files-helm-setup.md
index 2a1257c04eb3..bb935e6ccb0a 100644
--- a/platform-administration/implementation-and-setup/enterprise-setup/snyk-broker/classic-broker/install-and-configure-snyk-broker/advanced-configuration-for-helm-chart-installation/snyk-open-source-scans-sca-of-large-manifest-files-helm-setup.md
+++ b/platform-administration/implementation-and-setup/enterprise-setup/snyk-broker/classic-broker/install-and-configure-snyk-broker/advanced-configuration-for-helm-chart-installation/snyk-open-source-scans-sca-of-large-manifest-files-helm-setup.md
@@ -4,9 +4,9 @@
This applies only to Github and Github Enterprise Broker integrations.
{% endhint %}
-When large manifest files are detected by Snyk, it is sometimes necessary to use a different method (different SCM endpoint) to retrieve the file. Since the alternative method requires a more permissive rule, it is disabled by default. This ensures the maximum possible security. Use of this endpoint means that the Snyk platform can theoretically access all files in this repository because the path does not include specific allowed file names.
+When Snyk detects large manifest files, you sometimes must use a different method (a different SCM endpoint) to retrieve the file. Because the alternative method requires a more permissive rule, it is disabled by default. This ensures the maximum possible security. Use of this endpoint means that the Snyk platform can theoretically access all files in this repository because the path does not include specific allowed file names.
-To add this rule easily, allowing the Broker client to retrieve the larger manifests file using a different endpoint, add the following environment variable:
+To add this rule, allowing the Broker client to retrieve the larger manifests file using a different endpoint, add the following environment variable:
```console
--set 'env[0].name=ACCEPT_LARGE_MANIFESTS' \
@@ -14,5 +14,5 @@ To add this rule easily, allowing the Broker client to retrieve the larger manif
```
{% hint style="info" %}
-If you are using other custom environment variables, you may need to adjust the 0 index in this code to avoid having any of the environment variables overwrite each other.
+If you use other custom environment variables, you might need to adjust the 0 index in this code to avoid having any of the environment variables overwrite each other.
{% endhint %}
diff --git a/platform-administration/implementation-and-setup/enterprise-setup/snyk-broker/classic-broker/install-and-configure-snyk-broker/advanced-configuration-for-snyk-broker-docker-installation/backend-requests-with-an-internal-certificate-for-docker.md b/platform-administration/implementation-and-setup/enterprise-setup/snyk-broker/classic-broker/install-and-configure-snyk-broker/advanced-configuration-for-snyk-broker-docker-installation/backend-requests-with-an-internal-certificate-for-docker.md
index e76c09978a3f..653e0db33313 100644
--- a/platform-administration/implementation-and-setup/enterprise-setup/snyk-broker/classic-broker/install-and-configure-snyk-broker/advanced-configuration-for-snyk-broker-docker-installation/backend-requests-with-an-internal-certificate-for-docker.md
+++ b/platform-administration/implementation-and-setup/enterprise-setup/snyk-broker/classic-broker/install-and-configure-snyk-broker/advanced-configuration-for-snyk-broker-docker-installation/backend-requests-with-an-internal-certificate-for-docker.md
@@ -18,7 +18,7 @@ docker run --restart=always \
snyk/broker:bitbucket-server
```
-Beginning with [Broker version 4.166.0 (2023-10-10)](https://github.com/snyk/broker/releases/tag/v4.166.0), the custom CA cert instruction is `NODE_EXTRA_CA_CERTS` and this must be set as shown in order to use a custom CA. The `CA_CERT` environment variable is no longer in use for this purpose.
+Beginning with [Broker version 4.166.0 (2023-10-10)](https://github.com/snyk/broker/releases/tag/v4.166.0), the custom CA cert instruction is `NODE_EXTRA_CA_CERTS` and you must set this as shown to use a custom CA. The `CA_CERT` environment variable is no longer in use for this purpose.
Note that this completely replaces the default CA Certificate List for any requests made to your backend system, so this must be the complete chain required by the certificate used by the backend system.
diff --git a/platform-administration/implementation-and-setup/enterprise-setup/snyk-broker/classic-broker/install-and-configure-snyk-broker/advanced-configuration-for-snyk-broker-docker-installation/changing-the-auth-method-with-docker.md b/platform-administration/implementation-and-setup/enterprise-setup/snyk-broker/classic-broker/install-and-configure-snyk-broker/advanced-configuration-for-snyk-broker-docker-installation/changing-the-auth-method-with-docker.md
index db61d30eb48e..a9db71a66b09 100644
--- a/platform-administration/implementation-and-setup/enterprise-setup/snyk-broker/classic-broker/install-and-configure-snyk-broker/advanced-configuration-for-snyk-broker-docker-installation/changing-the-auth-method-with-docker.md
+++ b/platform-administration/implementation-and-setup/enterprise-setup/snyk-broker/classic-broker/install-and-configure-snyk-broker/advanced-configuration-for-snyk-broker-docker-installation/changing-the-auth-method-with-docker.md
@@ -28,7 +28,7 @@ For Artifactory, the auth method is configured in the `.env` file by default:
ARTIFACTORY_URL=:@/artifactory
```
-For GitHub, the auth meth is part of the `origin` field in the `accept.json` file:
+For GitHub, the auth method is part of the `origin` field in the `accept.json` file:
```json
{
@@ -42,7 +42,7 @@ For GitHub, the auth meth is part of the `origin` field in the `accept.json` fil
}
```
-You can override the authentication method. Valid values for `scheme` are `bearer`, `token`, and `basic`, which set the Authorization header to `Bearer`, `Token`, and `Basic` respectively. If a bearer token is preferred, the `accept.json` file can be configured as such:
+You can override the authentication method. Valid values for `scheme` are `bearer`, `token`, and `basic`, which set the Authorization header to `Bearer`, `Token`, and `Basic` respectively. If you prefer a bearer token, configure the `accept.json` file as follows:
```json
{
diff --git a/platform-administration/implementation-and-setup/enterprise-setup/snyk-broker/classic-broker/install-and-configure-snyk-broker/advanced-configuration-for-snyk-broker-docker-installation/credential-pooling-with-docker-and-helm.md b/platform-administration/implementation-and-setup/enterprise-setup/snyk-broker/classic-broker/install-and-configure-snyk-broker/advanced-configuration-for-snyk-broker-docker-installation/credential-pooling-with-docker-and-helm.md
index e5e7a6282f74..aa10d0aeb6f5 100644
--- a/platform-administration/implementation-and-setup/enterprise-setup/snyk-broker/classic-broker/install-and-configure-snyk-broker/advanced-configuration-for-snyk-broker-docker-installation/credential-pooling-with-docker-and-helm.md
+++ b/platform-administration/implementation-and-setup/enterprise-setup/snyk-broker/classic-broker/install-and-configure-snyk-broker/advanced-configuration-for-snyk-broker-docker-installation/credential-pooling-with-docker-and-helm.md
@@ -1,6 +1,6 @@
# Credential pooling with Docker and Helm
-Under some circumstances it can be desirable to create a "pool" of credentials, for example, to work around rate-limiting issues. You can do this by creating an environment variable ending in `_POOL`, separating each credential with a comma. The Broker Client will then, when doing variable replacement, look to see if the variable in use has a variant with a `_POOL` suffix, and if so, use the next item in that pool. For example, if you have set the environment variable `GITHUB_TOKEN`, but want to provide multiple tokens, you would do this instead:
+Under some circumstances, you might want to create a "pool" of credentials, for example, to work around rate-limiting issues. To do this, create an environment variable ending in `_POOL`, separating each credential with a comma. When doing variable replacement, the Broker Client looks to see whether the variable in use has a variant with a `_POOL` suffix, and if so, uses the next item in that pool. For example, if you set the environment variable `GITHUB_TOKEN` but want to provide multiple tokens, do this instead:
```
GITHUB_TOKEN_POOL=token1, token2, token3
@@ -8,17 +8,17 @@ GITHUB_TOKEN_POOL=token1, token2, token3
You can add this as env var + value in the Helm Chart.
-Then the Broker Client would, any time it needed `GITHUB_TOKEN`, instead take an item from the `GITHUB_TOKEN_POOL`.
+Then, any time the Broker Client needs `GITHUB_TOKEN`, it instead takes an item from the `GITHUB_TOKEN_POOL`.
Credentials are taken in a round-robin fashion, so the first, the second, the third, and so on, until the Broker Client reaches the end and then takes the first credential again.
-Calling the `/systemcheck` endpoint will validate all credentials, in order, and will return an array where the first item is the first credential, and so on. For example, if you were running the GitHub Client and have this:
+Calling the `/systemcheck` endpoint validates all credentials, in order, and returns an array where the first item is the first credential, and so on. For example, if you run the GitHub Client and have this:
```
GITHUB_TOKEN_POOL=good_token, bad_token
```
-The `/systemcheck` endpoint would return the following, where the first object is for `good_token` and the second for `bad_token`:
+The `/systemcheck` endpoint returns the following, where the first object is for `good_token` and the second for `bad_token`:
```
[
@@ -41,19 +41,19 @@ The `/systemcheck` endpoint would return the following, where the first object i
]
```
-The credentials are masked. However, note that if your credentials contain six (6) or fewer characters, they will be completely replaced with the mask.
+The credentials are masked. However, note that if your credentials contain six or fewer characters, the mask completely replaces them.
## **Limitations of credential pooling**
-Credential validity is not checked before using a credential, nor are invalid credentials removed from the pool, so it is _strongly_ recommended that credentials be used exclusively by the Broker Client to avoid credentials reaching rate limits at different times, and that the `/systemcheck` endpoint be called before use.
+The Broker Client does not check credential validity before using a credential, nor does it remove invalid credentials from the pool. Snyk _strongly_ recommends that only the Broker Client use the credentials, to avoid credentials reaching rate limits at different times, and that you call the `/systemcheck` endpoint before use.
-Some providers, such as GitHub, do rate-limiting on a per-user basis, not a per-token or per-credential basis, and in those cases you will need to create multiple accounts with one credential per account.
+Some providers, such as GitHub, do rate-limiting on a per-user basis, not a per-token or per-credential basis, and in those cases you must create multiple accounts with one credential per account.
## **Credentials matrix**
Generating a Matrix of credentials is not supported.
-A "Matrix" in this case is defined as taking two (or more) `_POOL`s of length `x` and `y`, and producing one final pool of length `x * y`. For example, given an input like:
+A "Matrix" in this case means taking two or more `_POOL`s of length `x` and `y`, and producing one final pool of length `x * y`. For example, given an input like:
```
USERNAME_POOL=u1, u2, u3
diff --git a/platform-administration/implementation-and-setup/enterprise-setup/snyk-broker/classic-broker/install-and-configure-snyk-broker/advanced-configuration-for-snyk-broker-docker-installation/insecure-downstream-mode.md b/platform-administration/implementation-and-setup/enterprise-setup/snyk-broker/classic-broker/install-and-configure-snyk-broker/advanced-configuration-for-snyk-broker-docker-installation/insecure-downstream-mode.md
index 6bd55a5f2105..a1b6b55e1258 100644
--- a/platform-administration/implementation-and-setup/enterprise-setup/snyk-broker/classic-broker/install-and-configure-snyk-broker/advanced-configuration-for-snyk-broker-docker-installation/insecure-downstream-mode.md
+++ b/platform-administration/implementation-and-setup/enterprise-setup/snyk-broker/classic-broker/install-and-configure-snyk-broker/advanced-configuration-for-snyk-broker-docker-installation/insecure-downstream-mode.md
@@ -4,17 +4,17 @@ description: Usage of this mode is discouraged.
# Insecure downstream mode
-In some situations, you may need to use only `http` for your downstream connection. These cases are infrequent and usually occur because of historical `http-`only setups. Snyk recommends upgrading these setups to use `https` instead.
+In some situations, you might need to use only `http` for your downstream connection. These cases are infrequent and usually occur because of historical `http-`only setups. Snyk recommends upgrading these setups to use `https` instead.
If upgrading is not possible in the near term, the insecure downstream mode introduces a way to force downstream requests to your SCM, JIRA, or other service to take place over `http` instead of `https`.
-In most cases, you should avoid insecure downstream mode, and to use it, you must opt-in.\
+In most cases, avoid insecure downstream mode; to use it, you must opt in.\
Insecure downstream mode makes all requests go over `http`, thus no longer benefitting from the safety of TLS encryption. Insecure downstream mode means all your credentials and data will appear unencrypted, which is only tolerable in tightly secured networks.
Export the environment variable `INSECURE_DOWNSTREAM="true"` to use this mode, passing it as an environment value using the `-e INSECURE_DOWNSTREAM="true"` option.
{% hint style="warning" %}
-Using HTTP is highly insecure! Your data and credentials will be transmitted in clear form over the network exchanges.
+Using HTTP is highly insecure. Snyk transmits your data and credentials in clear form over the network exchanges.
Snyk is not responsible for any credential leaks that may occur as a result of the use of an insecure downstream mode.
{% endhint %}
diff --git a/platform-administration/implementation-and-setup/enterprise-setup/snyk-broker/classic-broker/install-and-configure-snyk-broker/advanced-configuration-for-snyk-broker-docker-installation/mounting-secrets-with-docker.md b/platform-administration/implementation-and-setup/enterprise-setup/snyk-broker/classic-broker/install-and-configure-snyk-broker/advanced-configuration-for-snyk-broker-docker-installation/mounting-secrets-with-docker.md
index 688aa20f8f26..1a5f7a6a6d2a 100644
--- a/platform-administration/implementation-and-setup/enterprise-setup/snyk-broker/classic-broker/install-and-configure-snyk-broker/advanced-configuration-for-snyk-broker-docker-installation/mounting-secrets-with-docker.md
+++ b/platform-administration/implementation-and-setup/enterprise-setup/snyk-broker/classic-broker/install-and-configure-snyk-broker/advanced-configuration-for-snyk-broker-docker-installation/mounting-secrets-with-docker.md
@@ -1,7 +1,7 @@
# Mounting secrets with Docker
-Sometimes it is required to load sensitive configurations, the GitHub or Snyk token, from a file instead of from environment variables. Broker is using [dotenv](https://www.npmjs.com/package/dotenv) to load the config, so the process is relatively simple:
+Sometimes you must load sensitive configurations, such as the GitHub or Snyk token, from a file instead of from environment variables. Broker uses [dotenv](https://www.npmjs.com/package/dotenv) to load the config, so the process is straightforward:
* Create a file named `.env` and put your sensitive configuration there.
-* Mount this file, for example, using a [Kubernetes secret](https://kubernetes.io/docs/tasks/inject-data-application/distribute-credentials-secure/#create-a-pod-that-has-access-to-the-secret-data-through-a-volume)). Mount the file to be somewhere like `/broker`.
-* Change the workdir of the docker image to be `/broker/`. An example of such file is located in your broker container at $HOME/.env.
+* Mount this file, for example, using a [Kubernetes secret](https://kubernetes.io/docs/tasks/inject-data-application/distribute-credentials-secure/#create-a-pod-that-has-access-to-the-secret-data-through-a-volume). Mount the file to somewhere like `/broker`.
+* Change the workdir of the Docker image to `/broker/`. An example of such a file is located in your Broker container at $HOME/.env.
diff --git a/platform-administration/implementation-and-setup/enterprise-setup/snyk-broker/classic-broker/install-and-configure-snyk-broker/advanced-configuration-for-snyk-broker-docker-installation/snyk-open-source-scans-sca-of-large-manifest-files-docker-setup.md b/platform-administration/implementation-and-setup/enterprise-setup/snyk-broker/classic-broker/install-and-configure-snyk-broker/advanced-configuration-for-snyk-broker-docker-installation/snyk-open-source-scans-sca-of-large-manifest-files-docker-setup.md
index a52bf3d96b9e..df1433b534ef 100644
--- a/platform-administration/implementation-and-setup/enterprise-setup/snyk-broker/classic-broker/install-and-configure-snyk-broker/advanced-configuration-for-snyk-broker-docker-installation/snyk-open-source-scans-sca-of-large-manifest-files-docker-setup.md
+++ b/platform-administration/implementation-and-setup/enterprise-setup/snyk-broker/classic-broker/install-and-configure-snyk-broker/advanced-configuration-for-snyk-broker-docker-installation/snyk-open-source-scans-sca-of-large-manifest-files-docker-setup.md
@@ -1,12 +1,12 @@
# Snyk Open Source Scans (SCA) of large manifest files, Docker setup
{% hint style="info" %}
-This applies only to Github and Github Enterprise Broker integrations.
+This applies only to GitHub and GitHub Enterprise Broker integrations.
{% endhint %}
-When large manifest files are detected by Snyk, it is sometimes necessary to use a different method (different SCM endpoint) to retrieve the file. Since the alternative method requires a more permissive rule, it is disabled by default. This ensures the maximum possible security. Use of this endpoint means that the Snyk platform can theoretically access all files in this repository because the path does not include specific allowed file names.
+When Snyk detects large manifest files, you sometimes need to use a different method (a different SCM endpoint) to retrieve the file. Because the alternative method requires a more permissive rule, it is disabled by default. This ensures the maximum possible security. Use of this endpoint means that the Snyk platform can theoretically access all files in this repository because the path does not include specific allowed file names.
-To add this rule easily, allowing the Broker client to retrieve the larger manifests file using a different endpoint, add the following environment variable:
+To add this rule, allowing the Broker client to retrieve the larger manifests file using a different endpoint, add the following environment variable:
```console
-e ACCEPT_LARGE_MANIFESTS=true
diff --git a/platform-administration/implementation-and-setup/enterprise-setup/snyk-broker/classic-broker/install-and-configure-snyk-broker/artifactory-repository-install-and-configure-broker/README.md b/platform-administration/implementation-and-setup/enterprise-setup/snyk-broker/classic-broker/install-and-configure-snyk-broker/artifactory-repository-install-and-configure-broker/README.md
index 0fedb34cf748..d3a2f86fa3fc 100644
--- a/platform-administration/implementation-and-setup/enterprise-setup/snyk-broker/classic-broker/install-and-configure-snyk-broker/artifactory-repository-install-and-configure-broker/README.md
+++ b/platform-administration/implementation-and-setup/enterprise-setup/snyk-broker/classic-broker/install-and-configure-snyk-broker/artifactory-repository-install-and-configure-broker/README.md
@@ -18,12 +18,12 @@ For convenience, instructions to obtain or generate the Broker token follow. Whe
## Obtain Broker token for Artifactory Repository setup
-1. Navigate to **Settings** > **Add integrations** > **Package Repositories > Artifactory**.
-2. Enter the URL of your Artifactory instance, this must end with /artifactory.
+1. Navigate to **Settings** > **Add integrations** > **Package Repositories** > **Artifactory**.
+2. Enter the URL of your Artifactory instance. This must end with /artifactory.
3. Enter your username and password.
4. Select **Save**.
-
Artifactoryrepository setup
+
Artifactory repository setup
{% hint style="info" %}
If you do not see the Snyk Broker on/off switch, you do not have the necessary permissions and can only add a publicly accessible instance.
diff --git a/platform-administration/implementation-and-setup/enterprise-setup/snyk-broker/classic-broker/install-and-configure-snyk-broker/artifactory-repository-install-and-configure-broker/artifactory-repository-environment-variables-for-snyk-broker.md b/platform-administration/implementation-and-setup/enterprise-setup/snyk-broker/classic-broker/install-and-configure-snyk-broker/artifactory-repository-install-and-configure-broker/artifactory-repository-environment-variables-for-snyk-broker.md
index fc1fed3a51cf..afd339ca6b35 100644
--- a/platform-administration/implementation-and-setup/enterprise-setup/snyk-broker/classic-broker/install-and-configure-snyk-broker/artifactory-repository-install-and-configure-broker/artifactory-repository-environment-variables-for-snyk-broker.md
+++ b/platform-administration/implementation-and-setup/enterprise-setup/snyk-broker/classic-broker/install-and-configure-snyk-broker/artifactory-repository-install-and-configure-broker/artifactory-repository-environment-variables-for-snyk-broker.md
@@ -14,7 +14,7 @@ The following fields are optional:
* `Basic auth`: Omit if no basic auth required.\
URL encode both username and password info to avoid errors that may prevent authentication.
* `Protocol`: Defaults to `https://`\
- This should only be specified when no certificate is present and `http://` is required instead for your instance.
+ Specify this only when no certificate is present and your instance requires `http://` instead.
`ARTIFACTORY_URL` format with optional fields:\
`[http://][username:password@]hostname[:port]/artifactory`\
diff --git a/platform-administration/implementation-and-setup/enterprise-setup/snyk-broker/classic-broker/install-and-configure-snyk-broker/artifactory-repository-install-and-configure-broker/artifactory-repository-install-and-configure-using-docker.md b/platform-administration/implementation-and-setup/enterprise-setup/snyk-broker/classic-broker/install-and-configure-snyk-broker/artifactory-repository-install-and-configure-broker/artifactory-repository-install-and-configure-using-docker.md
index 57bd45f3ce13..4e8e2f64da72 100644
--- a/platform-administration/implementation-and-setup/enterprise-setup/snyk-broker/classic-broker/install-and-configure-snyk-broker/artifactory-repository-install-and-configure-broker/artifactory-repository-install-and-configure-using-docker.md
+++ b/platform-administration/implementation-and-setup/enterprise-setup/snyk-broker/classic-broker/install-and-configure-snyk-broker/artifactory-repository-install-and-configure-broker/artifactory-repository-install-and-configure-using-docker.md
@@ -10,11 +10,11 @@ Before installing, review the [prerequisites](./) and the general instructions f
This integration is useful to ensure a secure connection with your on-premise Artifactory Repository deployment.
-For information about non-brokered integration with Artifactory Repository see [Artifactory Repository setup](https://app.gitbook.com/s/BJO0IZx7zB6bOkotxQP2/scan-with-snyk/snyk-open-source/package-repository-integrations/artifactory-package-repository-connection-setup). For information about brokered integration with Artifactory Container Registry see [Snyk Broker -Container Registry Agent](../../../snyk-broker-container-registry-agent/).
+For information about non-brokered integration with Artifactory Repository see [Artifactory Repository setup](https://app.gitbook.com/s/BJO0IZx7zB6bOkotxQP2/scan-with-snyk/snyk-open-source/package-repository-integrations/artifactory-package-repository-connection-setup). For information about brokered integration with Artifactory Container Registry see [Snyk Broker - Container Registry Agent](../../../snyk-broker-container-registry-agent/).
## Configure Broker to be used for Artifactory Registry
-To use the Broker client with an Artifactory Registry deployment, **run** `docker pull snyk/broker:artifactory`. Refer to [Artifactory Repository - environment variables for Snyk Broker](artifactory-repository-environment-variables-for-snyk-broker.md) for definitions of the environment variables.
+To use the Broker client with an Artifactory Registry deployment, run `docker pull snyk/broker:artifactory`. Refer to [Artifactory Repository - environment variables for Snyk Broker](artifactory-repository-environment-variables-for-snyk-broker.md) for definitions of the environment variables.
## Docker run commands to set up a Broker Client for Artifactory Repository
diff --git a/platform-administration/implementation-and-setup/enterprise-setup/snyk-broker/classic-broker/install-and-configure-snyk-broker/artifactory-repository-install-and-configure-broker/artifactory-repository-install-and-configure-using-helm.md b/platform-administration/implementation-and-setup/enterprise-setup/snyk-broker/classic-broker/install-and-configure-snyk-broker/artifactory-repository-install-and-configure-broker/artifactory-repository-install-and-configure-using-helm.md
index ecc80052d064..11fbcd80d003 100644
--- a/platform-administration/implementation-and-setup/enterprise-setup/snyk-broker/classic-broker/install-and-configure-snyk-broker/artifactory-repository-install-and-configure-broker/artifactory-repository-install-and-configure-using-helm.md
+++ b/platform-administration/implementation-and-setup/enterprise-setup/snyk-broker/classic-broker/install-and-configure-snyk-broker/artifactory-repository-install-and-configure-broker/artifactory-repository-install-and-configure-using-helm.md
@@ -8,7 +8,7 @@ Integration with Artifactory Repository is available only with Enterprise plans.
Before installing, review the [prerequisites](./) and the general instructions for installation using [Helm](../../../../../../enterprise-setup/snyk-broker/classic-broker/install-and-configure-snyk-broker/install-and-configure-broker-using-helm.md).
-For information about non-brokered integration with Artifactory Repository see [Artifactory Repository setup](https://app.gitbook.com/s/BJO0IZx7zB6bOkotxQP2/scan-with-snyk/snyk-open-source/package-repository-integrations/artifactory-package-repository-connection-setup). For information about brokered integration with Artifactory Container Registry see [Snyk Broker -Container Registry Agent](../../../snyk-broker-container-registry-agent/).
+For information about non-brokered integration with Artifactory Repository see [Artifactory Repository setup](https://app.gitbook.com/s/BJO0IZx7zB6bOkotxQP2/scan-with-snyk/snyk-open-source/package-repository-integrations/artifactory-package-repository-connection-setup). For information about brokered integration with Artifactory Container Registry see [Snyk Broker - Container Registry Agent](../../../snyk-broker-container-registry-agent/).
To use this chart, you must first add the Snyk Broker Helm Chart by adding the repo:
@@ -34,4 +34,4 @@ helm install snyk-broker-chart snyk-broker/snyk-broker \
You can pass any environment variable of your choice in the Helm command. For details, see [Custom additional options for Broker Helm Chart](../advanced-configuration-for-helm-chart-installation/custom-additional-options-for-broker-helm-chart-installation.md). Follow the instructions for [Advanced configuration for Helm Chart installation](../advanced-configuration-for-helm-chart-installation/) to make configuration changes as needed.
-You can verify that the Broker is running by looking at the settings for your brokered integration in the Snyk Web UI to see a confirmation message that you are connected. You can start importing Projects once you are connected.
+You can verify that the Broker is running by looking at the settings for your brokered integration in the Snyk Web UI to see a confirmation message that you are connected. You can start importing Projects after you are connected.
diff --git a/platform-administration/implementation-and-setup/enterprise-setup/snyk-broker/classic-broker/install-and-configure-snyk-broker/azure-repos-prerequisites-and-steps-to-install-and-configure-broker/azure-repos-environment-variables-for-snyk-broker.md b/platform-administration/implementation-and-setup/enterprise-setup/snyk-broker/classic-broker/install-and-configure-snyk-broker/azure-repos-prerequisites-and-steps-to-install-and-configure-broker/azure-repos-environment-variables-for-snyk-broker.md
index 9035e9335d61..b9b851ec282c 100644
--- a/platform-administration/implementation-and-setup/enterprise-setup/snyk-broker/classic-broker/install-and-configure-snyk-broker/azure-repos-prerequisites-and-steps-to-install-and-configure-broker/azure-repos-environment-variables-for-snyk-broker.md
+++ b/platform-administration/implementation-and-setup/enterprise-setup/snyk-broker/classic-broker/install-and-configure-snyk-broker/azure-repos-prerequisites-and-steps-to-install-and-configure-broker/azure-repos-environment-variables-for-snyk-broker.md
@@ -5,10 +5,10 @@ The following environment variables are required to configure the Broker Client
* `BROKER_TOKEN` - the Snyk Broker token, obtained from your Azure Repos integration settings view (app.snyk.io).
* `BROKER_SERVER_URL` - the URL of the Broker server for the region in which your data is hosted. For the commands and URLs to use, see [Broker URLs](https://app.gitbook.com/s/ELvljsaLKPkSpffOkmsQ/regional-hosting-and-data-residency#broker-server-urls).
* `AZURE_REPOS_TOKEN` - an Azure Repos personal access token. Refer to this [Guide](https://docs.microsoft.com/en-us/azure/devops/organizations/accounts/use-personal-access-tokens-to-authenticate?view=azure-devops\&tabs=preview-page) for how to get or create the token. Required scopes: ensure Custom defined is selected and under Code select `Read & write`.
-* `AZURE_REPOS_ORG` - Organization name, which can be found on your Organization Overview page in Azure. For Azure Repos on-prem, the typical organization name is `tfs/Main.` If you have more than one Azure organization, you must deploy a Broker for each one
+* `AZURE_REPOS_ORG` - Organization name, which can be found on your Organization Overview page in Azure. For Azure Repos on-prem, the typical organization name is `tfs/Main.` If you have more than one Azure organization, you must deploy a Broker for each one.
* `AZURE_REPOS_HOST` - the hostname of your Azure Repos Server deployment, such as `your.azure-server.domain.com`.
* `PORT` - the local port at which the Broker client accepts connections. Default is 8000.
-* `BROKER_CLIENT_URL` - the full URL of the Broker client as it will be accessible to your Azure Repos' webhooks, such as `http://broker.url.example:8000.`This URL is required to access features such as PR Fixes or PR Checks.
+* `BROKER_CLIENT_URL` - the full URL of the Broker client as it is accessible to your Azure Repos webhooks, such as `http://broker.url.example:8000.` This URL is required to access features such as PR Fixes or PR Checks.
* This must have http:// and the port number.
* To configure the client with HTTPS, [additional settings are required](../../../https-for-broker-client-with-docker.md).
* `ACCEPT_IAC` - by default, some file types used by Infrastructure-as-Code (IaC) are not enabled. To grant the Broker access to IaC files in your repository, for example, Terraform, you can add an environment variable, `ACCEPT_IAC`, with any combination of `tf,yaml,yml,json,tpl`.
diff --git a/platform-administration/implementation-and-setup/enterprise-setup/snyk-broker/classic-broker/install-and-configure-snyk-broker/azure-repos-prerequisites-and-steps-to-install-and-configure-broker/azure-repos-install-and-configure-and-configure-using-helm.md b/platform-administration/implementation-and-setup/enterprise-setup/snyk-broker/classic-broker/install-and-configure-snyk-broker/azure-repos-prerequisites-and-steps-to-install-and-configure-broker/azure-repos-install-and-configure-and-configure-using-helm.md
index b19b47d4e645..6a2ac41503d4 100644
--- a/platform-administration/implementation-and-setup/enterprise-setup/snyk-broker/classic-broker/install-and-configure-snyk-broker/azure-repos-prerequisites-and-steps-to-install-and-configure-broker/azure-repos-install-and-configure-and-configure-using-helm.md
+++ b/platform-administration/implementation-and-setup/enterprise-setup/snyk-broker/classic-broker/install-and-configure-snyk-broker/azure-repos-prerequisites-and-steps-to-install-and-configure-broker/azure-repos-install-and-configure-and-configure-using-helm.md
@@ -38,4 +38,4 @@ helm install snyk-broker-chart snyk-broker/snyk-broker \
You can pass any environment variable of your choice in the Helm command. For details, see [Custom additional options for Broker Helm Chart](../advanced-configuration-for-helm-chart-installation/custom-additional-options-for-broker-helm-chart-installation.md). Follow the instructions for [Advanced configuration for Helm Chart installation](../advanced-configuration-for-helm-chart-installation/) to make configuration changes as needed.
-You can verify that the Broker is running by looking at the settings for your brokered integration in the Snyk Web UI to see a confirmation message that you are connected. You can start importing Projects once you are connected.
+You can verify that the Broker is running by looking at the settings for your brokered integration in the Snyk Web UI to see a confirmation message that you are connected. You can start importing Projects after you are connected.
diff --git a/platform-administration/implementation-and-setup/enterprise-setup/snyk-broker/classic-broker/install-and-configure-snyk-broker/azure-repos-prerequisites-and-steps-to-install-and-configure-broker/azure-repos-install-and-configure-using-docker.md b/platform-administration/implementation-and-setup/enterprise-setup/snyk-broker/classic-broker/install-and-configure-snyk-broker/azure-repos-prerequisites-and-steps-to-install-and-configure-broker/azure-repos-install-and-configure-using-docker.md
index 4a86bed5df0d..0e13d058c9a4 100644
--- a/platform-administration/implementation-and-setup/enterprise-setup/snyk-broker/classic-broker/install-and-configure-snyk-broker/azure-repos-prerequisites-and-steps-to-install-and-configure-broker/azure-repos-install-and-configure-using-docker.md
+++ b/platform-administration/implementation-and-setup/enterprise-setup/snyk-broker/classic-broker/install-and-configure-snyk-broker/azure-repos-prerequisites-and-steps-to-install-and-configure-broker/azure-repos-install-and-configure-using-docker.md
@@ -14,7 +14,7 @@ This integration is useful to ensure a secure connection with your on-premise or
To use the Broker Client with [Azure](https://azure.microsoft.com/en-us/services/devops/), run `docker pull snyk/broker:azure-repos`. Refer to [Azure Repos - environment variables for Snyk Broker](azure-repos-environment-variables-for-snyk-broker.md) for definitions of the environment variables.
-If necessary, go to the [Advanced configuration page](../advanced-configuration-for-snyk-broker-docker-installation/) and make any configuration changes needed, such as providing the CA (Certificate Authority) to the Broker Client configuration if the Azure Repos instance is using a private certificate, and setting up [proxy support](../advanced-configuration-for-snyk-broker-docker-installation/proxy-support-with-docker.md).
+If necessary, navigate to the [Advanced configuration page](../advanced-configuration-for-snyk-broker-docker-installation/) and make any configuration changes needed, such as providing the CA (Certificate Authority) to the Broker Client configuration if the Azure Repos instance is using a private certificate, and setting up [proxy support](../advanced-configuration-for-snyk-broker-docker-installation/proxy-support-with-docker.md).
## Docker run command to set up a Broker Client for Azure Repos
@@ -47,10 +47,10 @@ docker run --restart=always \
Paste the Broker Client configuration to start the Broker Client container.
-Once the container is up, the Azure Repos Integrations page shows the connection to Azure Repos and you can `Add Projects.`
+After the container is up, the Azure Repos Integrations page shows the connection to Azure Repos and you can `Add Projects.`
## Basic troubleshooting for Broker with Azure Repos
* Run `docker logs ` to look for any errors, where `container id` is the Azure Repos Broker container ID.
* Ensure relevant ports are exposed to Azure Repos.
-* Make sure that file permissions for the local path to the `accept.json` file, as well as the `accept.json` file itself, are correct and accessible.
+* Ensure that file permissions for the local path to the `accept.json` file, as well as the `accept.json` file itself, are correct and accessible.
diff --git a/platform-administration/implementation-and-setup/enterprise-setup/snyk-broker/classic-broker/install-and-configure-snyk-broker/bitbucket-server-data-center-prerequisites-and-steps-to-install-and-configure-broker/bitbucket-server-data-center-environment-variables-for-snyk-broker-basic-auth.md b/platform-administration/implementation-and-setup/enterprise-setup/snyk-broker/classic-broker/install-and-configure-snyk-broker/bitbucket-server-data-center-prerequisites-and-steps-to-install-and-configure-broker/bitbucket-server-data-center-environment-variables-for-snyk-broker-basic-auth.md
index 4de4202c8f00..014df7976fb7 100644
--- a/platform-administration/implementation-and-setup/enterprise-setup/snyk-broker/classic-broker/install-and-configure-snyk-broker/bitbucket-server-data-center-prerequisites-and-steps-to-install-and-configure-broker/bitbucket-server-data-center-environment-variables-for-snyk-broker-basic-auth.md
+++ b/platform-administration/implementation-and-setup/enterprise-setup/snyk-broker/classic-broker/install-and-configure-snyk-broker/bitbucket-server-data-center-prerequisites-and-steps-to-install-and-configure-broker/bitbucket-server-data-center-environment-variables-for-snyk-broker-basic-auth.md
@@ -8,10 +8,10 @@ The following environment variables are required to configure the Broker client:
* `BITBUCKET_PASSWORD` - the Bitbucket Server password. You can use an API token in place of a password.
* `BITBUCKET` - the hostname of your Bitbucket Server deployment, such as `your.bitbucket-server.domain.com`.
* `BITBUCKET_API` - the API endpoint of your Bitbucket Server deployment. Should be `$BITBUCKET/rest/api/1.0`.
-* `BROKER_CLIENT_URL` - the full URL of the Broker client as it will be accessible to your Bitbucket Server for webhooks, such as `http://broker.url.example:8000.`This URL is required to access features such as PR Fixes or PR Checks.
+* `BROKER_CLIENT_URL` - the full URL of the Broker client as it is accessible to your Bitbucket Server for webhooks, such as `http://broker.url.example:8000.` This URL is required to access features such as PR Fixes or PR Checks.
* This must have http:// and the port number.
* To configure the client with HTTPS, [additional settings are required](../../../https-for-broker-client-with-docker.md).
* `PORT` - the local port at which the Broker client accepts connections. Default is 8000.
-* `ACCEPT_IAC` - by default, some file types used by Infrastructure-as-Code (IaC) are not enabled. To grant the Broker access to IaC files in your repository, such as Terraform for example, you can simply add an environment variable `ACCEPT_IAC` with any combination of `tf,yaml,yml,json,tpl`.
+* `ACCEPT_IAC` - by default, some file types used by Infrastructure-as-Code (IaC) are not enabled. To grant the Broker access to IaC files in your repository, such as Terraform, add an environment variable `ACCEPT_IAC` with any combination of `tf,yaml,yml,json,tpl`.
* `ACCEPT_CODE` - by default, Snyk Code will not load code snippets. To enable code snippets you can add an environment variable `ACCEPT_CODE=true`.
* `ACCEPT_ESSENTIALS` - enable Snyk Essentials to identify your application assets, monitor them, and prioritize the risks. To enable Snyk Essentials, add the environment variable `ACCEPT_ESSENTIALS=true`.
diff --git a/platform-administration/implementation-and-setup/enterprise-setup/snyk-broker/classic-broker/install-and-configure-snyk-broker/bitbucket-server-data-center-prerequisites-and-steps-to-install-and-configure-broker/bitbucket-server-data-center-environment-variables-for-snyk-broker-personal-access-token-pat.md b/platform-administration/implementation-and-setup/enterprise-setup/snyk-broker/classic-broker/install-and-configure-snyk-broker/bitbucket-server-data-center-prerequisites-and-steps-to-install-and-configure-broker/bitbucket-server-data-center-environment-variables-for-snyk-broker-personal-access-token-pat.md
index d1b7ef09058a..f569de5424b6 100644
--- a/platform-administration/implementation-and-setup/enterprise-setup/snyk-broker/classic-broker/install-and-configure-snyk-broker/bitbucket-server-data-center-prerequisites-and-steps-to-install-and-configure-broker/bitbucket-server-data-center-environment-variables-for-snyk-broker-personal-access-token-pat.md
+++ b/platform-administration/implementation-and-setup/enterprise-setup/snyk-broker/classic-broker/install-and-configure-snyk-broker/bitbucket-server-data-center-prerequisites-and-steps-to-install-and-configure-broker/bitbucket-server-data-center-environment-variables-for-snyk-broker-personal-access-token-pat.md
@@ -7,10 +7,10 @@ The following environment variables are required to configure the Broker client:
* `BITBUCKET_PAT` - the Bitbucket Server Personal Access Token.
* `BITBUCKET` - the hostname of your Bitbucket Server deployment, such as `your.bitbucket-server.domain.com`.
* `BITBUCKET_API` - the API endpoint of your Bitbucket Server deployment. Should be `$BITBUCKET/rest/api/1.0`.
-* `BROKER_CLIENT_URL` - the full URL of the Broker client as it will be accessible to your Bitbucket Server for webhooks, such as `http://broker.url.example:8000.`This URL is required to access features such as PR Fixes or PR Checks.
+* `BROKER_CLIENT_URL` - the full URL of the Broker client as it is accessible to your Bitbucket Server for webhooks, such as `http://broker.url.example:8000.` This URL is required to access features such as PR Fixes or PR Checks.
* This must have http:// and the port number.
* To configure the client with HTTPS, [additional settings are required](../../../https-for-broker-client-with-docker.md).
* `PORT` - the local port at which the Broker client accepts connections. Default is 8000.
-* `ACCEPT_IAC` - by default, some file types used by Infrastructure-as-Code (IaC) are not enabled. To grant the Broker access to IaC files in your repository, such as Terraform for example, you can simply add an environment variable `ACCEPT_IAC` with any combination of `tf,yaml,yml,json,tpl`.
+* `ACCEPT_IAC` - by default, some file types used by Infrastructure-as-Code (IaC) are not enabled. To grant the Broker access to IaC files in your repository, such as Terraform, add an environment variable `ACCEPT_IAC` with any combination of `tf,yaml,yml,json,tpl`.
* `ACCEPT_CODE` - by default, Snyk Code will not load code snippets. To enable code snippets you can add an environment variable `ACCEPT_CODE=true`.
* `ACCEPT_ESSENTIALS` - enable Snyk Essentials to identify your application assets, monitor them, and prioritize the risks. To enable Snyk Essentials, add the environment variable `ACCEPT_ESSENTIALS=true`.
diff --git a/platform-administration/implementation-and-setup/enterprise-setup/snyk-broker/classic-broker/install-and-configure-snyk-broker/github-enterprise-prerequisites-and-steps-to-install-and-configure-broker/github-enterprise-environment-variables-for-snyk-broker.md b/platform-administration/implementation-and-setup/enterprise-setup/snyk-broker/classic-broker/install-and-configure-snyk-broker/github-enterprise-prerequisites-and-steps-to-install-and-configure-broker/github-enterprise-environment-variables-for-snyk-broker.md
index f17c4f14f98d..24b66bb62567 100644
--- a/platform-administration/implementation-and-setup/enterprise-setup/snyk-broker/classic-broker/install-and-configure-snyk-broker/github-enterprise-prerequisites-and-steps-to-install-and-configure-broker/github-enterprise-environment-variables-for-snyk-broker.md
+++ b/platform-administration/implementation-and-setup/enterprise-setup/snyk-broker/classic-broker/install-and-configure-snyk-broker/github-enterprise-prerequisites-and-steps-to-install-and-configure-broker/github-enterprise-environment-variables-for-snyk-broker.md
@@ -1,6 +1,6 @@
# GitHub Enterprise - environment variables for Snyk Broker
-The following environment variables are required to configure the Broker Client: for GitHub Enterprise:
+The following environment variables are required to configure the Broker Client for GitHub Enterprise:
* `BROKER_TOKEN` - the Snyk Broker token, obtained from your Snyk Org settings view (app.snyk.io).
* `GITHUB_TOKEN` - a personal access token with full `repo`, `read:org` and `admin:repo_hook` scopes.
@@ -14,9 +14,9 @@ The following environment variables are required to configure the Broker Client:
* For GitHub Enterprise Cloud without a custom domain, use `api.github.com`.
* `GITHUB_GRAPHQL` - the `graphql` endpoint of your GitHub Enterprise deployment. Do not use `http` or `https`.
* For self-hosted, should be `your.ghe.domain.com/api`.
- * for GitHub Enterprise Cloud without a custom domain, use `api.github.com/graphql`.
+ * For GitHub Enterprise Cloud without a custom domain, use `api.github.com/graphql`.
* `PORT` - the local port at which the Broker client accepts connections. Default is 8000.
-* `BROKER_CLIENT_URL` - the full URL of the Broker client as it will be accessible to your GitHub Enterprise deployment webhooks, such as `http://broker.url.example:8000`.
+* `BROKER_CLIENT_URL` - the full URL of the Broker client as it is accessible to your GitHub Enterprise deployment webhooks, such as `http://broker.url.example:8000`.
* This must have `http://` and the port number.
* To configure the client with HTTPS, [additional settings are required](../../../https-for-broker-client-with-docker.md).
* `ACCEPT_IAC` - by default, some file types used by Infrastructure-as-Code (IaC) are not enabled. To grant the Broker access to IaC files in your repository, for example, Terraform files, you can add an environment variable `ACCEPT_IAC` with any combination of `tf,yaml,yml,json,tpl`.
diff --git a/platform-administration/implementation-and-setup/enterprise-setup/snyk-broker/classic-broker/install-and-configure-snyk-broker/github-enterprise-prerequisites-and-steps-to-install-and-configure-broker/github-enterprise-install-and-configure-using-helm.md b/platform-administration/implementation-and-setup/enterprise-setup/snyk-broker/classic-broker/install-and-configure-snyk-broker/github-enterprise-prerequisites-and-steps-to-install-and-configure-broker/github-enterprise-install-and-configure-using-helm.md
index f29fdd375d18..9a05f0fe53e8 100644
--- a/platform-administration/implementation-and-setup/enterprise-setup/snyk-broker/classic-broker/install-and-configure-snyk-broker/github-enterprise-prerequisites-and-steps-to-install-and-configure-broker/github-enterprise-install-and-configure-using-helm.md
+++ b/platform-administration/implementation-and-setup/enterprise-setup/snyk-broker/classic-broker/install-and-configure-snyk-broker/github-enterprise-prerequisites-and-steps-to-install-and-configure-broker/github-enterprise-install-and-configure-using-helm.md
@@ -35,4 +35,4 @@ helm install snyk-broker-chart snyk-broker/snyk-broker \
You can pass any environment variable of your choice in the Helm command. For details, see [Custom additional options for Broker Helm Chart](../advanced-configuration-for-helm-chart-installation/custom-additional-options-for-broker-helm-chart-installation.md). Follow the instructions for [Advanced configuration for Helm Chart installation](../advanced-configuration-for-helm-chart-installation/) to make configuration changes as needed.
-You can verify that the Broker is running by looking at the settings for your brokered integration in the Snyk Web UI to see a confirmation message that you are connected. You can start importing Projects once you are connected.
+You can verify that the Broker is running by looking at the settings for your brokered integration in the Snyk Web UI to see a confirmation message that you are connected. You can start importing Projects after you are connected.
diff --git a/platform-administration/implementation-and-setup/enterprise-setup/snyk-broker/classic-broker/install-and-configure-snyk-broker/github-prerequisites-and-steps-to-install-and-configure-broker/github-environment-variables-for-snyk-broker.md b/platform-administration/implementation-and-setup/enterprise-setup/snyk-broker/classic-broker/install-and-configure-snyk-broker/github-prerequisites-and-steps-to-install-and-configure-broker/github-environment-variables-for-snyk-broker.md
index affe82c35336..8034fca80751 100644
--- a/platform-administration/implementation-and-setup/enterprise-setup/snyk-broker/classic-broker/install-and-configure-snyk-broker/github-prerequisites-and-steps-to-install-and-configure-broker/github-environment-variables-for-snyk-broker.md
+++ b/platform-administration/implementation-and-setup/enterprise-setup/snyk-broker/classic-broker/install-and-configure-snyk-broker/github-prerequisites-and-steps-to-install-and-configure-broker/github-environment-variables-for-snyk-broker.md
@@ -5,7 +5,7 @@ The following environment variables are required to configure the Broker Client
* `BROKER_TOKEN` - the Snyk Broker token, obtained from your Snyk Org settings view (app.snyk.io).
* `GITHUB_TOKEN` - a personal access token with full `repo`, `read:org` and `admin:repo_hook` scopes.
* `PORT` - the local port at which the Broker client accepts connections. Default is 8000.
-* `BROKER_CLIENT_URL` - the full URL of the Broker client as it will be accessible to GitHub webhooks, such as `http://broker.url.example:8000.`This URL is required to access features such as PR Fixes or PR Checks.
+* `BROKER_CLIENT_URL` - the full URL of the Broker client as it is accessible to GitHub webhooks, such as `http://broker.url.example:8000.` This URL is required to access features such as PR Fixes or PR Checks.
* This must have http:// and the port number.
* To configure the client with HTTPS, [additional settings are required](../../../https-for-broker-client-with-docker.md).
* `ACCEPT_IAC` - by default, some file types used by Infrastructure-as-Code (IaC) are not enabled. To grant the Broker access to IaC files in your repository, for example, Terraform, you can add an environment variable `ACCEPT_IAC` with any combination of `tf,yaml,yml,json,tpl`
diff --git a/platform-administration/implementation-and-setup/enterprise-setup/snyk-broker/classic-broker/install-and-configure-snyk-broker/github-prerequisites-and-steps-to-install-and-configure-broker/github-install-and-configure-using-helm.md b/platform-administration/implementation-and-setup/enterprise-setup/snyk-broker/classic-broker/install-and-configure-snyk-broker/github-prerequisites-and-steps-to-install-and-configure-broker/github-install-and-configure-using-helm.md
index 79adef67866d..ec0584860103 100644
--- a/platform-administration/implementation-and-setup/enterprise-setup/snyk-broker/classic-broker/install-and-configure-snyk-broker/github-prerequisites-and-steps-to-install-and-configure-broker/github-install-and-configure-using-helm.md
+++ b/platform-administration/implementation-and-setup/enterprise-setup/snyk-broker/classic-broker/install-and-configure-snyk-broker/github-prerequisites-and-steps-to-install-and-configure-broker/github-install-and-configure-using-helm.md
@@ -28,4 +28,4 @@ helm install snyk-broker-chart snyk-broker/snyk-broker \
You can pass any environment variable of your choice in the Helm command. For details, see [Custom additional options for Broker Helm Chart](../advanced-configuration-for-helm-chart-installation/custom-additional-options-for-broker-helm-chart-installation.md). Follow the instructions for [Advanced configuration for Helm Chart installation](../advanced-configuration-for-helm-chart-installation/) to make configuration changes as needed.
-You can verify that the Broker is running by looking at the settings for your brokered integration in the Snyk Web UI to see a confirmation message that you are connected. You can start importing Projects once you are connected.
+You can verify that the Broker is running by looking at the settings for your brokered integration in the Snyk Web UI to see a confirmation message that you are connected. You can start importing Projects after you are connected.
diff --git a/platform-administration/implementation-and-setup/enterprise-setup/snyk-broker/classic-broker/install-and-configure-snyk-broker/gitlab-prerequisites-and-steps-to-install-and-configure-broker/gitlab-environment-variables-for-snyk-broker.md b/platform-administration/implementation-and-setup/enterprise-setup/snyk-broker/classic-broker/install-and-configure-snyk-broker/gitlab-prerequisites-and-steps-to-install-and-configure-broker/gitlab-environment-variables-for-snyk-broker.md
index 36046f62934c..c63106f84e15 100644
--- a/platform-administration/implementation-and-setup/enterprise-setup/snyk-broker/classic-broker/install-and-configure-snyk-broker/gitlab-prerequisites-and-steps-to-install-and-configure-broker/gitlab-environment-variables-for-snyk-broker.md
+++ b/platform-administration/implementation-and-setup/enterprise-setup/snyk-broker/classic-broker/install-and-configure-snyk-broker/gitlab-prerequisites-and-steps-to-install-and-configure-broker/gitlab-environment-variables-for-snyk-broker.md
@@ -7,9 +7,9 @@ The following environment variables are required to configure the Broker Client
* `BROKER_SERVER_URL` - the URL of the Broker server for the region in which your data is hosted. For the commands and URLs to use, see [Broker URLs](https://app.gitbook.com/s/ELvljsaLKPkSpffOkmsQ/regional-hosting-and-data-residency#broker-server-urls).
* `GITLAB` - the hostname of your GitLab deployment, such as `your.gitlab.domain.com` or `GitLab.com`.
* `PORT` - the local port at which the Broker Client accepts connections. Default is 8000.
-* `BROKER_CLIENT_URL` - the full URL of the Broker Client as needed to be reachable by either GitLab.com or on-prem GitLab deployment in order to establish webhook connectivity. This must be a full URL like `http://broker.url.example:8000`.
+* `BROKER_CLIENT_URL` - the full URL of the Broker Client as needed to be reachable by either GitLab.com or on-prem GitLab deployment to establish webhook connectivity. This must be a full URL like `http://broker.url.example:8000`.
* This must have http:// and the port number.
* To configure the client with HTTPS, [additional settings are required](../../../https-for-broker-client-with-docker.md).
-* `ACCEPT_IAC` - by default, some file types used by Infrastructure-as-Code (IaC) are not enabled. To grant the Broker access to IaC files in your repository, such as Terraform for example, you can simply add an environment variable `ACCEPT_IAC` with any combination of `tf,yaml,yml,json,tpl`.
-* `ACCEPT_CODE` - by default, Snyk Code will not load code snippets. To enable code snippets you can simply add an environment variable `ACCEPT_CODE=true`.
+* `ACCEPT_IAC` - by default, some file types used by Infrastructure as Code (IaC) are not enabled. To grant the Broker access to IaC files in your repository, such as Terraform, add an environment variable `ACCEPT_IAC` with any combination of `tf,yaml,yml,json,tpl`.
+* `ACCEPT_CODE` - by default, Snyk Code does not load code snippets. To enable code snippets, add an environment variable `ACCEPT_CODE=true`.
* `ACCEPT_ESSENTIALS` - Enable Snyk Essentials to identify your application assets, monitor them, and prioritize the risks. You can enable it by adding an environment variable `ACCEPT_ESSENTIALS=true`.
diff --git a/platform-administration/implementation-and-setup/enterprise-setup/snyk-broker/classic-broker/install-and-configure-snyk-broker/gitlab-prerequisites-and-steps-to-install-and-configure-broker/gitlab-install-and-configure-using-docker.md b/platform-administration/implementation-and-setup/enterprise-setup/snyk-broker/classic-broker/install-and-configure-snyk-broker/gitlab-prerequisites-and-steps-to-install-and-configure-broker/gitlab-install-and-configure-using-docker.md
index 279dcf007321..c93ce931ad58 100644
--- a/platform-administration/implementation-and-setup/enterprise-setup/snyk-broker/classic-broker/install-and-configure-snyk-broker/gitlab-prerequisites-and-steps-to-install-and-configure-broker/gitlab-install-and-configure-using-docker.md
+++ b/platform-administration/implementation-and-setup/enterprise-setup/snyk-broker/classic-broker/install-and-configure-snyk-broker/gitlab-prerequisites-and-steps-to-install-and-configure-broker/gitlab-install-and-configure-using-docker.md
@@ -8,7 +8,7 @@ This integration is useful to ensure a secure connection with your on-premise or
To use the Broker client with GitLab.com or an on-prem GitLab deployment, run `docker pull snyk/broker:gitlab`. Refer to [GitLab - environment variables for Snyk Broker](gitlab-environment-variables-for-snyk-broker.md) for definitions of the environment variables.
-If necessary, go to the [Advanced configuration page](../advanced-configuration-for-snyk-broker-docker-installation/) and make any configuration changes needed, such as providing the CA (Certificate Authority to the Broker Client configuration if the GitLab instance is using a private certificate, or setting up [proxy support](../advanced-configuration-for-snyk-broker-docker-installation/proxy-support-with-docker.md).
+If necessary, navigate to the [Advanced configuration page](../advanced-configuration-for-snyk-broker-docker-installation/) and make any configuration changes needed, such as providing the CA (Certificate Authority) to the Broker Client configuration if the GitLab instance is using a private certificate, or setting up [proxy support](../advanced-configuration-for-snyk-broker-docker-installation/proxy-support-with-docker.md).
## Docker run command to set up a Broker Client for GitLab
@@ -34,7 +34,7 @@ docker run --restart=always \
snyk/broker:gitlab
```
-Use the environment variable `REMOVE_X_FORWARDED_HEADERS=true` to remove the `XFF` headers from the requests made by the Broker client to GitLab. This allows the Broker to work properly.
+Use the environment variable `REMOVE_X_FORWARDED_HEADERS=true` to remove the `XFF` headers from the requests made by the Broker client to GitLab. This lets the Broker work properly.
Snyk Essentials is set by default to `false`. Enable it by setting the flag to `true`.
@@ -42,7 +42,7 @@ Snyk Essentials is set by default to `false`. Enable it by setting the flag to `
Paste the Broker Client configuration to start the Broker Client container.
-Once the container is up, the GitLab Integrations page shows the connection to GitLab, and you can `Add Projects`.
+After the container is up, the GitLab Integrations page shows the connection to GitLab, and you can `Add Projects`.
## Basic troubleshooting for Broker with GitLab
diff --git a/platform-administration/implementation-and-setup/enterprise-setup/snyk-broker/classic-broker/install-and-configure-snyk-broker/gitlab-prerequisites-and-steps-to-install-and-configure-broker/gitlab-install-and-configure-using-helm.md b/platform-administration/implementation-and-setup/enterprise-setup/snyk-broker/classic-broker/install-and-configure-snyk-broker/gitlab-prerequisites-and-steps-to-install-and-configure-broker/gitlab-install-and-configure-using-helm.md
index b060cd7fb9c9..cdb4950d10a7 100644
--- a/platform-administration/implementation-and-setup/enterprise-setup/snyk-broker/classic-broker/install-and-configure-snyk-broker/gitlab-prerequisites-and-steps-to-install-and-configure-broker/gitlab-install-and-configure-using-helm.md
+++ b/platform-administration/implementation-and-setup/enterprise-setup/snyk-broker/classic-broker/install-and-configure-snyk-broker/gitlab-prerequisites-and-steps-to-install-and-configure-broker/gitlab-install-and-configure-using-helm.md
@@ -14,7 +14,7 @@ For the `gitlab` value, do not include `https://.`
`ACCEPT_CODE` is [set to true by default](https://github.com/snyk/snyk-broker-helm/blob/465d4ef279755fa5c9507975a88348bab04c2264/charts/snyk-broker/templates/broker_deployment.yaml#L383) in the chart, as is [ACCEPT\_IAC](https://github.com/snyk/snyk-broker-helm/blob/465d4ef279755fa5c9507975a88348bab04c2264/charts/snyk-broker/templates/broker_deployment.yaml#L386C23-L386C43). You can disable them if needed using `disableAutoAcceptRules=true`, but otherwise, these are enabled.
-Use the environment variable `REMOVE_X_FORWARDED_HEADERS=true` to remove the `XFF` headers from the requests made by the Broker client to GitLab. This allows the Broker to work properly.
+Use the environment variable `REMOVE_X_FORWARDED_HEADERS=true` to remove the `XFF` headers from the requests made by the Broker client to GitLab. This lets the Broker work properly.
Snyk Essentials is set by default to `false`. Enable it by setting the flag to `true`.
@@ -37,4 +37,4 @@ helm install snyk-broker-chart snyk-broker/snyk-broker \
You can pass any environment variable of your choice in the Helm command. For details, see [Custom additional options for Broker Helm Chart](../advanced-configuration-for-helm-chart-installation/custom-additional-options-for-broker-helm-chart-installation.md). Follow the instructions for [Advanced configuration for Helm Chart installation](../advanced-configuration-for-helm-chart-installation/) to make configuration changes as needed.
-You can verify that the Broker is running by looking at the settings for your brokered integration in the Snyk Web UI to see a confirmation message that you are connected. You can start importing Projects once you are connected.
+You can verify that the Broker is running by looking at the settings for your brokered integration in the Snyk Web UI to see a confirmation message that you are connected. You can start importing Projects after you are connected.
diff --git a/platform-administration/implementation-and-setup/enterprise-setup/snyk-broker/classic-broker/install-and-configure-snyk-broker/jira-prerequisites-and-steps-to-install-and-configure-broker/jira-environment-variables-for-snyk-broker.md b/platform-administration/implementation-and-setup/enterprise-setup/snyk-broker/classic-broker/install-and-configure-snyk-broker/jira-prerequisites-and-steps-to-install-and-configure-broker/jira-environment-variables-for-snyk-broker.md
index f8edc4bbe581..cfb10fd3f5d8 100644
--- a/platform-administration/implementation-and-setup/enterprise-setup/snyk-broker/classic-broker/install-and-configure-snyk-broker/jira-prerequisites-and-steps-to-install-and-configure-broker/jira-environment-variables-for-snyk-broker.md
+++ b/platform-administration/implementation-and-setup/enterprise-setup/snyk-broker/classic-broker/install-and-configure-snyk-broker/jira-prerequisites-and-steps-to-install-and-configure-broker/jira-environment-variables-for-snyk-broker.md
@@ -7,7 +7,7 @@ The following environment variables are needed to configure the Broker Client fo
* `JIRA_USERNAME` - the Jira username.
* `JIRA_PASSWORD` - the Jira password.
* `JIRA_HOSTNAME` - the hostname of your Jira deployment, such as `your.jira.domain.com`.
-* `BROKER_CLIENT_URL` - the full URL of the Broker client as it will be accessible by your Jira for webhooks, such as `http://my.broker.client:8000`
+* `BROKER_CLIENT_URL` - the full URL of the Broker client as it is accessible by your Jira for webhooks, such as `http://my.broker.client:8000`
* This must have http:// and the port number.
* To configure the client with HTTPS, [additional settings are required](../../../https-for-broker-client-with-docker.md).
* `PORT` - the local port at which the Broker client accepts connections. Default is 8000.
diff --git a/platform-administration/implementation-and-setup/enterprise-setup/snyk-broker/classic-broker/install-and-configure-snyk-broker/jira-prerequisites-and-steps-to-install-and-configure-broker/jira-install-and-configure-using-docker.md b/platform-administration/implementation-and-setup/enterprise-setup/snyk-broker/classic-broker/install-and-configure-snyk-broker/jira-prerequisites-and-steps-to-install-and-configure-broker/jira-install-and-configure-using-docker.md
index 7586ab98e334..8e5f6759c76c 100644
--- a/platform-administration/implementation-and-setup/enterprise-setup/snyk-broker/classic-broker/install-and-configure-snyk-broker/jira-prerequisites-and-steps-to-install-and-configure-broker/jira-install-and-configure-using-docker.md
+++ b/platform-administration/implementation-and-setup/enterprise-setup/snyk-broker/classic-broker/install-and-configure-snyk-broker/jira-prerequisites-and-steps-to-install-and-configure-broker/jira-install-and-configure-using-docker.md
@@ -36,7 +36,7 @@ If necessary, navigate to [Advanced configuration for Snyk Broker Docker install
When SSO is enabled, JIRA usually prohibits the use of a username and password and requires the use of a personal access token (PAT).
-When SSO is enabled, you must use a specific Jira version that will instead use the authorization header with the bearer token. To use this version, provide the following configuration:
+When SSO is enabled, you must use a specific Jira version that instead uses the authorization header with the bearer token. To use this version, provide the following configuration:
```
docker run --restart=always \
@@ -53,9 +53,9 @@ docker run --restart=always \
Paste the Broker Client configuration to start the Broker Client container.
-After the container is set up, and the Jira Integrations page shows the connection to Jira, under Projects, you can create Jira tickets
+After the container is set up, and the Jira Integrations page shows the connection to Jira, under Projects, you can create Jira tickets.
-## **Basic troubleshooting for Broker with Jira**
+## Basic troubleshooting for Broker with Jira
* Run `docker logs ` to look for any errors, where `container id` is the Jira Broker container ID.
* Ensure relevant ports are exposed to Jira.
diff --git a/platform-administration/implementation-and-setup/enterprise-setup/snyk-broker/classic-broker/install-and-configure-snyk-broker/jira-prerequisites-and-steps-to-install-and-configure-broker/jira-install-and-configure-using-helm.md b/platform-administration/implementation-and-setup/enterprise-setup/snyk-broker/classic-broker/install-and-configure-snyk-broker/jira-prerequisites-and-steps-to-install-and-configure-broker/jira-install-and-configure-using-helm.md
index 7aa257e510d2..3a40bbb73d6a 100644
--- a/platform-administration/implementation-and-setup/enterprise-setup/snyk-broker/classic-broker/install-and-configure-snyk-broker/jira-prerequisites-and-steps-to-install-and-configure-broker/jira-install-and-configure-using-helm.md
+++ b/platform-administration/implementation-and-setup/enterprise-setup/snyk-broker/classic-broker/install-and-configure-snyk-broker/jira-prerequisites-and-steps-to-install-and-configure-broker/jira-install-and-configure-using-helm.md
@@ -37,7 +37,7 @@ You can verify that the Broker is running by looking at the settings for your br
When SSO is enabled, JIRA usually prohibits the use of a username and password and requires the use of a personal access token (PAT).
-When SSO is enabled, you must use a specific Jira version that will instead use the authorization header with the bearer token. To use this version, provide the following configuration:
+When SSO is enabled, you must use a specific Jira version that instead uses the authorization header with the bearer token. To use this version, provide the following configuration:
```
helm install snyk-broker-chart snyk-broker/snyk-broker \
diff --git a/platform-administration/implementation-and-setup/enterprise-setup/snyk-broker/classic-broker/install-and-configure-snyk-broker/nexus-repository-prerequisites-and-steps-to-install-and-configure-broker/README.md b/platform-administration/implementation-and-setup/enterprise-setup/snyk-broker/classic-broker/install-and-configure-snyk-broker/nexus-repository-prerequisites-and-steps-to-install-and-configure-broker/README.md
index 1b131b0f71d6..5cbe9defeb83 100644
--- a/platform-administration/implementation-and-setup/enterprise-setup/snyk-broker/classic-broker/install-and-configure-snyk-broker/nexus-repository-prerequisites-and-steps-to-install-and-configure-broker/README.md
+++ b/platform-administration/implementation-and-setup/enterprise-setup/snyk-broker/classic-broker/install-and-configure-snyk-broker/nexus-repository-prerequisites-and-steps-to-install-and-configure-broker/README.md
@@ -17,7 +17,7 @@ For convenience, instructions to obtain or generate the Broker token follow. Whe
## Obtain Broker token for Nexus integration
-1. Go to **Settings** > **Integrations** > **Package Repositories** > **Nexus**
+1. Navigate to **Settings** > **Integrations** > **Package Repositories** > **Nexus**.
2. Verify that you see the screen to configure Nexus.
Configure Nexus
diff --git a/platform-administration/implementation-and-setup/enterprise-setup/snyk-broker/classic-broker/install-and-configure-snyk-broker/nexus-repository-prerequisites-and-steps-to-install-and-configure-broker/nexus-repository-environment-variables-for-snyk-broker.md b/platform-administration/implementation-and-setup/enterprise-setup/snyk-broker/classic-broker/install-and-configure-snyk-broker/nexus-repository-prerequisites-and-steps-to-install-and-configure-broker/nexus-repository-environment-variables-for-snyk-broker.md
index bb1fc9c5b701..f51f7d2d8f9e 100644
--- a/platform-administration/implementation-and-setup/enterprise-setup/snyk-broker/classic-broker/install-and-configure-snyk-broker/nexus-repository-prerequisites-and-steps-to-install-and-configure-broker/nexus-repository-environment-variables-for-snyk-broker.md
+++ b/platform-administration/implementation-and-setup/enterprise-setup/snyk-broker/classic-broker/install-and-configure-snyk-broker/nexus-repository-prerequisites-and-steps-to-install-and-configure-broker/nexus-repository-environment-variables-for-snyk-broker.md
@@ -58,7 +58,7 @@ Complex example: `https://alice:mypassword@acme.com: 8000`
The URL that points to the base of your repositories within Nexus. By default, the broker assumes `BASE_NEXUS_URL`/nexus/content/ as the value.
`RES_BODY_URL_SUB`\
-The URL of the Nexus instance, including `https://` and `/nexus/content` without basic auth credentials. Required for npm and Yarn integrations only**.** Must not end with a forward slash.
+The URL of the Nexus instance, including `https://` and `/nexus/content` without basic auth credentials. Required for npm and Yarn integrations only. Must not end with a forward slash.
Examples:\
`https://acme.com/nexus/content/groups`\
diff --git a/platform-administration/implementation-and-setup/enterprise-setup/snyk-broker/classic-broker/install-and-configure-snyk-broker/nexus-repository-prerequisites-and-steps-to-install-and-configure-broker/nexus-repository-install-and-configure-using-docker.md b/platform-administration/implementation-and-setup/enterprise-setup/snyk-broker/classic-broker/install-and-configure-snyk-broker/nexus-repository-prerequisites-and-steps-to-install-and-configure-broker/nexus-repository-install-and-configure-using-docker.md
index 01c64032eb5e..26ef85409434 100644
--- a/platform-administration/implementation-and-setup/enterprise-setup/snyk-broker/classic-broker/install-and-configure-snyk-broker/nexus-repository-prerequisites-and-steps-to-install-and-configure-broker/nexus-repository-install-and-configure-using-docker.md
+++ b/platform-administration/implementation-and-setup/enterprise-setup/snyk-broker/classic-broker/install-and-configure-snyk-broker/nexus-repository-prerequisites-and-steps-to-install-and-configure-broker/nexus-repository-install-and-configure-using-docker.md
@@ -54,7 +54,7 @@ docker run --restart=always \
snyk/broker:nexus2
```
-You can find your `BASE_NEXUS_URL` by visiting the Nexus UI and navigating to the server tab under **Administration**, then selecting the **Base URL** entry without a trailing slash. This will typically end with `/nexus`, but may vary with non-default deployments. If you have a custom base URL then you must also set the `NEXUS_URL` environment variable to point to the URL where your repositories live. By default this is configured as `/nexus/content` but should follow a similar format to your base URL.
+You can find your `BASE_NEXUS_URL` by visiting the Nexus UI and navigating to the server tab under **Administration**, then selecting the **Base URL** entry without a trailing slash. This typically ends with `/nexus`, but may vary with non-default deployments. If you have a custom base URL then you must also set the `NEXUS_URL` environment variable to point to the URL where your repositories live. By default this is configured as `/nexus/content` but should follow a similar format to your base URL.
## Start the Broker Client container and verify the connection with Nexus Repository Manager
diff --git a/platform-administration/implementation-and-setup/enterprise-setup/snyk-broker/classic-broker/install-and-configure-snyk-broker/nexus-repository-prerequisites-and-steps-to-install-and-configure-broker/nexus-repository-install-and-configure-using-helm.md b/platform-administration/implementation-and-setup/enterprise-setup/snyk-broker/classic-broker/install-and-configure-snyk-broker/nexus-repository-prerequisites-and-steps-to-install-and-configure-broker/nexus-repository-install-and-configure-using-helm.md
index 958e9b1d71bc..76170c9b4ccd 100644
--- a/platform-administration/implementation-and-setup/enterprise-setup/snyk-broker/classic-broker/install-and-configure-snyk-broker/nexus-repository-prerequisites-and-steps-to-install-and-configure-broker/nexus-repository-install-and-configure-using-helm.md
+++ b/platform-administration/implementation-and-setup/enterprise-setup/snyk-broker/classic-broker/install-and-configure-snyk-broker/nexus-repository-prerequisites-and-steps-to-install-and-configure-broker/nexus-repository-install-and-configure-using-helm.md
@@ -38,7 +38,7 @@ helm install snyk-broker-chart snyk-broker/snyk-broker \
You can pass any environment variable of your choice in the Helm command. For details, see [Custom additional options for Broker Helm Chart](../advanced-configuration-for-helm-chart-installation/custom-additional-options-for-broker-helm-chart-installation.md). Follow the instructions for [Advanced configuration for Helm Chart installation](../advanced-configuration-for-helm-chart-installation/) to make configuration changes as needed.
-You can verify that the Broker is running by looking at the settings for your brokered integration in the Snyk Web UI to see a confirmation message that you are connected. You can start importing Projects once you are connected.
+You can verify that the Broker is running by looking at the settings for your brokered integration in the Snyk Web UI to see a confirmation message that you are connected. You can start importing Projects after you are connected.
## Nexus 2 Helm installation
@@ -65,4 +65,4 @@ helm install snyk-broker-chart snyk-broker/snyk-broker \
You can pass any environment variable of your choice in the Helm command. For details, see [Custom additional options for Broker Helm Chart](../advanced-configuration-for-helm-chart-installation/custom-additional-options-for-broker-helm-chart-installation.md). Follow the instructions for [Advanced configuration for Helm Chart installation](../advanced-configuration-for-helm-chart-installation/) to make configuration changes as needed.
-You can verify that the Broker is running by looking at the settings for your brokered integration in the Snyk Web UI to see a confirmation message that you are connected. You can start importing Projects once you are connected.
+You can verify that the Broker is running by looking at the settings for your brokered integration in the Snyk Web UI to see a confirmation message that you are connected. You can start importing Projects after you are connected.
diff --git a/platform-administration/implementation-and-setup/enterprise-setup/snyk-broker/classic-broker/prepare-snyk-broker-for-deployment/README.md b/platform-administration/implementation-and-setup/enterprise-setup/snyk-broker/classic-broker/prepare-snyk-broker-for-deployment/README.md
index 2d243d873bfd..0a96d7ca9e6b 100644
--- a/platform-administration/implementation-and-setup/enterprise-setup/snyk-broker/classic-broker/prepare-snyk-broker-for-deployment/README.md
+++ b/platform-administration/implementation-and-setup/enterprise-setup/snyk-broker/classic-broker/prepare-snyk-broker-for-deployment/README.md
@@ -44,7 +44,7 @@ Consider the following to understand what the required components are for your d
* See [Snyk Broker - Infrastructure as Code detection](../snyk-broker-infrastructure-as-code-detection.md).
* Are you planning to detect Snyk Code vulnerabilities? See [Clone an integration across your Snyk Organizatons](../clone-an-integration-across-your-snyk-organizations.md).
* Are you planning to connect to a Container Registry?
- * You will need to deploy an additional agent with the Broker, the Snyk Broker Container Registry Agent.
+ * You must deploy an additional agent with the Broker, the Snyk Broker Container Registry Agent.
* See [Snyk Broker Container Registry agent](../../snyk-broker-container-registry-agent/).
Every integration has a specific Broker token assigned to it. An integration to analyze Snyk Code vulnerabilities and connect to a Container Registry has the following:
diff --git a/platform-administration/implementation-and-setup/enterprise-setup/snyk-broker/high-availability-mode.md b/platform-administration/implementation-and-setup/enterprise-setup/snyk-broker/high-availability-mode.md
index 886811e909fa..8b8d32dc5017 100644
--- a/platform-administration/implementation-and-setup/enterprise-setup/snyk-broker/high-availability-mode.md
+++ b/platform-administration/implementation-and-setup/enterprise-setup/snyk-broker/high-availability-mode.md
@@ -1,16 +1,16 @@
# High availability mode
-High availability mode allows you to run several Broker clients that work independently to one another. The Snyk platform will spread the requests it makes evenly across the connections to ease the load on each client and provide redundancy. High availability mode also avoids downtime during Snyk server upgrade events.
+High availability mode lets you run several Broker clients that work independently of one another. The Snyk platform spreads the requests it makes evenly across the connections to ease the load on each client and provide redundancy. High availability mode also avoids downtime during Snyk server upgrade events.
Operation of multiple Broker clients in high availability
For high availability mode, use Docker Compose to run multiple replicas (see [Docker Compose example](universal-broker/running-your-universal-broker-client.md#docker-compose-example)) or by increasing the replica count in your Kubernetes deployment. Each container must have the exact same configuration parameters.
-A maximum of four Broker Clients can run concurrently in high availability mode. Running a fifth Broker Client will attempt to connect indefinitely.
+A maximum of four Broker Clients can run concurrently in high availability mode. A fifth Broker Client attempts to connect indefinitely.
## **Important notes about settings**
-The Dispatcher Base URL should be specific to your region if you are using a regional Snyk platform, for example, api.eu.snyk.io. See [Regional hosting and data residency](https://app.gitbook.com/s/ELvljsaLKPkSpffOkmsQ/regional-hosting-and-data-residency) for details.
+The Dispatcher Base URL must be specific to your region if you are using a regional Snyk platform, for example, api.eu.snyk.io. See [Regional hosting and data residency](https://app.gitbook.com/s/ELvljsaLKPkSpffOkmsQ/regional-hosting-and-data-residency) for details.
If you are using app.snyk.io, the following is not required. It is applicable only to regional Snyk platforms.
@@ -18,7 +18,7 @@ If you are using app.snyk.io, the following is not required. It is applicable on
BROKER_DISPATCHER_BASE_URL=https://api.snyk.io
```
-Outbound connection to api.snyk.io or the corresponding api hostname must be allowed. Otherwise, preflight checks will indicate failure upon Broker client startup.
+Outbound connection to api.snyk.io or the corresponding api hostname must be allowed. Otherwise, preflight checks indicate failure upon Broker client startup.
The `BROKER_CLIENT_URL` value must remain the same across all the Broker clients in the high availability set. The same `BROKER_TOKEN` must also be used.\
It is acceptable for this URL to resolve to a particular client.
diff --git a/platform-administration/implementation-and-setup/enterprise-setup/snyk-broker/preflight-checks-for-snyk-broker.md b/platform-administration/implementation-and-setup/enterprise-setup/snyk-broker/preflight-checks-for-snyk-broker.md
index 807984740618..594c5ba54e89 100644
--- a/platform-administration/implementation-and-setup/enterprise-setup/snyk-broker/preflight-checks-for-snyk-broker.md
+++ b/platform-administration/implementation-and-setup/enterprise-setup/snyk-broker/preflight-checks-for-snyk-broker.md
@@ -10,7 +10,7 @@ If it is not specified, BROKER\_SERVER\_URL is [https://broker.snyk.io](https://
## `rest-api-status`
-The REST API Healthcheck validates the connectivity to the Snyk REST API by performing a GET request to `{API_BASE_URL}/rest/openapi`. This check is conditional and will be executed only if high availability mode is enabled.
+The REST API Healthcheck validates the connectivity to the Snyk REST API by performing a GET request to `{API_BASE_URL}/rest/openapi`. This check is conditional and runs only if high availability mode is enabled.
If it is not specified, the `API_BASE_URL` is [https://api.snyk.io](https://api.snyk.io/). For additional URLs, see [Regional hosting and data residency](https://app.gitbook.com/s/ELvljsaLKPkSpffOkmsQ/regional-hosting-and-data-residency).
@@ -23,5 +23,5 @@ If you are using TLS termination and you do not require a certificate+key in the
There is no default.
{% hint style="info" %}
-You can use the environment variable PREFLIGHT\_CHECKS\_ENABLED=false to disable the Preflight Checks feature, so no checks will be executed when the Broker Client starts.
+You can use the environment variable PREFLIGHT\_CHECKS\_ENABLED=false to disable the Preflight Checks feature, so no checks run when the Broker Client starts.
{% endhint %}
diff --git a/platform-administration/implementation-and-setup/enterprise-setup/snyk-broker/snyk-broker-commit-signing.md b/platform-administration/implementation-and-setup/enterprise-setup/snyk-broker/snyk-broker-commit-signing.md
index 26a2a1456eb7..ddf3d18627ba 100644
--- a/platform-administration/implementation-and-setup/enterprise-setup/snyk-broker/snyk-broker-commit-signing.md
+++ b/platform-administration/implementation-and-setup/enterprise-setup/snyk-broker/snyk-broker-commit-signing.md
@@ -18,8 +18,8 @@ As of version v4.151.0, the Snyk Broker Client supports commit signing for GitHu
1. To use commit signing, provide the following environment variables for the Broker Client:
* `GPG_PRIVATE_KEY`: GPG private key exported as an ASCII armored version. Note that the value must start with `-----BEGIN PGP PRIVATE KEY BLOCK-----` and end with `-----END PGP PRIVATE KEY BLOCK-----`.
* `GPG_PASSPHRASE`: Passphrase of the GPG private key.
- * `GIT_COMMITTER_NAME`: will be used to set a committer name.
- * `GIT_COMMITTER_EMAIL`: will be used to set a committer email.
+ * `GIT_COMMITTER_NAME`: sets a committer name.
+ * `GIT_COMMITTER_EMAIL`: sets a committer email.
2. Enable **Broker Client Commit Signing** in the Broker settings.
## Troubleshooting commit signing
@@ -27,4 +27,4 @@ As of version v4.151.0, the Snyk Broker Client supports commit signing for GitHu
If commits are shown as `Unverified` in GitHub, you must do the following:
* Verify that the GPG public key is imported to the correct GitHub user and that the email address is the same in GitHub as in the environment variables.
-* To ensure that the commit signing feature has been activated for the Broker Client in the Snyk Organization, check the logs and verify that the following message appears when the Broker Client starts up: `loading commit signing rules (enabled=true, rulesCount=5)`
+* To ensure that the commit signing feature is activated for the Broker Client in the Snyk Organization, check the logs and verify that the following message appears when the Broker Client starts up: `loading commit signing rules (enabled=true, rulesCount=5)`
diff --git a/platform-administration/implementation-and-setup/enterprise-setup/snyk-broker/snyk-broker-container-registry-agent/README.md b/platform-administration/implementation-and-setup/enterprise-setup/snyk-broker/snyk-broker-container-registry-agent/README.md
index 136cec871ffd..251309e08046 100644
--- a/platform-administration/implementation-and-setup/enterprise-setup/snyk-broker/snyk-broker-container-registry-agent/README.md
+++ b/platform-administration/implementation-and-setup/enterprise-setup/snyk-broker/snyk-broker-container-registry-agent/README.md
@@ -6,9 +6,9 @@
Snyk Broker Container Registry Agent is available only with Enterprise plans. For more information, see [plans and pricing](https://snyk.io/plans/).
{% endhint %}
-The Snyk Broker Container Registry Agent enables you to connect with network-restricted container registries so you can scan these registries using the Snyk service.
+The Snyk Broker Container Registry Agent lets you connect with network-restricted container registries so you can scan these registries using the Snyk service.
-When you use the Container Registry Agent, Snyk can integrate with private container registries that you host, and help you to better secure container images in those registries. Integration with private container registries allows you to:
+When you use the Container Registry Agent, Snyk can integrate with private container registries that you host, and help you to better secure container images in those registries. Integration with private container registries lets you:
* Keep sensitive data such as your access tokens inside your private network, never sharing that information with Snyk.
* Provide controlled access to the network for Snyk, limiting Snyk access and the actions that Snyk can perform.
@@ -79,12 +79,12 @@ With the listed configuration of 1 vCPU and 2GB RAM, scanning capacity would be
### Configuring and running the Container Registry Agent
-Snyk recommends deploying the Container Registry Agent first as both Universal and Classic Broker requires configuration input from that deployment, namely the Container Registry Agent URL. You can pull the Container Registry Agent image from Docker Hub using the link provided in the [prerequisites](./#prerequisites-for-container-registry-agent).
+Snyk recommends deploying the Container Registry Agent first, as both Universal and Classic Broker require configuration input from that deployment, namely the Container Registry Agent URL. You can pull the Container Registry Agent image from Docker Hub using the link provided in the [prerequisites](./#prerequisites-for-container-registry-agent).
To configure the Container Registry Agent, the following environment variables are available:
* `SNYK_PORT` - the local port at which the Container Registry Agent accepts connections (default value: 17500).
-* `SNYK_MAX_IMAGE_SIZE_IN_BYTES` - the maximum size of an image that Snyk is able to scan (optional, default value: 2147483648).
+* `SNYK_MAX_IMAGE_SIZE_IN_BYTES` - the maximum size of an image that Snyk can scan (optional, default value: 2147483648).
Run the Container Registry Agent container with the relevant configuration:
@@ -161,7 +161,7 @@ The following container registries require specific environment variables, setup
### **GCR and Google Artifact Registry**
-All the preceding information applies to setting up the Broker Client for these container registries. The `CR_USERNAME` value is permanent and should be `_json_key`, and the `CR_PASSWORD` value should be the JSON key used to authenticate to Google.
+All the preceding information applies to setting up the Broker Client for these container registries. The `CR_USERNAME` value is permanent and must be `_json_key`, and the `CR_PASSWORD` value must be the JSON key used to authenticate to Google.
### **JFrog Container Registry (Artifactory)**
diff --git a/platform-administration/implementation-and-setup/enterprise-setup/snyk-broker/snyk-broker-container-registry-agent/setting-up-the-container-registry-agent-for-a-brokered-ecr-integration.md b/platform-administration/implementation-and-setup/enterprise-setup/snyk-broker/snyk-broker-container-registry-agent/setting-up-the-container-registry-agent-for-a-brokered-ecr-integration.md
index 4c0954def6b6..352905216478 100644
--- a/platform-administration/implementation-and-setup/enterprise-setup/snyk-broker/snyk-broker-container-registry-agent/setting-up-the-container-registry-agent-for-a-brokered-ecr-integration.md
+++ b/platform-administration/implementation-and-setup/enterprise-setup/snyk-broker/snyk-broker-container-registry-agent/setting-up-the-container-registry-agent-for-a-brokered-ecr-integration.md
@@ -6,7 +6,7 @@ In Elastic Container Registries the brokered communication is the same as in oth
The Container Registry Agent IAM Role or IAM User is an IAM Role or IAM User is used by the Container Registry Agent to assume a role with access to ECR.
-The Snyk ECR Service Role is an IAM Role with access to ECR and assumed by the Container Registry Agent IAM Role or IAM User to gain read-only access to ECR. The Snyk ECR Service Role ARN is provided to the Broker Client together with the region the ECR runs in, and is passed to the Container Registry Agent that will assume it.
+The Snyk ECR Service Role is an IAM Role with access to ECR and assumed by the Container Registry Agent IAM Role or IAM User to gain read-only access to ECR. The Snyk ECR Service Role ARN is provided to the Broker Client together with the region the ECR runs in, and is passed to the Container Registry Agent that assumes it.
If there are multiple ECRs in multiple accounts that need to communicate with the Container Registry Agent, you must set up a Broker Client for each ECR.
@@ -25,7 +25,7 @@ Follow these steps to set up a single Container Registry Agent instance with acc
## **Step 1: Run the Container Registry Agent with a IAM User or IAM Role**
-In this step, create an IAM Role or an IAM User for use by the Container Registry Agent. The IAM Role or IAM User could be provided to the Container Registry Agent via the methods described in the [AWS docs](https://docs.aws.amazon.com/sdk-for-javascript/v2/developer-guide/setting-credentials-node.html).
+In this step, create an IAM Role or an IAM User for use by the Container Registry Agent. The IAM Role or IAM User could be provided to the Container Registry Agent using the methods described in the [AWS docs](https://docs.aws.amazon.com/sdk-for-javascript/v2/developer-guide/setting-credentials-node.html).
The following examples explain how to provide the IAM Role or IAM User using one of the following methods. You can also provide a dedicated role in Amazon ECS tasks. For more information, see the [AWS docs](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/task-iam-roles.html).
@@ -51,7 +51,7 @@ The following examples explain how to provide the IAM Role or IAM User using one
1. In the newly created role page, in the **Permissions** tab, create an **Inline policy**.
2. In **Service** choose **STS**.
3. In **Actions** choose **Write** > **AssumeRole**.
-4. In **Resources** choose **All resources** (you will harden the resources in a later step).
+4. In **Resources** choose **All resources** (you harden the resources in a later step).
5. In the **JSON** tab verify that the policy contains the following:
```
@@ -90,7 +90,7 @@ When you are running the Container Registry Agent image on the EC2 machine, the
4. Select **Programmatic access** as the **Access type**.
5. Choose to go next with permission and tags.
6. Review and create the user.
-7. Once the user is created, save its credentials (Access Key ID and Secret Access Key) for later use.
+7. After the user is created, save its credentials (Access Key ID and Secret Access Key) for later use.
8. From the user's **Summary** page, copy the **User ARN** for later use.\
Example: `arn:aws:iam::aws-account:user` or `SnykCraUser`
@@ -98,8 +98,8 @@ When you are running the Container Registry Agent image on the EC2 machine, the
1. In the newly created user page, in the **Permissions** tab create an **Inline policy**.
2. In **Service** choose **STS**.
-3. In **Actions** choose **Write** >**AssumeRole**.
-4. In **Resources** choose **All resources** (you will harden the resources in a later step).
+3. In **Actions** choose **Write** > **AssumeRole**.
+4. In **Resources** choose **All resources** (you harden the resources in a later step).
5. In the **JSON** tab verify that the policy contains the following statement:
```
@@ -127,7 +127,7 @@ When you are running the Container Registry Agent image, the credentials could b
## Step 2: Create Snyk ECR Service Role and enable cross-account access to ECR
-In this step, you will create a Role in the account in which your ECR repositories reside. This Role will allow read-only access to your repositories and could be assumed by the Role created in the previous step.
+In this step, you create a Role in the account in which your ECR repositories reside. This Role allows read-only access to your repositories and could be assumed by the Role created in the previous step.
### **1. Create a read-only ECR policy to be used by the Snyk ECR Service Role**
@@ -209,7 +209,7 @@ This step hardens the usability of the Snyk ECR Service Role so that it can be a
* In **Statement.Principal.AWS** enter the IAM Role or IAM User created in the Step 1 .\
Example: `arn:aws:iam::aws-account:user` or `SnykCraEc2Role`\
OR `arn:aws:iam::aws-account:role` or `SnykCraUser`, respectively
- * In **Condition.StringEquals.sts:ExternalId** you may use an external ID of your choice, which will be used when the credentials object is provided to the Broker Client.
+ * In **Condition.StringEquals.sts:ExternalId** you can use an external ID of your choice, which is used when the credentials object is provided to the Broker Client.
* To support multiple external IDs, enter a list of IDs in a square brackets.\
Example: `sts:ExternalId: [ 11111111-1111-1111-1111-111111111111, 22222222-2222-2222-2222-222222222222 ]`
5. Update the trust policy.
@@ -253,7 +253,7 @@ If the Container Registry Agent needs to access multiple ECR registries found in
## **Step 4: Provide** Snyk ECR Service Role **ARN and external ID to the Broker Client**
-In this step, the Role ARN of the SnykEcrServiceRole \_\*\*\_will be used by providing it to the Broker Client. The broker client will pass it to the Container Registry Agent, which will assume it to connect to ECR.
+In this step, you use the Role ARN of the SnykEcrServiceRole \_\*\*\_by providing it to the Broker Client. The Broker Client passes it to the Container Registry Agent, which assumes it to connect to ECR.
1. Copy the **Role ARN** key that appears at the top of the **Summary** section of the[ SnykEcrServiceRole](https://console.aws.amazon.com/iam/home?#/roles/SnykEcrServiceRole).
2. When running the Broker Client, provide the following environment variables to allow the Container Registry Agent to access your ECR account. No username and password are needed.
diff --git a/platform-administration/implementation-and-setup/enterprise-setup/snyk-broker/troubleshooting-broker.md b/platform-administration/implementation-and-setup/enterprise-setup/snyk-broker/troubleshooting-broker.md
index 8893e783c9c6..651c5259996b 100644
--- a/platform-administration/implementation-and-setup/enterprise-setup/snyk-broker/troubleshooting-broker.md
+++ b/platform-administration/implementation-and-setup/enterprise-setup/snyk-broker/troubleshooting-broker.md
@@ -25,7 +25,7 @@ By default, the log level of the Broker is set to INFO. All SCM responses, regar
To keep the logs concise in normal operation, Snyk produces minimal information on the INFO level, tracking the requests coming from Snyk into the client as well as the downstream request made to the targeted system, Github, Gitlab, JIRA, and so on, and logging the url hit and the response code received.\\
-When you set `LOG_INFO_VERBOSE="true"`, the environment variable will add the headers in these log lines without requiring that you use debug.
+When you set `LOG_INFO_VERBOSE="true"`, the environment variable adds the headers in these log lines without requiring that you use debug.
{% hint style="warning" %}
If you override the default logging, some logs may be provided by other processes such as API requests, and may list credentials. Before you send any Broker logs with increased logging enabled, check for any passwords or tokens and redact them in bulk.
@@ -49,7 +49,7 @@ ENV BROKER_HEALTHCHECK_PATH /path/to/healthcheck
The Broker Client exposes an endpoint at `/systemcheck`, which can be used to validate the connectivity and credentials of the brokered service, Git or another SCM, or the brokered container registry . This endpoint causes the Broker Client to make a request to a preconfigured URL and report on the success of the request. The supported configuration is:
-* `BROKER_CLIENT_VALIDATION_URL` - the URL to which the request will be made.
+* `BROKER_CLIENT_VALIDATION_URL` - the URL to which the request is made.
* `BROKER_CLIENT_VALIDATION_AUTHORIZATION_HEADER` - \[optional] the `Authorization` header value of the request. Mutually exclusive with `BROKER_CLIENT_VALIDATION_BASIC_AUTH`.
* `BROKER_CLIENT_VALIDATION_BASIC_AUTH` - \[optional] the basic auth credentials (`username:password`) to be base64 encoded and placed in the `Authorization` header value of the request. Mutually exclusive with `BROKER_CLIENT_VALIDATION_AUTHORIZATION_HEADER`.
* `BROKER_CLIENT_VALIDATION_METHOD` - \[optional] the HTTP method of the request (default is `GET`).
@@ -83,7 +83,7 @@ If after running the Broker there is still an error connecting to the on-premise
### Common problems with Standalone Broker
-* If there is no log after performing the preceding steps, ensure that the customer has the correct Broker token. If so, ensure that the websocket has been established. Some firewalls will block this
+* If there is no log after performing the preceding steps, ensure that the customer has the correct Broker token. If so, ensure that the websocket is established. Some firewalls block this
* Review the HTTP code in the request to the on-premise Git.
* 404 - Not found - Ensure correct information in the Docker run command.
* 401/403 - Check credentials.
diff --git a/platform-administration/implementation-and-setup/enterprise-setup/snyk-broker/universal-broker/broker-client-url.md b/platform-administration/implementation-and-setup/enterprise-setup/snyk-broker/universal-broker/broker-client-url.md
index 3059ad64b18c..69d1c86bbfbe 100644
--- a/platform-administration/implementation-and-setup/enterprise-setup/snyk-broker/universal-broker/broker-client-url.md
+++ b/platform-administration/implementation-and-setup/enterprise-setup/snyk-broker/universal-broker/broker-client-url.md
@@ -1,16 +1,16 @@
# Broker client URL
-A webhook from an SCM to Snyk allows the SCM integration to communicate with Snyk. When code is updated, whether the update is to an open-source manifest file or to code files, and the developer creates a pull request, the SCM notifies Snyk through the webhook.
+A webhook from an SCM to Snyk lets the SCM integration communicate with Snyk. When code is updated, whether the update is to an open-source manifest file or to code files, and the developer creates a pull request, the SCM notifies Snyk through the webhook.
-The webhook can be set to reach out to Snyk directly to indicate that files have changed, and Snyk will request the files through Broker. The SCM then sends those files to Snyk, and Snyk scans for code, security, and license issues based on your integrations and the products you have, and returns a pass/fail determination for the SCM check.
+The webhook can be set to reach out to Snyk directly to indicate that files have changed, and Snyk requests the files through Broker. The SCM then sends those files to Snyk, and Snyk scans for code, security, and license issues based on your integrations and the products you have, and returns a pass/fail determination for the SCM check.
Sometimes the webhook cannot communicate directly with Snyk because the infrastructure prevents the repository from reaching outside of the private cloud or data center. Then the Broker facilitates the communication, sending notification of changes to the code, sending the request for files to the SCM, and conveying the files to Snyk, which returns the results of the scan. You can then continue work: review the status, ask for more information, see the issues in the PR if you are using the inline comments capability, and view the details in the Snyk portal.
The same webhook mechanism is used to facilitate communication when Snyk creates a pull request, for example, when you see an issue in the Snyk interface and use the button to fix the vulnerability.
-When you set up a connection, the webhook target endpoint is defined by the value of the `broker_client_url` value. The webhook can point directly to Snyk or to the Broker client container, which will relay the webhook to Snyk.
+When you set up a connection, the webhook target endpoint is defined by the value of the `broker_client_url` value. The webhook can point directly to Snyk or to the Broker client container, which relays the webhook to Snyk.
-By default, SCM integrations use the regional Snyk API endpoint. For the list of URLs, see [Broker client URLs](https://app.gitbook.com/s/ELvljsaLKPkSpffOkmsQ/regional-hosting-and-data-residency#broker-client-urls). Sometimes, however, your environment may prohibit SCM webhooks from leaving the private cloud or data center. In that case, the webhook and thus the SCM must point to the Snyk Broker container running in your environment. In these cases, the`broker_client_url` has to reflect the hostname and port of the Broker client.
+By default, SCM integrations use the regional Snyk API endpoint. For the list of URLs, see [Broker client URLs](https://app.gitbook.com/s/ELvljsaLKPkSpffOkmsQ/regional-hosting-and-data-residency#broker-client-urls). Sometimes, however, your environment might prohibit SCM webhooks from leaving the private cloud or data center. In that case, the webhook and thus the SCM must point to the Snyk Broker container running in your environment. In these cases, the`broker_client_url` has to reflect the hostname and port of the Broker client.
Non-SCM integrations, notably the container registries integrations, require the Broker client URL to be the Broker client address. Snyk recommends using a DNS host name, such as `http://my.broker.client`, but you can also use IP addresses (`http://192.168.0.1`). Ensure to append the port, for example, `http://my.broker.client:8000`.
diff --git a/platform-administration/implementation-and-setup/enterprise-setup/snyk-broker/universal-broker/disconnect-and-clean-up.md b/platform-administration/implementation-and-setup/enterprise-setup/snyk-broker/universal-broker/disconnect-and-clean-up.md
index 7a190306bccf..14f8879d6357 100644
--- a/platform-administration/implementation-and-setup/enterprise-setup/snyk-broker/universal-broker/disconnect-and-clean-up.md
+++ b/platform-administration/implementation-and-setup/enterprise-setup/snyk-broker/universal-broker/disconnect-and-clean-up.md
@@ -1,17 +1,17 @@
# Disconnect and clean up
-The `snyk-broker-config workflows delete` command allows you to remove resources.
+The `snyk-broker-config workflows delete` command lets you remove resources.
Protections are in place to prevent invalid connection states, so you cannot delete connections that are integrated, and therefore relied upon, by Organizations. You must disconnect the integration before deleting the connection.
The `snyk-broker-config workflows connections delete` command walks you through the disconnection steps.
-For all resources, you must delete the child items before you can delete a parent, as illustrated in the diagram that follows. A deployment contains connections and credentials references. Connections use credentials references. Each connection may have an integration with one or more Organizations.
+For all resources, you must delete the child items before you can delete a parent, as illustrated in the diagram that follows. A deployment contains connections and credentials references. Connections use credentials references. Each connection can have an integration with one or more Organizations.
The `snyk-broker-config introduction` command walk you through this flow and indicates what needs to be done to achieve successful deletion. These commands implement and enforce the following rules:
* Before you delete a connection, you must disconnect all integrations.
-* Before you delete a credentials reference, you must delete the connection(s) using it.
+* Before you delete a credentials reference, you must delete the connections using it.
* Before you delete a deployment, you must delete all connections and credentials references.
Universal Broker resource data model illustrating child items to delete before parent items
diff --git a/platform-administration/implementation-and-setup/enterprise-setup/snyk-broker/universal-broker/prerequisites-for-universal-broker.md b/platform-administration/implementation-and-setup/enterprise-setup/snyk-broker/universal-broker/prerequisites-for-universal-broker.md
index c1e6576cbe57..9e022a1ef6be 100644
--- a/platform-administration/implementation-and-setup/enterprise-setup/snyk-broker/universal-broker/prerequisites-for-universal-broker.md
+++ b/platform-administration/implementation-and-setup/enterprise-setup/snyk-broker/universal-broker/prerequisites-for-universal-broker.md
@@ -9,11 +9,11 @@ Using the snyk-broker-config CLI tool is supported on Windows.
Before installing the Universal Broker `snyk-broker-config` CLI tool, be sure you have met the following prerequisites. If you need help, contact your Snyk account team.
* Minimum client machine system requirements: 1 CPU and 512 MB RAM.\
- Note: If you're performing a high-load import, we would recommend more RAM be allocated. This could be decreased after traffic is lowered.
+ Note: If you're performing a high-load import, Snyk recommends allocating more RAM. You can decrease this after traffic is lowered.
* Network access that is allowed by any firewalls installed on your network: an outbound TLS (443) to `https://broker.snyk.io` AND `https://api.snyk.io` or your [regional Broker URL](https://app.gitbook.com/s/ELvljsaLKPkSpffOkmsQ/regional-hosting-and-data-residency#broker-server-urls).
* A Snyk account and your personal Snyk API token; you cannot use a service account.
* Snyk Tenant admin permissions. If you are not a Tenant admin, you can reach out to your team's Tenant admin [to add you](../../../../snyk-platform-administration/groups-and-organizations/tenant/manage-users-in-a-tenant.md). Otherwise, reach out to your support team member or [raise a support case](https://support.snyk.io/s/).
-* A new/dedicated Snyk Organization. This will be used to administrate your Broker configurations, and a dedicated Organization will help prevent accidental removal. See [Create an Organization](../../../../snyk-platform-administration/groups-and-organizations/organizations/create-and-delete-organizations.md#create-an-organization) for details.
+* A new/dedicated Snyk Organization. Snyk uses this to administrate your Broker configurations, and a dedicated Organization helps prevent accidental removal. See [Create an Organization](../../../../snyk-platform-administration/groups-and-organizations/organizations/create-and-delete-organizations.md#create-an-organization) for details.
* An SCM token or password. Snyk Broker does not support authentication with the mTLS method.
* Node 20 or higher installed.
* Docker Compose or Kubernetes installed and configured to pull images from Docker Hub.
@@ -30,10 +30,10 @@ Windows
* `set SNYK_TOKEN=`
* `set TENANT_ID=`
-When running the Broker container, you may need to override the Broker server URL to the region where your data is hosted if you are using a region other than SNYK US-01. For the commands and URLs to use, see [Broker URLs](https://app.gitbook.com/s/ELvljsaLKPkSpffOkmsQ/regional-hosting-and-data-residency#broker-server-urls).\
+When running the Broker container, you might need to override the Broker server URL to the region where your data is hosted if you are using a region other than SNYK US-01. For the commands and URLs to use, see [Broker URLs](https://app.gitbook.com/s/ELvljsaLKPkSpffOkmsQ/regional-hosting-and-data-residency#broker-server-urls).\
Example: `-e BROKER_SERVER_URL=https://broker.eu.snyk.io`.
-If you are using a different region than SNYK US-01 you should also export the relevant `SNYK_API_HOSTNAME` value into your terminal's environment variables after you install the `snyk-broker-config` CLI tool and before you create your first connection:
+If you are using a different region than SNYK US-01, also export the relevant `SNYK_API_HOSTNAME` value into your terminal's environment variables after you install the `snyk-broker-config` CLI tool and before you create your first connection:
* `export SNYK_API_HOSTNAME=https://api.REGION.snyk.io` (Linux/Mac)
* `set SNYK_API_HOSTNAME=https://api.REGION.snyk.io` (Windows)
diff --git a/platform-administration/implementation-and-setup/enterprise-setup/snyk-broker/universal-broker/restart-your-broker-for-a-new-environment-variable.md b/platform-administration/implementation-and-setup/enterprise-setup/snyk-broker/universal-broker/restart-your-broker-for-a-new-environment-variable.md
index 13a0ee240a1a..b86743696de9 100644
--- a/platform-administration/implementation-and-setup/enterprise-setup/snyk-broker/universal-broker/restart-your-broker-for-a-new-environment-variable.md
+++ b/platform-administration/implementation-and-setup/enterprise-setup/snyk-broker/universal-broker/restart-your-broker-for-a-new-environment-variable.md
@@ -16,10 +16,10 @@ docker run --restart=always \
snyk/broker:universal
```
-At this point, the Broker will display a message like the following:
+At this point, the Broker displays a message like the following:
```
{"name":"my github connection","hostname":"ae7d64e0edac","pid":1,"level":30,"id":"12345678-1234-1234-1234-123456789012","msg":"Connection (my github connection) not in use by any orgs. Will check periodically and create connection when in use.","time":"2024-06-18T20:21:24.382Z","v":0}
```
-In Kubernetes deployments with hot-loaded secrets, when you edit a secret, typically using a vault system or something similar, the values in the secrets are automatically updated into the mounted secret file. This allows the Broker to trigger a reloading while running, hot-loading the new value without needing to restart the container.
+In Kubernetes deployments with hot-loaded secrets, when you edit a secret, typically using a vault system or something similar, the values in the secrets are automatically updated into the mounted secret file. This lets the Broker trigger a reloading while running, hot-loading the new value without needing to restart the container.
diff --git a/platform-administration/implementation-and-setup/enterprise-setup/snyk-broker/universal-broker/running-your-universal-broker-client.md b/platform-administration/implementation-and-setup/enterprise-setup/snyk-broker/universal-broker/running-your-universal-broker-client.md
index e09bb4b3a942..9d080286f5ee 100644
--- a/platform-administration/implementation-and-setup/enterprise-setup/snyk-broker/universal-broker/running-your-universal-broker-client.md
+++ b/platform-administration/implementation-and-setup/enterprise-setup/snyk-broker/universal-broker/running-your-universal-broker-client.md
@@ -5,12 +5,12 @@ Ensure you have all of the [prerequisites](prerequisites-for-universal-broker.md
* The DEPLOYMENT\_ID, CLIENT\_ID, CLIENT\_SECRET for your Broker Deployment
* A credential reference associated with your deployment
-* Valid integration credentials required by your connections such as MY\_GITHUB\_TOKEN If references are missing, the connection will not be established, and an error entry will be logged in the Broker client logs.
+* Valid integration credentials required by your connections such as MY\_GITHUB\_TOKEN If references are missing, the connection is not established, and Snyk logs an error entry in the Broker client logs.
{% endhint %}
Run your Broker deployment on your container engine ([Docker Compose](running-your-universal-broker-client.md#docker-compose-example) or [Kubernetes cluster](running-your-universal-broker-client.md#helm)).
-If you are not using `app.snyk.io` (for example, if you log into https://app.eu.snyk.io), you will need to target the Broker server for your region by using the following in your Docker run command `-e BROKER_SERVER_URL=https://broker.region.snyk.io \` . For details, visit [Broker URLs](https://app.gitbook.com/s/ELvljsaLKPkSpffOkmsQ/regional-hosting-and-data-residency#broker-server-urls).
+If you are not using `app.snyk.io` (for example, if you log into https://app.eu.snyk.io), you must target the Broker server for your region by using the following in your Docker run command `-e BROKER_SERVER_URL=https://broker.region.snyk.io \` . For details, visit [Broker URLs](https://app.gitbook.com/s/ELvljsaLKPkSpffOkmsQ/regional-hosting-and-data-residency#broker-server-urls).
## Docker Compose example
diff --git a/platform-administration/implementation-and-setup/enterprise-setup/snyk-broker/universal-broker/setting-up-and-integrating-your-universal-broker-connections.md b/platform-administration/implementation-and-setup/enterprise-setup/snyk-broker/universal-broker/setting-up-and-integrating-your-universal-broker-connections.md
index 650fb93a97de..fac963a9f96d 100644
--- a/platform-administration/implementation-and-setup/enterprise-setup/snyk-broker/universal-broker/setting-up-and-integrating-your-universal-broker-connections.md
+++ b/platform-administration/implementation-and-setup/enterprise-setup/snyk-broker/universal-broker/setting-up-and-integrating-your-universal-broker-connections.md
@@ -12,7 +12,7 @@ After you have installed the `snyk-broker-config` CLI tool:
* Run `snyk-broker-config workflows connections create`.
* Create a deployment if none exists, or select a deployment if more than one exists.\
- A single deployment setup will be selected automatically.
+ Snyk selects a single deployment setup automatically.
If you want to create a new deployment:
@@ -30,7 +30,7 @@ When you see the messages `Connection created` and `Ready to configure integrati
Note that you can start the Broker client before the connection is integrated with any Organization. The Organization integration steps can be done in parallel with the Broker client container running.
-If you are adding a connection to a running Broker deployment, the Broker client might take up to two minutes to pick up the new connection.
+If you are adding a connection to a running Broker deployment, the Broker client can take up to two minutes to pick up the new connection.
{% hint style="info" %}
You can learn more about importing a code repository from an SCM into Snyk and creating connections, and more, with the [Universal Broker Snyk Learn ](https://learn.snyk.io/lesson/universal-broker/#3f799f7f-58a9-4225-53fb-9cc5b6913920)course.
diff --git a/platform-administration/implementation-and-setup/enterprise-setup/snyk-broker/universal-broker/upgrade-an-organization-integration-from-classic-broker-to-universal-broker.md b/platform-administration/implementation-and-setup/enterprise-setup/snyk-broker/universal-broker/upgrade-an-organization-integration-from-classic-broker-to-universal-broker.md
index 5b72bce6e373..b9a553e4fbb0 100644
--- a/platform-administration/implementation-and-setup/enterprise-setup/snyk-broker/universal-broker/upgrade-an-organization-integration-from-classic-broker-to-universal-broker.md
+++ b/platform-administration/implementation-and-setup/enterprise-setup/snyk-broker/universal-broker/upgrade-an-organization-integration-from-classic-broker-to-universal-broker.md
@@ -29,7 +29,7 @@ If you run into issues, you can roll back to the Classic Broker client as long a
## Migrate multiple Organizations
-The bulk migration workflow allows you to migrate multiple Organizations at the same time. To do this:
+The bulk migration workflow lets you migrate multiple Organizations at the same time. To do this:
1. Create a test connection and integrate it. See steps 1-3 from [Migrating a single Organization](upgrade-an-organization-integration-from-classic-broker-to-universal-broker.md#migrating-a-single-organization).
2. Run `snyk-broker-config workflows bulk-migration list` to see a list of all the Organizations that can be migrated.
diff --git a/platform-administration/implementation-and-setup/enterprise-setup/snyk-broker/universal-broker/using-the-api-to-set-up-universal-broker/universal-broker-workflow-diagrams.md b/platform-administration/implementation-and-setup/enterprise-setup/snyk-broker/universal-broker/using-the-api-to-set-up-universal-broker/universal-broker-workflow-diagrams.md
index ea66bac0c9c2..6d5da73940a6 100644
--- a/platform-administration/implementation-and-setup/enterprise-setup/snyk-broker/universal-broker/using-the-api-to-set-up-universal-broker/universal-broker-workflow-diagrams.md
+++ b/platform-administration/implementation-and-setup/enterprise-setup/snyk-broker/universal-broker/using-the-api-to-set-up-universal-broker/universal-broker-workflow-diagrams.md
@@ -18,4 +18,4 @@ You start the workflow and select a deployment. You create a new connection for
You start the workflow and select a deployment. You select an existing connection to integrate with an Organization and enter the Org ID for that Organization. The connection is then integrated with the Organization by Org ID. The connection is ready.
-
Integrate a connection with an Organizaton
+
Integrate a connection with an Organization
diff --git a/platform-administration/implementation-and-setup/enterprise-setup/snyk-broker/update-the-snyk-broker-client.md b/platform-administration/implementation-and-setup/enterprise-setup/snyk-broker/update-the-snyk-broker-client.md
index 921f335cbd4b..86f25abe9849 100644
--- a/platform-administration/implementation-and-setup/enterprise-setup/snyk-broker/update-the-snyk-broker-client.md
+++ b/platform-administration/implementation-and-setup/enterprise-setup/snyk-broker/update-the-snyk-broker-client.md
@@ -1,10 +1,10 @@
# Update the Snyk Broker client
-Snyk regularly releases updated versions of the Broker client in order to provide new features, bug fixes, and more. Snyk recommends that you install the updated version of your Broker client regularly to take advantage of bug fixes and new features.
+Snyk regularly releases updated versions of the Broker client to provide new features, bug fixes, and more. Snyk recommends that you install the updated version of your Broker client regularly to take advantage of bug fixes and new features.
The full list of versions with release notes is available on [Snyk Broker GitHub](https://github.com/snyk/broker/releases). Snyk encourages you to [subscribe to the RSS feed](https://github.com/snyk/broker/releases.atom) for that page to receive information about versions as they are released. The Docker images are released more slowly than the GitHub releases. The `docker pull` command always pulls the most recent image.
-Update the Broker client in the same way you installed it initially. Stopping and starting your Broker by itself will not update the version of Broker client that is used
+Update the Broker client in the same way you installed it initially. Stopping and starting your Broker by itself does not update the version of Broker client that is used.
## Updating using the Docker method
@@ -12,6 +12,6 @@ Run `docker pull snyk/broker:` to pull the latest version of t
## Updating using the Helm method
-The specifics will be determined by how you initially installed and ran your Snyk Broker, but running a Helm upgrade\` instead of Helm install\` with the same arguments will pull the latest chart, unless you target a specific chart version. Ensure that you still supply the correct values for your Broker, either by using the `--set :` commands, or by using a YAML file.
+The specifics depend on how you initially installed and ran your Snyk Broker, but running a Helm upgrade\` instead of Helm install\` with the same arguments pulls the latest chart, unless you target a specific chart version. Ensure that you still supply the correct values for your Broker, either by using the `--set :` commands, or by using a YAML file.
-The Helm Chart targets the latest version of the applicable Broker client and has `imagePullPolicy: Always`, so upgrading to the latest chart will reinitialize the pod and pull the latest version of the client.
+The Helm Chart targets the latest version of the applicable Broker client and has `imagePullPolicy: Always`, so upgrading to the latest chart reinitializes the pod and pulls the latest version of the client.
diff --git a/platform-administration/implementation-and-setup/enterprise-setup/snyk-broker/verifying-broker-image-signatures.md b/platform-administration/implementation-and-setup/enterprise-setup/snyk-broker/verifying-broker-image-signatures.md
index 0df5973c896c..df7187a98866 100644
--- a/platform-administration/implementation-and-setup/enterprise-setup/snyk-broker/verifying-broker-image-signatures.md
+++ b/platform-administration/implementation-and-setup/enterprise-setup/snyk-broker/verifying-broker-image-signatures.md
@@ -2,9 +2,9 @@
Beginning with version 4.169.1, all Broker container images are signed using Cosign.
-Cosign is the tool for signing and verifying containers. Cosign Includes storage in an Open Container Initiative (OCI) registry.
+Cosign is the tool for signing and verifying containers. Cosign includes storage in an Open Container Initiative (OCI) registry.
-Cosign is designed to enhance the security of container images by providing a simple and efficient way to sign and verify them. It leverages the concept of digital signatures, with which you sign the container image with your private key, and the recipient can verify your signature using the corresponding public key.
+Cosign is designed to enhance the security of container images by providing a simple and efficient way to sign and verify them. It uses the concept of digital signatures, with which you sign the container image with your private key, and the recipient can verify your signature using the corresponding public key.
## Prerequisite for verifying Broker image signatures
@@ -14,7 +14,7 @@ You must [install Cosign](https://docs.sigstore.dev/system_config/installation/)
To verify the signed image, you must use the built-in `cosign verify` command.
-It is not necessary to pull the Broker container image to perform the verification step
+It is not necessary to pull the Broker container image to perform the verification step.
```
$ cosign verify --key cosign.pub snyk/broker:4.169.1-github-com
diff --git a/platform-administration/snyk-platform-administration/groups-and-organizations/README.md b/platform-administration/snyk-platform-administration/groups-and-organizations/README.md
index 6a7af4f79f97..3dac849125d2 100644
--- a/platform-administration/snyk-platform-administration/groups-and-organizations/README.md
+++ b/platform-administration/snyk-platform-administration/groups-and-organizations/README.md
@@ -2,13 +2,13 @@
## The Snyk hierarchy
-Snyk has a hierarchy that allows you to control access to Snyk scanning and features.
+Snyk has a hierarchy that lets you control access to Snyk scanning and features.
The Snyk hierarchy for Enterprise plans
-* **Account:** Users must log in to their Snyk account to scan and view or modify any settings and scan
+* **Account:** Users must log in to their Snyk account to scan and view or modify any settings and scan.
* [**Tenants**](tenant/): A Tenant encompasses the entire Snyk workspace of your company, team, and individual users. You have one Tenant that encompasses all your Snyk work items: Groups, Organizations, Targets, Projects, and all their adjacent entities, for example, Snyk features, Tags, Collections, and so on.
-* [**Groups**](groups/): A Group encompasses your entire base of Snyk users. You have at least one Snyk Group. Large companies may have multiple Groups with multiple Organizations.
+* [**Groups**](groups/): A Group encompasses your entire base of Snyk users. You have at least one Snyk Group. Large companies can have multiple Groups with multiple Organizations.
* [**Organizations**](organizations/): An Organization represents a specific area, such as a team, in your business. Organizations can contain multiple Projects.
* [**Targets**:](https://app.gitbook.com/s/L7HyJj9FsK1W4pNt8Gzl/glossary#target) A Target represents the external resource that Snyk scans, like a repository. One Target can relate to multiple Projects. For example, a Target `https://github.com/examplesnyk/example` contains the Projects `package.json` and `Dockerfile.`
* [**Projects**](https://app.gitbook.com/s/BJO0IZx7zB6bOkotxQP2/scan-with-snyk/snyk-projects)**:** A Project is established based on the item that Snyk scans for issues, such as a manifest file. Each Project shows the results of scans. You can configure your Projects to define how to scan for issues in that Project.
diff --git a/platform-administration/snyk-platform-administration/groups-and-organizations/group-and-organization-settings.md b/platform-administration/snyk-platform-administration/groups-and-organizations/group-and-organization-settings.md
index c1d5704bb159..75814e10a8e3 100644
--- a/platform-administration/snyk-platform-administration/groups-and-organizations/group-and-organization-settings.md
+++ b/platform-administration/snyk-platform-administration/groups-and-organizations/group-and-organization-settings.md
@@ -24,7 +24,7 @@ At the Organization level, select **Settings** to manage Organization settings a
* **Integrations**: Set up integrations and see a list of those configured for your Organization; click the name of the configured integration to see the details. See [Integrate with Snyk](https://app.gitbook.com/s/IEEjSXQQu36y0vmFV8zf/integrations/integrate-with-snyk) for information about available Snyk integrations.
* **Snyk Open Source**: Enable Reachable vulnerabilities analysis and edit language settings; see [Snyk Open Source - supported languages and package managers](https://app.gitbook.com/s/L7HyJj9FsK1W4pNt8Gzl/supported-languages/supported-languages-package-managers-and-frameworks) for details.
* **Snyk Code**: Enable Snyk Code; see the [Snyk Code](https://app.gitbook.com/s/BJO0IZx7zB6bOkotxQP2/scan-with-snyk/snyk-code) documentation for details.
-* **Snyk IaC:** Enable Snyk Iac, detecting configuration files, and rules. Select severity levels for configurations scanned. See the [IaC ](https://app.gitbook.com/s/BJO0IZx7zB6bOkotxQP2/scan-with-snyk/snyk-iac/scan-your-iac-source-code)documentation for details.
+* **Snyk IaC:** Enable Snyk IaC, detecting configuration files, and rules. Select severity levels for configurations scanned. See the [IaC ](https://app.gitbook.com/s/BJO0IZx7zB6bOkotxQP2/scan-with-snyk/snyk-iac/scan-your-iac-source-code)documentation for details.
* **Usage**: See the [Usage settings](usage-settings.md) page for details.
* **Notifications**: See the [Manage notifications](../manage-notifications.md) page for details.
* **Snyk Preview**: See the [Snyk Preview page](../snyk-preview.md) for details.
diff --git a/platform-administration/snyk-platform-administration/groups-and-organizations/groups/README.md b/platform-administration/snyk-platform-administration/groups-and-organizations/groups/README.md
index 865927fea936..b915385d7cc8 100644
--- a/platform-administration/snyk-platform-administration/groups-and-organizations/groups/README.md
+++ b/platform-administration/snyk-platform-administration/groups-and-organizations/groups/README.md
@@ -40,7 +40,7 @@ You can [view dependencies](https://app.gitbook.com/s/BJO0IZx7zB6bOkotxQP2/preve
### Group Policies
-With Policies, you can easily automate the process of adding business context and receiving notifications.
+With Policies, you can automate the process of adding business context and receiving notifications.
After a policy is created, it is run in a maximum of 3 hours after creation, then once every 3 hours.
diff --git a/platform-administration/snyk-platform-administration/groups-and-organizations/groups/configure-session-length-for-a-snyk-group.md b/platform-administration/snyk-platform-administration/groups-and-organizations/groups/configure-session-length-for-a-snyk-group.md
index 31e542d89794..18ec3dd0c0ee 100644
--- a/platform-administration/snyk-platform-administration/groups-and-organizations/groups/configure-session-length-for-a-snyk-group.md
+++ b/platform-administration/snyk-platform-administration/groups-and-organizations/groups/configure-session-length-for-a-snyk-group.md
@@ -2,7 +2,7 @@
By default, inactive logged-in users are automatically logged out after 24 hours to protect any account from being exposed inadvertently through user inactivity.
-Group admins can change the default session length to any value from five minutes to 30 days.
+Group admins can change the default session length to any value from 5 minutes to 30 days.
{% hint style="info" %}
Users who belong to multiple Groups are always logged out automatically after the shortest time configured for any of those Groups.
diff --git a/platform-administration/snyk-platform-administration/groups-and-organizations/groups/group-general-settings.md b/platform-administration/snyk-platform-administration/groups-and-organizations/groups/group-general-settings.md
index c2375b34536e..30f2a0f7bddd 100644
--- a/platform-administration/snyk-platform-administration/groups-and-organizations/groups/group-general-settings.md
+++ b/platform-administration/snyk-platform-administration/groups-and-organizations/groups/group-general-settings.md
@@ -6,12 +6,12 @@ To view and modify settings for your Group, navigate to **Settings** > **General
In the Group general settings, you can view and modify the following:
-* **Group name**: View or modify the name of the group as displayed in the Snyk Web UI.
-* **Group ID**: View and copy the unique ID for this Group. You will need this ID when using the [Snyk API](https://app.gitbook.com/s/IEEjSXQQu36y0vmFV8zf/snyk-api/snyk-api).
+* **Group name**: View or modify the name of the Group as displayed in the Snyk Web UI.
+* **Group ID**: View and copy the unique ID for this Group. You need this ID when using the [Snyk API](https://app.gitbook.com/s/IEEjSXQQu36y0vmFV8zf/snyk-api/snyk-api).
* **Session expiration**: By default, users are logged out of Snyk after 24 hours of inactivity. You can change the session expiration time for your Group. For details, see [Configure session length for a Snyk Group](configure-session-length-for-a-snyk-group.md) in the user management documentation.
* **Requesting access**: Enable to allow users without access to a Snyk Organization to request access.
* This is possible only for users who have registered with Snyk and are trying to reach the URL of a specific Project in the Organization, such as from a pull request.
* This restriction reduces the risk of someone guessing the URL of your Organization.
* The value set is used as the default for any new Organizations but does not override the **Requesting access** setting for existing Snyk Organizations.
* For more details, see [Enable the Request Access setting](../organizations/requests-for-access-to-an-organization.md#enable-the-request-access-setting) in the documentation of requests for access to an Organization.
-* **Project test frequency**: Set the default test frequency for any new Projects created in this Group. Note that Changing the **Project test frequency** setting will not affect the default test frequency of [Snyk Infrastructure as Code](https://app.gitbook.com/s/BJO0IZx7zB6bOkotxQP2/scan-with-snyk/snyk-iac/scan-your-iac-source-code) or [Snyk Code](https://app.gitbook.com/s/BJO0IZx7zB6bOkotxQP2/scan-with-snyk/snyk-code) Projects. The default for both of these is weekly.
+* **Project test frequency**: Set the default test frequency for any new Projects created in this Group. Note that changing the **Project test frequency** setting does not affect the default test frequency of [Snyk Infrastructure as Code](https://app.gitbook.com/s/BJO0IZx7zB6bOkotxQP2/scan-with-snyk/snyk-iac/scan-your-iac-source-code) or [Snyk Code](https://app.gitbook.com/s/BJO0IZx7zB6bOkotxQP2/scan-with-snyk/snyk-code) Projects. The default for both of these is weekly.
diff --git a/platform-administration/snyk-platform-administration/groups-and-organizations/groups/manage-users-in-a-group.md b/platform-administration/snyk-platform-administration/groups-and-organizations/groups/manage-users-in-a-group.md
index 587f5c992e40..a87404a3e400 100644
--- a/platform-administration/snyk-platform-administration/groups-and-organizations/groups/manage-users-in-a-group.md
+++ b/platform-administration/snyk-platform-administration/groups-and-organizations/groups/manage-users-in-a-group.md
@@ -42,7 +42,7 @@ A Group Member can have different roles in different Organizations. You can filt
Group member details
-Users with the Group Admin role have access to all Organizations in that Group, with the same access level as the Organization Admin role in these Organizations. You cannot change the role of a Group admin in a specific Organization, or delete a Group admin from one or more Organizations. However, you can remove a Group Admin from the Group using the **Remove from group** option
+Users with the Group Admin role have access to all Organizations in that Group, with the same access level as the Organization Admin role in these Organizations. You cannot change the role of a Group admin in a specific Organization, or delete a Group admin from one or more Organizations. However, you can remove a Group Admin from the Group using the **Remove from group** option.
## Promote a Group Member to a Group Admin
diff --git a/platform-administration/snyk-platform-administration/groups-and-organizations/organizations/README.md b/platform-administration/snyk-platform-administration/groups-and-organizations/organizations/README.md
index ab2c86c5df58..959e333711f3 100644
--- a/platform-administration/snyk-platform-administration/groups-and-organizations/organizations/README.md
+++ b/platform-administration/snyk-platform-administration/groups-and-organizations/organizations/README.md
@@ -8,6 +8,6 @@ When you sign up with Snyk, you have a default Organization in your Enterprise G
You can create an Organization or join an Organization by invitation. On the **Free** and **Team** plans, you can create up to five Organizations in your Tenant. On the **Enterprise** plan, you can create an unlimited number of Organizations.
-If you have more than one Organization, you can switch between Organizations in the Snyk WebUI or using the CLI. For more details, visit [Manage Organizations](create-and-delete-organizations.md)**.**
+If you have more than one Organization, you can switch between Organizations in the Snyk Web UI or using the CLI. For more details, visit [Manage Organizations](create-and-delete-organizations.md)**.**
-Snyk sends notifications about newly disclosed vulnerabilities by Organization, You can turn notifications on or off for each Organization.
+Snyk sends notifications about newly disclosed vulnerabilities by Organization. You can turn notifications on or off for each Organization.
diff --git a/platform-administration/snyk-platform-administration/groups-and-organizations/organizations/create-and-delete-organizations.md b/platform-administration/snyk-platform-administration/groups-and-organizations/organizations/create-and-delete-organizations.md
index 231ff7c1f51a..4dd2a42d6fd0 100644
--- a/platform-administration/snyk-platform-administration/groups-and-organizations/organizations/create-and-delete-organizations.md
+++ b/platform-administration/snyk-platform-administration/groups-and-organizations/organizations/create-and-delete-organizations.md
@@ -19,7 +19,7 @@ Follow these steps to create an Organization:
2\. Enter a name for the new Organization. Consider using a structured naming convention to identify your Organizations.
{% hint style="info" %}
-It is highly recommended to enter a unique name for the new Organization.
+Snyk recommends that you enter a unique name for the new Organization.
{% endhint %}
3\. From the dropdown list, select an Organization from which to copy all settings and integrations.
@@ -44,7 +44,7 @@ Follow these steps to delete an Organization:
2\. After the selected Organization appears, click **Org Settings** on the Group menu.
-3\. On the **Settings** page, select **Genera**l on the menu.
+3\. On the **Settings** page, select **General** on the menu.
4\. Scroll down to the **Delete organization** section and click **Delete organization**:
diff --git a/platform-administration/snyk-platform-administration/groups-and-organizations/organizations/manage-users-in-organizations.md b/platform-administration/snyk-platform-administration/groups-and-organizations/organizations/manage-users-in-organizations.md
index c2ef641d2c16..eaf7e2a856cf 100644
--- a/platform-administration/snyk-platform-administration/groups-and-organizations/organizations/manage-users-in-organizations.md
+++ b/platform-administration/snyk-platform-administration/groups-and-organizations/organizations/manage-users-in-organizations.md
@@ -3,7 +3,7 @@
In the **Organization** where you want to manage users, select the **Members** menu option.
{% hint style="info" %}
-You must have the permissions required to perform these tasks. For details, see [Pre-defined user roles](../../user-roles/pre-defined-roles.md) for a list of permissions.
+You must have the required permissions to perform these tasks. For a list of permissions, see [Pre-defined user roles](../../user-roles/pre-defined-roles.md).
{% endhint %}
## Add users
@@ -17,7 +17,7 @@ You can do the following on the **Add members** screen:
* Select **Invite new members** to send an email invitation to a new user. Enter the email addresses of users to invite, separated by commas, and click **Send invite**.
* Select **Add existing members** to add existing members of your Group to the Organization. Select the users when prompted and click **Invite members.**
* For Free plan users only:\
- Select **Invite by link** to send a link; click **Copy link** and send the link yourself. Note that an invite link expires after 48 hours.
+ Select **Invite by link** to send a link. Click **Copy link** and send the link yourself. Note that an invite link expires after 48 hours.
* Use the **New members join as** dropdown to define the default role of a user when joining, such as **Org admin**. For details, see [Manage permissions](../../user-roles/pre-defined-roles.md).
For a demonstration of adding users, view this video:
@@ -43,7 +43,7 @@ To change the role of a user, click on the **Role** entry for the member and use
Select new role
{% hint style="warning" %}
-For Enterprise plan customers who create custom roles, Snyk prevents users from assigning roles to other users who have more privileges. If you try to update a role, invite a new user, or add an existing user with a role that has more privileges than you have, you will see the error **Cannot assign higher privilege role**.
+For Enterprise plan customers who create custom roles, Snyk prevents users from assigning roles to other users who have more privileges. If you try to update a role, invite a new user, or add an existing user with a role that has more privileges than you have, you see the error **Cannot assign higher privilege role**.
{% endhint %}
## Delete Organization members
diff --git a/platform-administration/snyk-platform-administration/groups-and-organizations/organizations/organization-general-settings.md b/platform-administration/snyk-platform-administration/groups-and-organizations/organizations/organization-general-settings.md
index a73e29019b96..aab47a711d79 100644
--- a/platform-administration/snyk-platform-administration/groups-and-organizations/organizations/organization-general-settings.md
+++ b/platform-administration/snyk-platform-administration/groups-and-organizations/organizations/organization-general-settings.md
@@ -1,16 +1,16 @@
# Organization general settings
-To view and modify settings for your Organization, be sure you are in your Organization and navigate to **Settings** > **General**:
+To view and modify settings for your Organization, ensure you are in your Organization and navigate to **Settings** > **General**:
Organization general settings
In the Organization general settings, you can view and modify the following:
-* **Organization name**: Set the display name for this Organization. For example, you may want to change the default initial Organization display name to reflect better the work that Organization relates to. Note that changing the Organization display name does not change the URL displayed in the browser bar or the internal name used by the CLI. To fully change the name, [create a new Organization](https://app.snyk.io/create-organisation) with the desired name.
-* **Organization API key:** View or copy the Organization API key. [Service accounts](../../../implementation-and-setup/enterprise-setup/service-accounts/) require an API key (token) to substitute for standard user credentials. Click the **Manage Service accounts** button to set up details for service accounts.
-* **Organization ID**: View or copy the Organization ID, which is the internal ID for the Organization, generated automatically when each Organization is created. This ID uniquely identifies this Organization and is required when you use the [Snyk API](https://app.gitbook.com/s/IEEjSXQQu36y0vmFV8zf/snyk-api/snyk-api). These Organization identification details are generated automatically by Snyk for each Organization when it is created.
+* **Organization name**: Set the display name for this Organization. For example, you might want to change the default initial Organization display name to reflect better the work that Organization relates to. Note that changing the Organization display name does not change the URL displayed in the browser bar or the internal name used by the CLI. To fully change the name, [create a new Organization](https://app.snyk.io/create-organisation) with the name you want.
+* **Organization API key:** View or copy the Organization API key. [Service accounts](../../../implementation-and-setup/enterprise-setup/service-accounts/) require an API key (token) to substitute for standard user credentials. Click **Manage Service accounts** to set up details for service accounts.
+* **Organization ID**: View or copy the Organization ID, which is the internal ID for the Organization. Snyk generates this ID automatically when each Organization is created. This ID uniquely identifies this Organization and is required when you use the [Snyk API](https://app.gitbook.com/s/IEEjSXQQu36y0vmFV8zf/snyk-api/snyk-api).
* **Ignores**: Define Organization-wide ignore settings. You can choose from the following options:
- * **Ability to ignore an issue, or edit the ignore settings on an issue** **through the Snyk app or API**
+ * **Ability to ignore an issue, or edit the ignore settings on an issue** **through the Snyk Web UI or API**
* `Admin users only`
* `All users in any environment`
* **Ability to ignore issues through the CLI or `.snyk` file**
@@ -20,8 +20,8 @@ In the Organization general settings, you can view and modify the following:
* `Required (only applies to ignores in the Snyk app, not the CLI or API)`
* `Not required`
* See [Configure Ignore settings](https://app.gitbook.com/s/BJO0IZx7zB6bOkotxQP2/fix/prioritize-issues-for-fixing/ignore-issues#configure-ignore-settings) in the Ignore issues documentation for more details.
-* **Requesting access**: Enable to allow users without access to this Snyk Organization to request access. This includes external users. For more details, see [Enable the request for access setting](requests-for-access-to-an-organization.md#enable-the-request-access-setting) in the documentation of requests for access to an Organization.
-* **Leave Organization**: Leave this Organization. You will lose access to the Projects and notifications for that Organization.
+* **Requesting access**: Enable this setting to allow users without access to this Snyk Organization to request access. This includes external users. For more details, see [Enable the request for access setting](requests-for-access-to-an-organization.md#enable-the-request-access-setting) in the documentation of requests for access to an Organization.
+* **Leave Organization**: Leave this Organization. You lose access to the Projects and notifications for that Organization.
* **Delete Organization**: Delete this Organization to remove it entirely from Snyk, including all of its Projects and their historical data. See [Delete an Organization](create-and-delete-organizations.md#delete-an-organization) in the Manage Organizations documentation for details.
For more information about Organization settings, see [Manage Organizations](create-and-delete-organizations.md).
diff --git a/platform-administration/snyk-platform-administration/groups-and-organizations/organizations/set-your-preferred-organization.md b/platform-administration/snyk-platform-administration/groups-and-organizations/organizations/set-your-preferred-organization.md
index daa8c3ff5939..26aeb088b517 100644
--- a/platform-administration/snyk-platform-administration/groups-and-organizations/organizations/set-your-preferred-organization.md
+++ b/platform-administration/snyk-platform-administration/groups-and-organizations/organizations/set-your-preferred-organization.md
@@ -18,6 +18,6 @@ Follow these steps to change your Preferred Organization:
Change your Preferred Organization
-3\. Click the **Update Preferred Org** button to save your new setting.
+3\. Click **Update Preferred Org** to save your new setting.
The Organization you selected as your **Preferred Organization** is displayed when you log in to your Snyk account and used by default for the test count when you scan using the CLI.
diff --git a/platform-administration/snyk-platform-administration/groups-and-organizations/switch-between-groups-and-organizations.md b/platform-administration/snyk-platform-administration/groups-and-organizations/switch-between-groups-and-organizations.md
index 430e4eb0019a..0d60a91342f6 100644
--- a/platform-administration/snyk-platform-administration/groups-and-organizations/switch-between-groups-and-organizations.md
+++ b/platform-administration/snyk-platform-administration/groups-and-organizations/switch-between-groups-and-organizations.md
@@ -1,6 +1,6 @@
# Switch between Groups and Organizations
-Snyk shows your preferred Organization by default when you log into the Snyk Web UI. Snyk also uses the settings for your preferred Organization when you test a Project using the CLI. For more information, see [Manage Organizations](organizations/create-and-delete-organizations.md).
+Snyk shows your preferred Organization by default when you log in to the Snyk Web UI. Snyk also uses the settings for your preferred Organization when you test a Project using the CLI. For more information, see [Manage Organizations](organizations/create-and-delete-organizations.md).
## Switch Group
@@ -13,7 +13,7 @@ To view or add to your personal Organizations, select **Ungrouped**.
## Switch Organization in the Web UI
{% hint style="warning" %}
-If your SSO email is provided by Google, then logging in with that email through the Google social provider is not the same as logging in using SSO. Using the Google social option creates a separate free account with the standard free user privileges. You can not switch between Organizations that are in different accounts.
+If your SSO email is provided by Google, then logging in with that email through the Google social provider is not the same as logging in using SSO. Using the Google social option creates a separate free account with the standard free user privileges. You cannot switch between Organizations that are in different accounts.
{% endhint %}
You must also be aware of the Organization you are viewing. Organizations contain different Projects.
diff --git a/platform-administration/snyk-platform-administration/groups-and-organizations/tenant/README.md b/platform-administration/snyk-platform-administration/groups-and-organizations/tenant/README.md
index 2e78267b3448..c2af1fbf648d 100644
--- a/platform-administration/snyk-platform-administration/groups-and-organizations/tenant/README.md
+++ b/platform-administration/snyk-platform-administration/groups-and-organizations/tenant/README.md
@@ -8,7 +8,7 @@ Some Tenant features, such as Snyk Analytics, are available only for Enterprise
A Tenant is the top level of the Snyk hierarchy. It encompasses all your Groups and Organizations and all their corresponding Snyk work items. The Tenant is helpful in organizing access and reporting on the platform when you are a large Enterprise with multiple Groups.
-At the Tenant level, you can manage access to features that work across your entire Snyk estate, such as [Snyk Analytics](https://app.gitbook.com/s/BJO0IZx7zB6bOkotxQP2/prevent/analytics) and Members, which allows you to manage users.
+At the Tenant level, you can manage access to features that work across your entire Snyk estate, such as [Snyk Analytics](https://app.gitbook.com/s/BJO0IZx7zB6bOkotxQP2/prevent/analytics) and Members, which lets you manage users.
Tenant-level roles include **Tenant Admin**, **Tenant Viewer**, and **Tenant Member**. For more information, see [Pre-defined roles](../../user-roles/pre-defined-roles.md#role-types).
@@ -25,7 +25,7 @@ If you are a member of more than one Tenant, you can switch between them by sele
In the Snyk 2.0 UI, you can navigate between different levels of your account (Tenant, Group, and Organization) using the scope selector at the top of the page. When you select a scope, the side menu automatically displays the relevant tools and data for that area.
-Snyk 2.0 introduces UI enhancements to the platform navigation and is available in Early Access. This is being rolled out gradually, so not all users see the new navigation at the same time
+Snyk 2.0 introduces UI enhancements to the platform navigation and is available in Early Access. Snyk is rolling this out gradually, so not all users see the new navigation at the same time.
If you are an existing user, you can switch between the new and classic navigation at any time using the toggle in your user profile menu. For more information, visit [Snyk 2.0 platform improvements](https://app.gitbook.com/s/L7HyJj9FsK1W4pNt8Gzl/snyk-2.0-platform-improvements).
{% endhint %}
diff --git a/platform-administration/snyk-platform-administration/manage-notifications.md b/platform-administration/snyk-platform-administration/manage-notifications.md
index e86525356b50..fa8ff7d874ff 100644
--- a/platform-administration/snyk-platform-administration/manage-notifications.md
+++ b/platform-administration/snyk-platform-administration/manage-notifications.md
@@ -1,6 +1,6 @@
# Manage notifications
-Snyk notifies you automatically when new issues are found in the Projects you are monitoring to alert you to new possible new risks in these Projects.
+Snyk notifies you automatically when it finds new issues in the Projects you are monitoring, to alert you to possible new risks in these Projects.
## How notifications are sent
@@ -25,7 +25,7 @@ Setting a Project to inactive does not stop Snyk from sending notifications. You
{% hint style="info" %}
**FedRAMP environment notifications**\
-Both [issue alert emails](manage-notifications.md#group-defaults-for-issue-alert-emails) and [weekly report emails](manage-notifications.md#group-defaults-for-weekly-report-emails) are disabled for FedRAMP environments. Their notification settings may be hidden from the page.
+Both [issue alert emails](manage-notifications.md#group-defaults-for-issue-alert-emails) and [weekly report emails](manage-notifications.md#group-defaults-for-weekly-report-emails) are disabled for FedRAMP environments. Their notification settings might be hidden from the page.
{% endhint %}
## How to manage notifications
@@ -62,8 +62,8 @@ To set the defaults for issue alert emails:
1. Check the **Vulnerabilities** box when users of new Organizations in this Group should receive alert emails by default for new issues or remediations for all Projects in a new Organization.
2. Check the **License Violations** box when users of new Organizations in this Group should receive alert emails for new license issues or remediations for all Projects in a new Organization.
-3. If either the **Vulnerabilities** or **License Violations** boxes are checked, indicate the severity of issues for which Snyk should send alert emails by selecting **All severities** or **Critical and high severity** from the drop-down list.
-4. To change the default for individual organizations, change the **Vulnerabilities**, **License Violations,** and **Severity** settings next to the Organization name. These settings apply for any individual user who has not updated personal notifications when you create new Organizations in this Group.
+3. If either the **Vulnerabilities** or **License Violations** boxes are checked, indicate the severity of issues for which Snyk sends alert emails by selecting **All severities** or **Critical and high severity** from the dropdown list.
+4. To change the default for individual Organizations, change the **Vulnerabilities**, **License Violations,** and **Severity** settings next to the Organization name. These settings apply for any individual user who has not updated personal notifications when you create new Organizations in this Group.
#### Group defaults for weekly report emails
@@ -72,7 +72,7 @@ Weekly report emails are notifications Snyk sends to provide a summary of the vu
To set the defaults for weekly report emails:
* Check the **Email notifications** box when users of new Organizations in this Group should receive a weekly summary email.
-* To change the defaults for individual Organizations, clear or check the box next to the Organization name. The defaults will apply for new Organizations created in this Group.
+* To change the defaults for individual Organizations, clear or check the box next to the Organization name. The defaults apply for new Organizations created in this Group.
{% hint style="info" %}
Individual Projects cannot be excluded from Weekly reports. They can be excluded only from Issue Alert emails, and new vulnerabilities or remediations.
@@ -85,7 +85,7 @@ Usage alert emails are notifications Snyk sends to warn you when you are approac
To set the defaults for usage alerts:
* Check the **Email notifications** box when users of new Organizations in this Group should receive usage alert emails.
-* To change the defaults for individual Organizations, clear or check the box next to the Organization name. The defaults will apply for new Organizations created in this Group.
+* To change the defaults for individual Organizations, clear or check the box next to the Organization name. The defaults apply for new Organizations created in this Group.
### Define Organization notification defaults
@@ -112,7 +112,7 @@ To set the defaults for issue alert emails:
* Clear the **On** box to turn off issue alert emails for new Projects imported into this Organization. Check the box when new Projects in this Organization should receive the defined alerts.
* Check the **Vulnerabilities** box to set the default for all Projects in this Organization to generate alert emails for new issues or remediations.
* Check the **License violations** box to set the default for all Projects in this Organization to generate alert emails for new license issues or remediations.
-* If either the **Vulnerabilities** or **License violations** boxes are checked, indicate the severity of issues for which Snyk should send alert emails by selecting **All severities** or **Critical and high severity** from the drop-down Projects list.
+* If either the **Vulnerabilities** or **License violations** boxes are checked, indicate the severity of issues for which Snyk sends alert emails by selecting **All severities** or **Critical and high severity** from the dropdown Projects list.
#### Organization defaults for weekly report emails
@@ -137,17 +137,17 @@ To override these settings, change your notification preferences:
Notification settings at the Account level
-The Account Settings page allows you to change the types of notifications for each Organization to which you belong. You can also customize the notifications for individual Projects.
+The Account Settings page lets you change the types of notifications for each Organization to which you belong. You can also customize the notifications for individual Projects.
### Preferences for issue alert emails
-Issue alert emails are notifications Snyk sends the day it finds a new vulnerability license issue, or remediation.
+Issue alert emails are notifications Snyk sends the day it finds a new vulnerability, license issue, or remediation.
To customize your settings for issue alert emails for each Organization for which you are a member:
* Check the **Vulnerabilities** box to receive alert emails for new issues or remediations for all Projects in the Organization.
* Check the **Licenses** box for Open Source to receive alert emails for new license issues for all Projects in the Organization.
-* If either the **Vulnerabilities** or **Licenses** boxes are checked, indicate the severity of issues for which Snyk should send alert emails by selecting **All severities** or **Critical and high severity** from the drop-down list.
+* If either the **Vulnerabilities** or **Licenses** boxes are checked, indicate the severity of issues for which Snyk sends alert emails by selecting **All severities** or **Critical and high severity** from the dropdown list.
To customize your settings for individual Projects:
diff --git a/platform-administration/snyk-platform-administration/user-management-with-the-api/provision-users-to-organizations-using-the-api.md b/platform-administration/snyk-platform-administration/user-management-with-the-api/provision-users-to-organizations-using-the-api.md
index ec4c6069f969..9c4a7175116c 100644
--- a/platform-administration/snyk-platform-administration/user-management-with-the-api/provision-users-to-organizations-using-the-api.md
+++ b/platform-administration/snyk-platform-administration/user-management-with-the-api/provision-users-to-organizations-using-the-api.md
@@ -1,8 +1,8 @@
# Provision users to Organizations using the API
-The Provision user endpoints allow you to organize and grant permissions to your single sign-on users before the users log in to the Snyk platform. The endpoints are [Provision a user to the organizaton](https://app.gitbook.com/s/IEEjSXQQu36y0vmFV8zf/snyk-api/reference/organizations-v1#org-orgid-provision), [List pending user provisions](https://app.gitbook.com/s/IEEjSXQQu36y0vmFV8zf/snyk-api/reference/organizations-v1#org-orgid-provision-1), and [Delete pending user provision](https://app.gitbook.com/s/IEEjSXQQu36y0vmFV8zf/snyk-api/reference/organizations-v1#org-orgid-provision-2).
+The Provision user endpoints let you organize and grant permissions to your single sign-on users before the users log in to the Snyk platform. The endpoints are [Provision a user to the organizaton](https://app.gitbook.com/s/IEEjSXQQu36y0vmFV8zf/snyk-api/reference/organizations-v1#org-orgid-provision), [List pending user provisions](https://app.gitbook.com/s/IEEjSXQQu36y0vmFV8zf/snyk-api/reference/organizations-v1#org-orgid-provision-1), and [Delete pending user provision](https://app.gitbook.com/s/IEEjSXQQu36y0vmFV8zf/snyk-api/reference/organizations-v1#org-orgid-provision-2).
-Provisioned users do not need to accept invites. When provisioned users first log in to Snyk, they will have all their permissions. You can use the endpoint [Provision a user to the organization](https://app.gitbook.com/s/IEEjSXQQu36y0vmFV8zf/snyk-api/reference/organizations-v1#org-orgid-provision) to add users to Organizations at scale before their first login.
+Provisioned users do not need to accept invites. When provisioned users first log in to Snyk, they have all their permissions. You can use the endpoint [Provision a user to the organization](https://app.gitbook.com/s/IEEjSXQQu36y0vmFV8zf/snyk-api/reference/organizations-v1#org-orgid-provision) to add users to Organizations at scale before their first login.
## Prerequisites for provisioning users using the API
diff --git a/platform-administration/snyk-platform-administration/user-management-with-the-api/remove-members-from-groups-and-orgs-using-the-api.md b/platform-administration/snyk-platform-administration/user-management-with-the-api/remove-members-from-groups-and-orgs-using-the-api.md
index b9936dfdad8b..e2b38050fef7 100644
--- a/platform-administration/snyk-platform-administration/user-management-with-the-api/remove-members-from-groups-and-orgs-using-the-api.md
+++ b/platform-administration/snyk-platform-administration/user-management-with-the-api/remove-members-from-groups-and-orgs-using-the-api.md
@@ -22,7 +22,7 @@ For each user, call the endpoint to remove that member from the Organization usi
For a successful request, the response is `200 OK`.
-Look at the Organization members page to verify that the member has been removed.
+Look at the Organization members page to verify that Snyk removed the member.
{% hint style="info" %}
When a member is removed from an Organization, if the Organization is a part of a Group, the user continues to exist in the Group as a Group Member. To completely remove the user from the Group, follow the steps in the next section.
@@ -62,7 +62,7 @@ For each user, to remove that member from the Group, call the endpoint using the
For a successful request, the response is `200 OK`.
-Look at the Group members page to verify the user has been removed.
+Look at the Group members page to verify that Snyk removed the user.
{% hint style="info" %}
When a member is removed from a Group, the user continues to exist in Snyk. To completely delete all data associated with the user, follow the step in the next section.
@@ -82,5 +82,5 @@ You can find the `{sso_id}` on the Snyk Web UI; navigate to **Group** > **Settin
For a successful request, the response is `200 OK`.
-Use the following request to verify the member has been deleted.\
+Use the following request to verify that Snyk deleted the member.\
`GET https://api.snyk.io/v1/user/userId`
diff --git a/platform-administration/snyk-platform-administration/user-roles/README.md b/platform-administration/snyk-platform-administration/user-roles/README.md
index b7fa6fda461e..cb9830a89f7f 100644
--- a/platform-administration/snyk-platform-administration/user-roles/README.md
+++ b/platform-administration/snyk-platform-administration/user-roles/README.md
@@ -3,7 +3,7 @@
{% hint style="info" %}
**Feature availability**
-The Snyk free subscription plan allows you to send up to 200 pending invitations every seven days and has only administrator roles.
+The Snyk free subscription plan lets you send up to 200 pending invitations every seven days and has only administrator roles.
Enterprise plans have administrators, viewers, collaborators, and custom roles.
diff --git a/platform-administration/snyk-platform-administration/user-roles/custom-role-templates/README.md b/platform-administration/snyk-platform-administration/user-roles/custom-role-templates/README.md
index 31e65a61844f..e5e6349b8b61 100644
--- a/platform-administration/snyk-platform-administration/user-roles/custom-role-templates/README.md
+++ b/platform-administration/snyk-platform-administration/user-roles/custom-role-templates/README.md
@@ -20,5 +20,5 @@ You can use these templates to create your own custom roles that fit into and re
* [Snyk Learn - Learning Admin](snyk-learn-learning-admin.md)
{% hint style="warning" %}
-If you create a Group level custom role that enables creation of new Organizations, you must include the **Add Organizations** and **View Groups** permissions. When enabled, the user with that custom role will be able to see the **Create organization** button when switching Organizations in the Web UI.
+If you create a Group level custom role that enables creation of new Organizations, you must include the **Add Organizations** and **View Groups** permissions. When enabled, the user with that custom role can see **Create organization** when switching Organizations in the Web UI.
{% endhint %}
diff --git a/platform-administration/snyk-platform-administration/user-roles/custom-role-templates/cli-tester-role-template.md b/platform-administration/snyk-platform-administration/user-roles/custom-role-templates/cli-tester-role-template.md
index 5475f1e9fdf9..dc236c00f967 100644
--- a/platform-administration/snyk-platform-administration/user-roles/custom-role-templates/cli-tester-role-template.md
+++ b/platform-administration/snyk-platform-administration/user-roles/custom-role-templates/cli-tester-role-template.md
@@ -1,6 +1,6 @@
# CLI Tester role template
-This Organization-level role allows service accounts in CI/CD pipelines to run basic Snyk CLI commands. The role grants permissions to run `snyk test` to check Projects for vulnerabilities and `snyk monitor` to send snapshots to the Snyk UI.
+This Organization-level role lets service accounts in CI/CD pipelines run basic Snyk CLI commands. The role grants permissions to run `snyk test` to check Projects for vulnerabilities and `snyk monitor` to send snapshots to the Snyk UI.
This role does not include permissions to manage pull requests. If your CI/CD pipeline updates pull request (PR) statuses or interacts with source control manager (SCM) checks, use the Developer role template.
diff --git a/platform-administration/snyk-platform-administration/user-roles/custom-role-templates/developer-role-template.md b/platform-administration/snyk-platform-administration/user-roles/custom-role-templates/developer-role-template.md
index 0c2f24d71e88..1eb748ef7c10 100644
--- a/platform-administration/snyk-platform-administration/user-roles/custom-role-templates/developer-role-template.md
+++ b/platform-administration/snyk-platform-administration/user-roles/custom-role-templates/developer-role-template.md
@@ -1,8 +1,8 @@
# Developer role template
-This Organization-level role enables review of scan results, fixing issues, and initiating Project tests. Users with this role can view Organizations and Projects.
+With this Organization-level role, users can review scan results, fix issues, and start Project tests. Users with this role can view Organizations and Projects.
-Often, when deploying Snyk, developers may have the ability to override Snyk PR checks, but this permission can be revoked after developers are comfortable using the Snyk IDE extensions and start fixing issues earlier in the SDLC. Similarly, you may start by allowing developers to add Projects and then limit that permission to a Team Lead.
+Often, when deploying Snyk, developers can override Snyk PR checks, but you can revoke this permission after developers are comfortable using the Snyk IDE extensions and start fixing issues earlier in the SDLC. Similarly, you can start by allowing developers to add Projects and then limit that permission to a Team Lead.
## Group-level permissions
diff --git a/platform-administration/snyk-platform-administration/user-roles/pre-defined-roles.md b/platform-administration/snyk-platform-administration/user-roles/pre-defined-roles.md
index 9e6a0465211c..ef11b99f2807 100644
--- a/platform-administration/snyk-platform-administration/user-roles/pre-defined-roles.md
+++ b/platform-administration/snyk-platform-administration/user-roles/pre-defined-roles.md
@@ -6,7 +6,7 @@ The pre-defined roles Snyk provides are as follows:
* **Organization Admin:** the standard role equivalent for Team Leads. Users with this role can add and delete Projects, override Snyk checks, and provision Group members with an Organization-level role. This role and the associated permissions supersede Group Member role restrictions.
* **Organization Collaborator:** the standard role equivalent for Developers. This role is ideal for small teams or a developer-first organizational approach.
-* **Group Admin:** the standard role equivalent for the person in your company who oversees Snyk use at a high level, providing a full set of permissions at the Group and Organization level. This also means that a Group Admin is automatically an Organization Admin to all Organizations that sit under the Group, although they will not be visible in an Organization level list.
+* **Group Admin:** the standard role equivalent for the person in your company who oversees Snyk use at a high level, providing a full set of permissions at the Group and Organization level. This also means that a Group Admin is automatically an Organization Admin to all Organizations that sit under the Group, although they are not visible in an Organization level list.
* **Group Viewer:** a user who can access the Group level but requires Organization-level permissions to take actions in Snyk. This is normally used as a starting point during onboarding with Snyk to understand functions tied to Group permissions and design a custom Group role for post-deployment use.
* **Group Member:** a non-functional user role added to your environment as a transition from Group Viewer if you do not yet wish to create a custom role after onboarding with Snyk. This means the permissions granted can vary depending on your requirements, as discussed with your Snyk contacts. Select the named role from the list under Manage Members in the Snyk Web UI to check the permissions assigned to your Group Member role.
* **Tenant Admin**: a user who can access all Tenant products and settings. This role is reserved for account owners and admins only.
diff --git a/platform-administration/snyk-platform-administration/user-roles/user-role-management.md b/platform-administration/snyk-platform-administration/user-roles/user-role-management.md
index d4230a1e6064..4c18f2eadfc7 100644
--- a/platform-administration/snyk-platform-administration/user-roles/user-role-management.md
+++ b/platform-administration/snyk-platform-administration/user-roles/user-role-management.md
@@ -6,7 +6,7 @@
Managing user roles is available only with Enterprise plans. For more information, see [plans and pricing](https://snyk.io/plans/).
{% endhint %}
-Snyk Manage roles functionality enables you to manage pre-defined and custom roles, allowing you to create and enforce set permissions for roles that reflect the users and functions in your Organization.
+The Manage roles functionality in Snyk lets you manage pre-defined and custom roles, so you can create and enforce set permissions for roles that reflect the users and functions in your Organization.
Under **Manage roles**, you can:
@@ -35,7 +35,7 @@ For more information, see [User management with the API](../user-management-with
You can create, edit, duplicate, and delete custom roles, granting your users the exact permissions they need to do their jobs across the Snyk platform. This ensures the right people have the right access to the right resources at the right time, maximizing transparency and reducing risk.
-You will find [pre-defined roles](pre-defined-roles.md) such as **Organization Admin** and **Organization Collaborator** listed under your Group. These roles can be selected to view their associated permissions, but permissions cannot be added, edited, or removed. Pre-defined role permissions can be duplicated to act as a starting point for any custom role creation.
+You can find [pre-defined roles](pre-defined-roles.md) such as **Organization Admin** and **Organization Collaborator** listed under your Group. You can select these roles to view their associated permissions, but you cannot add, edit, or remove permissions. Pre-defined role permissions can be duplicated to act as a starting point for any custom role creation.
## Create a custom role
@@ -45,7 +45,7 @@ Click the **Create new role** button and enter the **New role name**, **Role Typ
Create a custom Organization-level role
-If you would like to continue, you can click the **Create role** button. Basic details about the role are visible in the top section of the **Role details** screen.
+To continue, click **Create role**. Basic details about the role are visible in the top section of the **Role details** screen.
Role Details for a custom role
@@ -85,7 +85,7 @@ To copy a role, use the **Duplicate** button next to each role in the Member Rol
Duplicate a role using the Duplicate role button under Role Details
-A Duplicate role pop-up will appear, prompting you to enter a unique name and description. You can select the option to use the description from the role you copied from, but this can be edited later. Click the **Duplicate Role** button to proceed with creation. A **Group Admin** or a custom role with **Role management** permissions can edit this role to assign new permissions to it or remove any permissions already assigned.
+A Duplicate role pop-up appears, prompting you to enter a unique name and description. You can select the option to use the description from the role you copied from, but this can be edited later. Click the **Duplicate Role** button to proceed with creation. A **Group Admin** or a custom role with **Role management** permissions can edit this role to assign new permissions to it or remove any permissions already assigned.
Duplicate role creation
@@ -127,7 +127,7 @@ Click **Add members** > **Invite new members** and select the role to assign fro
Click the **Add members** button > **Add existing members** to promote current Group Members to an Organization-specific role.
{% hint style="warning" %}
-Snyk prevents users from assigning roles to others with more privileges than those the user who is assigning roles already has. If you try to update the role of a member, invite a new member, or add an existing member with a role that has more privileges than you have, you will see the error **Cannot assign higher privilege role**.
+Snyk prevents users from assigning roles to others with more privileges than those the user who is assigning roles already has. If you try to update the role of a member, invite a new member, or add an existing member with a role that has more privileges than you have, you see the error **Cannot assign higher privilege role**.
{% endhint %}
### Assign roles to service accounts
diff --git a/scan-fix-and-prevent/README.md b/scan-fix-and-prevent/README.md
index e13e87d3e00e..a41f0f31bebf 100644
--- a/scan-fix-and-prevent/README.md
+++ b/scan-fix-and-prevent/README.md
@@ -1,10 +1,10 @@
# Overview
-You can use Snyk to scan and secure your codebase and cloud infrastructure configurations, taking advantage of the Snyk capabilities in Static Application Security Testing (SAST), Dynamic Application Security Testing (DAST), Software Composition Analysis (SCA), and Infrastructure as Code (IaC) analysis.
+You can use Snyk to scan and secure your codebase and cloud infrastructure configurations, using the Snyk capabilities in Static Application Security Testing (SAST), Dynamic Application Security Testing (DAST), Software Composition Analysis (SCA), and Infrastructure as Code (IaC) analysis.
## Select scanning methods
-Snyk supports scanning methods that correspond to Snyk products. Choose the right scanning method for the job you want to do, to find and fix issues not only early in the Software Development Life Cycle, but also after your web application or API is live.
+Snyk supports scanning methods that correspond to Snyk products. Choose the right scanning method for the job you want to do, to find and fix issues not only early in the software development lifecycle, but also after your web application or API is live.
* [Snyk Open Source](scan-with-snyk/snyk-open-source/): scan your open-source libraries for vulnerabilities and license issues.\
For more information, see [Open Source Security Explained](https://snyk.io/series/open-source-security/).
@@ -28,7 +28,7 @@ Scans may be limited on your account, depending on your[ Pricing Plan](https://a
## The scanning process
-Snyk takes a developer-first approach to secure your development work by integrating directly into your IDEs, workflows, and automation pipelines to add security expertise to your toolkit. This approach allows you to:
+Snyk takes a developer-first approach to secure your development work by integrating directly into your IDEs, workflows, and automation pipelines to add security expertise to your toolkit. With this approach, you can:
* Use Snyk to focus on early enablement, not later enforcement.
* Run scans while working on a Project, before you commit any code. This minimizes rework by finding issues that require changes early on.
diff --git a/scan-fix-and-prevent/manage-assets/assets-inventory-components.md b/scan-fix-and-prevent/manage-assets/assets-inventory-components.md
index 3269a5122d46..061c9e4c9aeb 100644
--- a/scan-fix-and-prevent/manage-assets/assets-inventory-components.md
+++ b/scan-fix-and-prevent/manage-assets/assets-inventory-components.md
@@ -1,6 +1,6 @@
# Assets inventory components
-Each inventory layout is presented in a table format, detailing the available key attributes:
+Snyk presents each inventory layout in a table format, detailing the available key attributes:
* [Assets](assets-inventory-components.md#asset)
* [Issues](assets-inventory-components.md#issues)
@@ -27,19 +27,19 @@ Assets in Snyk Essentials are meaningful, real-world components in an applicatio
An asset can be the parent of multiple items. For example, a repository asset usually contains one or more package assets.
-The Asset column incorporates the name of the repository asset, package, scanned artifact, or container images. Click on the arrow next to the parent asset name to expand the list of all contained items.
+The Asset column incorporates the name of the repository asset, package, scanned artifact, or container images. Click the arrow next to the parent asset name to expand the list of all contained items.
You can copy the name of an asset or browse the repository. Each asset has a menu at the end of the row. Click the menu, then select **Copy** to copy the URL or **Browse** to navigate to the asset repository.
### Repository assets
-Repository assets represent SCM repositories. A repository asset is created by discovering the repositories directly in the SCM, when such integration is configured. Alternatively, a repository asset can be created by scanning a repository, (by Snyk or third-party tools) as long as the scanned code is identified with a specific repository (in Snyk, this means filling in the `gitRemoteURL` parameter).
+Repository assets represent SCM repositories. A repository asset is created by discovering the repositories directly in the SCM, when such integration is configured. Alternatively, scanning a repository can create a repository asset (by Snyk or third-party tools) as long as the scanned code is identified with a specific repository (in Snyk, this means filling in the `gitRemoteURL` parameter).
-If you scan the code locally using CLI, with no association to a repository, then a repository asset will not be created. For more details about CLI commands, see [Scanning methods](../scan-with-snyk/snyk-essentials.md#scanning-methods).
+If you scan the code locally using CLI, with no association to a repository, then Snyk does not create a repository asset. For more details about CLI commands, see [Scanning methods](../scan-with-snyk/snyk-essentials.md#scanning-methods).
### Container Image assets
-You can identify a container image based on the Image ID. If multiple container images have the same Image ID, then only one image asset is generated for that Image ID, enriched with information from all the identified container images for that ID.
+You can identify a container image based on the Image ID. If multiple container images have the same Image ID, then Snyk generates only one image asset for that Image ID, enriched with information from all the identified container images for that ID.
Snyk Essentials retrieves all image assets from Snyk Container. Reimport the images to ensure you scan the latest image. If you run a new scan on a Project that contains image assets, it rescans the same image for new vulnerabilities. To identify new image assets, you need to first reimport, and then scan the Project. Check the [Detect application vulnerabilities in container images](../scan-with-snyk/snyk-container/use-snyk-container/detect-application-vulnerabilities-in-container-images.md) page for more details.
@@ -47,7 +47,7 @@ Snyk Essentials retrieves all image assets from Snyk Container. Reimport the ima
Packages in Snyk Essentials are defined as software or libraries that are managed by package management systems.
-Package assets are created when you scan the dependencies of a Project through package management systems or by using the Snyk CLI. This enables Snyk Essentials to identify and analyze the security vulnerabilities of the packages used within a Project, offering insights into possible risk exposures and providing recommendations for mitigation.
+Snyk creates package assets when you scan the dependencies of a Project through package management systems or by using the Snyk CLI. This lets Snyk Essentials identify and analyze the security vulnerabilities of the packages used in a Project, offering insights into possible risk exposures and providing recommendations for mitigation.
### Scanned artifacts
@@ -78,28 +78,28 @@ The Summary tab is a concentrated view of asset properties. The Summary screen p
* SCM Repository freshness - provides the current status of your repositories, including the date of the last commit.
* **Organization** - specifies the Organizations associated with the asset.
* **Labels** - provides the list of all labels available for that asset.
-* **Tags** - provides a key-value pair that allows you to attach structured metadata to your assets.
+* **Tags** - provides a key-value pair that lets you attach structured metadata to your assets.
* **Issues** - categorizes the identified types of open issues.
* **App Context**\* - asset metadata from App Context integrations, such as Backstage catalog or ServiceNow CMDB, can include the following attributes: catalog name, category, application, owner, and so on.
\*App Context information is visible only when the asset is part of a Project for which the application context was configured.
{% hint style="info" %}
-After you apply the filters, the assets list will only display the assets that directly match the filter conditions, and, if available, a list of children assets related to the selected one is displayed, with the information shown in a table format, with a focus on the following topics: Asset (name), Issues, Controls, Class.
+After you apply the filters, the assets list displays only the assets that directly match the filter conditions, and, if available, a list of children assets related to the selected one, with the information shown in a table format, with a focus on the following topics: Asset (name), Issues, Controls, Class.
{% endhint %}
### Related Assets
-The Related assets tab provides a detailed view of assets related to the selected one. Use this tab to assess scanning coverage or asset ownership. You can see the details of a related asset by clicking on one of them. Usually, these are Package assets. When looking at Related Assets, you can notice a link to the parent repository at the top. If you click on the parent asset link, you will revert to the initial view of the parent asset.
+The Related assets tab provides a detailed view of assets related to the selected one. Use this tab to assess scanning coverage or asset ownership. You can see the details of a related asset by clicking one of them. Usually, these are Package assets. When looking at Related Assets, you can notice a link to the parent repository. If you click the parent asset link, you revert to the initial view of the parent asset.
### Related Projects
-The Related Projects tab provides a collection of Snyk Projects that are associated with a specific asset within the platform. These projects are arranged in a table format, enabling you to view relevant information that assists in managing and assessing vulnerabilities related to the asset. Each Project is displayed with the following details:
+The Related Projects tab provides a collection of Snyk Projects that are associated with a specific asset in the platform. Snyk arranges these projects in a table format, letting you view relevant information that assists in managing and assessing vulnerabilities related to the asset. Each Project is displayed with the following details:
* **Projects by Target**: A list of Projects grouped by targets. You can see both the Project name and the target name under which the Project is grouped.
* **Target Reference**: An optional identifier that may not always be available.
* **Test Surface**: Indicates the source of the Project scan, specifying whether it originated from SCM or the CLI.
-* **Issues**: Provides insight into the number and severity of identified issues within the Project.
+* **Issues**: Provides insight into the number and severity of identified issues in the Project.
* **Organization**: Displays the Snyk Organization to which the Project belongs.
* **Tested**: Shows the relative time since the last scan (for example, "3 hours ago") along with a tooltip that reveals the full date and time upon hovering.
@@ -107,17 +107,17 @@ The Related Projects tab provides a collection of Snyk Projects that are associa
### Attributes
-The Attributes tab shows miscellaneous attributes, like the Asset ID or Asset Type, that are fetched from the data source, but do not have a dedicated column. The benefit of having this info is not only by presenting it but mostly by making it searchable. You can search for an attribute by either using the inventory search bar or the filters.
+The Attributes tab shows miscellaneous attributes, like the Asset ID or Asset Type, that Snyk fetches from the data source but that do not have a dedicated column. The benefit of having this information is not only in presenting it but mostly in making it searchable. You can search for an attribute using either the inventory search bar or the filters.
## Issues
-The Issues column is designed to present a comprehensive list of issues that have been identified within your assets. These findings are the result of scans performed by Snyk as well as internal tools you may have deployed. This detailed list not only helps in understanding the security posture of your assets but also in prioritizing remediation efforts based on the severity and impact of each issue. By having visibility into these issues, you can take proactive steps toward improving the overall security of your applications and infrastructure.
+The Issues column presents a comprehensive list of issues identified in your assets. These findings result from scans that Snyk and internal tools you have deployed perform. This detailed list helps you understand the security posture of your assets and prioritize remediation efforts based on the severity and impact of each issue. With visibility into these issues, you can take proactive steps toward improving the overall security of your applications and infrastructure.
Most of the issues are mapped to an asset. However, some of the issues are associated with an asset but not directly linked to it. This is the case with image assets.
-You can see these assets under the **Inventory** view, and they will also be reflected under the **Asset and Source Code** column from the **Insights UI** view.
+You can see these assets under the **Inventory** view, and they also appear under the **Asset and Source Code** column from the **Insights UI** view.
-The **Issues** column from the Asset view is designed to present an aggregated count of open issues. These counts are carefully categorized based on the severity level of the issues found in assets, their children's assets, or associated packages. The severity is divided into four distinct levels:
+The **Issues** column from the Asset view presents an aggregated count of open issues. Snyk categorizes these counts based on the severity level of the issues found in assets, their children's assets, or associated packages. The severity is divided into four distinct levels:
* **C** (Critical): Issues that represent a serious threat and should be addressed immediately to prevent potential exploits or major disruptions.
* **H** (High): These are significant issues that, while not immediately dangerous, could potentially lead to critical vulnerabilities if not resolved in a timely manner.
@@ -128,7 +128,7 @@ This classification streamlines prioritization, helping you focus on critical ar
## Coverage Controls
-The Controls column displays all of the Snyk products that were executed on a specific repository asset. This column displays, in circles, a logo for each Snyk product. The logo icon itself has an indication of the highest severity of issues from this source. For example, if the highest severity issue is **C** (critical), you can see a red dot on the control icon.
+The Controls column displays all of the Snyk products that ran on a specific repository asset. This column displays, in circles, a logo for each Snyk product. The logo icon itself indicates the highest severity of issues from this source. For example, if the highest severity issue is **C** (critical), you can see a red dot on the control icon.
The Controls logos can have one of the following states:
@@ -145,7 +145,7 @@ Click a Controls logo to see **Last test** details and the **Issues** count, spl
## Tags
-Provides a key-value tagging capability that allows you to attach specific, structured metadata to your assets. Use this feature lets you granular filtering, robust policy creation, and better alignment with your internal systems.
+Provides a key-value tagging capability that lets you attach specific, structured metadata to your assets. This feature lets you use granular filtering, robust policy creation, and better alignment with your internal systems.
**Example**: A structured tag provides both a key and a value, such as `platform:aws` or `region:eu-central-1`.
@@ -153,7 +153,7 @@ Provides a key-value tagging capability that allows you to attach specific, stru
In Snyk Web UI, you can filter assets by their tags using **Advanced filters**. You can define filters based on specific criteria, such as a property of an asset, a condition, and a value.
-* Filter by `Tags`: The new `Tags` filter is a key-value pair filter. This filter allows you to select a specific tag key such as `department` and then choose a corresponding value such as `finance` to narrow down the asset list.
+* Filter by `Tags`: The new `Tags` filter is a key-value pair filter. This filter lets you select a specific tag key such as `department` and then choose a corresponding value such as `finance` to narrow down the asset list.
## Labels
@@ -163,7 +163,7 @@ Asset labels are metadata that is applied to repository assets and build artifac
* **User-defined labels** are customizable, as you can define their logic through Assets Policies. For example, you can set labels to represent a repository that comes from a specific source, such as GitHub. Labels associated with assets are identified in the UI with the **Asset policy label's** name.
* **System labels** are automatically assigned by Snyk based on asset names or detected keywords (for example, `codeowners`).
-A repository asset label can be added through Policies or be system-generated by Snyk Essentials to provide more context. Click on a labels field to view all labels.
+You can add a repository asset label through Policies, or Snyk Essentials can system-generate it to provide more context. Click a labels field to view all labels.
{% hint style="info" %}
BitBucket Cloud cannot automatically detect the language used in the source code from the repositories. In Snyk Essentials, you can only see the language labels that have been manually added for BitBucket Cloud.\
@@ -173,9 +173,9 @@ For more information, you can refer to the official documentation provided by Bi
A system-generated label includes the following information:
-* **Technology** - The languages detected by Snyk Essentials in the source code within a repository asset.
+* **Technology** - The languages detected by Snyk Essentials in the source code in a repository asset.
* **SCM Topic** - The topics found in the integrated SCM repositories. Snyk Essentials supports topics from GitHub and GitLab.
-* **Asset type label** - The label explaining the type of the asset. For example, container assets will be assigned an image asset label.
+* **Asset type label** - The label explaining the type of the asset. For example, Snyk assigns container assets an image asset label.
* **SCM Repository freshness** - The status of the repository and the date of the last commit.
* **Active**: Had commits in the last 3 months.
* **Inactive**: The last commits were made in the last 3 - 6 months.
@@ -193,11 +193,11 @@ Labels are organized into three main categories:
System labels are automatically generated from the SCM repositories. System labels can be classified into three main categories:
* Languages:
- * This applies to GitHub, GitLab, Azure DevOps, and BitBucket as long the data is available in the repository.
+ * This applies to GitHub, GitLab, Azure DevOps, and BitBucket as long as the data is available in the repository.
* GitHub, GitLab, and Azure DevOps have automated language detection. Instead, BitBucket requires users to set up the language in their repositories.
* SCM Topic:
* This applies to GitHub and GitLab.
-* Multiple different rules based on the words we found in the repositories:
+* Multiple different rules based on the words Snyk found in the repositories:
* This applies to GitHub, GitLab, Azure DevOps, and BitBucket.
### Labeling policy
@@ -215,7 +215,7 @@ You can use pre-defined system labels and asset labels to mark the repositories
In the Snyk web interface, you can filter assets by their labels using the **Advanced Filters** option. You can define filters based on highly specific criteria, such as a property of an asset, a condition, and a value.
-* Filter by `labels`: This filter allows you to select a specific label.
+* Filter by `labels`: This filter lets you select a specific label.
## Developers
@@ -225,11 +225,9 @@ You can see the list of all the developers that worked on that specific asset. T
Reflects the business criticality of the asset from A (most critical) to D (least critical), as you defined it in the Policies view.
-You can manually change the business criticality of an asset. Click the criticality level and select another one from the list.
+You can manually change the business criticality of an asset. To update it, click the criticality level and select another one from the list.
-You can change the business criticality of an asset. To manually update it, select the criticality level and select another one from the list.
-
-After manually setting the value of a class, you have the option to lock the value to prevent any potential overriding by a policy that has the Set Asset Class as an action. You can lock the value from the general or summary views of an asset. You can unlock the class value at any time by clicking the lock icon. A pop-up is displayed, asking you for confirmation about unlocking the value.
+After manually setting the value of a class, you can lock the value to prevent a policy that has Set Asset Class as an action from overriding it. You can lock the value from the general or summary views of an asset. You can unlock the class value at any time by clicking the lock icon. A pop-up appears, asking you to confirm unlocking the value.
The Asset Class column is available on the Insights UI for risk-based prioritization, and it has the same functionality as it does here. At the moment, the Asset Class column is available only for repository assets, and applicable only for Snyk Code.
@@ -237,11 +235,11 @@ The Asset Class column is available on the Insights UI for risk-based prioritiza
Synchronization between the Asset Class and the Insights UI can take up to 3 hours.
{% endhint %}
-The class value can be auto-generated with policies. You just need to create a policy that has as an action **Set Asset Class**.
+Policies can auto-generate the class value. Create a policy that has **Set Asset Class** as an action.
## Risk factors
-The Risk Factors column lists the potential vulnerabilities and security threats associated with each asset. These risk factors help users identify specific risks, enabling them to prioritize and address issues more effectively. By understanding the particular risks tied to their assets, users can take more informed remedial actions.
+The Risk Factors column lists the potential vulnerabilities and security threats associated with each asset. These risk factors help you identify specific risks, letting you prioritize and address issues more effectively. By understanding the particular risks tied to your assets, you can take more informed remedial actions.
Here is a list of the available risk factors:
@@ -251,7 +249,7 @@ Here is a list of the available risk factors:
## Source
-The Source column in Snyk Essentials helps users identify the origin of their assets, which can be directly from Snyk, through SCM systems, or using third-party integrations. This feature simplifies asset management and risk prioritization by providing clear visibility into the origin of each asset and it enables more effective security strategies and remediation efforts.
+The Source column in Snyk Essentials helps you identify the origin of your assets, which can be directly from Snyk, through SCM systems, or using third-party integrations. This feature simplifies asset management and risk prioritization by providing clear visibility into the origin of each asset, and it supports more effective security strategies and remediation efforts.
## SCM Integrations
@@ -264,7 +262,7 @@ The column is hidden by default, and you can enable it in the **Columns** sectio
## SCM Repository freshness
-The SCM Repository freshness column provides you with an immediate understanding of the current status of your repositories, including the date of the last commit. This assists you in quickly identifying active and dormant Projects and helps you make decisions regarding maintenance, security patching, and resource allocation.
+The SCM Repository freshness column provides you with an immediate understanding of the current status of your repositories, including the date of the last commit. This helps you quickly identify active and dormant Projects and make decisions regarding maintenance, security patching, and resource allocation.
The repository freshness displays the repository status according to the last commit date:
@@ -275,15 +273,15 @@ The repository freshness displays the repository status according to the last co
## Clusters
-The Clusters column lists all cluster names where an image is deployed and is using the runtime integrations as the source of the information. When an image is removed from a cluster, the cluster name is also deleted from the collection. Clusters are also available under Filters and allow you to filter assets in the Inventory view or to create policies in the Policies view.
+The Clusters column lists all cluster names where an image is deployed and uses the runtime integrations as the source of the information. When you remove an image from a cluster, the cluster name is also deleted from the collection. Clusters are also available under Filters and let you filter assets in the Inventory view or create policies in the Policies view.
{% hint style="info" %}
-The Cluster column is populated only when the Snyk Runtime Sensor is utilized.
+The Cluster column is populated only when you use the Snyk Runtime Sensor.
{% endhint %}
## Organizations
-The Organizations column lists all Snyk Organizations associated with each asset. This includes the names of Organizations that contain Projects linked to the asset, enabling users to filter and organize their asset inventory based on their organizational structures. Organizations are also available under Filters and allow you to filter assets in the Inventory view or to create policies in the Policies view.
+The Organizations column lists all Snyk Organizations associated with each asset. This includes the names of Organizations that contain Projects linked to the asset, letting you filter and organize your asset inventory based on your organizational structures. Organizations are also available under Filters and let you filter assets in the Inventory view or create policies in the Policies view.
## Visibility
@@ -300,6 +298,6 @@ Use this metadata to prioritize risk and apply visibility-based coverage control
The Actions column provides a workflow to set up the SCM integration at the Group level to access full context enrichment. To identify the type of integration, check the [SCM Integrations column](assets-inventory-components.md#scm-integrations). This use case applies where a Group-level integration is not configured.
-If a Group level integration has not been set up, repositories discovered at the Organization level display a **Set up integration** button under the **Actions** column. If you set up the integration at the Group level, this option becomes unavailable.
+If a Group-level integration is not set up, repositories discovered at the Organization level display **Set up integration** under the **Actions** column. If you set up the integration at the Group level, this option becomes unavailable.
To add context enrichment, find an asset and select **Set up integration**. For configuration details, see [Snyk SCM Integrations](https://app.gitbook.com/s/IEEjSXQQu36y0vmFV8zf/integrations/scm-integrations/organization-level-integrations).
diff --git a/scan-fix-and-prevent/manage-assets/assets-inventory-filters.md b/scan-fix-and-prevent/manage-assets/assets-inventory-filters.md
index 053295df15da..af39efd8c437 100644
--- a/scan-fix-and-prevent/manage-assets/assets-inventory-filters.md
+++ b/scan-fix-and-prevent/manage-assets/assets-inventory-filters.md
@@ -11,7 +11,7 @@ Quick filters are predefined filters that you can apply to assets. Available qui
* **Assets with Repository freshness** **`ACTIVE` and `COVERAGE GAP`**: displays only the assets from active repositories and with a coverage gap for the selected Snyk products.
* **Assets with Asset Class `A` and `COVERAGE GAP`**: displays only Class A assets that have a coverage gap for the selected Snyk products.
-You can change or add additional filters by clicking **Advanced Filters**.
+To change or add filters, click **Advanced Filters**.
## Advanced filters
@@ -23,7 +23,7 @@ When you select advanced filters, you can specify one or more sets of criteria:
* **Condition:** depends on the asset selected (such as `contains` or `does not contain` for `asset name`).
* **Value:** depends on the **Property** and **Condition**.
-You can add as many filters as needed by clicking **Add Filter**.
+To add as many filters as needed, click **Add Filter**.
{% hint style="info" %}
If you are using Snyk Essentials for the first time, Snyk recommends starting with the **Coverage** filter to determine where Snyk is already implemented.
@@ -86,7 +86,7 @@ You can filter unenriched repositories directly from the banner by selecting the
#### Unenriched assets with Group SCM integration
-If you use a Group-level integration, the banner shows assets not discovered through that integration. Although the integration is in place, some assets are not being pulled in. Possible reasons for unrenriched assets:
+If you use a Group-level integration, the banner shows assets not discovered through that integration. Although the integration is in place, some assets are not being pulled in. Possible reasons for unenriched assets:
* Organization-level integration has broader permissions than the Group-level integration.
* A repository previously tested by Snyk was deleted in the SCM before the Group-level integration was set up.
@@ -96,7 +96,7 @@ If you use a Group-level integration, the banner shows assets not discovered thr
## Troubleshooting
-### The assets are not discovered by Group or Organization-level integrations.
+### The assets are not discovered by Group or Organization-level integrations
The assets are not discovered by Group or Organization-level integrations, but are discovered only through Snyk targets (for example, CLI Projects or old deleted repositories).
@@ -128,4 +128,4 @@ If your profile includes the Organization, check the token permissions and ensur
For GitLab and BitBucket, ensure that the Group-level tokens have access and the right permissions for the Organization.
-If the source of the asset is another vendor, ensure the repository URLs match in order to avoid creating duplicate assets.
+If the source of the asset is another vendor, ensure the repository URLs match to avoid creating duplicate assets.
diff --git a/scan-fix-and-prevent/manage-assets/assets-inventory-layouts.md b/scan-fix-and-prevent/manage-assets/assets-inventory-layouts.md
index bd6395e668de..ac41b52aa2d5 100644
--- a/scan-fix-and-prevent/manage-assets/assets-inventory-layouts.md
+++ b/scan-fix-and-prevent/manage-assets/assets-inventory-layouts.md
@@ -2,7 +2,7 @@
Snyk defines an asset as a meaningful, real-world component in an application’s SDLC, where meaningful means either carries a risk or aggregates risk of other components (for example, repositories that contain packages), and real-world means that the concept exists outside of Snyk, for example, repository (which is a generally applicable term). In most cases, assets carry a risk or aggregate risk of other components, such as repositories that contain packages.
-Snyk Essentials inventory tabs are organizing your repository assets in meaningful ways, enabling you to:
+Snyk Essentials inventory tabs organize your repository assets in meaningful ways, letting you:
* Gain full repository asset visibility from your SCM tools, including details about configured teams and repository code committers.
* Track controls coverage for Snyk products.
@@ -15,7 +15,7 @@ Each line in the inventory represents an asset.
## Inventory tabs
-To get better context and clarity over your asset inventory, Snyk Essentials allows flexible structuring with inventory tabs. Snyk Essentials includes five inventory tabs and groups assets by different contexts. You can find all inventory tabs under the Inventory menu option at the Group level:
+To get better context and clarity over your asset inventory, Snyk Essentials lets you structure assets flexibly with inventory tabs. Snyk Essentials includes five inventory tabs and groups assets by different contexts. You can find all inventory tabs under the Inventory menu option at the Group level:
* **Overview:** Provides quick insights into discovered repositories, enabling AppSec teams to effectively operationalize their program using Snyk.
* **All Assets:** All the discovered assets are grouped by their type.
@@ -31,7 +31,7 @@ You can filter the information for all the inventory tabs and use any of the ava
The Overview tab in Snyk Inventory provides insights into the discovered repositories, highlighting key features and characteristics such as the total number of discovered repositories and the distribution of tested and not tested repositories, the number of dormant repositories or coverage details based on the asset policies.
-Provides quick insights into discovered repositories, enabling AppSec teams to effectively operationalize their program using Snyk. This helps reduce coverage gaps, organize and leverage asset context, and ensure compliance with coverage policies.
+Provides quick insights into discovered repositories, enabling AppSec teams to effectively operationalize their program using Snyk. This helps reduce coverage gaps, organize and use asset context, and ensure compliance with coverage policies.
#### Repositories tested
@@ -43,7 +43,7 @@ Use this widget to get a clear overview of all discovered repositories and see h
Follow the next steps to remediate the coverage gaps:
-1. Click "Coverage gap" to see all affected repositories.
+1. Click **Coverage gap** to see all affected repositories.
2. Determine the reasons for the policy non-compliance.
3. Remediate and bring repositories into compliance.
4. Set up an asset policy.
@@ -54,17 +54,17 @@ Use this widget to see all dormant repositories with critical and high-risk issu
#### Languages with most issues
-Use this widget to identify the programming languages that often present issues within your codebase. If you hover over any of the listed languages, you can see and access the Snyk Learn training focused on setting up, integrating, and customizing the selected language.
+Use this widget to identify the programming languages that often present issues in your codebase. If you hover over any of the listed languages, you can see and access the Snyk Learn training focused on setting up, integrating, and customizing the selected language.
#### Class A repositories with most high and critical issues
-Use this widget to see a maximum of top ten high-risk Class A repositories with the biggest impact on the business (class A). This tool helps your development team identify and prioritize remediation efforts with asset context. By addressing high-risk areas promptly, you improve the stability and security of your Project, ultimately enhancing software quality.
+Use this widget to see a maximum of the top 10 high-risk Class A repositories with the biggest impact on the business. This tool helps your development team identify and prioritize remediation efforts with asset context. By addressing high-risk areas promptly, you improve the stability and security of your Project, ultimately enhancing software quality.
### All Assets
The **All Assets** tab under the Inventory menu provides a central view of all your assets, offering a comprehensive overview of your security posture. You can access a list of your assets and customize the view to meet your needs. Select the columns that you want to be visible, use filters to refine the information, and export the details to share them with others.
-This unified view allows you to efficiently monitor assets and prioritize remediation for stronger application security.
+This unified view lets you efficiently monitor assets and prioritize remediation for stronger application security.
### Asset Hierarchy
@@ -73,17 +73,17 @@ Assets are sorted by issue counts, and where applicable, package assets are list
The **Asset Hierarchy** is visible only when no filters are applied, allowing you to see a clear, unfiltered view of your assets and their relationships.
-This layout helps in understanding the relationship between different assets and their associated issues, providing a comprehensive view of the asset landscape within your Organization.
+This layout helps in understanding the relationship between different assets and their associated issues, providing a comprehensive view of the asset landscape in your Organization.
### Teams
-The **Teams** tab in Snyk **Inventory** organizes assets from SCM repositories by team. Assets are grouped here according to the teams assigned to them within the SCM organizations.
+The **Teams** tab in Snyk **Inventory** organizes assets from SCM repositories by team. Assets are grouped here according to the teams assigned to them in the SCM organizations.
-Only SCM organizations that have teams and repositories assigned to a team will appear in this layout. This helps in visualizing and managing repository assets according to team structures, making it easier to track and prioritize security efforts based on team responsibilities.
+Only SCM organizations that have teams and repositories assigned to a team appear in this layout. This helps in visualizing and managing repository assets according to team structures, making it easier to track and prioritize security efforts based on team responsibilities.
### Technology
-The **Technology** tab in Snyk **Inventory** groups SCM repository assets by the technology they use, such as programming languages and frameworks. This categorization is detected and tagged by Snyk Essentials, allowing you to easily identify and manage assets based on the used technologies.
+The **Technology** tab in Snyk **Inventory** groups SCM repository assets by the technology they use, such as programming languages and frameworks. Snyk Essentials detects and tags this categorization, letting you identify and manage assets based on the used technologies.
This feature helps in understanding the technological landscape of your repositories and can be useful for prioritizing security efforts and managing risks associated with different technologies.
@@ -96,7 +96,7 @@ Assets in the inventory are presented with key attributes in the following colum
* **Asset** - The name of the repository asset, scanned artifact, and the Git remote URL, if available. Scanned artifacts are missing Git remote URLs.
* **Issue** - The number of issue counts on open assets aggregated across all relevant tools of the same severity of the asset itself and its child assets or packages. The severity level is classified into **C** (critical), **H** (high), **M** (medium), and **L** (low).
* **Controls** - A report detailing all products detected by the Snyk Essentials on a specific repository asset and all products that should be but are not covered by Snyk Essentials.
-* **Tags** - You will be able to add a unique key-value tag to provide a more powerful and granular context for your assets. This attribute lets you attach specific, unique metadata to your assets, which enables precise filtering, robust policy creation, and alignment with your internal systems.
+* **Tags** - Add a unique key-value tag to provide a more powerful and granular context for your assets. This attribute lets you attach specific, unique metadata to your assets, which enables precise filtering, robust policy creation, and alignment with your internal systems.
* **Labels** - Snyk Essentials automatically labels repository assets with information about the used technologies (Python, Terraform, and so on) in the repository, and repository latest updates. You can also use policies to label repository assets.
* **Developers** - Includes the SCM profile details for code committers to the repository asset.
* **Class** - Reflects the business criticality of the asset from A (most critical) to D (least critical), as defined by the user in the Policies view. You can manually change the class or automatically change it by applying a policy. You can lock the value you have manually set for a Class to prevent policies from overriding it.
@@ -109,7 +109,7 @@ Assets in the inventory are presented with key attributes in the following colum
* **Actions** - Provides a workflow to set up an SCM integration, enriching the asset context with information such as labels, developers, and repository freshness. This use case is available when a Group-level integration is not configured.
{% hint style="info" %}
-The Clusters column is hidden by default. To enable it, click Columns, select Clusters from the dropdown list, then click Apply to save the changes.
+The Clusters column is hidden by default. To enable it, click **Columns**, select **Clusters** from the dropdown list, then click **Apply** to save the changes.
{% endhint %}
### **Asset Sources, Types, and Scanned Artifacts**
@@ -138,4 +138,4 @@ You can see the scanned artifacts in the Inventory Type view. The scanned artifa
Packages are defined as software or libraries that are managed by package management systems.
-Package assets are created when you scan the dependencies of a Project through package management systems or by using the Snyk CLI. This enables Snyk Essentials to identify and analyze the security vulnerabilities of the packages used within a Project, offering insights into possible risk exposures and providing recommendations for mitigation.
+Snyk creates package assets when you scan the dependencies of a Project through package management systems or by using the Snyk CLI. This lets Snyk Essentials identify and analyze the security vulnerabilities of the packages used in a Project, offering insights into possible risk exposures and providing recommendations for mitigation.
diff --git a/scan-fix-and-prevent/manage-assets/configure-repository-monitoring.md b/scan-fix-and-prevent/manage-assets/configure-repository-monitoring.md
index 0917e36dae23..e1c985d28487 100644
--- a/scan-fix-and-prevent/manage-assets/configure-repository-monitoring.md
+++ b/scan-fix-and-prevent/manage-assets/configure-repository-monitoring.md
@@ -19,7 +19,7 @@ Repository monitoring configuration provides the following capabilities:
* Centralized asset monitoring: view monitoring status for all products, identify health status, and see required actions (such as enabling Snyk Code or resolving SCM integration issues) in one view.
* Bulk import: import repositories directly from the Group **Inventory** page into specific Snyk Organizations.
* On-demand retesting: trigger a retest for specific repositories directly from **Inventory**.
-* Actionable error resolution: clear guidance ia available when testing fails due to integration issues or entitlements. After the underlying issue is resolved, testing resumes automatically.
+* Actionable error resolution: clear guidance is available when testing fails due to integration issues or entitlements. After you resolve the underlying issue, testing resumes automatically.
## Configure settings for repository monitoring
@@ -58,7 +58,7 @@ It is not possible to manage these settings at Organization level for assets tra
* **Testing exclusions (optional)**: manage file exclusions for Snyk Open Source and Snyk Container Projects. Exclusions apply at the asset level. You cannot exclude specific files for the same repository in different Snyk Organizations.
{% hint style="info" %}
-For Snyk Code, you can manage exclusions using the `.snyk` files, in order to maintain developer-first workflows.
+For Snyk Code, you can manage exclusions using the `.snyk` files to maintain developer-first workflows.
{% endhint %}
Click **Continue**.
diff --git a/scan-fix-and-prevent/manage-assets/manage-assets.md b/scan-fix-and-prevent/manage-assets/manage-assets.md
index 86e39bdf394c..b214ca9d98e8 100644
--- a/scan-fix-and-prevent/manage-assets/manage-assets.md
+++ b/scan-fix-and-prevent/manage-assets/manage-assets.md
@@ -46,6 +46,6 @@ Through this interconnected framework, Snyk ensures robust asset protection and
### Assets Enrichments by SCM Integration
-The table below outlines the asset enrichments provided by each SCM Integration. It highlights which capabilities are available today that are not available due to the SCM provider.
+The following table outlines the asset enrichments provided by each SCM Integration. It highlights which capabilities are available today that are not available due to the SCM provider.
Capability
GitHub
GitLab
BitBucket Cloud
BitBucket Server
Azure DevOps
Org/Workspace
✅
✅
✅
✅
✅
SCM Projects
❌
❌
✅
✅
✅
Contributors
✅
❌
❌
✅
✅
Teams
✅
✅
❌
✅
✅
Languages (tags)
✅
✅
✅ When manually set up
❌
✅
Tags
✅ GitHub topics / GitHub custom properties
✅ GitLab topics
❌
❌
❌
Visibility
✅
✅
✅
✅
✅
Archive Repos
✅
✅
✅
✅
✅
diff --git a/scan-fix-and-prevent/manage-risk/analytics/README.md b/scan-fix-and-prevent/manage-risk/analytics/README.md
index 42087c7c843e..6428bdda9439 100644
--- a/scan-fix-and-prevent/manage-risk/analytics/README.md
+++ b/scan-fix-and-prevent/manage-risk/analytics/README.md
@@ -7,7 +7,7 @@ The Snyk Analytics experience is available only for Enterprise plan customers wi
Build custom dashboards, access enhanced metrics, and explore analytics at the Tenant, Group, or Organization level.
-The Snyk Analytics allows you to:
+Snyk Analytics lets you:
* Select and arrange widgets from the inventory to create a personalized dashboard.
* Access the [Saved Views](reports-tab/#saved-views) feature.
@@ -43,5 +43,5 @@ In the Snyk 2.0 UI, **Analytics** is the centralized location for all Group or O
Snyk 2.0 introduces UI enhancements to the platform navigation and is available in Early Access. This is being rolled out gradually, so not all users see the new navigation at the same time.
-If you are an existing user, you can switch between the new and classic navigation at any time using the toggle in your user profile menu. For more information, visit [Snyk 2.0 platform improvements](https://app.gitbook.com/s/L7HyJj9FsK1W4pNt8Gzl/snyk-2.0-platform-improvements).
+If you are an existing user, you can switch between the new and classic navigation at any time using the toggle in your user profile menu. For more information, see [Snyk 2.0 platform improvements](https://app.gitbook.com/s/L7HyJj9FsK1W4pNt8Gzl/snyk-2.0-platform-improvements).
{% endhint %}
diff --git a/scan-fix-and-prevent/manage-risk/analytics/overview-tab.md b/scan-fix-and-prevent/manage-risk/analytics/overview-tab.md
index 1605ca0bb8b8..a70cd5582fff 100644
--- a/scan-fix-and-prevent/manage-risk/analytics/overview-tab.md
+++ b/scan-fix-and-prevent/manage-risk/analytics/overview-tab.md
@@ -13,7 +13,7 @@ This section displays aggregate totals for the selected time range and calculate
The following widgets are enabled by default:
* **Open issues**: The total count of unresolved vulnerabilities.
-* **Ignored issues**: The total count of vulnerabilities suppressed by Snyk ignore policies.
+* **Ignored issues**: The total count of vulnerabilities that Snyk ignore policies suppress.
* **New issues**: The volume of vulnerabilities introduced during the selected timeframe.
* **Resolved issues**: The total count of vulnerabilities fixed during the selected timeframe.
* **Unique vulnerabilities**: The distinct count of individual vulnerability types, regardless of how many times they appear across your environments.
@@ -22,13 +22,13 @@ Additionally, you can add the following widgets:
* **Projects Monitored**: Number of Snyk Projects continuously monitored for open-source vulnerabilities and license issues after using the `snyk monitor` CLI command.
* **Agentic Scans**: Number of Snyk Studio scans for the selected timeframe.
-* **Developers running agentic scans: S**nyk Studio adoption rate.
+* **Developers running agentic scans:** Snyk Studio adoption rate.
* **Total PR checks**: Number of pull request (PR) checks for the selected timeframe.
* **PR check success rate**: Outcomes of PR checks. An increasing success rate over time demonstrates that developers produce more secure code earlier in the software development lifecycle.
* **Snyk Organizations**: Track Snyk rollout progress by viewing the total number of new Snyk Organizations created over time.
* **Zero-Day Open Issues**: Use this centralized dashboard to assess immediate risk and track your response during a major zero-day security incident.
* **Developers testing in the IDE/CLI**: Number of developers who run a Snyk scan during the selected timeframe.
-* **SCA Preventable issues**: It shows the number of new open-source (SCA) vulnerabilities introduced into your codebase that you can block earlier, for example, during pull request checks.
+* **SCA Preventable issues**: Shows the number of new open-source (SCA) vulnerabilities introduced into your codebase that you can block earlier, for example, during pull request checks.
* **Tested repositories in CI/CD**: Number of repositories tested in the continuous integration and continuous delivery (CI/CD) pipeline.
### Coverage
@@ -95,7 +95,7 @@ The following widgets are enabled by default:
* **Organizations introducing most new SCA preventable issues**: Pinpoints where known, avoidable open-source risks enter your codebase. Use this to target specific teams for training on secure coding practices or Snyk use.
* **New issues by introduction category**: Classifies the avoidability of new vulnerabilities. Use the **Preventable Issue** segment to measure how many issues Snyk scans could have blocked earlier, helping you justify stricter PR checks.
-You can also add the **New SCA preventable issues introduced over time** widget. This widget classifies the avoidability of new vulnerabilities. Use the Preventable Issue segment to measure how many issues Snyk scans can block earlier to help you justify stricter pull request checks.
+You can also add the **New SCA preventable issues introduced over time** widget. This widget classifies the avoidability of new vulnerabilities. Use the **Preventable Issue** segment to measure how many issues Snyk scans can block earlier to help you justify stricter pull request checks.
## Customize the dashboard
diff --git a/scan-fix-and-prevent/manage-risk/analytics/reports-tab/README.md b/scan-fix-and-prevent/manage-risk/analytics/reports-tab/README.md
index 1b748cadd55e..dc2fac5d3dee 100644
--- a/scan-fix-and-prevent/manage-risk/analytics/reports-tab/README.md
+++ b/scan-fix-and-prevent/manage-risk/analytics/reports-tab/README.md
@@ -19,36 +19,36 @@ Reports are organized into multiple categories:
Snyk reports provide the visibility and analytics needed to drive data-based conversations between development and security.
-Security professionals can easily access, analyze, and share Snyk security data to track developer adoption and success, identify where the greatest amount of risk lies to prioritize remediation effectively, and understand the overall risk posture across the Organization's application portfolio.
+Security professionals can access, analyze, and share Snyk security data to track developer adoption and success, identify where the greatest amount of risk lies to prioritize remediation effectively, and understand the overall risk posture across the Organization's application portfolio.
Snyk Reports offer analytics across all of your Projects, displaying detailed and aggregated data about Projects and issues. Data displayed in each report is scoped to the Snyk Organization or Group in which you are working.
-Snyk Reports are highly flexible, enabling you to display specifically selected data in the appropriate view to answer key security questions.
+Snyk Reports are highly flexible and let you display specifically selected data in the appropriate view to answer key security questions.
{% hint style="info" %}
-Deactivated Projects and their respective results will not appear in the Reports area.
+Deactivated Projects and their respective results do not appear in the Reports area.
{% endhint %}
You can view dependencies and license information for all Projects in your Group or Organization. For more details, navigate to the [Dependencies and licenses](../../dependencies-and-licenses/) page.
Navigate to **Analytics** > **Reports** to see all available reports.
-After you selected a specific report, you can switch to a different report from the dropdown in the upper left corner.
+After you select a specific report, you can switch to a different report from the dropdown in the upper left corner.
## Snyk reporting filters
-All reports are filterable by a number of attributes, enabling users to create the appropriate horizontal or vertical slice of the business for their use case. You can see the available filters in the dropdown furthest right at the top.
+You can filter all reports by a number of attributes to create the appropriate horizontal or vertical slice of the business for your use case. You can see the available filters in the dropdown furthest right at the top.
If you do not select or enter any values for a particular key, the filter is not applied.
### Exclude filters
-In addition to selecting values to include, you can exclude specific values using the `is not` option available across many report filters. This allows you to:
+In addition to selecting values to include, you can exclude specific values using the `is not` option available across many report filters. You can:
* **Remove unwanted results** (for example, exclude certain Organizations, Project types, or asset names).
* **Spot gaps more easily** (for example, find Projects not in a collection, or assets missing specific tags).
-To use an exclude filter, first select the filter, then select the drop-down menu next to the filter name, and select `is Not` . Select the items you'd like to exclude.
+To use an exclude filter, first select the filter, then select the dropdown menu next to the filter name, and select `is Not` . Select the items you'd like to exclude.
The resulting filter shows "{filterName} is not: {excluded items}"
@@ -60,7 +60,7 @@ A specific filter type can only be used once - it is not possible to have both a
In a given filter, all values selected are separated by an OR operator. For example, if you select the values `Critical` and `High` for the `Issue Severity` filter, Snyk displays issues that have a severity of either `Critical` or `High`.
-With exclude filters, if you select `Is not Critical` in the Issue Severity filter, Snyk will display issues of all other severities except Critical.
+With exclude filters, if you select `Is not Critical` in the Issue Severity filter, Snyk displays issues of all other severities except Critical.
Filters are separated by an AND operator. For example, if you select the `Critical` value for the `Issue Severity` filter and the `Resolved` value for the `Issue Status` filter, Snyk displays issues that are both `critical` severity and `resolved`.
@@ -68,7 +68,7 @@ This same logic applies when using exclusions. For example, if you exclude `Crit
### Stateful URLs for filtered views
-Every time a filter value is applied, the app.snyk.io URL is updated to persist the state of the page. You can bookmark and copy the URL, and share it with anyone who has the appropriate Snyk Organization or Group access. For easy sharing, use the **Copy URL** button in the upper-right corner of the report list.
+Every time you apply a filter value, Snyk updates the app.snyk.io URL to persist the state of the page. You can bookmark and copy the URL, and share it with anyone who has the appropriate Snyk Organization or Group access. For easy sharing, click **Copy URL** in the upper-right corner of the report list.
Exclude filter selections are also saved in the URL, so your "not equal to" filters persist when you share or bookmark a view.
@@ -89,41 +89,41 @@ Click **Export to PDF** to download a PDF of the report content and its context.
* Viewed scope (Snyk Organization or Group)
* Applied filters
-Exporting a PDF enables you to share a report with users who do not log in to the Snyk Web UI, for example, an executive or external auditor. The PDF export offers point-in-time attestation with the necessary context.
+Exporting a PDF lets you share a report with users who do not log in to the Snyk Web UI, for example, an executive or external auditor. The PDF export offers point-in-time attestation with the necessary context.
For tabular data on reports, the PDF export shows only the first 50 results. The PDF export includes links to view the report in the browser.
### Download a Snyk report to a CSV file
-You can use the **Download CSV** button on the right in the report to download data presented in tables to CSV. This information can be used, for example, for prioritization or for a one-time analysis in a spreadsheet.
+Click **Download CSV** in the report to download data presented in tables to CSV. You can use this information, for example, for prioritization or for a one-time analysis in a spreadsheet.
All columns displayed in the UI are included in the CSV output. In addition, any columns that contain hyperlinks in the UI are split into two columns: one containing the text and the other containing the linked URL.
There is no row limit, but there is a 5GB file size limit.
-The **Download CSV** button is disabled if there are no vulnerabilities in the report, either because the Organization has no vulnerable Projects or because the applied filters remove all vulnerabilities. In this case, the report can still be exported to PDF if proof of zero vulnerabilities is required.
+**Download CSV** is disabled if there are no vulnerabilities in the report, either because the Organization has no vulnerable Projects or because the applied filters remove all vulnerabilities. In this case, you can still export the report to PDF if you need proof of zero vulnerabilities.
## Column sorting
Sort columns in tables by clicking the arrows next to the column header. Click once to sort in ascending order, twice to sort in descending order, and three times to remove the sort from that column. Multi-column sorting is supported.
-When columns are sorted, the app.snyk.io URL is updated to persist the state of the page, allowing for bookmarking, copying, and sharing.
+When you sort columns, Snyk updates the app.snyk.io URL to persist the state of the page, allowing for bookmarking, copying, and sharing.
## Modify Snyk report columns
-In some reports, tables may include an option to modify columns. When this option is available, you can use it to select the columns to display in the UI. The export features (PDF and CSV) respect the selected columns.
+In some reports, tables include an option to modify columns. When this option is available, you can use it to select the columns to display in the UI. The export features (PDF and CSV) respect the selected columns.
-When columns are modified, the app.snyk.io URL is updated to persist the state of the page, allowing for bookmarking, copying, and sharing.
+When you modify columns, Snyk updates the app.snyk.io URL to persist the state of the page, allowing for bookmarking, copying, and sharing.
## Saved views
-The Saved Views feature enables collaboration based on shared, consistent, and customizable reports. This feature is available at Organization and Group level, in the **Analytics** menu, under the **Reports** tab. It allows you to customize and save filter settings for your reports, which you can then reuse.
+The Saved Views feature enables collaboration based on shared, consistent, and customizable reports. This feature is available at Organization and Group level, in the **Analytics** menu, under the **Reports** tab. It lets you customize and save filter settings for your reports, which you can then reuse.
-To make it easier to share the view outside of the Snyk platform, the URL of a saved view remains the same after it is created, regardless of any changes you make to it.
+To make it easier to share the view outside of the Snyk platform, the URL of a saved view remains the same after you create it, regardless of any changes you make to it.
### Prerequisites
-To create, edit, and remove a saved view, you must have **Edit reports** permission. Saved views are not private. After being created, Saved Views are visible to all users with **View reports** permission. Only Organization and Group Admins can assign these permissions. For more information, see [User role management](https://app.gitbook.com/s/IgtgtomLQ2TUgSKOMSAm/user-management/user-role-management).
+To create, edit, and remove a saved view, you must have **Edit reports** permission. Saved views are not private. After you create them, Saved Views are visible to all users with **View reports** permission. Only Organization and Group Admins can assign these permissions. For more information, see [User role management](https://app.gitbook.com/s/IgtgtomLQ2TUgSKOMSAm/user-management/user-role-management).
To assign report permissions:
@@ -154,7 +154,7 @@ To update a saved view:
2. Navigate to the **Analytics** menu > **Reports** tab and select the report that contains the saved view you want to update.
3. From the **Standard view** filter, select and load the view you want to update.
4. Make any necessary changes to the report view.
-5. Save the changes by clicking **Save** next to the Saved Views dropdown. This overwrites the existing view.
+5. Click **Save** next to the Saved Views dropdown to save the changes. This overwrites the existing view.
### Rename, delete, or copy the URL of a view
diff --git a/scan-fix-and-prevent/manage-risk/analytics/reports-tab/compliance-reports.md b/scan-fix-and-prevent/manage-risk/analytics/reports-tab/compliance-reports.md
index c6e673cddc1d..ebd80cd7a7ca 100644
--- a/scan-fix-and-prevent/manage-risk/analytics/reports-tab/compliance-reports.md
+++ b/scan-fix-and-prevent/manage-risk/analytics/reports-tab/compliance-reports.md
@@ -9,7 +9,7 @@ The Compliance reports section includes the following reports:
## CWE Top 10 KEV report
-The [CWE Top 10 KEV Weaknesses](https://cwe.mitre.org/top25/archive/2023/2023_kev_list.html) list identifies the top ten CWEs in the Cybersecurity and Infrastructure Security Agency’s (CISA) [Known Exploited Vulnerabilities](https://www.cisa.gov/known-exploited-vulnerabilities-catalog) (KEV) Catalog, a database of security flaws in software applications and weaknesses that have been exposed and leveraged by attackers.
+The [CWE Top 10 KEV Weaknesses](https://cwe.mitre.org/top25/archive/2023/2023_kev_list.html) list identifies the top ten CWEs in the Cybersecurity and Infrastructure Security Agency’s (CISA) [Known Exploited Vulnerabilities](https://www.cisa.gov/known-exploited-vulnerabilities-catalog) (KEV) Catalog, a database of security flaws in software applications and weaknesses that attackers have exposed and exploited.
The report is based on the version released in 2023 by Mitre. The supported products are Snyk Open Source, Snyk Container, and Snyk Code.
@@ -27,7 +27,7 @@ Each control in the list (A1, A2, and so on) is based on a list of Common Weakne
The CWEs are mapped to Snyk-IDs (), which are mapped to issues.
-For example, the critical vulnerability [SNYK-JAVA-ORGAPACHELOGGINGLOG4J-2314720](https://security.snyk.io/vuln/SNYK-JAVA-ORGAPACHELOGGINGLOG4J-2314720) is classified as [CWE-94](https://cwe.mitre.org/data/definitions/94.html), which is part of the OWASP TOP 10 [A03:2025 - Injection](https://owasp.org/Top10/2025/A05_2025-Injection/). All the issues related to this vulnerability will be under the A03 category.
+For example, the critical vulnerability [SNYK-JAVA-ORGAPACHELOGGINGLOG4J-2314720](https://security.snyk.io/vuln/SNYK-JAVA-ORGAPACHELOGGINGLOG4J-2314720) is classified as [CWE-94](https://cwe.mitre.org/data/definitions/94.html), which is part of the OWASP TOP 10 [A03:2025 - Injection](https://owasp.org/Top10/2025/A05_2025-Injection/). All the issues related to this vulnerability appear under the A03 category.
Learn more by using the [OWASP TOP 10 Learning path](https://learn.snyk.io/learning-paths/owasp-top-10/) on Snyk Learn.
@@ -56,7 +56,7 @@ The report identifies PCI-DSS risks and violations based on the following PCI-DS
1. **Requirement 6.2.4:** Engineers use various techniques to prevent or mitigate common software attacks and related vulnerabilities in bespoke and custom software. This includes but is not limited to the following methods:
* Injection attacks, including SQL, LDAP, XPath, or other command, parameter, object, fault, or injection-type flaws.
* Attacks on data and data structures, including attempts to manipulate buffers, pointers, input data, or shared data.
- * Attacks on cryptography usage, including attempts to exploit weak, insecure, or inappropriate cryptographic implementations, algorithms, cipher suites, or modes of operation.
+ * Attacks on cryptography use, including attempts to exploit weak, insecure, or inappropriate cryptographic implementations, algorithms, cipher suites, or modes of operation.
* Attacks on business logic, including attempts to abuse or bypass application features and functionalities through the manipulation of APIs, communication protocols and channels, client-side functionality, or other system or application functions and resources. This includes cross-site scripting (XSS) and cross-site request forgery (CSRF).
* Attacks on access control mechanisms, including attempts to bypass or abuse identification, authentication, or authorization mechanisms or attempts to exploit weaknesses in the implementation of such mechanisms.
* Attacks using any “high-risk” vulnerabilities identified in the vulnerability identification process, as defined in Requirement 6.3.1.
@@ -141,9 +141,9 @@ The breakdown table helps identify the number of vulnerabilities by attack categ
Use the table to pinpoint major attack categories or Snyk Organizations that lead to PCI-DSS violations. You can click on the figures to explore the specific issues in more detail.
{% hint style="info" %}
-After you investigate and see the actual issues behind the figures, you may proceed by:
+After you investigate and see the actual issues behind the figures, you can proceed by:
-* Vulnerability triage and prioritization.
-* Conclude the prevalent CWEs and CVEs by sorting on the CWE/CVE column and filtering those CWEs/CVEs in the [Vulnerabilities Detail Report](compliance-reports.md#vulnerabilities-detail-report) to surface all the vulnerability occurrences across targets and Projects.
-* Run a vulnerability eradication campaign or assign Snyk Learn training to relevant engineering teams.
+* Triaging and prioritizing vulnerabilities
+* Determining the prevalent CWEs and CVEs by sorting on the CWE/CVE column and filtering those CWEs/CVEs in the [Vulnerabilities Detail Report](compliance-reports.md#vulnerabilities-detail-report) to surface all the vulnerability occurrences across targets and Projects
+* Running a vulnerability eradication campaign or assigning Snyk Learn training to relevant engineering teams
{% endhint %}
diff --git a/scan-fix-and-prevent/manage-risk/analytics/reports-tab/education-reports.md b/scan-fix-and-prevent/manage-risk/analytics/reports-tab/education-reports.md
index 3240ae2b070b..48a287bed969 100644
--- a/scan-fix-and-prevent/manage-risk/analytics/reports-tab/education-reports.md
+++ b/scan-fix-and-prevent/manage-risk/analytics/reports-tab/education-reports.md
@@ -15,21 +15,21 @@ The Education reports section includes the following reports:
Learn Engagement report is available only in the Learning Management add-on offering. For more information, contact your Snyk account team.
{% endhint %}
-The goal of the engagement report is to provide insights into your security education and training programs overall progress, and give you insights into which parts of your Organization are engaging with Snyk Learn content. You can use the data and insights to better optimise your program, find security champions, generate reports for compliance and show progress to your executive sponsors.
+The goal of the engagement report is to provide insights into your security education and training programs overall progress, and give you insights into which parts of your Organization are engaging with Snyk Learn content. You can use the data and insights to better optimize your program, find security champions, generate reports for compliance, and show progress to your executive sponsors.
### Access the report
-The Learn Engagement report can be accessed at the Group level from the **Change Report** dropdown in the Reports menu.
+You can access the Learn Engagement report at the Group level from the **Change Report** dropdown in the Reports menu.
### Report features
-The report allows you to track:
+The report lets you track:
* Learn engagement snapshot analytics
* Assignment Progress
* Adoption rankings
* Content usage breakdown
-* Filtering: custom time periods, users, organizations, organization role, and Lesson titles.
+* Filtering: custom time periods, users, organizations, organization role, and Lesson titles
{% hint style="info" %}
[Learning Programs](https://app.gitbook.com/s/L7HyJj9FsK1W4pNt8Gzl/developer-education-with-snyk-learn/snyk-learn/snyk-learn-learning-programs) are not included in the Engagement Report
@@ -43,7 +43,7 @@ The first section of the report focuses on showing key engagement statistics and
### Adoption rankings
-The adoption ranking section shows your organization and individual user engagement with Snyk Learn. This is ranked by "Lessons complete" and also has the estimated duration the org/user has spent on Snyk Learn lessons. Estimated duration calculated using the estimated duration presented at the start of each lesson, and includes estimated time from any progress on "in-progress" lessons in the selected period.
+The adoption ranking section shows your organization and individual user engagement with Snyk Learn. This is ranked by "Lessons complete" and also has the estimated duration the org/user has spent on Snyk Learn lessons. Snyk calculates the estimated duration using the estimated duration presented at the start of each lesson, and includes estimated time from any progress on "in-progress" lessons in the selected period.
{% hint style="info" %}
The user level adoption ranking is a great way to identify potential security champions who are proactively engaging in security education and training.
@@ -67,17 +67,17 @@ The goal of the impact and opportunities report is to provide insights into the
### Access the report
-The Learning Impact & Opportunities report can be accessed at the Group level from the **Change Report** dropdown in the Reports menu.
+You can access the Learning Impact and Opportunities report at the Group level from the **Change Report** dropdown in the Reports menu.
### Report features
-The report allows you to track:
+The report lets you track:
* Impact of education and training on code issue remediation
* Impact of education and training on code issue prevention
* Recommendations for further training opportunities
-* Coverage rates of users trained in identified training opportunities.
-* Filtering: custom time periods, users, organizations, lesson title, CWE, issue severity.
+* Coverage rates of users trained in identified training opportunities
+* Filtering: custom time periods, users, organizations, lesson title, CWE, issue severity
### Learning impact snapshot
@@ -91,12 +91,12 @@ The "Learning Impact on Issue Prevention" chart measures the relationship betwee
### Top 10 CWEs - open issues / issues introduced in the period
-This section of the report shows recommendation for training for your top open code issues, and most frequently introduced issues, by volume. Note issues are only included when Snyk Learn has a related lesson for the CWE category.
+This section of the report shows recommendations for training for your top open code issues, and most frequently introduced issues, by volume. Note that Snyk includes issues only when Snyk Learn has a related lesson for the CWE category.
-You will see coverage for all users within organisation scope of the report filters. This shows you how many people have ever completed a related Snyk Learn lesson on the topic.
+You see coverage for all users in organization scope of the report filters. This shows you how many people have ever completed a related Snyk Learn lesson on the topic.
{% hint style="info" %}
-The recommendations in this section allow you to focus on the most impactful training opportunities. Use the filters to further customise the recommendations based on issue severity or for specific Organizations.
+The recommendations in this section let you focus on the most impactful training opportunities. Use the filters to further customize the recommendations based on issue severity or for specific Organizations.
{% endhint %}
diff --git a/scan-fix-and-prevent/manage-risk/analytics/reports-tab/exposure-and-coverage-reports.md b/scan-fix-and-prevent/manage-risk/analytics/reports-tab/exposure-and-coverage-reports.md
index bc0dbe3bfe2c..84714630dcc2 100644
--- a/scan-fix-and-prevent/manage-risk/analytics/reports-tab/exposure-and-coverage-reports.md
+++ b/scan-fix-and-prevent/manage-risk/analytics/reports-tab/exposure-and-coverage-reports.md
@@ -12,7 +12,7 @@ The Asset Dashboard provides a comprehensive overview of your application and se
The Asset Dashboard is a central hub for managing and reviewing assets, making tracking inventory size easier over time and understanding the interaction between different asset types.
-While Snyk Inventory enables the discovery and management of your assets that should be secured, the Snyk Asset Dashboard allows you to go beyond the details and better understand the main building blocks of your inventory.\
+While Snyk Inventory enables the discovery and management of your assets that should be secured, the Snyk Asset Dashboard lets you go beyond the details and better understand the main building blocks of your inventory.\
\
The Asset Dashboard shows all the asset data that is available in your inventory and helps you answer various questions, such as:
@@ -55,31 +55,31 @@ Hover over any column to see how the coverage percentage is calculated.
### Asset class breakdown
-The asset class breakdown widget surfaces the distribution of repositories and container images by [asset class](../../../manage-assets/assets-inventory-components.md#class). Reviewing this widget allows you to determine the percentage of business-critical assets in your inventory and drill down to see the actual assets.
+The asset class breakdown widget surfaces the distribution of repositories and container images by [asset class](../../../manage-assets/assets-inventory-components.md#class). Reviewing this widget lets you determine the percentage of business-critical assets in your inventory and drill down to see the actual assets.
{% hint style="info" %}
**Tips**
* Having the context of the asset class is crucial for prioritizing assets. It is recommended to categorize your inventory by implementing [classification policies](../../policies/assets-policies/use-cases-for-policies/classification-policy.md) to proactively classify existing and newly introduced assets.
-* Using the filters enables narrowing down the asset class distribution within specific applications or code owners, as well as focusing on active repositories or a set of assets based on the asset tags.
+* Using the filters enables narrowing down the asset class distribution in specific applications or code owners, as well as focusing on active repositories or a set of assets based on the asset tags.
{% endhint %}
Asset Class Breakdown
### Top 10 technologies breakdown
-The top 10 technologies widget identifies the leading programming languages and frameworks used in repositories. Using the available filters enables you to determine the most commonly used technologies in active or business-critical repositories. Moreover, you can investigate specific applications or code owners.
+The top 10 technologies widget identifies the leading programming languages and frameworks used in repositories. Using the available filters lets you determine the most commonly used technologies in active or business-critical repositories. You can also investigate specific applications or code owners.
{% hint style="info" %}
**Tips**
* The technology data is available in the [asset tags](../../../manage-assets/assets-inventory-components.md#tags).
-* Click a presented technology to open the inventory page in a new browser tab. This will allow you to review the related repositories in detail.
+* Click a presented technology to open the inventory page in a new browser tab. This lets you review the related repositories in detail.
{% endhint %}
### Top 10 package managers breakdown
-The top 10 package managers widget allows you to identify the leading package managers in your inventory. The quantities represent assets of package type. A [package asset](../../../manage-assets/assets-inventory-layouts.md#packages) is defined as software or library that is managed by package management systems.
+The top 10 package managers widget lets you identify the leading package managers in your inventory. The quantities represent assets of package type. A [package asset](../../../manage-assets/assets-inventory-layouts.md#packages) is software or a library that package management systems manage.
### Repository freshness
@@ -102,7 +102,7 @@ You can use the asset class filter to identify business-critical assets that are
### Application context availability
-The application context availability widget allows you to discover gaps in the context of assets. The available columns include:
+The application context availability widget lets you discover gaps in the context of assets. The available columns include:
* **Application Context** - displays the analyzed context attribute.
* **Unique Values** - shows how many unique instances exist for an attribute. For example, you can check how many unique applications or code owners are available for any of the listed attributes.
@@ -113,9 +113,9 @@ The application context availability widget allows you to discover gaps in the c
* Before reviewing this widget, ensure that the results are cleaned up by filtering out the "dummy" attribute values, such as "unknown", "-", and so on.\
You can clean up the values by selecting only the relevant values.
-* Filtering by asset class allows you to identify business-critical repositories without a known code owner or associated application.
-* Filtering by the "active" value of the repository freshness filter allows you to discover context gaps in repositories that are actively being developed.
-* Reviewing the unique values allows you to spot gaps in context. For example, you may realize that the number of unique code owners does not match the number of teams.
+* Filtering by asset class lets you identify business-critical repositories without a known code owner or associated application.
+* Filtering by the "active" value of the repository freshness filter lets you discover context gaps in repositories that are actively being developed.
+* Reviewing the unique values lets you spot gaps in context. For example, you may realize that the number of unique code owners does not match the number of teams.
{% endhint %}
Application Context Availability
@@ -127,15 +127,15 @@ The asset source breakdown widget visualizes the quantities of detected assets f
{% hint style="info" %}
**Tips**
-* The widget displays the net quantities of detected assets for each source. If an asset is detected in more than one source, it will be counted once for each detected source.
-* When asset inventory quantities seem incomplete or exceed expectations, this widget will help you discover which integrations should be examined and potentially configured differently.
+* The widget displays the net quantities of detected assets for each source. If Snyk detects an asset in more than one source, it counts the asset once for each detected source.
+* When asset inventory quantities seem incomplete or exceed expectations, this widget helps you discover which integrations to examine and potentially configure differently.
{% endhint %}
Asset source breakdown
## Issues Detail report
-The Issues Detail report displays all known issues in all of your Projects that are being monitored by Snyk. The report provides issue details and which of your Projects are affected, providing links to fix information.
+The Issues Detail report displays all known issues in all of your Projects that Snyk monitors. The report provides issue details and which of your Projects are affected, providing links to fix information.
The Issues Detail report displays the number of issues as well as the number of unique vulnerabilities that make up the issues.
@@ -147,9 +147,9 @@ For a table of only the unique vulnerabilities, use **Change Report** to switch
## Risk exposure report
-This report gives you a single, consolidated view of your security risks. It allows you to quickly understand your risk exposure, track your progress in reducing it, and pinpoint high-risk areas.
+This report gives you a single, consolidated view of your security risks. It lets you quickly understand your risk exposure, track your progress in reducing it, and pinpoint high-risk areas.
-The Risk Exposure Report helps AppSec teams make quicker, more informed decisions. Rather than reviewing multiple reports, it provides a clear overview of the security landscape, allowing you to:
+The Risk Exposure Report helps AppSec teams make quicker, more informed decisions. Rather than reviewing multiple reports, it provides a clear overview of the security landscape, letting you:
* Make faster decisions by quickly identifying your biggest security challenges and where to focus your attention.
* Prioritize effectively by using data to guide your mitigation efforts toward the areas that contribute the most risk.
@@ -161,9 +161,9 @@ The Risk Exposure Report helps AppSec teams make quicker, more informed decision
Choose your preferred severity source and automatically update selected severity throughout the report:
-* **Snyk**: utilizing Snyk proprietary CVSS calculations and other factors, including the relative importance of the Linux distributor.
-* **NVD CVSS**: leveraging severity scores from the National Vulnerability Database (NVD).
-* **Non-SCA Severities:** For non-SCA issues (for example, Code, IaC), Snyk severity calculates High, Medium, and Low levels for specific code vulnerabilities and makes use of the Common Configuration Scoring System (CCSS) for IaC severity determinations
+* **Snyk**: uses Snyk proprietary CVSS calculations and other factors, including the relative importance of the Linux distributor.
+* **NVD CVSS**: uses severity scores from the National Vulnerability Database (NVD).
+* **Non-SCA Severities:** For non-SCA issues (for example, Code, IaC), Snyk severity calculates High, Medium, and Low levels for specific code vulnerabilities and uses the Common Configuration Scoring System (CCSS) for IaC severity determinations
The report includes two main sections to provide a comprehensive view of your risk landscape:
diff --git a/scan-fix-and-prevent/manage-risk/analytics/reports-tab/issue-columns-dictionary.md b/scan-fix-and-prevent/manage-risk/analytics/reports-tab/issue-columns-dictionary.md
index bc3e114ca3ce..9048451fd9a4 100644
--- a/scan-fix-and-prevent/manage-risk/analytics/reports-tab/issue-columns-dictionary.md
+++ b/scan-fix-and-prevent/manage-risk/analytics/reports-tab/issue-columns-dictionary.md
@@ -1,6 +1,6 @@
# Issue columns dictionary
-Snyk reporting includes many filters and columns, allowing users to develop refined views of the data and obtain the required insights with ease. Reaching accurate conclusions requires understanding the columns used and the meaning of the filters. This dictionary explains the meaning of the issue columns in Snyk Issues Detail report.
+Snyk reporting includes many filters and columns, letting you develop refined views of the data and obtain the required insights. Reaching accurate conclusions requires understanding the columns used and the meaning of the filters. This dictionary explains the meaning of the issue columns in Snyk Issues Detail report.
{% hint style="info" %}
Each inner list is sorted alphabetically
@@ -33,10 +33,10 @@ Describes the main attributes of the issue.
* **PRODUCT NAME** - Snyk product name.
* **SEVERITY** - Indicates the issue severity according to the analysis by a specific Snyk product.
* **SCORE** - A score based on an analysis model. Priority score is released in General Availability, while Risk Score is in Early Access. For details, see [Priority Score vs Risk Score](../../prioritize-issues-for-fixing/priority-score-vs-risk-score.md).
-* **REACHABILITY** - The reachability of the issue indicates whether the issue is related to a code element (function, module, class, etc) that are being called by the application and thus has a greater risk of exploitability. Allowed values:
+* **REACHABILITY** - The reachability of the issue indicates whether the issue is related to a code element (function, module, class, and so on) that the application calls and thus has a greater risk of exploitability. Allowed values:
* **Reachable** - A direct or indirect path was found from your application to the vulnerable code.
* **No path found** - No path found from your application to the vulnerable code. Note that this value might change over time.
- * **Not applicable** - Reachability is not relevant to the specific issue. This value will appear for languages that are not yet supported and for issues that are not Snyk Open Source vulnerabilities.
+ * **Not applicable** - Reachability is not relevant to the specific issue. This value appears for languages that are not yet supported and for issues that are not Snyk Open Source vulnerabilities.
## Issue vulnerability details
@@ -62,7 +62,7 @@ The vulnerability details refer to various issue attributes that are being defin
* **PROBLEM ID** - Snyk Vuln DB ID that uniquely identifies the vulnerability.
* **PROBLEM TITLE** - The vulnerability name as described by Snyk.
* **SEMVER VULNERABLE RANGE** - The vulnerable range of package versions (based on semantic versioning).
-* **SNYK CVSS SCORE -** Snyk's CVSS (Common Vulnerability Scoring System) score.
+* **SNYK CVSS SCORE -** The Snyk CVSS (Common Vulnerability Scoring System) score.
* **VULNERABILITY PUBLICATION DATE** - Timestamp indicating when the vulnerability was published by Snyk.
## Issue context columns
@@ -90,7 +90,7 @@ The context columns help you understand the impact and risk for an issue based o
### Asset context
{% hint style="info" %}
-When filtering issues by assets context, issues of archived assets will be excluded from the results
+When filtering issues by assets context, Snyk excludes issues of archived assets from the results
{% endhint %}
* **ASSET CLASS**- specifies the business criticality of the asset (A, most critical - D, least critical).
@@ -111,7 +111,7 @@ When filtering issues by assets context, issues of archived assets will be exclu
Navigate to the [Application context for SCM integrations](https://app.gitbook.com/s/IEEjSXQQu36y0vmFV8zf/integrations/scm-integrations/application-context-for-scm-integrations) page for more details about enriching the application context data.
{% hint style="info" %}
-When filtering issues by application context, issues of archived assets will be excluded from the results
+When filtering issues by application context, Snyk excludes issues of archived assets from the results
{% endhint %}
* **APPLICATION** - represents the application or service that the asset is associated with.
diff --git a/scan-fix-and-prevent/manage-risk/analytics/reports-tab/prevention-reports.md b/scan-fix-and-prevent/manage-risk/analytics/reports-tab/prevention-reports.md
index f4e595483417..966b11ad49fe 100644
--- a/scan-fix-and-prevent/manage-risk/analytics/reports-tab/prevention-reports.md
+++ b/scan-fix-and-prevent/manage-risk/analytics/reports-tab/prevention-reports.md
@@ -21,7 +21,7 @@ To use this report, you must ensure you have installed the following prerequisit
* Visual Studio 2019, 2022 and Snyk Security Plugin 1.1.47 or newer
* Eclipse 2023.12 or newer and Snyk Security plugin 2.1.0 or newer
-This report shows the adoption of Snyk testing in local development through the IDE plugins, using the CLI locally or incorporating Snyk Studio into agentic workflows. The report is available under the Change Report dropdown at the Group and Organization levels.
+This report shows the adoption of Snyk testing in local development through the IDE plugins, using the CLI locally or incorporating Snyk Studio into agentic workflows. The report is available under the **Change Report** dropdown at the Group and Organization levels.
{% hint style="info" %}
This report focuses on the local developer experience and does not include the use of CI/CD. In addition, it does not show Organizations or developers that have never used the CLI, IDE, or Snyk Studio (through MCP).
@@ -77,7 +77,7 @@ The following prerequisites and data limits apply:
* Snyk Studio (MCP)
* IDE
* CLI
-* SARIF files greater than 500 KB will not be included in the report’s results.
+* SARIF files greater than 500 KB are not included in the report results.
With this report, you get visibility into:
@@ -105,7 +105,7 @@ A fix is generated when these conditions are met:
Severity overrides are applied, and custom severities are reflected in the report.
-Fixes and the fix rate can diverge. For example, if a developer or team gets numerous security findings that they do not fix, the fix rate may be lower than the total fixes. If a developer opens 5 branches, finds 5 issues, and fixes one of them, the fix rate is 20% and the total fixes are 1.
+Fixes and the fix rate can diverge. For example, if a developer or team gets numerous security findings that they do not fix, the fix rate may be lower than the total fixes. If a developer opens five branches, finds five issues, and fixes one of them, the fix rate is 20% and the total fixes are one.
## Pull request checks usage & performance report
@@ -115,7 +115,7 @@ Fixes and the fix rate can diverge. For example, if a developer or team gets num
Snyk Pull request checks usage & performance report is in Generally Availability for Enterprise plan customers. For more information, visit [Plans and pricing](https://snyk.io/plans/).
{% endhint %}
-This report enables you to track and analyze the results and adoption of Snyk pull request checks.
+This report lets you track and analyze the results and adoption of Snyk pull request checks.
By monitoring trends in successful, failed, and errored PR checks, AppSec teams can detect and investigate spikes in failures and identify source and target configurations that need attention. Comparing current adoption against a previous period also surfaces whether coverage is improving or regressing over time while identifying the coverage gaps that need to be addressed.
@@ -123,7 +123,7 @@ By monitoring trends in successful, failed, and errored PR checks, AppSec teams
High level metrics provide an overview of how often PR checks are passing along with how often checks are being marked as successful to override a failed status. The PR checks by status over time trend gives you a weekly view of PR check outcomes while additional views break these outcomes down by specific scan types.
-A high rate of failed PR checks may indicate emerging risk areas while a high rate of overridden checks may signal that developers are bypassing security gates and warrant further investigation. An increasing success rate over time can demonstrate that developers are producing more secure code earlier in your software development life cycle.
+A high rate of failed PR checks may indicate emerging risk areas while a high rate of overridden checks may signal that developers are bypassing security gates and warrant further investigation. An increasing success rate over time can demonstrate that developers are producing more secure code earlier in your software development lifecycle.
@@ -151,7 +151,7 @@ PR check enablement for all targets and projects imported through an integration
**Integrations With Scan Enabled** under the Group view counts enablement by integration settings for all integrations that exist under all the organizations under that group.
-Repository status will be "N/A" under the repository view when a repository is new to Snyk or if the specific Snyk product does not apply (there are no projects for that product type imported for the target repository).
+Repository status is "N/A" under the repository view when a repository is new to Snyk or if the specific Snyk product does not apply (there are no projects for that product type imported for the target repository).
@@ -248,7 +248,7 @@ Snyk Generated Pull Requests report is available only for Enterprise plan custom
### Access the report
-The Generated Pull Requests report can be accessed at both Group and Organization level from the **Change Report** drop down in the Reports menu.
+You can access the Generated Pull Requests report at both Group and Organization level from the **Change Report** dropdown in the Reports menu.
This report type provides an overview of how [Fix](../../../scan-with-snyk/pull-requests/snyk-pull-or-merge-requests/enable-automatic-fix-prs.md), [Backlog](../../../scan-with-snyk/pull-requests/snyk-pull-or-merge-requests/enable-automatic-backlog-prs-for-previously-known-vulnerabilities.md), and [Upgrade PRs](../../../scan-with-snyk/pull-requests/snyk-pull-or-merge-requests/enable-automatic-upgrade-prs-for-new-dependency-upgrades.md) are used and highlights the efficiency of PR merges.
@@ -262,7 +262,7 @@ The analytics report covers the following:
* Visibility of issues.
* Breakdown by repository for PR status.
-The report summary enables you to check the total number of Snyk PRs created, the total pull requests merged, and the mean time to merge for those pull requests.
+The report summary lets you check the total number of Snyk PRs created, the total pull requests merged, and the mean time to merge for those pull requests.
### Report features
@@ -284,4 +284,4 @@ The **Projects/Org/Repository** table displays the number of Total, Open, Merged
Select a repository name to open a modal containing additional metrics for that specific repository.
-The repository breakdown details the number of PRs segmented by PR type and PR status. Merge rate is presented as a percentage for each row. It also lists the Projects within that repository, with the number of issues categorised by severity.
+The repository breakdown details the number of PRs segmented by PR type and PR status. Merge rate is presented as a percentage for each row. It also lists the Projects in that repository, with the number of issues categorized by severity.
diff --git a/scan-fix-and-prevent/manage-risk/analytics/reports-tab/remediation-reports.md b/scan-fix-and-prevent/manage-risk/analytics/reports-tab/remediation-reports.md
index d35f2d88c650..884616427731 100644
--- a/scan-fix-and-prevent/manage-risk/analytics/reports-tab/remediation-reports.md
+++ b/scan-fix-and-prevent/manage-risk/analytics/reports-tab/remediation-reports.md
@@ -13,38 +13,38 @@ The Issues Summary report highlights the value that Snyk is providing by enablin
The report provides a glimpse into how well teams are optimizing the use of the Snyk platform for their workflow and provides a means to measure and improve security.
-This report enables you to easily understand the current state and trends of the highest security risk items. This report also provides a quick view into where risk is coming from and where remediation efforts are most and least effective.
+This report lets you understand the current state and trends of the highest security risk items. This report also provides a quick view into where risk is coming from and where remediation efforts are most and least effective.
{% hint style="info" %}
-Use the date filter in the upper right corner of the Issues Summary report to see key metrics and charts for a specified interval. The selected date range also impacts the compared period, which allows you to measure progress across various key metrics.
+Use the date filter in the upper-right corner of the Issues Summary report to see key metrics and charts for a specified interval. The selected date range also impacts the compared period, which lets you measure progress across various key metrics.
{% endhint %}
-At the top of the report, you can follow key metrics associated with security issues in the selected date range with a comparison to the previous sequential period's results. This allows you to get insights on trends. See the tooltips in Snyk Web UI for definitions of the metrics.
+At the top of the report, you can follow key metrics associated with security issues in the selected date range with a comparison to the previous sequential period's results. This gives you insights on trends. See the tooltips in Snyk Web UI for definitions of the metrics.
The **Issues Identified and Resolved** trend captures the accumulated security issues that were identified and resolved during the selected date range. The gap between the two lines indicates the open issues backlog.
-This visual trend allows you to identify if too many issues are being introduced, meaning that prevention should become a higher priority. Conversely, if not enough issues are being resolved, it means that you need to further analyze metrics such as MTTR and SLA.
+This visual trend lets you identify if too many issues are being introduced, meaning that prevention should become a higher priority. Conversely, if not enough issues are being resolved, it means that you need to further analyze metrics such as MTTR and SLA.
{% hint style="info" %}
The Total Open issues metric at the top completes the picture for this trend, by showing the total open issues at the end of the selected period compared with the total open issues at the beginning of the selected date range.
{% endhint %}
-Reviewing the **Exposure Window** trend allows you to identify the capacity of security issues that are open within predefined periods. This is a relevant metric to follow when filtering by attributes such as severity, exploit maturity, or asset class. and ensuring that the most critical issues for sensitive assets are being remediated on time.
+Reviewing the **Exposure Window** trend lets you identify the capacity of security issues that are open in predefined periods. This is a relevant metric to follow when filtering by attributes such as severity, exploit maturity, or asset class, and ensuring that the most critical issues for sensitive assets are being remediated on time.
-The **Time to Resolve by Week** trend provides visibility on the number of issues remediated within predefined periods, allowing you to measure remediation performance over time.
+The **Time to Resolve by Week** trend provides visibility on the number of issues remediated in predefined periods, letting you measure remediation performance over time.
The **Risk breakdown** table helps you make data-driven decisions about where you need to focus. The tables allow you to review performance metrics from several angles.
Use the dimension picker to browse:
-* **Projects** - Available at the Organization level. Allows you to pinpoint Projects that require your attention.
+* **Projects** - Available at the Organization level. Lets you pinpoint Projects that require your attention.
* **Organizations** - Available at the Group level. Surface Snyk Organizations based on their performance.
* **Asset Classes** - Ensure that efforts are prioritized to secure the most sensitive assets first.
-* **Introduction Categories** - Allows to determining if preventable issues are handled properly by looking at the percentage change of new preventable issues, as well as assessing the impact of new monitored assets on your AppSec Program. You can view this under the Baseline Issue category.
+* **Introduction Categories** - Lets you determine if preventable issues are handled properly by looking at the percentage change of new preventable issues, as well as assessing the impact of new monitored assets on your AppSec Program. You can view this under the Baseline Issue category.
## SLA Management report
-The report presents default SLA targets for each severity level based on common security standards, such as FedRAMP. These SLA targets can be modified to meet your own security requirements.
+The report presents default SLA targets for each severity level based on common security standards, such as FedRAMP. You can modify these SLA targets to meet your own security requirements.
The SLA status of an issue can be:
@@ -58,12 +58,12 @@ You can control the SLA targets and the transition of issues to the “At Risk
The SLA report includes additional filters under the SLA category, allowing for better identification of the age of issues in relation to the SLA target:
-* **SLA status** - allows the filtering of the report according to a specific SLA status.
-* **Issue age** - allows discovery of issues in a range of ages.
-* **Time until breach** - identifies issues that will breach the SLA target in days.
+* **SLA status** - filters the report according to a specific SLA status.
+* **Issue age** - discovers issues in a range of ages.
+* **Time until breach** - identifies issues that breach the SLA target in days.
{% hint style="info" %}
-The report is, by default, showing only issues that are with high or critical severity. Update the severity filter if you want to view the SLA status for additional severities.
+By default, the report shows only issues with high or critical severity. Update the severity filter if you want to view the SLA status for additional severities.
{% endhint %}
You can share the report with predefined SLA targets by sharing the report URL or return to a predefined SLA report by bookmarking the web page in your browser.
@@ -72,7 +72,7 @@ In the **Open issues** section, the **SLA severity breakdown** shows a distribut
The **SLA trend** shows the cumulative SLA status of issues over time.
-The **SLA breakdown table** allows you to compare the SLA compliance results of Organizations in the Group view, or Targets in the Organization view. The table is sorted by default according to the quantity of breached issues.
+The **SLA breakdown table** lets you compare the SLA compliance results of Organizations in the Group view, or Targets in the Organization view. By default, the table is sorted according to the quantity of breached issues.
The **Breached and at-risk open issues** table helps you prioritize issues based on their aging and SLA compliance status. You can use the **Modify Column** picker to add additional columns and learn more about the specific issues.
@@ -86,7 +86,7 @@ You can review the SLA results for resolved issues and perform a retrospective a
The Vulnerabilities Detail report is similar to the Issues Detail report but shows issues grouped by Snyk Problem ID ([see Snyk Vulnerability DB](https://security.snyk.io/vuln)).
-You can easily see how many instances of a vulnerability exist and how many Projects are affected. Use this report to understand which vulnerabilities are most prevalent for both resolution and prevention use cases.
+You can see how many instances of a vulnerability exist and how many Projects are affected. Use this report to understand which vulnerabilities are most prevalent for both resolution and prevention use cases.
For a table of Total Issues, use Change Reports to switch to the Issues Detail report.
@@ -102,12 +102,12 @@ This report addresses primary scenarios for managing and resolving emerging zero
Use this report to discover your exposure to issues highlighted in a zero-day publication across various Targets and Projects. The report helps you prioritize zero-day issues and monitor the progress of remediation efforts against any remaining occurrences.
-The [Security team at Snyk](https://snyk.io/platform/security-intelligence/) continuously updates the [Vulnerability Database](https://security.snyk.io/) with new vulnerabilities several times a day. When the team discovers a major new zero-day vulnerability—typically in a widely used package with high severity that affects many customers—it will be announced and addressed as a zero-day event. For more information about responding to these events, visit [Assessing active security incidents](remediation-reports.md#assessing-active-security-incidents).
+The [Security team at Snyk](https://snyk.io/platform/security-intelligence/) continuously updates the [Vulnerability Database](https://security.snyk.io/) with new vulnerabilities several times a day. When the team discovers a major new zero-day vulnerability—typically in a widely used package with high severity that affects many customers—Snyk announces and addresses it as a zero-day event. For more information about responding to these events, visit [Assessing active security incidents](remediation-reports.md#assessing-active-security-incidents).
Typically, prioritization is determined by either the Snyk [Risk Score](../../prioritize-issues-for-fixing/risk-score.md) or the NVD CVSS Score, with emphasis on addressing vulnerabilities in sensitive targets. Apply filters based on Project Lifecycle, Environment, or Project Criticality to identify and address these targets promptly. Gaining such insights depends on the [availability of Project attributes](../../../snyk-platform-administration/snyk-projects/project-attributes.md#available-attributes-and-their-values).
For continuous monitoring of remediation progress and efficacy, refer to the trend diagrams.\
-The **Accumulative Issues Backlog Trend** diagram shows the weekly changes in the zero-day backlog by accumulating the weekly delta between identified and resolved issues. Use this diagram to ensure that your R\&D teams are reducing the zero-day backlog consistently, which will be indicated by a negative trend line.
+The **Accumulative Issues Backlog Trend** diagram shows the weekly changes in the zero-day backlog by accumulating the weekly delta between identified and resolved issues. Use this diagram to ensure that your R\&D teams are reducing the zero-day backlog consistently, which a negative trend line indicates.
In parallel, review the **Issues Identified versus Resolved over Time** diagram to conclude whether additional emphasis should be placed on preventing the introduction of new issues or on accelerating the remediation efforts.
@@ -144,4 +144,4 @@ To understand the exposure, review the **Assets involved in the incident** table
* The number of dependencies in a Project that match a known affected package.
* When viewed at the Tenant-level, the Group and Organization of the asset. When viewed at the Group-level, the Organization of the asset.
-After the zero-day incident is no longer active and your retests have been completed, the **Active security incident assessment** banner will disappear. Review the **All Issues** table to remediate any outstanding issues associated with this zero-day event.
+After the zero-day incident is no longer active and your retests are complete, the **Active security incident assessment** banner disappears. Review the **All Issues** table to remediate any outstanding issues associated with this zero-day event.
diff --git a/scan-fix-and-prevent/manage-risk/analytics/reports-tab/reporting-and-bi-integrations-snowflake-data-share/README.md b/scan-fix-and-prevent/manage-risk/analytics/reports-tab/reporting-and-bi-integrations-snowflake-data-share/README.md
index aee50f04762c..bcda816f7790 100644
--- a/scan-fix-and-prevent/manage-risk/analytics/reports-tab/reporting-and-bi-integrations-snowflake-data-share/README.md
+++ b/scan-fix-and-prevent/manage-risk/analytics/reports-tab/reporting-and-bi-integrations-snowflake-data-share/README.md
@@ -4,27 +4,27 @@ With the new Snowflake Data Share integration, your data science, BI, and AppSec
Use this integration to enable teams to rapidly build exploratory and custom analytics using the Snowflake-supported ecosystem of tools. Customers can connect Snyk data to BI tools like Power BI, Tableau, and Looker Data Studio, or build custom Streamlit apps.
-Having Snyk curated datasets directly in your Snowflake account is optimized for reporting use cases. It also allows you to combine Snyk data with additional data sources, which contributes to a complete AppSec view of your Organization.
+Having Snyk curated datasets directly in your Snowflake account is optimized for reporting use cases. It also lets you combine Snyk data with additional data sources, which contributes to a complete AppSec view of your Organization.
-## What is Snowflake dData Share?
+## What is Snowflake Data Share?
-[Snowflake Data Share](https://docs.snowflake.com/en/user-guide/data-sharing-intro.html) allows companies to provide data to their customers in a secure, simple, and quick manner. With Snowflake data shares, the data is not exchanged between the accounts; instead, the data consumer is granted read-only access to the shared database through their own Snowflake account.
+[Snowflake Data Share](https://docs.snowflake.com/en/user-guide/data-sharing-intro.html) lets companies provide data to their customers in a secure, simple, and quick manner. With Snowflake data shares, the accounts do not exchange the data. Instead, the data consumer gets read-only access to the shared database through their own Snowflake account.
### Snowflake cost impact
* Storage\
- As data is not being transferred during data sharing, there will be **no** additional storage costs attributed to your Snowflake account.
+ Because data sharing does not transfer data, no additional storage costs are attributed to your Snowflake account.
* Compute Resources\
- Snowflake will charge for compute resources that are used to query the data share.
+ Snowflake charges for compute resources used to query the data share.
## Main use cases
-The Snowflake Data Share can be used for various use cases and can answer countless security and business-related questions. Some of these use cases include:
+You can use the Snowflake Data Share for various use cases and to answer countless security and business-related questions. Some of these use cases include:
* Enhance the AppSec posture visibility for the CISO and management team.\
- Streamline Snyk data to your BI platforms and existing security dashboards and reflect performance metrics and KPI's, for example, MTTR, SLA compliance, remediation trends, and so on.
+ Streamline Snyk data to your BI platforms and existing security dashboards and reflect performance metrics and KPIs, for example, MTTR, SLA compliance, remediation trends, and so on.
* Answer specific questions or surface unique insights.\
- Better understand risk exposure trends, such as tracking total issues above a specific risk score, only affects certain Project collections or tags across all Snyk Groups, whilst filtering for only main or master branches.\
+ Better understand risk exposure trends, such as tracking total issues above a specific risk score, only affects certain Project collections or tags across all Snyk Groups, while filtering for only main or master branches.\
Measure the performance of the fix behavior against the SLA. For example, enter customer SLA targets and track progress toward them.\
Build custom prevention reporting to understand shift-left impact. For example, view trends in preventable Open Source vulnerabilities across all Snyk Groups, filtered by specific severities and risk scores.
@@ -32,25 +32,25 @@ The Snowflake Data Share can be used for various use cases and can answer countl
### Request Snowflake Data Share access
-Follow the steps below to request Snowflake Data Share access:
+To request Snowflake Data Share access:
1. Contact your Snyk Account Executive to request access
-2. Provide your Snyk contact person with the following Snowflake account details (find [here](https://docs.snowflake.com/en/user-guide/admin-account-identifier#finding-the-organization-and-account-name-for-an-account) the guidelines to trace your credentials):
+2. Provide your Snyk contact person with the following Snowflake account details (see the [guidelines to trace your credentials](https://docs.snowflake.com/en/user-guide/admin-account-identifier#finding-the-organization-and-account-name-for-an-account)):
* Account Name.
* Organization Name.
* If you prefer to limit the data share to a specific set of Snyk Groups, mention the relevant Group IDs (the ID is available in the Snyk Group Settings).
-3. After Snyk receives the Snowflake account details, the team will prepare the Data Share. You should expect to see your data within 24 hours.
+3. After Snyk receives the Snowflake account details, the team prepares the Data Share. Expect to see your data in 24 hours.
### Prepare to consume Snowflake Data Share
-The data share will be provided as a Privately Shared Listing. If it is the first time that you consume Snowflake data share, proceed with the steps below; otherwise, proceed to [Create a database from Snyk Data Share](https://docs.snowflake.com/en/user-guide/data-share-consumers#creating-a-database-from-a-share):
+Snyk provides the data share as a Privately Shared Listing. If it is the first time that you consume Snowflake data share, follow these steps. Otherwise, proceed to [Create a database from Snyk Data Share](https://docs.snowflake.com/en/user-guide/data-share-consumers#creating-a-database-from-a-share):
1. Your Snowflake Organization admin (requires ORGADMIN role) should [accept Snowflake Provider and Consumer Terms of Service](https://other-docs.snowflake.com/en/collaboration/consumer-becoming#accept-the-snowflake-provider-and-consumer-terms-of-service).
2. [Set up the required privileges](https://other-docs.snowflake.com/en/collaboration/consumer-becoming#set-up-required-privileges) (requires ACCOUNTADMIN role or another role with CREATE DATABASE and IMPORT SHARE privileges).
### Create a database from the Data Share
-To get access and be able to query the data share, follow the steps below to create a database from the data share:
+To get access and query the data share, create a database from the data share:
1. A Snowflake user with ACCOUNTADMIN role (or a role with CREATE DATABASE and IMPORT SHARE privileges) should [view the available shares](https://docs.snowflake.com/en/user-guide/data-share-consumers#viewing-available-shares).
2. [Create a database from the Snyk data share](https://docs.snowflake.com/en/user-guide/data-share-consumers#creating-a-database-from-a-share).\
@@ -64,7 +64,7 @@ To start populating your dashboard with Snyk data, Snyk has provided [use cases
After you are familiar with building queries, Snyk encourages you to create custom queries tailored to your specific requirements.
{% hint style="warning" %}
-Do not use a `select *` statement. Snyk frequently updates the data shares offering with new fields. Wildcard selectors cause unexpected schema changes that break downstream automations, ETL pipelines, or reporting scripts to fail. To ensure long-term stability, explicitly define the columns required for your queries.
+Do not use a `select *` statement. Snyk frequently updates the data shares offering with new fields. Wildcard selectors cause unexpected schema changes that break downstream automations, ETL pipelines, or reporting scripts. To ensure long-term stability, explicitly define the columns required for your queries.
{% endhint %}
{% hint style="info" %}
@@ -75,7 +75,7 @@ For more information on how to use queries in Snowflake Data Share, see [Query D
### Data scope and accessibility
-* The Snowflake Data Share is scoped to the data of a requested set of Snyk Groups. A customer can request access to all Snyk groups or to specific ones.
+* The Snowflake Data Share is scoped to the data of a requested set of Snyk Groups. A customer can request access to all Snyk Groups or to specific ones.
* Snyk shares all the data that is available for the requested Snyk Groups as exists in the Snyk database, with no additional limitations in the data share itself.
* The data share itself is provided as a read-only database and is accessible according to Snowflake's standard role-based access control.
@@ -98,4 +98,4 @@ Snowflake Change Tracking is enabled on all the tables that are included in our
* **Retention period:** Changes are retained for two days.
* **How to use:** You can query the change tracking metadata using the CHANGES clause provided by Snowflake.
-For more information on how to utilize this feature, see [Snowflake's Change Tracking Documentation](https://docs.snowflake.com/en/sql-reference/constructs/changes).
+For more information on how to use this feature, see the [Snowflake Change Tracking documentation](https://docs.snowflake.com/en/sql-reference/constructs/changes).
diff --git a/scan-fix-and-prevent/manage-risk/analytics/reports-tab/reporting-and-bi-integrations-snowflake-data-share/build-your-first-dashboard.md b/scan-fix-and-prevent/manage-risk/analytics/reports-tab/reporting-and-bi-integrations-snowflake-data-share/build-your-first-dashboard.md
index 5973d3cceaa1..4b6a9c03b0d1 100644
--- a/scan-fix-and-prevent/manage-risk/analytics/reports-tab/reporting-and-bi-integrations-snowflake-data-share/build-your-first-dashboard.md
+++ b/scan-fix-and-prevent/manage-risk/analytics/reports-tab/reporting-and-bi-integrations-snowflake-data-share/build-your-first-dashboard.md
@@ -148,7 +148,7 @@ ORDER BY open_issues_aging DESC; -- Update based on the desired order
The MTTR (Mean Time to Resolve) metric tracks the average time it takes to resolve a security issue. It is calculated based on issues that have already been resolved and is measured over a predefined period (typically monthly, quarterly, or annually) according to their last resolution date.
-Analyzing the MTTR results provides insight into the the remediation velocity of engineering teams. However, it is important to always measure both MTTR and Aging, as issues that remain open for long periods won’t show up in the MTTR results until they are remediated.
+Analyzing the MTTR results provides insight into the remediation velocity of engineering teams. However, it is important to always measure both MTTR and Aging, as issues that remain open for long periods do not show up in the MTTR results until they are remediated.
### Example query
@@ -192,13 +192,13 @@ ORDER BY organization_display_name ASC; -- Update based on the desired o
### Business value
-Remediating vulnerabilities is a crucial practice, however it slows down product development that drives companies' business. Due to this simple fact, engineering teams may neglect open vulnerabilities in favor of product development tasks.
+Remediating vulnerabilities is a crucial practice. However, it slows down the product development that drives companies' business. As a result, engineering teams may neglect open vulnerabilities in favor of product development tasks.
-Establishing a service-level agreement (SLA) for vulnerability remediation helps maintaining that fine balance and ensure that while moving forward with product development, evolving security risks are being addressed according to a clear and transparent policy.
+Establishing a service-level agreement (SLA) for vulnerability remediation helps maintain that balance and ensures that while moving forward with product development, you address evolving security risks according to a clear and transparent policy.
SLA targets define the acceptable exposure window for a vulnerability based on factors such as severity, business criticality of the asset, code ownership, or other risk factors.
-Snyk issues data enables AppSec teams to track issue aging and identify which vulnerabilities have exceeded SLA targets.
+Snyk issues data lets AppSec teams track issue aging and identify which vulnerabilities have exceeded SLA targets.
### Example query
@@ -268,7 +268,7 @@ The example query can be extended to support various SLA use-cases, such as defi
### Business value
-This section demonstrate how you can discover the adoption of Snyk IDE & CLI tests by your developers. Implementing AppSec testing during the development phase is regarded as one of the most cost-effective methods for preventing new security risks from reaching production. It is more efficient because developers are already in the right context to address issues before the code progresses further in the SDLC. Detecting issues in later stages requires developers to switch context and revisit the problem, which can be less efficient and more time-consuming.
+This section demonstrates how you can discover the adoption of Snyk IDE and CLI tests by your developers. Implementing AppSec testing during the development phase is regarded as one of the most cost-effective methods for preventing new security risks from reaching production. It is more efficient because developers are already in the right context to address issues before the code progresses further in the SDLC. Detecting issues in later stages requires developers to switch context and revisit the problem, which can be less efficient and more time-consuming.
### Example query
@@ -302,15 +302,15 @@ GROUP BY IDE, PRODUCT
### Business value
-Preventing vulnerabilities from reaching production involves placing security gates throughout the software development lifecycle (SDLC). One of the most common gates is within the CI/CD pipeline, ensuring that any vulnerabilities missed in earlier stages are caught and blocked during the build process.
+Preventing vulnerabilities from reaching production involves placing security gates throughout the software development lifecycle (SDLC). One of the most common gates is in the CI/CD pipeline, ensuring that any vulnerabilities missed in earlier stages are caught and blocked during the build process.
-Leveraging Snyk Data Share enables you to assess the current adoption of tests and security gates within your CI/CD pipelines.
+Using Snyk Data Share lets you assess the current adoption of tests and security gates in your CI/CD pipelines.
### Example query
The query below returns the number of tested repositories, total tests, and the test % success rate per Snyk Product.
-The results are based on tests executed in the CI/CD stage in the last 3 months.
+The results are based on tests executed in the CI/CD stage in the last three months.
```sql
SELECT
@@ -345,7 +345,7 @@ A high rate of overridden checks may signal that developers are bypassing securi
The query below returns the total number of pull requests, the count of PRs with at least one failed check, the count of PRs with at least one overridden check, the % of PRs with failed checks, and the % of PRs with overridden checks per target repository.
-The results are based on PR checks executed in the last 4 months and filtered to only include monitored and non-deleted projects.
+The results are based on PR checks executed in the last four months and filtered to only include monitored and non-deleted projects.
You can also adapt this query to prioritize surfacing repositories that have a high rate of overridden checks.
@@ -378,13 +378,13 @@ ORDER BY pct_prs_with_failed_checks DESC, pct_prs_with_overridden_checks DESC
Tracking the volume of PR checks by their outcome over time can provide visibility into the overall health and trajectory of any shift-left strategy. By monitoring weekly trends in successful, failed, and errored checks, AppSec teams can detect and investigate spikes in failures and identify product configurations that need attention from error trends.\
\
-An increasing success rate over time can demonstrate that developers are producing more secure code earlier in your software development life cycle.
+An increasing success rate over time can demonstrate that developers are producing more secure code earlier in your software development lifecycle.
### Example query
The query below returns weekly counts of PR check groups by if the status was success, failure, or error. The aggregation is done on the pr check group id and using the pr check group state.
-The results are based on PR check groups created in the last 6 months and filtered to only include monitored and non-deleted projects.
+The results are based on PR check groups created in the last six months and filtered to only include monitored and non-deleted projects.
```sql
SELECT
@@ -419,9 +419,9 @@ Ensuring PR checks are enabled across your repositories is critical to preventin
The query below returns PR check enablement status per repository for the current 30-day period vs. the preceding 30-day period for both Snyk Code and Snyk Open Source.
-PR check enablement is resolved by combining project-level and integration-level settings. Project-level settings overrides take priority when they exist. Otherwise the integration settings apply. A repository is considered covered if at least one organization importing it has PR Checks enabled for all projects associated with that product type for at least one integration.
+Snyk resolves PR check enablement by combining project-level and integration-level settings. Project-level setting overrides take priority when they exist. Otherwise, the integration settings apply. A repository is considered covered if at least one organization importing it has PR Checks enabled for all projects associated with that product type for at least one integration.
-Results will be N/A when a repository is new to Snyk or if the specific Snyk product does not apply.
+Results are N/A when a repository is new to Snyk or if the specific Snyk product does not apply.
```sql
WITH
diff --git a/scan-fix-and-prevent/manage-risk/analytics/reports-tab/reporting-and-bi-integrations-snowflake-data-share/data-share-data-dictionary.md b/scan-fix-and-prevent/manage-risk/analytics/reports-tab/reporting-and-bi-integrations-snowflake-data-share/data-share-data-dictionary.md
index 405c243f833d..13084c3dad7a 100644
--- a/scan-fix-and-prevent/manage-risk/analytics/reports-tab/reporting-and-bi-integrations-snowflake-data-share/data-share-data-dictionary.md
+++ b/scan-fix-and-prevent/manage-risk/analytics/reports-tab/reporting-and-bi-integrations-snowflake-data-share/data-share-data-dictionary.md
@@ -2,7 +2,7 @@
Snyk Data Share is a comprehensive dataset encompassing various data pillars that support a wide range of use cases. You can use this dataset to present key security metrics such as issue backlog, aging, MTTR, SLA compliance, and test coverage, as well as to prioritize issues based on different factors, such as risk score, severity, CVSS, EPSS, and many more.
-This dictionary is designed to help you navigate the dataset efficiently. It provides clear explanations of the purpose of each table and the specific data contained in each column, enabling you to leverage the dataset to meet your data reporting needs.
+This dictionary is designed to help you navigate the dataset efficiently. It provides clear explanations of the purpose of each table and the specific data contained in each column, so you can use the dataset to meet your data reporting needs.
## Data Share Tables
@@ -29,7 +29,7 @@ The diagram above represents the objects listed in the data dictionary as a data
> Version in use: v1.0
-The `GROUPS` table contains the main attributes of Snyk Groups. This data can be utilized to perform aggregations on the Group level or zoom into the scope of specific groups.
+The `GROUPS` table contains the main attributes of Snyk Groups. You can use this data to perform aggregations on the Group level or zoom into the scope of specific Groups.
| Column name | Data type | Description |
| -------------- | -------------- | ------------------------------------------------------------------------------------- |
@@ -45,10 +45,10 @@ The `GROUPS` table contains the main attributes of Snyk Groups. This data can be
> Version in use: v1.0
-The `ORGS` table contains the main attributes of Snyk Organizations. This data can be utilized to perform aggregations on the organizational level or to zoom into the scope of specific organizations.
+The `ORGS` table contains the main attributes of Snyk Organizations. You can use this data to perform aggregations on the organizational level or to zoom into the scope of specific Organizations.
{% hint style="info" %}
-The `group_public_id` column allows you to query organizations in specific groups.
+The `group_public_id` column lets you query Organizations in specific Groups.
{% endhint %}
| Column name | Data type | Description |
@@ -66,10 +66,10 @@ The `group_public_id` column allows you to query organizations in specific group
> Version in use: v1.0
-ProjectThe `PROJECTS` table contains the main attributes of Snyk Projects and the related target. Its data can be utilized for performing aggregations of filters on the Project or target levels, including based on Project collections, Project tags, or specific repo branches (using `target_ref`).
+The `PROJECTS` table contains the main attributes of Snyk Projects and the related target. You can use its data to perform aggregations of filters on the Project or target levels, including based on Project collections, Project tags, or specific repo branches (using `target_ref`).
{% hint style="info" %}
-Snyk Reports only presents monitored projects that were not deleted. To match your results with Snyk Reports, filter your query with `IS_MONITORED = TRUE` and `DELETE IS NULL.`
+Snyk Reports only presents monitored Projects that were not deleted. To match your results with Snyk Reports, filter your query with `IS_MONITORED = TRUE` and `DELETE IS NULL.`
{% endhint %}
| Column name | Data type | Description |
@@ -107,12 +107,12 @@ Snyk Reports only presents monitored projects that were not deleted. To match yo
> Version in use: v1.0
-The `ISSUES` table contains various attributes of Snyk Issues. Issues can be easily correlated with their originating Project, target, Organization or Group, utilizing the corresponding ID columns. On top of the issue's basic attributes, such as its introduction date, type, severity, score, there are columns that elaborate on the vulnerability attributes, such as the CVSS score, EPSS Score, NVD Score.
+The `ISSUES` table contains various attributes of Snyk Issues. You can correlate issues with their originating Project, target, Organization, or Group using the corresponding ID columns. On top of the issue's basic attributes, such as its introduction date, type, severity, and score, there are columns that elaborate on the vulnerability attributes, such as the CVSS score, EPSS Score, and NVD Score.
-Querying the issues table allows:
+Querying the issues table lets you:
-* Concluding various metrics and KPIs, among issue backlog, aging, MTTR and SLA compliance.
-* Visualizing trends of identified, ignored, and resolved issues over time
+* Conclude various metrics and KPIs, among them issue backlog, aging, MTTR, and SLA compliance
+* Visualize trends of identified, ignored, and resolved issues over time
* Prioritize issues based on multiple factors and considerations
{% hint style="info" %}
@@ -173,7 +173,7 @@ If you would like to match your results with Snyk Reports:
> Version in use: v1.0
-The `Dependencies` table allows you to identify issues based on their availability in direct dependencies.
+The `Dependencies` table lets you identify issues based on their availability in direct dependencies.
| Column name | Data type | Description |
| ----------------------------- | --------- | --------------------------------------------------------------------------------------------------------------------------------- |
@@ -188,13 +188,13 @@ The `Dependencies` table allows you to identify issues based on their availabili
> Version in use: v1.0
-The `USAGE_EVENTS` table contains CLI interaction data that is collected from Snyk's CLI interfaces (CLI, IDE plugins, CI/CD pipeline tools). The CLI interaction events can be correlated with the execution context, such as their target, Organization, or Group, utilizing the corresponding ID columns.
+The `USAGE_EVENTS` table contains CLI interaction data collected from the Snyk CLI interfaces (CLI, IDE plugins, CI/CD pipeline tools). You can correlate the CLI interaction events with the execution context, such as their target, Organization, or Group, using the corresponding ID columns.
-Querying the `USAGE_EVENTS` table allows you to measure:
+Querying the `USAGE_EVENTS` table lets you measure:
-* Developers' usage and adoption of Snyk IDE plugins
+* Developers' use and adoption of Snyk IDE plugins
* Snyk tests in CI/CD pipelines
-* Snyk CLI utilization per the different commands: test, monitor, SBOM, etc.
+* Snyk CLI use per the different commands: test, monitor, SBOM, and so on
| Column name | Data type | Description |
| ----------------------------------------- | -------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ |
@@ -204,7 +204,7 @@ Querying the `USAGE_EVENTS` table allows you to measure:
| `product_display_name` | varchar | The Snyk product used during this interaction, for example, Snyk Open Source, Snyk IaC, Snyk Code, Snyk Container. |
| `runtime_application_name` | varchar | The application used to execute a snyk interaction, for example, PyCharm, Visual Studio, snyk-ls, snyk-cli. |
| `runtime_application_version` | varchar | The version of the integration. |
-| `runtime_application_data_schema_version` | varchar | The data schema version of Snyk's runtime interactions. The current version (v2) was released in Q2 2024. Prior versions' data may behave differently. |
+| `runtime_application_data_schema_version` | varchar | The data schema version of the Snyk runtime interactions. The current version (v2) was released in Q2 2024. Data from earlier versions may behave differently. |
| `interaction_type` | varchar | The type of interaction, could be **Scan done**. **Scan Done** indicates that a test was run no matter if the CLI or IDE ran it, other types can be freely chosen types. |
| `interaction_categories` | array | The category vector used to describe the interaction in detail, for example, **oss**,**test**. |
| `interaction_timestamp` | array | When the interaction was started in UTC. |
@@ -228,7 +228,7 @@ Querying the `USAGE_EVENTS` table allows you to measure:
> Version in use: v1.0
-The `ISSUE_JIRA_ISSUES` table allows correlation between Snyk issues and assigned Jira issues. As Snyk enables more than one type of Jira integration, it is important to emphasize that the Jira issues that are available in the dataset originated from this [Jira integration](https://app.gitbook.com/s/IEEjSXQQu36y0vmFV8zf/integrations/jira-and-slack-integrations/jira-integration).
+The `ISSUE_JIRA_ISSUES` table lets you correlate Snyk issues with assigned Jira issues. Because Snyk supports more than one type of Jira integration, note that the Jira issues available in the dataset originated from this [Jira integration](https://app.gitbook.com/s/IEEjSXQQu36y0vmFV8zf/integrations/jira-and-slack-integrations/jira-integration).
| Column name | Data type | Description |
| ---------------------- | -------------- | ---------------------------------------------------------------------------------------------- |
@@ -263,7 +263,7 @@ If you would like to match your results with Snyk Reports:
* Aggregate results based on the `pr_check_group_id` and the `pr_check_group_state`
{% endhint %}
-
Column name
Data type
Description
public_id
varchar
A universally unique identifier for a PR Check, assigned in the records source database.
pr_check_group_id
varchar
Identifier of the parent pull request check group.
test_id
varchar
Identifier of the test results associated with the test-service.
project_public_id
varchar
A universally unique identifier for a project, assigned in the record's source database.
org_public_id
varchar
A universally unique identifier for an organization, assigned in the record's source database.
group_public_id
varchar
A universally unique identifier for a group, assigned in the record's source database.
asset_id
varchar
Identifier of the asset linked to the project.
parent_asset_id
varchar
Identifier of the repository parent asset linked to the project.
pr_check_created_at
timestamp_ntz
Timestamp when the pull request check was created.
pr_check_modified_at
timestamp_ntz
Timestamp when the pull request check was last updated.
check_group_created_at
timestamp_ntz
Timestamp when the parent check group was created.
check_group_modified_at
timestamp_ntz
Timestamp when the parent check group was last updated.
product_name
varchar
The Snyk Product associated with the check (for example, Snyk Open Source, Snyk Code).
pr_check_state
varchar
The check status for the particular product type. The status will be success if the check passed under the policy settings in force and failure if an issue violating the policy was found. An error status indicates there was a problem running the check.
pr_check_group_state
varchar
The status for the parent check group.
marked_as_success
boolean
True if the check failed due to a policy violation but the result was manually overridden by a user. This allows PRs to be merged despite security findings.
pr_check_result_description
varchar
Summary of the check results.
settings_policy
varchar
Description of the policy applied to the check run (e.g. only_new vs all).
settings_severity_threshold
varchar
Settings for the severity threshold at which the pull request check fails.
is_settings_fail_only_fixable
boolean
Flag indicating if the check was configured to fail only on fixable issues.
old_version_sha
varchar
Commit SHA for the base revision used in the scan.
new_version_sha
varchar
Commit SHA for the head revision used in the scan.
merge_base_version_sha
varchar
Commit SHA for the merge base between the compared revisions.
pull_data_ref
varchar
Reference of the pull request that triggered the check.
error_message
varchar
Human-readable error message when the check resulted in an error state.
error_code
varchar
Snyk error catalog code identifying the type of error (for example, SNYK-PR-CHECK-0009).
error_status
varchar
HTTP status code associated with the error.
error_catalog_url
varchar
URL to the Snyk error catalog documentation page for the specific error code.
error_classification
varchar
ACTIONABLE indicates that the input is not in a format or state usable by Snyk, but there are steps you can take to resolve the issue. UNSUPPORTED indicates that Snyk cannot handle the data sent. For example, a project that uses a version of Python that is no longer supported.
__updated_at
timestamp_ntz
When the data share data transformation last updated this record.
+
Column name
Data type
Description
public_id
varchar
A universally unique identifier for a PR Check, assigned in the records source database.
pr_check_group_id
varchar
Identifier of the parent pull request check group.
test_id
varchar
Identifier of the test results associated with the test-service.
project_public_id
varchar
A universally unique identifier for a project, assigned in the record's source database.
org_public_id
varchar
A universally unique identifier for an organization, assigned in the record's source database.
group_public_id
varchar
A universally unique identifier for a group, assigned in the record's source database.
asset_id
varchar
Identifier of the asset linked to the project.
parent_asset_id
varchar
Identifier of the repository parent asset linked to the project.
pr_check_created_at
timestamp_ntz
Timestamp when the pull request check was created.
pr_check_modified_at
timestamp_ntz
Timestamp when the pull request check was last updated.
check_group_created_at
timestamp_ntz
Timestamp when the parent check group was created.
check_group_modified_at
timestamp_ntz
Timestamp when the parent check group was last updated.
product_name
varchar
The Snyk Product associated with the check (for example, Snyk Open Source, Snyk Code).
pr_check_state
varchar
The check status for the particular product type. The status is success if the check passed under the policy settings in force and failure if an issue violating the policy was found. An error status indicates there was a problem running the check.
pr_check_group_state
varchar
The status for the parent check group.
marked_as_success
boolean
True if the check failed due to a policy violation but a user manually overrode the result. This lets users merge PRs despite security findings.
pr_check_result_description
varchar
Summary of the check results.
settings_policy
varchar
Description of the policy applied to the check run (for example, only_new vs all).
settings_severity_threshold
varchar
Settings for the severity threshold at which the pull request check fails.
is_settings_fail_only_fixable
boolean
Flag indicating if the check was configured to fail only on fixable issues.
old_version_sha
varchar
Commit SHA for the base revision used in the scan.
new_version_sha
varchar
Commit SHA for the head revision used in the scan.
merge_base_version_sha
varchar
Commit SHA for the merge base between the compared revisions.
pull_data_ref
varchar
Reference of the pull request that triggered the check.
error_message
varchar
Human-readable error message when the check resulted in an error state.
error_code
varchar
Snyk error catalog code identifying the type of error (for example, SNYK-PR-CHECK-0009).
error_status
varchar
HTTP status code associated with the error.
error_catalog_url
varchar
URL to the Snyk error catalog documentation page for the specific error code.
error_classification
varchar
ACTIONABLE indicates that the input is not in a format or state usable by Snyk, but there are steps you can take to resolve the issue. UNSUPPORTED indicates that Snyk cannot handle the data sent. For example, a project that uses a version of Python that is no longer supported.
__updated_at
timestamp_ntz
When the data share data transformation last updated this record.
### PR Checks Integration Adoption
@@ -334,8 +334,8 @@ The `PR_CHECK_PROJECT_ADOPTION` table tracks pull request (PR) check configurati
| `target_deleted` | timestamp\_ntz | Timestamp when the target containing the project was deleted, if applicable. |
| `is_project_monitored_historical` | boolean | Historical flag indicating if the project was monitored during this historical period. |
| `project_deleted_historical` | boolean | Historical flag from registry indicating if the project was deleted during this period. |
-| `test_pull_requests` | boolean | Flag indicating if PR testing is enabled for the project, will be null if inheriting from integration settings. |
-| `pull_requests_policy` | varchar | Policy for PR checks setting (for example, only\_new, all), will be null if inheriting from integration settings. |
-| `pull_requests_severity_threshold` | varchar | Severity threshold at which PR checks are set to fail, will be null if inheriting from integration settings. |
-| `is_pull_request_fail_only_for_issues_with_fix` | boolean | Flag indicating if open-source PR checks are only set to fail for issues with available fixes, will be null if inheriting from integration settings. |
+| `test_pull_requests` | boolean | Flag indicating if PR testing is enabled for the project, null if inheriting from integration settings. |
+| `pull_requests_policy` | varchar | Policy for PR checks setting (for example, only\_new, all), null if inheriting from integration settings. |
+| `pull_requests_severity_threshold` | varchar | Severity threshold at which PR checks are set to fail, null if inheriting from integration settings. |
+| `is_pull_request_fail_only_for_issues_with_fix` | boolean | Flag indicating if open-source PR checks are only set to fail for issues with available fixes, null if inheriting from integration settings. |
| `__updated_at` | timestamp\_ntz | When the data share data transformation last updated this record. |
diff --git a/scan-fix-and-prevent/manage-risk/analytics/reports-tab/troubleshooting-snyk-reports.md b/scan-fix-and-prevent/manage-risk/analytics/reports-tab/troubleshooting-snyk-reports.md
index 50e107fece43..388713c33147 100644
--- a/scan-fix-and-prevent/manage-risk/analytics/reports-tab/troubleshooting-snyk-reports.md
+++ b/scan-fix-and-prevent/manage-risk/analytics/reports-tab/troubleshooting-snyk-reports.md
@@ -2,7 +2,7 @@
## Access to reporting
-If reporting is not loading in the Snyk UI, follow these troubleshooting steps that may help resolve the issue.
+If reporting is not loading in the Snyk Web UI, follow these troubleshooting steps to help resolve the issue.
{% hint style="info" %}
Allowlisting may be necessary due to some firewall settings. If allowlisting snyk.io was required for the initial implementation, additional allowlisting may be needed for new reporting access. Contact your account team for more information.
@@ -16,17 +16,17 @@ Resolved issues are issues detected in the previous scan snapshot that no longer
\
Changes in the Snyk code **resolved** column between snapshots may occur for any of the following reasons:
-* The issue was fixed between the two scans and is therefore marked as resolved.
-* The engine rules were improved, which may change the scan results.\
- This may add new issues or resolve previously detected issues.
-* The code changed in a way that caused the issue to be defined differently, thus changing the issue ID.\
+* The issue was fixed between the two scans and is marked as resolved.
+* The engine rules were improved, which can change the scan results.\
+ This can add new issues or resolve previously detected issues.
+* The code changed in a way that caused the issue to be defined differently, changing the issue ID.\
In this situation, the original issue ID is marked as **resolved,** and a new issue ID is created.
## Data freshness
-Data is available in reporting approximately one hour after a scan occurs. Data refreshes hourly and should, therefore, always be updated within two hours. Note the exception for ignores that follows.
+Data is available in reporting approximately one hour after a scan occurs. Data refreshes hourly and so is always updated in two hours. Note the exception for ignores that follows.
-When you navigate to **Inventory** > **All Assets** and other inventory views from a filter in the **Asset Dashboard** report or **Inventory Overview**, you may see a notification indicating that data is still being processed and temporary inconsistencies may occur. The data source for the Inventory pages differs from that of the Reporting pages, leading to temporary discrepancies.
+When you navigate to **Inventory** > **All Assets** and other inventory views from a filter in the **Asset Dashboard** report or **Inventory Overview**, you might see a notification indicating that data is still being processed and temporary inconsistencies can occur. The data source for the Inventory pages differs from that of the Reporting pages, leading to temporary discrepancies.
## Ignores in reporting
@@ -40,14 +40,14 @@ Tables in PDF exports are limited to 50 results. A link is available at the bott
Session data is shared between browser tabs. Snyk recommends you have reporting tabs for one Group or one Organization open in the browser at any one time because having tabs open for different Groups or Organizations can result in unexpected behavior.
-Customers may experience an error if hundreds of filter values are applied on a page. This is the result of the [stateful URLs for filtered views](./#stateful-urls-for-filtered-views) capability and a URL length limit. If you experience an error with many filter values applied, consider alternate filter mechanisms such as [Project collections](../../../snyk-platform-administration/snyk-projects/project-collections-groupings/project-collections.md).
+You might experience an error if you apply hundreds of filter values on a page. This is the result of the [stateful URLs for filtered views](./#stateful-urls-for-filtered-views) capability and a URL length limit. If you experience an error with many filter values applied, consider alternate filter mechanisms such as [Project collections](../../../snyk-platform-administration/snyk-projects/project-collections-groupings/project-collections.md).
## Filtered views
-The way filtered views are managed in the URL may change over time.
+The way filtered views are managed in the URL can change over time.
If the view changes, you can generate a new filtered URL in the Snyk Web UI and save it as a bookmark or share it with others.
## Deactivated Projects
-Deactivated Projects and their respective results will not appear in the Reports area.
+Deactivated Projects and their respective results do not appear in the Reports area.
diff --git a/scan-fix-and-prevent/manage-risk/dependencies-and-licenses/README.md b/scan-fix-and-prevent/manage-risk/dependencies-and-licenses/README.md
index d50f8ffb0f65..fa1de13c439c 100644
--- a/scan-fix-and-prevent/manage-risk/dependencies-and-licenses/README.md
+++ b/scan-fix-and-prevent/manage-risk/dependencies-and-licenses/README.md
@@ -12,7 +12,7 @@ For both dependencies and licenses, you can filter by Project or other filter cr
* From the **Filters** dropdown, check the applicable boxes to filter by [Severity level](../prioritize-issues-for-fixing/severity-levels.md) or Project type.
{% hint style="info" %}
-Results from the Dockerfile Project type are filtered out by default in the filter criteria as they can result in duplication of results from scans of the images resulting from building the Dockerfiles. To match results from [AP](https://app.gitbook.com/s/IEEjSXQQu36y0vmFV8zf/snyk-api/reference/reporting-api-v1)I calls, either filter out Dockerfiles from the API results or turn on Dockfiles in the Project type column of the filter.
+Results from the Dockerfile Project type are filtered out by default in the filter criteria as they can result in duplication of results from scans of the images resulting from building the Dockerfiles. To match results from [API](https://app.gitbook.com/s/IEEjSXQQu36y0vmFV8zf/snyk-api/reference/reporting-api-v1) calls, either filter out Dockerfiles from the API results or turn on Dockerfiles in the Project type column of the filter.
{% endhint %}
{% hint style="info" %}
diff --git a/scan-fix-and-prevent/manage-risk/dependencies-and-licenses/view-dependencies.md b/scan-fix-and-prevent/manage-risk/dependencies-and-licenses/view-dependencies.md
index 5040cb7676cb..4bb2004a8be9 100644
--- a/scan-fix-and-prevent/manage-risk/dependencies-and-licenses/view-dependencies.md
+++ b/scan-fix-and-prevent/manage-risk/dependencies-and-licenses/view-dependencies.md
@@ -1,6 +1,6 @@
# View dependencies
-The **Dependencies** tab acts as a Bill Of Materials (BOM) for all dependencies in all Projects in the selected Organization. This allows you to quickly and easily identify which Projects have a specific version of a dependency.
+The **Dependencies** tab acts as a Bill Of Materials (BOM) for all dependencies in all Projects in the selected Organization. This lets you identify which Projects have a specific version of a dependency.
Dependency reports show details about the packages included in your Projects, including their full names, the version of the package used, the Projects in which they are used, and a summary of the issues they contain.
@@ -8,7 +8,7 @@ Examining the details for each package can help you determine the dependency hea
## Field details
-
Element
Description
Dependencies
The full package names of the dependencies contained in at least one of your Projects. Click the link to view the detailed Package page.
For npm only, a warning icon appears next to the package name if a package is deprecated.
Version
The version of the package used in your Projects. Use this and the Latest Version to see the difference between your current package version and the most recent package version available.
Latest version and Last publish
The most recent version updated by a maintainer for this package in its repository, and the last time a new version of the package was published by a maintainer. Look at these dates to help you determine the maturity of the package and activity frequency
Latest version and Last publish are supported for npm and Maven only.
Vulnerabilities
Each row shows the icon of the associated severity for the issues, Critical, High, Medium, Low. The vulnerabilities shown in the table are the total number of vulnerable paths associated with that dependency and version across all Snyk Projects. For example, if there is a dependency with one critical vulnerability in two Snyk Projects, but in one of those Projects the dependency (vulnerability) is brought in on two paths, Snyk shows three critical vulnerabilities associated with the dependency on the Dependencies tab.
License
The license or licenses used by this package. These can be:
Known license name: Snyk identified the package and its associated license type, and this information is shown in the list. Unknown: Snyk identified the package but could not identify its associated license type. Blank: Snyk could not identify the package and therefore has no license or other information for the package.
Copyrights (until January 8, 2024)
For npm, PyPI, and Maven, copyright information for the license.
Projects
The Projects in which this package is used by your Organization.
Dependencies with issues
A link to the dependencies in the package that have issues, with details about those issues.
+
Element
Description
Dependencies
The full package names of the dependencies contained in at least one of your Projects. Click the link to view the detailed Package page.
For npm only, a warning icon appears next to the package name when a package is deprecated.
Version
The version of the package used in your Projects. Use this and the Latest Version to see the difference between your current package version and the most recent package version available.
Latest version and Last publish
The most recent version updated by a maintainer for this package in its repository, and the last time a new version of the package was published by a maintainer. Look at these dates to help you determine the maturity of the package and activity frequency
Latest version and Last publish are supported for npm and Maven only.
Vulnerabilities
Each row shows the icon of the associated severity for the issues, Critical, High, Medium, Low. The vulnerabilities shown in the table are the total number of vulnerable paths associated with that dependency and version across all Snyk Projects. For example, if there is a dependency with one critical vulnerability in two Snyk Projects, but in one of those Projects the dependency (vulnerability) is brought in on two paths, Snyk shows three critical vulnerabilities associated with the dependency on the Dependencies tab.
License
The license or licenses used by this package. These can be:
Known license name: Snyk identified the package and its associated license type, and this information is shown in the list. Unknown: Snyk identified the package but could not identify its associated license type. Blank: Snyk could not identify the package and therefore has no license or other information for the package.
Copyrights (until January 8, 2024)
For npm, PyPI, and Maven, copyright information for the license.
Projects
The Projects in which this package is used by your Organization.
Dependencies with issues
A link to the dependencies in the package that have issues, with details about those issues.
## Dependencies tab actions
diff --git a/scan-fix-and-prevent/manage-risk/dependencies-and-licenses/view-licenses.md b/scan-fix-and-prevent/manage-risk/dependencies-and-licenses/view-licenses.md
index 5a7fa77edd3d..a02a5f27b709 100644
--- a/scan-fix-and-prevent/manage-risk/dependencies-and-licenses/view-licenses.md
+++ b/scan-fix-and-prevent/manage-risk/dependencies-and-licenses/view-licenses.md
@@ -1,6 +1,6 @@
# View licenses
-The **Licenses** tab displays all licenses detected for your Projects, with summaries of all dependencies in your Projects and all of your Projects using the license. This allows you to see which Projects and dependencies have a license.
+The **Licenses** tab displays all licenses detected for your Projects, with summaries of all dependencies in your Projects and all of your Projects using the license. This lets you see which Projects and dependencies have a license.
## **Field details**
@@ -10,5 +10,5 @@ The **Licenses** tab displays all licenses detected for your Projects, with summ
The actions appear at the top of the tab.
-* **Search for Licenses**: Enter free text and begins searching with the first character you type. You can also select multiple packages from the dropdown list that opens when you click the field. You can also click the **Select All** or **Deselect All** links that appear dynamically in the dropdown list.
+* **Search for Licenses**: Enter free text. Searching begins with the first character you type. You can also select multiple packages from the dropdown list that opens when you click the field. You can also click the **Select All** or **Deselect All** links that appear dynamically in the dropdown list.
* **Export as CSV**: Export issue data in CSV file format.
diff --git a/scan-fix-and-prevent/manage-risk/policies/README.md b/scan-fix-and-prevent/manage-risk/policies/README.md
index 17a5701bb59a..f48f04c90139 100644
--- a/scan-fix-and-prevent/manage-risk/policies/README.md
+++ b/scan-fix-and-prevent/manage-risk/policies/README.md
@@ -5,10 +5,10 @@
Policies are available only with Snyk Enterprise plans and apply only to Snyk Open Source scans. For more information, see [plans and pricing](https://snyk.io/plans/).
-The `.snyk` file is a policy file that Snyk uses to define specific analysis behaviors for Open Source, Snyk Code, and Snyk IaC. and to specify patches for the CLI and CI/CD plugins. See [The .snyk file](the-.snyk-file.md) for details.
+The `.snyk` file is a policy file that Snyk uses to define specific analysis behaviors for Open Source, Snyk Code, and Snyk IaC, and to specify patches for the CLI and CI/CD plugins. See [The .snyk file](the-.snyk-file.md) for details.
{% endhint %}
-Snyk policies contain rules to define how Snyk behaves when encountering specific types of Open Source issues. With policies, you can identify types of issues based on conditions, such as `no exploit available`, and then apply actions to these issues, such as changing the severity. Thus by using customizable Snyk policies, you can define actions for specific types of issues encountered in scanning.
+Snyk policies contain rules to define how Snyk behaves when encountering specific types of Open Source issues. With policies, you can identify types of issues based on conditions, such as `no exploit available`, and then apply actions to these issues, such as changing the severity. Using customizable Snyk policies, you can define actions for specific types of issues encountered in scanning.
Snyk Policy manager
@@ -16,7 +16,7 @@ Using the Snyk Policy Manager, you can view, create, and edit policies. For deta
## Benefits of Snyk policies
-Policies give you a quick and automated way to identify and triage issues that are irrelevant to or unimportant in your application development. This reduces the noise level, saving valuable development time and allowing developers to take more responsibility for and ownership of security.
+Policies give you a quick and automated way to identify and triage issues that are irrelevant to or unimportant in your application development. This reduces the noise level, saving valuable development time and letting developers take more responsibility for and ownership of security.
Policies help prioritize issues to address and can ensure vulnerable or non-compliant components do not escape notice. Policies are part of the governance framework of your company.
diff --git a/scan-fix-and-prevent/manage-risk/policies/assets-policies/README.md b/scan-fix-and-prevent/manage-risk/policies/assets-policies/README.md
index c5c522781e3d..6e336738f852 100644
--- a/scan-fix-and-prevent/manage-risk/policies/assets-policies/README.md
+++ b/scan-fix-and-prevent/manage-risk/policies/assets-policies/README.md
@@ -2,12 +2,12 @@
## Overview
-With Policies, you can easily automate the process of adding business context and receiving notifications.
+With Policies, you can automate the process of adding business context and receiving notifications.
{% hint style="info" %}
-After a policy is created, it is run in a maximum of 3 hours after creation, then once every 3 hours.
+After a policy is created, it runs in a maximum of three hours after creation, then once every three hours.
-If your policy is set to run daily, then the policy is run 3 hours after the 24-hour period ends. You can always manually run a policy by using the Run button.
+If your policy is set to run daily, then the policy runs three hours after the 24-hour period ends. You can always manually run a policy by using the Run button.
{% endhint %}
Access the Snyk Essentials policies by positioning yourself at the Group level, selecting **Policies**, then **Assets**.
@@ -16,7 +16,7 @@ Access the Snyk Essentials policies by positioning yourself at the Group level,
[Manage assets](../../../manage-assets/manage-assets.md) and [assets policies](./) are interconnected. Before setting up any new policy, ensure you have reviewed and filtered your assets from the Inventory menu.
{% endhint %}
-## Use Cases
+## Use cases
You can create policies for organizing the assets, classifying them, and always being up to date with the latest information about an asset.\
Common use cases for policies include:
@@ -28,9 +28,9 @@ Common use cases for policies include:
### New asset notifications
-Notify members of the AppSec team when new assets meeting certain criteria are discovered. For example, you may send a Slack message to the infra team if new repository assets that leverage Terraform as a technology are detected by Snyk Essentials.
+Notify members of the AppSec team when new assets meeting certain criteria are discovered. For example, you can send a Slack message to the infra team if Snyk Essentials detects new repository assets that use Terraform as a technology.
-When setting up a notification action (email or Slack) for a policy, you can include a link to the relevant assets. Each notification will list all the assets impacted by the policy. You can view the assets individually, or you can see a summary of all the assets by clicking the **Click Here** option in the notification. The list of assets displayed in the email notification is automatically generated.
+When setting up a notification action (email or Slack) for a policy, you can include a link to the relevant assets. Each notification lists all the assets impacted by the policy. You can view the assets individually, or you can see a summary of all the assets by clicking the **Click Here** option in the notification. The list of assets displayed in the email notification is automatically generated.
### Asset classification
diff --git a/scan-fix-and-prevent/manage-risk/policies/assets-policies/create-policies.md b/scan-fix-and-prevent/manage-risk/policies/assets-policies/create-policies.md
index 68bad5288f2a..4e1697b7a63f 100644
--- a/scan-fix-and-prevent/manage-risk/policies/assets-policies/create-policies.md
+++ b/scan-fix-and-prevent/manage-risk/policies/assets-policies/create-policies.md
@@ -5,7 +5,7 @@ Snyk Essentials includes a powerful policy editor for creating and modifying pol
There are two steps to building policies:
1. [Define filters](create-policies.md#define-filters) - Set filter conditions on asset properties.
-2. [Set actions](create-policies.md#set-actions) - Define actions to be taken on filtered assets.
+2. [Set actions](create-policies.md#set-actions) - Define actions to take on filtered assets.
## New policy
@@ -13,19 +13,19 @@ You can create a new policy using the **Start from scratch** option or choose on
### Start from scratch - policy creation
-To create a new policy, you have to click the **New Policy** option from the Policies/Assets view and select the **Start from scratch** option.
+To create a new policy, click the **New Policy** option from the Policies/Assets view and select the **Start from scratch** option.
-You must name your policy and, optionally, provide a description of the policy. After you complete these steps you have to [define the filters ](create-policies.md#define-filters)and [set the actions](create-policies.md#set-actions) of your policy.
+You must name your policy and, optionally, provide a description of the policy. After you complete these steps, [define the filters ](create-policies.md#define-filters)and [set the actions](create-policies.md#set-actions) of your policy.
### Use a template - policy creation
-You can create a new policy by using one of the available templates. To select one of the policy templates, you have to click the **New Policy** option from the Policies/Assets view and select the **Use a template** option. You can select one of the templates from the templates library by clicking the **Use template** button from the policy template card.
+You can create a new policy by using one of the available templates. To select one of the policy templates, click the **New Policy** option from the Policies/Assets view and select the **Use a template** option. You can select one of the templates from the templates library by clicking the **Use template** button from the policy template card.
Each policy template has a name, a description, and displays the graphic connections between filters and actions.
You can customize the filters and actions or use the template as is. After finishing all the template changes, click the **Save** button to create the new policy.
-## Define Filters
+## Define filters
{% hint style="info" %}
**Release status**
@@ -41,12 +41,12 @@ You can specify more than one filter component with an **And** or **Or** operato
## Set actions
-After defining filter components, you need to define the actions that the policy has to perform on the filtered assets. Asset policies support the following actions:
+After defining filter components, you need to define the actions that the policy must perform on the filtered assets. Asset policies support the following actions:
* **Send Email** - Receive an email every time there are asset updates. You can choose between daily emails or scheduling the checks. You can include a link to the relevant assets. Each notification lists all impacted assets. You can view them individually or see the aggregated view by clicking **Click Here**. The list of assets displayed in the email notification is automatically generated.
* **Send Slack Message** - Receive a Slack notification every time there are asset updates. You need to add your [Slack webhook URL](https://app.gitbook.com/s/IEEjSXQQu36y0vmFV8zf/integrations/jira-and-slack-integrations/slack-integration), then you can choose between daily emails or scheduling the checks. You can include a link to the relevant assets. Each notification lists all impacted assets. You can view them individually or see the aggregated view by clicking **Click Here**. The list of assets displayed in the email notification is automatically generated.
-* **Set Asset Class** - Sets the class on the matched assets. Removing the policy or turning in off does not retroactively change the asset class back to default.
-* **Set Asset Tag** - Sets a tag on the matched assets. Removing the policy or turning in off will remove the tags of this policy from the relevant assets.
-* **Set Coverage Control Policy** - Sets a control on filtered assets that checks whether selected security products are scanning assets, optionally within a given timeframe. Assets that fail this control will be marked accordingly on inventory pages. This control applies the OR logic across products.
+* **Set Asset Class** - Sets the class on the matched assets. Removing the policy or turning it off does not retroactively change the asset class back to default.
+* **Set Asset Tag** - Sets a tag on the matched assets. Removing the policy or turning it off removes the tags of this policy from the relevant assets.
+* **Set Coverage Control Policy** - Sets a control on filtered assets that checks whether selected security products are scanning assets, optionally in a given timeframe. Assets that fail this control are marked accordingly on inventory pages. This control applies the OR logic across products.
The editor supports multiple flows for the same policy. The flows can be independent or intersect.
diff --git a/scan-fix-and-prevent/manage-risk/policies/assets-policies/implement-policies.md b/scan-fix-and-prevent/manage-risk/policies/assets-policies/implement-policies.md
index 232c05cbb4f1..f0195be70a9b 100644
--- a/scan-fix-and-prevent/manage-risk/policies/assets-policies/implement-policies.md
+++ b/scan-fix-and-prevent/manage-risk/policies/assets-policies/implement-policies.md
@@ -1,6 +1,6 @@
# Implement policies
-All policies that you add to a project help you to better monitor your assets and automate the business context by always receiving notifications about occurring changes.
+All policies that you add to a Project help you to better monitor your assets and automate the business context by always receiving notifications about occurring changes.
## Policy functionalities
@@ -13,7 +13,7 @@ Access the main view of the Policy function to see a list of all your policies a
You can hover over a policy to gain access to extra details:
* **Go to flow** - Opens the policy.
-* **Edit name and description** - Allows you to edit the name and description of the policy.
+* **Edit name and description** - Lets you edit the name and description of the policy.
* **Clone** - Duplicates the policy.
* **Delete** - Removes the policy.
@@ -27,13 +27,13 @@ You can run a simulation to get an overview of how the policy is working. A numb
### Run the policy
-All policies are automatically run in a maximum of 3 hours after creation, then every 3 hours. You can manually run a policy by clicking Run to apply the policy to your assets. Changes are applied automatically to your assets by implementing the actions you set on the policy.
+All policies are automatically run in a maximum of three hours after creation, then every three hours. You can manually run a policy by clicking **Run** to apply the policy to your assets. Changes are applied automatically to your assets by implementing the actions you set on the policy.
You can also add an **AND** **Send email** or **Send Slack notification** action to be notified after the policy is successfully run.
### Edit a policy
-Click Edit to change the settings of your policies. You can change, add, or remove information from both the Filters and Actions fields.
+Click **Edit** to change the settings of your policies. You can change, add, or remove information from both the Filters and Actions fields.
{% hint style="info" %}
You cannot revert changes to a policy to its initial state.
diff --git a/scan-fix-and-prevent/manage-risk/policies/assets-policies/use-cases-for-policies/classification-policy.md b/scan-fix-and-prevent/manage-risk/policies/assets-policies/use-cases-for-policies/classification-policy.md
index bde2cf7d393e..efcaf83d3e32 100644
--- a/scan-fix-and-prevent/manage-risk/policies/assets-policies/use-cases-for-policies/classification-policy.md
+++ b/scan-fix-and-prevent/manage-risk/policies/assets-policies/use-cases-for-policies/classification-policy.md
@@ -13,7 +13,7 @@ Snyk Essentials identifies GitHub and GitLab topics as asset labels.
Use the classification policy to give business context to your application. When you set up a classification policy, all your assets are automatically classified.
-If you just started using the classification policy, the recommendation is to focus first on the Class D assets, since they are the least important.
+If you are new to the classification policy, the recommendation is to focus first on the Class D assets, since they are the least important.
The following example filters the assets that contain `sandbox`, `test`, and `to-delete` in their names. In Snyk Essentials, GitHub and GitLab topics are pulled in from the SCM integration and applied to repository assets, so if topics like `PCI-Compliance` have been added to repos in the SCM, Snyk can take those tags in Snyk Essentials and classify those assets as Class A.
diff --git a/scan-fix-and-prevent/manage-risk/policies/assets-policies/use-cases-for-policies/coverage-and-coverage-gap-policies.md b/scan-fix-and-prevent/manage-risk/policies/assets-policies/use-cases-for-policies/coverage-and-coverage-gap-policies.md
index 52db47df7f0c..6210175a3d3e 100644
--- a/scan-fix-and-prevent/manage-risk/policies/assets-policies/use-cases-for-policies/coverage-and-coverage-gap-policies.md
+++ b/scan-fix-and-prevent/manage-risk/policies/assets-policies/use-cases-for-policies/coverage-and-coverage-gap-policies.md
@@ -26,7 +26,7 @@ Snyk Essentials includes a default asset policy to highlight potential coverage
Identifying coverage gaps using this policy is SCM integration dependent, meaning that it does not flag coverage gaps when there are no language tags found.
-You can use this policy as a template, edit, update and delete it.
+You can use this policy as a template, edit, update, and delete it.
### Exclude all products
diff --git a/scan-fix-and-prevent/manage-risk/policies/assets-policies/use-cases-for-policies/coverage-control-policy.md b/scan-fix-and-prevent/manage-risk/policies/assets-policies/use-cases-for-policies/coverage-control-policy.md
index 1909a1368379..66f8a73989b8 100644
--- a/scan-fix-and-prevent/manage-risk/policies/assets-policies/use-cases-for-policies/coverage-control-policy.md
+++ b/scan-fix-and-prevent/manage-risk/policies/assets-policies/use-cases-for-policies/coverage-control-policy.md
@@ -2,7 +2,7 @@
You can use the **Set Coverage Control** action from the Policies view to identify your application assets, monitor them, and prioritize the risks. You can select one or multiple security products and also specify a timeframe for when the last scan should have taken place.
-Identifying and setting coverage policies allows your team to define where certain security controls are expected to be in place.
+Identifying and setting coverage policies lets your team define where certain security controls are expected to be in place.
The following example filters out assets that should have Snyk Open Source and Snyk Code security controls in place and then sets the coverage policies.
diff --git a/scan-fix-and-prevent/manage-risk/policies/assets-policies/use-cases-for-policies/notification-policy.md b/scan-fix-and-prevent/manage-risk/policies/assets-policies/use-cases-for-policies/notification-policy.md
index 32d8501458bc..5eda8ab55952 100644
--- a/scan-fix-and-prevent/manage-risk/policies/assets-policies/use-cases-for-policies/notification-policy.md
+++ b/scan-fix-and-prevent/manage-risk/policies/assets-policies/use-cases-for-policies/notification-policy.md
@@ -17,7 +17,7 @@ After setting up the filter conditions, you need to choose the **Send Email** ac
If you want to set a **Send Slack Message** action, then you can generate the Slack webhook by using the [Incoming WebHooks app](https://slack.com/apps/A0F7XDUAZ-incoming-webhooks) or by [creating your own Slack app](https://api.slack.com/incoming-webhooks).
{% endhint %}
-Customize the Send Email action to notify you with a link to the assets impacted by the set policy. You can do this by typing "/" inside the **Body** field of the **Send Email** action and selecting **Link to Assets**. After you save the policy, every notification received will list all the assets impacted by the policy.
+Customize the Send Email action to notify you with a link to the assets impacted by the set policy. You can do this by typing "/" inside the **Body** field of the **Send Email** action and selecting **Link to Assets**. After you save the policy, every notification received lists all the assets impacted by the policy.
Assets Policy - Set up the Links to Assets option from the Send Email action
@@ -25,10 +25,10 @@ This is how your policy should look after all filters and actions are set.
Assets Policy - Setting up a notification policy
-You will receive an email notification after including the **Link to Assets** option in the Body field. You can access the assets from the notification individually, or view them in an aggregated form by clicking the **Click Here** link. The list of assets displayed in the email notification is automatically generated.
+You receive an email notification after including the **Link to Assets** option in the Body field. You can access the assets from the notification individually, or view them in an aggregated form by clicking the **Click Here** link. The list of assets displayed in the email notification is automatically generated.
{% hint style="info" %}
-After an email notification policy is created, it is run in a maximum of 3 hours after creation, then once every 3 hours.
+After an email notification policy is created, it runs in a maximum of three hours after creation, then once every three hours.
-If your policy is set to run daily, then the policy is run in a maximum of 3 hours after the 24-hour period ends. You can always manually run a policy by using the Run button.
+If your policy is set to run daily, then the policy runs in a maximum of three hours after the 24-hour period ends. You can always manually run a policy by using the Run button.
{% endhint %}
diff --git a/scan-fix-and-prevent/manage-risk/policies/assets-policies/use-cases-for-policies/tagging-policy.md b/scan-fix-and-prevent/manage-risk/policies/assets-policies/use-cases-for-policies/tagging-policy.md
index 25941e1a6544..390bb85e0cfc 100644
--- a/scan-fix-and-prevent/manage-risk/policies/assets-policies/use-cases-for-policies/tagging-policy.md
+++ b/scan-fix-and-prevent/manage-risk/policies/assets-policies/use-cases-for-policies/tagging-policy.md
@@ -4,6 +4,6 @@
Categorize and label repository assets with [asset labels](../../../../manage-assets/assets-inventory-components.md#tags). You can use the **Set Asset Labels** action to mark the repositories to which the filter criteria you have set apply.
-Snyk Essentials has a number of pre-defined system labels that can be used for filtering and setting labels with policies. User-defined custom labels can be created using policies. You can create a Set Asset Label policy action and define a custom tag by typing your tag in the tag search bar and selecting **Create new: `label_name`**. In this example the `label_name` is payment.
+Snyk Essentials has a number of pre-defined system labels that you can use for filtering and setting labels with policies. User-defined custom labels can be created using policies. You can create a Set Asset Label policy action and define a custom tag by typing your tag in the tag search bar and selecting **Create new: `label_name`**. In this example the `label_name` is payment.
-The following use case demonstrates how to apply the custom-defined `backend` label to assets that match certain naming conventions. This allows a quick filter for backend assets from the Inventory view.
+The following use case demonstrates how to apply the custom-defined `backend` label to assets that match certain naming conventions. This lets you quickly filter backend assets from the Inventory view.
diff --git a/scan-fix-and-prevent/manage-risk/policies/assign-a-policy-to-an-organization.md b/scan-fix-and-prevent/manage-risk/policies/assign-a-policy-to-an-organization.md
index 7f0c4ee7135a..70e4ea65f645 100644
--- a/scan-fix-and-prevent/manage-risk/policies/assign-a-policy-to-an-organization.md
+++ b/scan-fix-and-prevent/manage-risk/policies/assign-a-policy-to-an-organization.md
@@ -10,22 +10,22 @@ Policies applied to Organizations are in effect when you run the `snyk test` or
To apply a policy to an Organization, in the Organization selector panel, check the box for the Organization to which you want to apply the policy.
-If an Organization has another policy applied, you can see that policy from the selector, and the policy indicator next to the Organization name will be gray.
+If an Organization has another policy applied, you can see that policy from the selector, and the policy indicator next to the Organization name is gray.
If the Organization already has the policy applied, the name of the policy is displayed in a yellow indicator next to the Organization name.
-If you are applying a different policy to an Organization, in order to move that Organization from one policy to another, two indicators appear next to the Organization name in the selector. One shows, in yellow, the policy that is currently applied. The other shows the policy you will be applying to the Organization in gray.
+If you are applying a different policy to an Organization, to move that Organization from one policy to another, two indicators appear next to the Organization name in the selector. One shows, in yellow, the policy that is currently applied. The other shows the policy you are applying to the Organization in gray.
## Remove a policy from an Organization
To remove a policy from an Organization, uncheck the box next to the Organization you want to remove from the policy that you are viewing.
-The unchecked Organization will now automatically revert to the default policy.
+The unchecked Organization now automatically reverts to the default policy.
## Apply the default policy to an Organization
-Remove the policy currently applied to the Organization. The Organization will automatically revert to the default policy.
+Remove the policy currently applied to the Organization. The Organization automatically reverts to the default policy.
## Remove the default policy from an Organization
-Apply a new policy to the Organization. The Organization will automatically be removed from the default policy and the new policy will be applied.
+Apply a new policy to the Organization. The Organization is automatically removed from the default policy, and the new policy is applied.
diff --git a/scan-fix-and-prevent/manage-risk/policies/assign-policies-to-projects.md b/scan-fix-and-prevent/manage-risk/policies/assign-policies-to-projects.md
index 58c4878b6d85..e8cd33e898a9 100644
--- a/scan-fix-and-prevent/manage-risk/policies/assign-policies-to-projects.md
+++ b/scan-fix-and-prevent/manage-risk/policies/assign-policies-to-projects.md
@@ -40,9 +40,9 @@ For example, if you have a policy applied to `Critical`, `External`, and `Fronte
An example policy follows. It is applied to an attribute in the **Business Criticality** section, `Critical`, and to attributes in the **Environment** section, `Frontend` and `External`. The policy also has two Project tags. The first tag has the key `PCI`, with the value of `Compliant`. The second tag has the key `owner`, with the value of `fred`.
-The following Project has the attributes `Frontend`, `External`, and `Critical`, and has at least one matching tag, `PCI:Compliant`. Thus the Project will inherit the policy, that is, the policy is assigned to this Project.
+The following Project has the attributes `Frontend`, `External`, and `Critical`, and has at least one matching tag, `PCI:Compliant`. So the Project inherits the policy, that is, the policy is assigned to this Project.
-The following Project will not inherit the policy, because the Project lacks the `External` environment attribute.
+The following Project does not inherit the policy, because the Project lacks the `External` environment attribute.
## Assign multiple policies to a Project
diff --git a/scan-fix-and-prevent/manage-risk/policies/license-policies/README.md b/scan-fix-and-prevent/manage-risk/policies/license-policies/README.md
index 686b4ace42b9..a4652ec01e1d 100644
--- a/scan-fix-and-prevent/manage-risk/policies/license-policies/README.md
+++ b/scan-fix-and-prevent/manage-risk/policies/license-policies/README.md
@@ -6,7 +6,7 @@ You can [create a license policy and rules](create-a-license-policy-and-rules.md
An initial policy is created automatically and set as the default to help you get started quickly with license policy management.
-This default policy is a baseline to meet the requirements of multiple types of applications, such as SaaS, distributed, and so on, and may be used as a starting point to calibrate additional license policies.
+This default policy is a baseline to meet the requirements of multiple types of applications, such as SaaS, distributed, and so on, and you can use it as a starting point to calibrate additional license policies.
The default license policy contains the standard Snyk Default License Policy, but you can edit the rules to suit your preferences.
diff --git a/scan-fix-and-prevent/manage-risk/policies/license-policies/license-policy-results.md b/scan-fix-and-prevent/manage-risk/policies/license-policies/license-policy-results.md
index a33f70fba429..b2b55dac5148 100644
--- a/scan-fix-and-prevent/manage-risk/policies/license-policies/license-policy-results.md
+++ b/scan-fix-and-prevent/manage-risk/policies/license-policies/license-policy-results.md
@@ -1,5 +1,5 @@
# License policy results
-A newly assigned policy, or modifications to a policy, will apply after the next scheduled test runs for all of the licenses in the Organization.
+A newly assigned policy, or modifications to a policy, applies after the next scheduled test runs for all of the licenses in the Organization.
If you change severity, results from scans are updated in the Snyk Web UI, in [your IDE](https://app.gitbook.com/s/IEEjSXQQu36y0vmFV8zf/integrations/snyk-ide-plugins-and-extensions), or in Snyk [PR Checks](../../../scan-with-snyk/pull-requests/pull-request-checks/).
diff --git a/scan-fix-and-prevent/manage-risk/policies/security-policies/create-a-security-policy-and-rules.md b/scan-fix-and-prevent/manage-risk/policies/security-policies/create-a-security-policy-and-rules.md
index b9b94b9aecbc..7dbc88be6a66 100644
--- a/scan-fix-and-prevent/manage-risk/policies/security-policies/create-a-security-policy-and-rules.md
+++ b/scan-fix-and-prevent/manage-risk/policies/security-policies/create-a-security-policy-and-rules.md
@@ -22,12 +22,12 @@ Select the conditions and actions to complete a rule. See [Security policy condi
* To delete or duplicate a rule, click the three dots at the top right of the rule box.
{% hint style="info" %}
-The order of the rules you create determines the order they will be applied. If multiple rules with the same action type match the same issue, the rule closest to the top takes precedence over any subsequent rules.
+The order of the rules you create determines the order they are applied. If multiple rules with the same action type match the same issue, the rule closest to the top takes precedence over any subsequent rules.
**Example:**
* Rule 1: Sets severity to HIGH for issues with mature exploit maturity.
* Rule 2: Sets severity to LOW for issue ID "CVE-2025-0001".
-If an issue with "CVE-2025-0001" also has mature exploit maturity, both rules apply. Because Rule 1 is listed first, the final severity will be HIGH.
+If an issue with "CVE-2025-0001" also has mature exploit maturity, both rules apply. Because Rule 1 is listed first, the final severity is HIGH.
{% endhint %}
diff --git a/scan-fix-and-prevent/manage-risk/policies/security-policies/security-policies-conditions.md b/scan-fix-and-prevent/manage-risk/policies/security-policies/security-policies-conditions.md
index 760118494569..02a9d1d55591 100644
--- a/scan-fix-and-prevent/manage-risk/policies/security-policies/security-policies-conditions.md
+++ b/scan-fix-and-prevent/manage-risk/policies/security-policies/security-policies-conditions.md
@@ -8,4 +8,4 @@ Security policies are applicable to Snyk Open Source and Snyk Container Projects
You can stack multiple conditions in the same rule using the **AND** function.
-
Condition category
Condition definitions and variables
Exploit Maturity
Matches all issues that contain a specified exploit maturity value. When multiple values are selected, the condition applies to all issues containing any of the selected values. Values include Mature, Proof of Concept, No known exploit, and No data available.
CWE
Matches all issues that contain a specified CWE. Supports multiple CWEs.
CVE
Matches all issues that contain a specified CVE. Supports multiple CVEs.
Snyk ID
Matches all issues that contain a specified Snyk ID. Supports multiple Snyk IDs. Not every issue has a CVE, so this is a good way to specify those.
Severity
Matches all issues that contain a specified severity level. When multiple values are selected, the condition will apply to all issues containing any of the selected severity levels (for example, Critical, High, Medium, Low).
+
Condition category
Condition definitions and variables
Exploit Maturity
Matches all issues that contain a specified exploit maturity value. When multiple values are selected, the condition applies to all issues containing any of the selected values. Values include Mature, Proof of Concept, No known exploit, and No data available.
CWE
Matches all issues that contain a specified CWE. Supports multiple CWEs.
CVE
Matches all issues that contain a specified CVE. Supports multiple CVEs.
Snyk ID
Matches all issues that contain a specified Snyk ID. Supports multiple Snyk IDs. Not every issue has a CVE, so this is a good way to specify those.
Severity
Matches all issues that contain a specified severity level. When multiple values are selected, the condition applies to all issues containing any of the selected severity levels (for example, Critical, High, Medium, Low).
diff --git a/scan-fix-and-prevent/manage-risk/policies/security-policies/security-policy-actions.md b/scan-fix-and-prevent/manage-risk/policies/security-policies/security-policy-actions.md
index 8aeb5f4c64de..670ce1486c93 100644
--- a/scan-fix-and-prevent/manage-risk/policies/security-policies/security-policy-actions.md
+++ b/scan-fix-and-prevent/manage-risk/policies/security-policies/security-policy-actions.md
@@ -6,9 +6,9 @@ An action defines what you want to happen when the [security policy conditions](
You cannot stack multiple actions in the same rule. To have multiple actions with a rule, create a new rule block with the same conditions, and specify a different action.
{% endhint %}
-These are the actions that can currently be applied:
+These are the actions you can apply:
-
Action
Definitions
Change severity to…
Changes the severity of whatever issues match the conditions. This can be set to Low, Medium, High, or Critical.
Issues with a changed severity have their priority score updated to reflect the new severity. A note appears on the issue card indicating that the severity of the issue has been changed by a policy. The severity icon will also be "stacked," showing the original severity behind the new one.
Ignore current and future instances
Ignore all vulnerabilities that match the conditions. For example, ignore all issues that have no known exploits in Projects with a businesscriticality attribute of low.
After an ignore policy is applied, ignores will occur every time the relevant Project is re-scanned, with ignored issues marked as ignored by Security Policy.
When setting the action, you can select won't fix and not vulnerable as ignore types, and add a reason, which appears with the ignore on the issue card
Policy-based ignores have the same behavior as issues that are manually ignored. As with manual ignores, automatic PRs are not raised on issues ignored by a security policy or included in the issue count in reporting.
+
Action
Definitions
Change severity to…
Changes the severity of whatever issues match the conditions. This can be set to Low, Medium, High, or Critical.
Issues with a changed severity have their priority score updated to reflect the new severity. A note appears on the issue card indicating that the severity of the issue has been changed by a policy. The severity icon is also "stacked," showing the original severity behind the new one.
Ignore current and future instances
Ignore all vulnerabilities that match the conditions. For example, ignore all issues that have no known exploits in Projects with a businesscriticality attribute of low.
After an ignore policy is applied, ignores occur every time the relevant Project is re-scanned, with ignored issues marked as ignored by Security Policy.
When setting the action, you can select won't fix and not vulnerable as ignore types, and add a reason, which appears with the ignore on the issue card
Policy-based ignores have the same behavior as issues that are manually ignored. As with manual ignores, automatic PRs are not raised on issues ignored by a security policy or included in the issue count in reporting.
{% hint style="info" %}
Security policies are applicable to Snyk Open Source and Snyk Container Projects.
diff --git a/scan-fix-and-prevent/manage-risk/policies/security-policies/security-policy-results.md b/scan-fix-and-prevent/manage-risk/policies/security-policies/security-policy-results.md
index f18ee0233fb5..d32fc56e0b33 100644
--- a/scan-fix-and-prevent/manage-risk/policies/security-policies/security-policy-results.md
+++ b/scan-fix-and-prevent/manage-risk/policies/security-policies/security-policy-results.md
@@ -1,6 +1,6 @@
# Security policy results
-A newly-assigned policy, or changes to a policy, apply when the Project is re-scanned. This is what Project collaborators see when an action is applied to a vulnerability:
+A newly assigned policy, or changes to a policy, apply when the Project is re-scanned. This is what Project collaborators see when an action is applied to a vulnerability:
Action
What Project collaborators see
Change severity to…
The new severity, as well as the originally assigned severity
Ignore current and future instances
An ignored issue looking like a manual ignore but labeled ignored by Security Policy.
diff --git a/scan-fix-and-prevent/manage-risk/policies/the-.snyk-file.md b/scan-fix-and-prevent/manage-risk/policies/the-.snyk-file.md
index 84245d6e0a09..6a2cce014157 100644
--- a/scan-fix-and-prevent/manage-risk/policies/the-.snyk-file.md
+++ b/scan-fix-and-prevent/manage-risk/policies/the-.snyk-file.md
@@ -84,7 +84,7 @@ When you include the `.snyk` file in your code repository and the `language-sett
* By including a `.snyk` file in your code repository with the `language settings:` value set to one of the available UI language settings options, you can override the Organization level settings for SCM scans of that repository to use any Python version that is available in the UI options.
{% hint style="info" %}
-if the `.snyk` file was not present at the initial import of the Project into Snyk., you must re-import the Project.
+If the `.snyk` file was not present at the initial import of the Project into Snyk, you must re-import the Project.
{% endhint %}
For more information about Python version support, see [Python version support](https://app.gitbook.com/s/L7HyJj9FsK1W4pNt8Gzl/supported-languages/supported-languages-list/python#technical-specifications).
diff --git a/scan-fix-and-prevent/manage-risk/policies/use-policies-in-the-sdlc.md b/scan-fix-and-prevent/manage-risk/policies/use-policies-in-the-sdlc.md
index 96e3c4102c90..9bdce6e3627f 100644
--- a/scan-fix-and-prevent/manage-risk/policies/use-policies-in-the-sdlc.md
+++ b/scan-fix-and-prevent/manage-risk/policies/use-policies-in-the-sdlc.md
@@ -2,7 +2,7 @@
You can apply policies across all stages of the SDLC, from the developer’s local development environment, in the IDE or CLI, through to Git-based workflows and CI/CD, and into production.
-These multiple security and compliance controls ensure issues are flagged as early as possible in the development process when it is least costly and time-consuming to fix them.
+These multiple security and compliance controls ensure Snyk flags issues as early as possible in the development process, when it is least costly and time-consuming to fix them.
{% hint style="info" %}
In addition, the `.snyk` file is a policy file that Snyk uses to define certain analysis behaviors and to specify patches for the CLI and CI/CD plugins. See [The .snyk file](the-.snyk-file.md) for details
@@ -10,7 +10,7 @@ In addition, the `.snyk` file is a policy file that Snyk uses to define certain
## Assign policies to Projects or Organizations
-For both [security policies](security-policies/) and [license policies](license-policies/), you can apply a policy to Project attributes and to an Organization. This enables you to assign policies to Projects and to Organizations. For details, see [Assign policies to Projects](assign-policies-to-projects.md) and [Assign a policy to an Organization](assign-a-policy-to-an-organization.md).
+For both [security policies](security-policies/) and [license policies](license-policies/), you can apply a policy to Project attributes and to an Organization. This lets you assign policies to Projects and to Organizations. For details, see [Assign policies to Projects](assign-policies-to-projects.md) and [Assign a policy to an Organization](assign-a-policy-to-an-organization.md).
### Example: assign a license policy to Projects
@@ -23,7 +23,7 @@ Next, create a new license policy and apply the policy to those attributes:
{% hint style="info" %}
In the policy itself, a high severity can be applied to any copyleft license identified in Projects, such as the [GPL-3.0](https://snyk.io/learn/what-is-gpl-license-gplv3-explained/) and [AGPL-3.0 licenses](https://snyk.io/learn/agpl-license/).\
-When you create license policies, Snyk recommends that you describe why Snyk will fail the test. Thus, for example, if a build fails due to the GPL license, developers can see the explanation, and they will know what action to take. See [Create a license policy and rules](license-policies/create-a-license-policy-and-rules.md) for details.
+When you create license policies, Snyk recommends that you describe why Snyk fails the test. For example, if a build fails due to the GPL license, developers can see the explanation, and they know what action to take. See [Create a license policy and rules](license-policies/create-a-license-policy-and-rules.md) for details.
{% endhint %}
This policy is now assigned to all Projects with the selected attributes applied and takes effect the next time Snyk scans those Projects.
@@ -40,10 +40,10 @@ See [Security policies](security-policies/) for more details.
## Apply policies in GitHub repos
-For GitHub Projects monitored by Snyk, any new pull request from a contributing developer can be checked against policies assigned to that Project. This ensures that policy-breaking code cannot be committed to the repository.
+For GitHub Projects monitored by Snyk, Snyk can check any new pull request from a contributing developer against policies assigned to that Project. This ensures that policy-breaking code cannot be committed to the repository.
{% hint style="info" %}
-See [PR Checks](../../scan-with-snyk/pull-requests/pull-request-checks/) for details of Snyk’s PR Checks feature.
+See [PR Checks](../../scan-with-snyk/pull-requests/pull-request-checks/) for details of the PR Checks feature in Snyk.
{% endhint %}
An example follows of a PR check on a JavaScript package license.
diff --git a/scan-fix-and-prevent/manage-risk/policies/view-create-and-modify-policies.md b/scan-fix-and-prevent/manage-risk/policies/view-create-and-modify-policies.md
index a6e95b4bc626..eb139a656dd0 100644
--- a/scan-fix-and-prevent/manage-risk/policies/view-create-and-modify-policies.md
+++ b/scan-fix-and-prevent/manage-risk/policies/view-create-and-modify-policies.md
@@ -22,13 +22,13 @@ When you expand a category, the screen shows the policies applied to **Project a
Each policy category has a default policy. Default policies can be applied only to Organizations, not Project attributes.
-When you create a new Organization, it will automatically be added to the default policy unless you have copied the settings of an existing Organization. You can assign an Organization to a different policy if desired.
+When you create a new Organization, Snyk automatically adds it to the default policy unless you have copied the settings of an existing Organization. You can assign an Organization to a different policy if desired.
-The default policy cannot be deleted; however, the default policy name, description, and rules can be edited to match your preferences. A default policy can also contain no rules if you'd prefer.
+You cannot delete the default policy. However, you can edit the default policy name, description, and rules to match your preferences. A default policy can also contain no rules if you prefer.
See [Assign a policy to an Organization](assign-a-policy-to-an-organization.md) for details.
-The Policy Manager allows you to [create](view-create-and-modify-policies.md#create-a-policy), [edit](view-create-and-modify-policies.md#edit-a-policy), and [duplicate or delete a policy](view-create-and-modify-policies.md#duplicate-or-delete-a-policy).
+The Policy Manager lets you [create](view-create-and-modify-policies.md#create-a-policy), [edit](view-create-and-modify-policies.md#edit-a-policy), and [duplicate or delete a policy](view-create-and-modify-policies.md#duplicate-or-delete-a-policy).
## Create a policy
@@ -53,5 +53,5 @@ To duplicate or delete a policy, click the three dots on the right-hand side:
Duplicating a policy copies the rules of a policy but not the assigned Organizations or Projects. The new policy is automatically called **Copy of (Policy Name)…** and can be edited as [explained in Edit a policy](view-create-and-modify-policies.md#edit-a-policy).
{% hint style="info" %}
-Deleting a policy cannot be undone. If you delete a policy with Organizations assigned to it, those Organizations will return to the default policy.
+Deleting a policy cannot be undone. If you delete a policy with Organizations assigned to it, those Organizations return to the default policy.
{% endhint %}
diff --git a/scan-fix-and-prevent/manage-risk/prioritize-issues-for-fixing/README.md b/scan-fix-and-prevent/manage-risk/prioritize-issues-for-fixing/README.md
index 07ba364f765b..900e8c760fb8 100644
--- a/scan-fix-and-prevent/manage-risk/prioritize-issues-for-fixing/README.md
+++ b/scan-fix-and-prevent/manage-risk/prioritize-issues-for-fixing/README.md
@@ -9,7 +9,7 @@ You can find prioritization within Snyk under several names and with different c
You can focus solely on one type of prioritization, or you can combine them for a more complex and targeted focus on the issues that require your immediate attention. You can use prioritization for your vulnerabilities, your security program, and your coverage (from a security perspective), or you can use it in the Reporting section of your Projects.\
\
-For example, if you only prioritize the Projects from your repositories, then the list of issues is more general. However, if you choose to use prioritization with Issues, available for Snyk Essentials, the analyzed issues are filtered through several other factors (risk factors, assets) all contributing to the creation of an issues priority list based on more complex and targeted filters, allowing you to customize the prioritization based on your needs.
+For example, if you only prioritize the Projects from your repositories, then the list of issues is more general. However, if you choose to use prioritization with Issues, available for Snyk Essentials, Snyk filters the analyzed issues through several other factors (risk factors, assets) that all contribute to the creation of an issue priority list based on more complex and targeted filters, letting you customize the prioritization based on your needs.
## Prioritization at the Project level
@@ -148,7 +148,7 @@ You can [ignore issues](ignore-issues/) and [triage issues](vulnerable-condition
Consider [Malicious packages](malicious-packages.md) and how to address them in your Projects.
-You can set up [reachable vulnerability analysis ](reachability-analysis.md)to identify vulnerabilities with a path to your code. This helps you asse are calculated as part of the priority score.
+You can set up [reachable vulnerability analysis ](reachability-analysis.md)to identify vulnerabilities with a path to your code. This helps you assess them as part of the Priority Score.
[Vulnerabilities with Social Trends](vulnerabilities-with-social-trends.md) are calculated as part of the Priority Score.
diff --git a/scan-fix-and-prevent/manage-risk/prioritize-issues-for-fixing/assets-and-risk-factors/README.md b/scan-fix-and-prevent/manage-risk/prioritize-issues-for-fixing/assets-and-risk-factors/README.md
index 5d2cf3f65934..84d3e5414733 100644
--- a/scan-fix-and-prevent/manage-risk/prioritize-issues-for-fixing/assets-and-risk-factors/README.md
+++ b/scan-fix-and-prevent/manage-risk/prioritize-issues-for-fixing/assets-and-risk-factors/README.md
@@ -1,6 +1,6 @@
# Assets and risk factors
-The capabilities of the SnykWeb UI Issues menu rely on understanding your application context to help you better prioritize your security issues. It does that by understanding how your application is configured and relying on that information to provide you with triage and prioritization of your assets and issues for the Snyk Essentials plan, and it also adds specific [risk factors](./#risk-factors) and [evidence graph](../using-the-issues-ui/evidence-graph.md) information.
+The capabilities of the Snyk Web UI Issues menu rely on understanding your application context to help you better prioritize your security issues. Snyk does this by understanding how your application is configured and using that information to provide triage and prioritization of your assets and issues for the Snyk Essentials plan. It also adds specific [risk factors](./#risk-factors) and [evidence graph](../using-the-issues-ui/evidence-graph.md) information.
* [Assets](./#assets) are analyzed using Snyk Issues, focusing on images, Kubernetes resources, and packages to understand how they all interact with each other.
* [Risk factors](./#risk-factors) are analyzed using Snyk Issues and grouped into four main categories:
@@ -26,11 +26,11 @@ Kubernetes resources do not map to the Snyk Projects. These are internal entitie
Packages are assets that represent a software package. Snyk Open Source and Snyk Code products perform security scans on files. These files represent the package manager declaration and the source code of a software package, respectively. A package is a representation of that software package.
-Packages can be mapped one to one with the Snyk Projects created by the scans performed by Snyk Open Source and Snyk Code. All the issues identified by these products and attributed to these Projects will be mapped to the package entity.
+Packages can be mapped one to one with the Snyk Projects created by the scans performed by Snyk Open Source and Snyk Code. Snyk maps all the issues identified by these products and attributed to these Projects to the package entity.
-The term Package is a very coarse abstraction. It does not have versions. It is a representation of the current state of the software package at a point in time. The point in time is determined by the time when the Snyk processing pipeline is completed and the state of Snyk Projects at that time.
+The term Package is a coarse abstraction. It does not have versions. It is a representation of the current state of the software package at a point in time. The point in time is determined by the time when the Snyk processing pipeline is completed and the state of Snyk Projects at that time.
-Snyk Open Source uses the word package to refer to the third-party dependencies declared in the package dependency manifest. Snyk does not currently expose the granularity of the third-party dependencies. However, from the prioritization data model point of view, there is no distinction between third-party and first-party packages. These would be represented as a package object at that point in time.
+Snyk Open Source uses the word package to refer to the third-party dependencies declared in the package dependency manifest. Snyk does not expose the granularity of the third-party dependencies. However, from the prioritization data model point of view, there is no distinction between third-party and first-party packages. Snyk represents these as a package object at that point in time.
## Risk factors
@@ -40,7 +40,7 @@ By understanding your images, packages, and Kubernetes resources as "application
* [OS condition](risk-factor-os-condition.md)
* [Public facing](risk-factor-public-facing.md)
-You can enable and disable all of these "application context" risk factors through the Group **Settings**, on the **Issues** tab. If you choose to disable a risk factor, a provider selection, or the Kubernetes cluster mapping, Snyk will no longer compute them.
+You can enable and disable all of these "application context" risk factors through the Group **Settings**, on the **Issues** tab. If you choose to disable a risk factor, a provider selection, or the Kubernetes cluster mapping, Snyk no longer computes them.
Depending on the integration options enabled for your application, risk factors are applied differently. You can [prioritize your integrations](../set-up-insights/#prioritize-your-integrations) by customizing the available Insights options from the Group settings.
diff --git a/scan-fix-and-prevent/manage-risk/prioritize-issues-for-fixing/assets-and-risk-factors/risk-factor-deployed.md b/scan-fix-and-prevent/manage-risk/prioritize-issues-for-fixing/assets-and-risk-factors/risk-factor-deployed.md
index 35d7d5e6bdff..5512b7e775ba 100644
--- a/scan-fix-and-prevent/manage-risk/prioritize-issues-for-fixing/assets-and-risk-factors/risk-factor-deployed.md
+++ b/scan-fix-and-prevent/manage-risk/prioritize-issues-for-fixing/assets-and-risk-factors/risk-factor-deployed.md
@@ -2,7 +2,7 @@
Any deployed code increases the risk of exploitation of your application and business.
-Understanding what code is deployed and where enables you to adopt a remediation strategy that reduces your risk surface area from running code.
+Understanding what code is deployed and where lets you adopt a remediation strategy that reduces your risk surface area from running code.
## Types of integration
@@ -12,11 +12,11 @@ The Deployed risk factor works with the Kubernetes Connector and third-party int
Snyk determines that a container image is deployed by looking for a match between the running images on the Kubernetes cluster and the created Snyk Container Projects.
-Snyk uses Kubernetes state information to extract Docker image identifiers that are being executed. The status of a Kubernetes container has image names that are being run by the Kubernetes runtime. A search is performed on the database of known Docker images to find matching names. When the image names are matched, Snyk can display this information in a graph. The graph shows the relationship between the image and the container. \\
+Snyk uses Kubernetes state information to extract Docker image identifiers that are being executed. The status of a Kubernetes container has image names that the Kubernetes runtime runs. Snyk searches the database of known Docker images to find matching names. When the image names match, Snyk can display this information in a graph. The graph shows the relationship between the image and the container. \\
A vulnerability in a deployed image
-Kubernetes is very [specific](https://kubernetes.io/docs/concepts/containers/images/#image-names) about how images are managed. Snyk uses the same logic to map the images Snyk knows about. Whenever you scan an Image with Snyk Container, Snyk collects information about the image name and image ID. Snyk uses this information to map images against information from Kubernetes.
+Kubernetes is [specific](https://kubernetes.io/docs/concepts/containers/images/#image-names) about how images are managed. Snyk uses the same logic to map the images Snyk knows about. Whenever you scan an Image with Snyk Container, Snyk collects information about the image name and image ID. Snyk uses this information to map images against information from Kubernetes.
{% hint style="info" %}
Snyk adheres to the defined naming standards as documented for [Kubernetes](https://kubernetes.io/docs/concepts/containers/images/#image-names) and Docker [images](https://docs.docker.com/engine/reference/commandline/images/) to ensure consistency with Kubernetes.
@@ -42,7 +42,7 @@ Result: Image successfully matched, and risk factor applied
Image matched
-The container image is scanned using the Snyk Container CLI only, referencing the full name of the image, including the registry. Snyk recommends doing this after the image is built and before it is deployed to your cluster.
+Scan the container image using the Snyk Container CLI only, referencing the full name of the image, including the registry. Snyk recommends doing this after you build the image and before you deploy it to your cluster.
An example scan follows:
@@ -66,13 +66,13 @@ Result: Image successfully matched, and risk factor applied
Matching of names
-The container image is scanned referencing a partial name, omitting the container registry.
+Scan the container image referencing a partial name, omitting the container registry.
An example scan follows:
`$ snyk container monitor my-app:lates`t
-Insights is not able to match this Project as the names do not match.
+Insights cannot match this Project because the names do not match.
The image is deployed to your Kubernetes cluster with this example manifest.
@@ -100,7 +100,7 @@ Snyk recommends always specifying the full name of the image in your CLI command
### Third-party integrations
-The Deployed risk factor is extended to third-party integrations through real-time monitoring of Kubernetes clusters, along with data from external sources. This enables a comprehensive assessment of deployed risks across diverse environments. By integrating with third-party tools, Snyk can cross-reference vulnerabilities from various sources, ensuring that the deployed risk factor reflects the most accurate and current threat landscape. This holistic approach allows Snyk to provide actionable insights and maintain robust security postures across all integrated platforms.
+Snyk extends the Deployed risk factor to third-party integrations through real-time monitoring of Kubernetes clusters, along with data from external sources. This supports the assessment of deployed risks across environments. By integrating with third-party tools, Snyk can cross-reference vulnerabilities from various sources, so the Deployed risk factor reflects current threats. This lets Snyk provide actionable insights and maintain security across all integrated platforms.
## Technical details for Snyk Insights Deployed risk factor
diff --git a/scan-fix-and-prevent/manage-risk/prioritize-issues-for-fixing/assets-and-risk-factors/risk-factor-os-condition.md b/scan-fix-and-prevent/manage-risk/prioritize-issues-for-fixing/assets-and-risk-factors/risk-factor-os-condition.md
index 47ec061b8a6c..78bbc1dfd025 100644
--- a/scan-fix-and-prevent/manage-risk/prioritize-issues-for-fixing/assets-and-risk-factors/risk-factor-os-condition.md
+++ b/scan-fix-and-prevent/manage-risk/prioritize-issues-for-fixing/assets-and-risk-factors/risk-factor-os-condition.md
@@ -10,7 +10,7 @@ If the vulnerability condition matches the operating system used by the runtime
| ------------------ | --------------- | ---------------------- |
| Any OS | Unknown | No risk factor |
| Linux | Unknown | No risk factor |
-| Windows | Unkown | No risk factor |
+| Windows | Unknown | No risk factor |
| Any OS | Linux | Risk factor identified |
| Linux | Linux | Risk factor identified |
| Windows | Linux | No risk factor |
@@ -24,12 +24,12 @@ When an image is scanned by Snyk Container, the information about which operatin
The OS condition risk factor works with your [Kubernetes Connector](../set-up-insights/set-up-insights-kubernetes-connector.md) integrations.
-The Kubernetes Connector leverages the OS condition risk factors to enhance the identification of vulnerabilities within containerized applications. It continuously checks and compares the operating systems of running containers with the known risk factors from the Snyk database. This integration helps to detect potentially vulnerable packages or images in real-time based on the operating system conditions. It allows proactive security measures within Kubernetes environments.
+The Kubernetes Connector uses the OS condition risk factors to enhance the identification of vulnerabilities in containerized applications. It continuously checks and compares the operating systems of running containers with the known risk factors from the Snyk database. This integration helps to detect potentially vulnerable packages or images in real time based on the operating system conditions. It supports proactive security measures in Kubernetes environments.
## Technical details for OS condition risk factor
Every hour, the data pipeline takes a snapshot of all Snyk Projects and data sources and extrapolates packages and images. This snapshot determines which images and packages are known to Snyk for any customer.
-Snyk Project tags are used to enable the customer to relate image assets to packages. This information is extracted from the hourly data snapshot, and a basic composition graph is generated between images and packages.
+Snyk Project tags let the customer relate image assets to packages. Snyk extracts this information from the hourly data snapshot and generates a basic composition graph between images and packages.
The data pipeline examines all the issues reported for the package and image and attempts to map the vulnerability condition between them.
diff --git a/scan-fix-and-prevent/manage-risk/prioritize-issues-for-fixing/assets-and-risk-factors/risk-factor-public-facing.md b/scan-fix-and-prevent/manage-risk/prioritize-issues-for-fixing/assets-and-risk-factors/risk-factor-public-facing.md
index 7a25f0d5696e..b4f8db867370 100644
--- a/scan-fix-and-prevent/manage-risk/prioritize-issues-for-fixing/assets-and-risk-factors/risk-factor-public-facing.md
+++ b/scan-fix-and-prevent/manage-risk/prioritize-issues-for-fixing/assets-and-risk-factors/risk-factor-public-facing.md
@@ -20,7 +20,7 @@ Kubernetes Connector checks the images for ingress configuration. If not detecte
The Public facing risk factor can be applied to your [Kubernetes Connector](../set-up-insights/set-up-insights-kubernetes-connector.md) integrations.
-The Public facing risk factor has significant implications for Kubernetes Connector integration. It affects how vulnerabilities and potential attack vectors are prioritized and managed within the Kubernetes environment. The continuous monitoring of Kubernetes events by the Kubernetes Connector ensures that any changes or potential risks are instantly evaluated and relayed to the Snyk platform. This real-time data allows for the dynamic adjustment of security policies and proactive risk mitigation, ensuring the integrity and security of the cloud-native infrastructure.
+The Public facing risk factor has significant implications for Kubernetes Connector integration. It affects how Snyk prioritizes and manages vulnerabilities and potential attack vectors in the Kubernetes environment. The continuous monitoring of Kubernetes events by the Kubernetes Connector ensures that Snyk evaluates any changes or potential risks and relays them to the Snyk platform. This real-time data supports the dynamic adjustment of security policies and proactive risk mitigation, ensuring the integrity and security of the cloud-native infrastructure.
## Technical details for the public-facing risk factor
diff --git a/scan-fix-and-prevent/manage-risk/prioritize-issues-for-fixing/ignore-issues/README.md b/scan-fix-and-prevent/manage-risk/prioritize-issues-for-fixing/ignore-issues/README.md
index 6bb462330aef..4a49cc8e656b 100644
--- a/scan-fix-and-prevent/manage-risk/prioritize-issues-for-fixing/ignore-issues/README.md
+++ b/scan-fix-and-prevent/manage-risk/prioritize-issues-for-fixing/ignore-issues/README.md
@@ -1,6 +1,6 @@
# Ignore issues
-You can ignore a vulnerability or open-source license issue if you do not need to fix it and want to avoid seeing the issue in scan results. You can ignore issues temporarily or permanently and set ignores individually or as actions. By using Snyk ignores you can display results only for issues you need to fix
+You can ignore a vulnerability or open-source license issue if you do not need to fix it and want to avoid seeing the issue in scan results. You can ignore issues temporarily or permanently and set ignores individually or as actions. By using Snyk ignores you can display results only for issues you need to fix.
For Open Source details, see [How to set ignores](./#how-to-set-ignores). This information provides a useful background for using ignores with other Snyk scanning methods. For more information, see the following sections on this page:
@@ -10,7 +10,7 @@ For Open Source details, see [How to set ignores](./#how-to-set-ignores). This i
## Decisions to ignore issues
-Optimally, it allows you to fix or patch vulnerabilities or remove vulnerable dependencies. However, you may want to suppress an issue for any of the following reasons:
+Optimally, you fix or patch vulnerabilities or remove vulnerable dependencies. However, you might want to suppress an issue for any of the following reasons:
* There is no fix.
* The issue is not relevant to the Project. One example is a distributed denial-of-service (DDoS) attack for an internal service.
@@ -35,16 +35,16 @@ Each issue card has an **Ignore** button that opens a dialog where you can selec
You can select **Not vulnerable** for any issue that is not exploitable at the time you create the ignore.
-If you select **Ignore temporarily,** then you can check the **Until fix is available** checkbox:
+If you select **Ignore temporarily,** then you can select the **Until fix is available** check box:
Ignore temporarily
-This is checked by default if no fix is available for the issue. The vulnerability resurfaces as soon as Snyk has a fix for it, and optionally you can provide additional details on why you are ignoring the issue.
+This check box is selected by default if no fix is available for the issue. The vulnerability resurfaces as soon as Snyk has a fix for it, and you can optionally provide additional details on why you are ignoring the issue.
{% hint style="info" %}
An issue is ignored until either of these conditions occurs: the ignore period expires, or the vulnerability becomes fixable.
-An issue ignored in an Open Source or Code Project in the Snyk web UI will be reflected and not flagged in any subsequent [PR checks](../../../scan-with-snyk/pull-requests/pull-request-checks/) across all branches of the Project.
+An issue ignored in an Open Source or Code Project in the Snyk Web UI is reflected and not flagged in any subsequent [PR checks](../../../scan-with-snyk/pull-requests/pull-request-checks/) across all branches of the Project.
{% endhint %}
When you ignore an issue in the Snyk Web UI, the issue shows who ignored it and allows you to edit the ignore or unignore the issue.
diff --git a/scan-fix-and-prevent/manage-risk/prioritize-issues-for-fixing/ignore-issues/consistent-ignores-for-snyk-code/README.md b/scan-fix-and-prevent/manage-risk/prioritize-issues-for-fixing/ignore-issues/consistent-ignores-for-snyk-code/README.md
index 4dae78a6a7f3..03b141b47a89 100644
--- a/scan-fix-and-prevent/manage-risk/prioritize-issues-for-fixing/ignore-issues/consistent-ignores-for-snyk-code/README.md
+++ b/scan-fix-and-prevent/manage-risk/prioritize-issues-for-fixing/ignore-issues/consistent-ignores-for-snyk-code/README.md
@@ -10,11 +10,11 @@ Enable Snyk Code Consistent Ignores for your Group or Organization in the Snyk W
## Disable Snyk Code Consistent Ignores
-Any ignores created or converted with the feature enabled will not be automatically converted back to Project-based ignores. You can recreate them manually after disabling the feature.
+Snyk does not automatically convert ignores created or converted with the feature enabled back to Project-based ignores. You can recreate them manually after disabling the feature.
## User roles
-To create, edit and remove ignores, you need to have a user role assigned with Ignore management permissions. Only Group Admins can set these permissions (see [User role management](https://app.gitbook.com/s/IgtgtomLQ2TUgSKOMSAm/user-management/user-role-management)).
+To create, edit, and remove ignores, you must have a user role assigned with Ignore management permissions. Only Group Admins can set these permissions (see [User role management](https://app.gitbook.com/s/IgtgtomLQ2TUgSKOMSAm/user-management/user-role-management)).
1. Log in to the Snyk Web UI and navigate to your Group and Organization.
2. Navigate to **Members** > **Manage Roles** and select one or more permissions.
@@ -24,7 +24,7 @@ To create, edit and remove ignores, you need to have a user role assigned with I
## Manage ignores at the Group level through Snyk Code Security policies
{% hint style="info" %}
-This feature is available to Enterprise customers only. It must be enabled by Snyk before it is accessible.
+This feature is available to Enterprise customers only. Snyk must enable it before it is accessible.
{% endhint %}
You can manage ignores proactively using Group-level Snyk Code Security policies. As a general rule, you can apply ignore policies when you identify a recurring need to apply similar individual ignores.
@@ -32,12 +32,12 @@ You can manage ignores proactively using Group-level Snyk Code Security policies
To manage the ignores through security policies, Snyk Code Consistent Ignores need to be enabled at the Group level. You do not require [conversion](convert-project-scoped-ignores-to-asset-scoped-ignores.md) for any previously applied Group level policy ignores. If you want to activate Snyk Code Security policies at the Group level, contact your Snyk account team or Snyk Support.
{% hint style="info" %}
-[**Snyk Security Policies**](https://docs.snyk.io/manage-risk/policies/security-policies) are a separate feature, available at the Group level to all Enterprise customers. That feature is applicable to Open Source and Container, and will not work for Snyk Code. For Group level policy Ignores to apply to Snyk Code, you must use the Snyk Code Security policies feature.
+[**Snyk Security Policies**](https://docs.snyk.io/manage-risk/policies/security-policies) are a separate feature, available at the Group level to all Enterprise customers. That feature is applicable to Open Source and Container, and does not work for Snyk Code. For Group level policy Ignores to apply to Snyk Code, you must use the Snyk Code Security policies feature.
{% endhint %}
Policies configured to ignore based on Project attributes do not result in ignores being applied in Snyk CLI and IDE settings where a Snyk Project is not available.
-To configure a Snyk Code Security policy, select the organization/s or project attributes that the policy should apply to, give it a name, and add rules containing at least one of the following criteria:
+To configure a Snyk Code Security policy, select the Organizations or Project attributes that the policy applies to, give it a name, and add rules containing at least one of the following criteria:
| Criteria | Description |
| -------- | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
@@ -51,7 +51,7 @@ You can take action from Project issues, but Snyk will apply any ignores to the
When you create, modify, or delete an ignore, you must [retest the Project](../../../../scan-with-snyk/snyk-code/manage-code-vulnerabilities/#retesting-code-repository) to update the issue status.
-An indicator at the top of the Project page will notify you if a retest is needed to capture policy or ignore updates.
+An indicator at the top of the Project page notifies you if a retest is needed to capture policy or ignore updates.
Project retests typically occur on a nightly or weekly basis, but you can also retest manually.
@@ -60,9 +60,9 @@ Project retests typically occur on a nightly or weekly basis, but you can also r
1. Log in to the Snyk Web UI and navigate to your Group and Organization.
2. Open a Project and find an issue card.
3. Select **Ignore** on an issue card to create an ignore.
-4. Fill in the ignore information and confirm its creation. The issue will be updated and moved from **Open** to **Ignored**.\
+4. Fill in the ignore information and confirm its creation. Snyk updates the issue and moves it from **Open** to **Ignored**.\
\
- If anyone loads the page before a retest, an indicator will appear and encourage retesting to capture policy or ignore changes.
+ If anyone loads the page before a retest, an indicator appears and encourages retesting to capture policy or ignore changes.
### Modify ignore
diff --git a/scan-fix-and-prevent/manage-risk/prioritize-issues-for-fixing/ignore-issues/consistent-ignores-for-snyk-code/api.md b/scan-fix-and-prevent/manage-risk/prioritize-issues-for-fixing/ignore-issues/consistent-ignores-for-snyk-code/api.md
index f8ab31e66111..f7fd8986606e 100644
--- a/scan-fix-and-prevent/manage-risk/prioritize-issues-for-fixing/ignore-issues/consistent-ignores-for-snyk-code/api.md
+++ b/scan-fix-and-prevent/manage-risk/prioritize-issues-for-fixing/ignore-issues/consistent-ignores-for-snyk-code/api.md
@@ -4,4 +4,4 @@ You can manage ignores individually through the [Snyk Policies API (REST)](https
The SARIF output from Snyk CLI contains the `snyk/asset/finding/v1` identifier used to manage ignores at the start of the Early Access program.
-This API leverages the `snyk/asset/finding/v1` identifier and not the `issueId` used by the legacy ignores API. Consider migrating any scripts or automation that rely on the legacy ignores API to the new policy API.
+This API uses the `snyk/asset/finding/v1` identifier and not the `issueId` used by the legacy ignores API. Consider migrating any scripts or automation that rely on the legacy ignores API to the new policy API.
diff --git a/scan-fix-and-prevent/manage-risk/prioritize-issues-for-fixing/ignore-issues/consistent-ignores-for-snyk-code/consistent-ignores-for-snyk-code-faqs.md b/scan-fix-and-prevent/manage-risk/prioritize-issues-for-fixing/ignore-issues/consistent-ignores-for-snyk-code/consistent-ignores-for-snyk-code-faqs.md
index d3a1b9f32f8a..5cac97b36fcf 100644
--- a/scan-fix-and-prevent/manage-risk/prioritize-issues-for-fixing/ignore-issues/consistent-ignores-for-snyk-code/consistent-ignores-for-snyk-code-faqs.md
+++ b/scan-fix-and-prevent/manage-risk/prioritize-issues-for-fixing/ignore-issues/consistent-ignores-for-snyk-code/consistent-ignores-for-snyk-code-faqs.md
@@ -11,7 +11,7 @@ This FAQ section addresses common concerns about the Snyk Code Consistent Identi
Ignores only work within the Organization where they're defined. You need to run tests in the Organization where you stored an ignore for it to be taken into account. This is also valid for Snyk IDE and CLI environments where developers work in repositories that span multiple Snyk organizations.
-Depending on feedback during the Early Access period, we may offer a broader scope for ignores beyond an individual Organization.
+Depending on feedback during the Early Access period, we might offer a broader scope for ignores beyond an individual Organization.
## Existing DeepCode inline ignores (legacy) are not supported or migrated
@@ -23,7 +23,7 @@ Recreate these ignores using the new Snyk Code Consistent Ignore process, either
## Repository renames may result in ignores being lost
-Snyk may fail to complete testing after you rename a repository, depending on whether the underlying SCM supports redirects. If Snyk successfully runs subsequent tests (e.g., GitHub), ignores may not be applied.
+Snyk might fail to complete testing after you rename a repository, depending on whether the underlying SCM supports redirects. If Snyk successfully runs subsequent tests (for example, GitHub), ignores might not be applied.
### Recommendation
@@ -36,7 +36,7 @@ Snyk may fail to complete testing after you rename a repository, depending on wh
1. Delete all targets associated with that repository.
2. Reimport the newly renamed repository.
-Previous Consistent Ignores are applied to the newly named repository. New clones in IDEs/CLI that reference the new name take into account the ignores, even with the old git URL, in case some developers haven't updated their remote repositories.
+Previous Consistent Ignores are applied to the newly named repository. New clones in IDEs/CLI that reference the new name take into account the ignores, even with the old git URL, in case some developers have not updated their remote repositories.
## Granular ignores
@@ -46,8 +46,8 @@ If you have specific use cases that require this functionality, reach out to you
## Project attribute policies
-Policies defined against Project attributes will continue to work within Snyk Projects where the attributes match. The policies are not applied across the repository to other Projects or in Snyk IDE, CLI, or PR checks flows. To apply policies across Projects and branches for the same repository, define them against Organizations.
+Policies defined against Project attributes continue to work within Snyk Projects where the attributes match. The policies are not applied across the repository to other Projects or in Snyk IDE, CLI, or PR checks flows. To apply policies across Projects and branches for the same repository, define them against Organizations.
## CI/CD support for snyk test --code
-Most native Snyk CI/CD plugins (e.g., Jenkins, AWS Pipelines) do not support Snyk Code. As a workaround, some users have been applying the `--code` flag to the standard `snyk test` command to invoke a Snyk Code scan instead of a Snyk Open Source scan. Snyk Code Consistent Ignores does not support this workflow.
+Most native Snyk CI/CD plugins (for example, Jenkins, AWS Pipelines) do not support Snyk Code. As a workaround, some users have been applying the `--code` flag to the standard `snyk test` command to invoke a Snyk Code scan instead of a Snyk Open Source scan. Snyk Code Consistent Ignores does not support this workflow.
diff --git a/scan-fix-and-prevent/manage-risk/prioritize-issues-for-fixing/ignore-issues/consistent-ignores-for-snyk-code/convert-project-scoped-ignores-to-asset-scoped-ignores.md b/scan-fix-and-prevent/manage-risk/prioritize-issues-for-fixing/ignore-issues/consistent-ignores-for-snyk-code/convert-project-scoped-ignores-to-asset-scoped-ignores.md
index e7b93fa3600e..e6eb5ab7c322 100644
--- a/scan-fix-and-prevent/manage-risk/prioritize-issues-for-fixing/ignore-issues/consistent-ignores-for-snyk-code/convert-project-scoped-ignores-to-asset-scoped-ignores.md
+++ b/scan-fix-and-prevent/manage-risk/prioritize-issues-for-fixing/ignore-issues/consistent-ignores-for-snyk-code/convert-project-scoped-ignores-to-asset-scoped-ignores.md
@@ -8,7 +8,7 @@ If you are new to Snyk or using Snyk Code Projects, you can skip this step, as t
Conversion provides you with control over which ignores Snyk converts. For example, if you monitor multiple branches for a given repository, you can decide what ignore metadata Snyk converts and uses as the single source of truth going forward.
-The following scenario assumes that you have ignored issues in your Snyk Code Project prior to enabling Snyk Code Consistent Ignores.
+The following scenario assumes that you have ignored issues in your Snyk Code Project before enabling Snyk Code Consistent Ignores.
If the **Ignore** button is inactive after you enable the **Snyk Code Consistent Ignores** feature, retest the Project.
@@ -41,9 +41,9 @@ To convert all legacy ignores from a Project page, navigate to your **Organizati
### Convert ignores using Snyk API
-For Snyk Code Projects with over 200 legacy Project-scoped ignores, or in scenarios where you want more control over the values applied for ignore attributes, consider using the Snyk API instead. This allows you to programmatically convert Project-scoped ignores to asset-scoped ignores.
+For Snyk Code Projects with over 200 legacy Project-scoped ignores, or in scenarios where you want more control over the values applied for ignore attributes, consider using the Snyk API instead. This lets you programmatically convert Project-scoped ignores to asset-scoped ignores.
-The following sequence of API calls allows you to build a custom script tailored to your Organization's needs for this conversion. It does not provide a prescriptive approach, but provides information on the most likely endpoints to consider.
+The following sequence of API calls lets you build a custom script tailored to your Organization needs for this conversion. It does not provide a prescriptive approach, but provides information on the most likely endpoints to consider.
Steps to follow:
@@ -61,14 +61,14 @@ Steps to follow:
* Filter: Use the query parameter `&types=sast` to list only Snyk Code Projects.
{% hint style="info" %}
-The response contains details about each Project, including its ID (`project_id`), origin (e.g., GitHub, CLI), and target repository or branch information. This helps you select the correct Projects, especially if the same repository is imported multiple times, such as through different SCM integrations or using the custom branch feature.
+The response contains details about each Project, including its ID (`project_id`), origin (for example, GitHub, CLI), and target repository or branch information. This helps you select the correct Projects, especially if the same repository is imported multiple times, such as through different SCM integrations or using the custom branch feature.
{% endhint %}
#### Retrieve existing Project-scoped ignores for a Project
* Goal: For a specific Project identified in step 1, get the details of all its current project-scoped ignores.
* [API Endpoint](https://app.gitbook.com/s/IEEjSXQQu36y0vmFV8zf/snyk-api/reference/ignores-v1): `GET /v1/org/{org_id}/project/{project_id}/ignores`
-* Response format: The response is an object where each key is a project-scoped finding ID (`snyk/org/project/finding/v1`) that has an ignore applied. The value is an array containing details about the ignore(s) for that finding.
+* Response format: The response is an object where each key is a project-scoped finding ID (`snyk/org/project/finding/v1`) that has an ignore applied. The value is an array containing details about the ignores for that finding.
```javascript
{
@@ -89,7 +89,7 @@ The response contains details about each Project, including its ID (`project_id`
```
{% hint style="info" %}
-Note down the Project-scoped finding ID (e.g., `1ddad474-...`), the `reason`, and the `reasonType` for each ignore you intend to convert.
+Note down the Project-scoped finding ID (for example, `1ddad474-...`), the `reason`, and the `reasonType` for each ignore you intend to convert.
{% endhint %}
#### Map Project-scoped findings to asset-scoped findings
@@ -116,7 +116,7 @@ Note down the Project-scoped finding ID (e.g., `1ddad474-...`), the `reason`, an
```
{% hint style="info" %}
-For each Project-scoped finding ID (`key`) from step 2, find the matching issue in this response and extract its corresponding asset-scoped finding ID (`key_asset`). You will need this `key_asset` value to create the new ignore policy.
+For each Project-scoped finding ID (`key`) from step 2, find the matching issue in this response and extract its corresponding asset-scoped finding ID (`key_asset`). You need this `key_asset` value to create the new ignore policy.
{% endhint %}
#### Create the new asset-scoped ignore policy
@@ -157,7 +157,7 @@ For each Project-scoped finding ID (`key`) from step 2, find the matching issue
* Goal: Remove the legacy Project-scoped ignore now that an equivalent asset-scoped policy exists.
* [API Endpoint:](https://app.gitbook.com/s/IEEjSXQQu36y0vmFV8zf/snyk-api/reference/ignores-v1) `DELETE /v1/org/{org_id}/project/{project_id}/ignore/{project_scoped_id}`
-* Key Information: Use the project\_id from step 1 and the `{project_scoped_id}` which is the key from step 2 response (e.g., `1ddad474-39f1-4ac4-b9c6-f2f79a65fd88`).
+* Key Information: Use the project\_id from step 1 and the `{project_scoped_id}` which is the key from step 2 response (for example, `1ddad474-39f1-4ac4-b9c6-f2f79a65fd88`).
#### Verify the changes
diff --git a/scan-fix-and-prevent/manage-risk/prioritize-issues-for-fixing/ignore-issues/consistent-ignores-for-snyk-code/snyk-cli.md b/scan-fix-and-prevent/manage-risk/prioritize-issues-for-fixing/ignore-issues/consistent-ignores-for-snyk-code/snyk-cli.md
index 9f8a6cb4dc84..1806e6b868f7 100644
--- a/scan-fix-and-prevent/manage-risk/prioritize-issues-for-fixing/ignore-issues/consistent-ignores-for-snyk-code/snyk-cli.md
+++ b/scan-fix-and-prevent/manage-risk/prioritize-issues-for-fixing/ignore-issues/consistent-ignores-for-snyk-code/snyk-cli.md
@@ -1,6 +1,6 @@
# Consistent Ignores for Snyk Code CLI
-Ignores are taken into account in the Snyk CLI when `snyk code test` is run.
+The Snyk CLI takes ignores into account when you run `snyk code test`.
## Minimum version required
@@ -12,7 +12,7 @@ To take ignores into account, specify the Organization where the ignores reside.
[Group-level policies also cascade down to all Organizations](./#manage-ignores-at-the-group-level-through-snyk-code-security-policies). See [How to select the Organization to use in the CLI](https://app.gitbook.com/s/IEEjSXQQu36y0vmFV8zf/snyk-cli/snyk-cli/scan-and-maintain-projects-using-the-cli/how-to-select-the-organization-to-use-in-the-cli).
-Repository context is required for asset-scoped ignores to take effect. Policy-based ignores such as those based on CWE or Snyk Code Rule ID are still being applied regardless of repository context.
+Repository context is required for asset-scoped ignores to take effect. Snyk still applies policy-based ignores such as those based on CWE or Snyk Code Rule ID regardless of repository context.
`snyk code test` automatically detects the repository context if a .git directory is present. If not, you can explicitly specify it using the `--remote-repo-url` option. To verify the Git URL, run `git remote -v`.
@@ -42,7 +42,7 @@ You can use this identifier to [create new ignores using API calls](api.md).
## Ignores in CI/CD pipelines
-As ignores are taken into account in Snyk CLI, the same applies when Snyk CLI is integrated into CI/CD pipelines. For example, if a pipeline uses the command `snyk code test –severity-threshold=high` and there are no unignored high-severity results, Snyk CLI will exit with a `0` (success) status code and the build will succeed.
+Because the Snyk CLI takes ignores into account, the same applies when you integrate the Snyk CLI into CI/CD pipelines. For example, if a pipeline uses the command `snyk code test –severity-threshold=high` and there are no unignored high-severity results, the Snyk CLI exits with a `0` (success) status code and the build succeeds.
The following example shows how Snyk Code detected high-severity hardcoded secrets, causing a GitHub Action workflow to fail with the exit code `1`.
diff --git a/scan-fix-and-prevent/manage-risk/prioritize-issues-for-fixing/ignore-issues/consistent-ignores-for-snyk-code/snyk-ide.md b/scan-fix-and-prevent/manage-risk/prioritize-issues-for-fixing/ignore-issues/consistent-ignores-for-snyk-code/snyk-ide.md
index 916d2832d393..568c6085328f 100644
--- a/scan-fix-and-prevent/manage-risk/prioritize-issues-for-fixing/ignore-issues/consistent-ignores-for-snyk-code/snyk-ide.md
+++ b/scan-fix-and-prevent/manage-risk/prioritize-issues-for-fixing/ignore-issues/consistent-ignores-for-snyk-code/snyk-ide.md
@@ -1,6 +1,6 @@
# Consistent Ignores for Snyk Code IDE
-When you run tests in any of the [supported Snyk IDE plugins](https://app.gitbook.com/s/IEEjSXQQu36y0vmFV8zf/integrations/snyk-ide-plugins-and-extensions), the plugins will take into account your ignores.
+When you run tests in any of the [supported Snyk IDE plugins](https://app.gitbook.com/s/IEEjSXQQu36y0vmFV8zf/integrations/snyk-ide-plugins-and-extensions), the plugins take into account your ignores.
## Minimum version required
diff --git a/scan-fix-and-prevent/manage-risk/prioritize-issues-for-fixing/ignore-issues/consistent-ignores-for-snyk-code/snyk-pull-request-checks.md b/scan-fix-and-prevent/manage-risk/prioritize-issues-for-fixing/ignore-issues/consistent-ignores-for-snyk-code/snyk-pull-request-checks.md
index 3539c9deda9f..dd2e4b70934c 100644
--- a/scan-fix-and-prevent/manage-risk/prioritize-issues-for-fixing/ignore-issues/consistent-ignores-for-snyk-code/snyk-pull-request-checks.md
+++ b/scan-fix-and-prevent/manage-risk/prioritize-issues-for-fixing/ignore-issues/consistent-ignores-for-snyk-code/snyk-pull-request-checks.md
@@ -4,11 +4,11 @@
When viewing a pull request (PR) check from Snyk in your integrated SCM, ignored findings do not contribute to the PR check outcome. A PR check does not fail due to an ignored finding. Additionally, the Snyk PR experience includes the count of active (unignored) findings in the summary comment and displays each finding as an inline comment within the PR.
-If a finding is ignored after a PR check has already been completed, the PR check must be retriggered by committing again to the PR. Upon retriggering, the PR check the following changes occur:
+If you ignore a finding after a PR check has already completed, you must retrigger the PR check by committing again to the PR. Upon retriggering, the following changes occur:
-• The ignored finding is no longer counted in the summary table.
+• Snyk no longer counts the ignored finding in the summary table.
-• The inline comment for the ignored finding is collapsed by default and marked as resolved.
+• Snyk collapses the inline comment for the ignored finding by default and marks it as resolved.
Ignores are respected in[ Snyk Code Pull Request Checks](../../../../scan-with-snyk/pull-requests/pull-request-checks/) regardless of whether they are created through [policy](./#manage-ignores-at-the-group-level-through-snyk-code-security-policies) or for an [individual `snyk/assets/finding/v1` value](./#manage-ignores-in-snyk-projects).
diff --git a/scan-fix-and-prevent/manage-risk/prioritize-issues-for-fixing/ignore-issues/exclude-files-and-ignore-issues-faqs.md b/scan-fix-and-prevent/manage-risk/prioritize-issues-for-fixing/ignore-issues/exclude-files-and-ignore-issues-faqs.md
index 6f70db36dd79..6f3ab0065e08 100644
--- a/scan-fix-and-prevent/manage-risk/prioritize-issues-for-fixing/ignore-issues/exclude-files-and-ignore-issues-faqs.md
+++ b/scan-fix-and-prevent/manage-risk/prioritize-issues-for-fixing/ignore-issues/exclude-files-and-ignore-issues-faqs.md
@@ -1,13 +1,13 @@
# Exclude files and ignore issues FAQs
-There are many considerations in determining how excluding files and ignoring issues will work, depending on several factors:
+There are many considerations in determining how excluding files and ignoring issues works, depending on several factors:
* How the Project was imported: through an SCM integration, or through the CLI or an IDE
* The scanning method being used: Open Source, Code, Container, or IaC
* How the test is being done, in the UI, or through the CLI or an IDE
* How the exclude or ignore was set: in a policy, through the UI or the API, or in the `.snyk` file
-This document collects questions the support team receives frequenty and provides the answers.
+This document collects questions the support team receives frequently and provides the answers.
## Questions related to scanning methods
@@ -15,7 +15,7 @@ This document collects questions the support team receives frequenty and provide
* To ignore a code vulnerability, import the Project into the Snyk UI, and use the ignore button.
* You cannot use the `.snyk` file to ignore issues in Code scans.
-* The `snyk-to-html` tool will display all issues for Code scans whether the issues are ignored or not.
+* The `snyk-to-html` tool displays all issues for Code scans whether the issues are ignored or not.
### How do I avoid scanning certain files for Open Source scans?
@@ -28,12 +28,12 @@ This document collects questions the support team receives frequenty and provide
### How do I avoid scanning certain files for Code scans?
* Use an exclude in a `.snyk` file to omit all scanning of certain files or folders from a Snyk Code scan. For details, see the [`--file-path` option for the `snyk ignore` command](https://app.gitbook.com/s/IEEjSXQQu36y0vmFV8zf/snyk-cli/snyk-cli/commands/ignore#file-path-less-than-path_to_resource-greater-than), [Ignore files or folders using glob expression - Snyk Code and `unmanaged`only](https://app.gitbook.com/s/IEEjSXQQu36y0vmFV8zf/snyk-cli/snyk-cli/commands/ignore#ignore-files-or-folders-using-glob-expression-snyk-code-and-unmanaged-only), and [Exclude directories and files from Snyk Code CLI tests](https://app.gitbook.com/s/IEEjSXQQu36y0vmFV8zf/snyk-cli/snyk-cli/scan-and-maintain-projects-using-the-cli/snyk-cli-for-snyk-code/exclude-directories-and-files-from-snyk-code-cli-tests).
-* When you import a repository to test using Snyk Code, use an `exclude:` statement in the `.snyk` file to omit certain directories and files from the import. For details see For details see [Exclude directories and files from Snyk Code CLI tests](https://app.gitbook.com/s/IEEjSXQQu36y0vmFV8zf/snyk-cli/snyk-cli/scan-and-maintain-projects-using-the-cli/snyk-cli-for-snyk-code/exclude-directories-and-files-from-snyk-code-cli-tests).
-* A `.snyk` file with file or folder exclusions and contained in the root directory of your repository or SCM will exclude those files and folders from being scanned when you import using an SCM.
+* When you import a repository to test using Snyk Code, use an `exclude:` statement in the `.snyk` file to omit certain directories and files from the import. For details, see [Exclude directories and files from Snyk Code CLI tests](https://app.gitbook.com/s/IEEjSXQQu36y0vmFV8zf/snyk-cli/snyk-cli/scan-and-maintain-projects-using-the-cli/snyk-cli-for-snyk-code/exclude-directories-and-files-from-snyk-code-cli-tests).
+* A `.snyk` file with file or folder exclusions, contained in the root directory of your repository or SCM, excludes those files and folders from being scanned when you import using an SCM.
* The CLI `--exclude` option used with `snyk test` and `snyk monitor` does not apply for Code scans.
* The Exclude Folders option in the import windows in the Web UI does not apply for Code scans.
* The `.snyk` file does not apply for excluding files and directories from IDE scanning of Code.
-* For Code and Container scans only., you can use exclusion globs in API import, including an import with the `snyk-api-import` tool. This exclusion works the same way as an SCM integration exclusion.
+* For Code and Container scans only, you can use exclusion globs in API import, including an import with the `snyk-api-import` tool. This exclusion works the same way as an SCM integration exclusion.
### How do I avoid scanning certain files for Container scans?
diff --git a/scan-fix-and-prevent/manage-risk/prioritize-issues-for-fixing/ignore-issues/how-ignores-work-for-projects-imported-using-an-scm-and-the-cli.md b/scan-fix-and-prevent/manage-risk/prioritize-issues-for-fixing/ignore-issues/how-ignores-work-for-projects-imported-using-an-scm-and-the-cli.md
index 9a2f018c07c2..ce8083797588 100644
--- a/scan-fix-and-prevent/manage-risk/prioritize-issues-for-fixing/ignore-issues/how-ignores-work-for-projects-imported-using-an-scm-and-the-cli.md
+++ b/scan-fix-and-prevent/manage-risk/prioritize-issues-for-fixing/ignore-issues/how-ignores-work-for-projects-imported-using-an-scm-and-the-cli.md
@@ -5,11 +5,11 @@ When you ignore an issue, you must consider the following factors:
* How was the Project imported: Through an SCM? Through the CLI?
* What Snyk product scanned the Project: Snyk Open Source, Snyk Code, or another?
* How was the ignore created: In a policy? Through the UI from the Project page? Using an API? In a `.snyk` file?
- * For ignores created in a policy, ignoring an issue on the Organization level will ensure the issues are ignored for Projects imported using an SCM and Projects imported using the CLI.
- * Ignoring for a particular Project or attribute will ensure the issue is ignored only for the specific Project and only for Projects imported using an SCM.
+ * For ignores created in a policy, ignoring an issue on the Organization level ensures the issues are ignored for Projects imported using an SCM and Projects imported using the CLI.
+ * Ignoring for a particular Project or attribute ensures the issue is ignored only for the specific Project and only for Projects imported using an SCM.
* For more information, see [Ignore issues in the Snyk Web UI](./#ignore-issues-in-the-snyk-web-ui), [Security policies](../../policies/security-policies/), and [The `.snyk` file](../../policies/the-.snyk-file.md).
-Depending on these factors, the ignore is respected for testing in different places. Where will the ignore be respected testing?
+Depending on these factors, the ignore is respected for testing in different places. Where is the ignore respected for testing?
* In the UI and an SCM PR test?
* In a CLI test, either local or in a build pipeline, and in an IDE test?
@@ -24,7 +24,7 @@ If you added an ignore in the UI, support for ignores and the test results diffe
## Import through an SCM
-The following table summarizes how an ignore will be respected for testing depending on the way you set the ignore for Projects imported through an SCM.
+The following table summarizes how an ignore is respected for testing depending on the way you set the ignore for Projects imported through an SCM.
| Import through an SCM and set ignore by available methods | Ignore respected in UI for retesting | Ignore respected in CLI and IDE tests |
| ------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------------------------------------------------ | ------------------------------------------------------ |
@@ -34,10 +34,10 @@ The following table summarizes how an ignore will be respected for testing depen
## Import through the CLI
-The following table summarizes how an ignore will be respected for testing depending on the way you set the ignore for Projects imported through the CLI.
+The following table summarizes how an ignore is respected for testing depending on the way you set the ignore for Projects imported through the CLI.
| Import through the CLI and set ignore by available methods | Ignore respected in UI for retesting | Ignore respected in CLI and IDE tests |
| --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------------------------------------------------ | ------------------------------------------------------- |
-| Ignore by policy (add ignore commands to your security policies) For an IDE and the CLI the testing must be done in the relevant Organization in order for the policies to be used. |
Open Source: ✅
Container: ✅
Code: ✅
|
Open Source: ✅
Container: ❌
Code: ✅
|
+| Ignore by policy (add ignore commands to your security policies) For an IDE and the CLI, the testing must be done in the relevant Organization for the policies to be used. |
Open Source: ✅
Container: ✅
Code: ✅
|
Open Source: ✅
Container: ❌
Code: ✅
|
| Ignore by UI or API |
Open Source: ✅
Container: ✅
Code: ✅
|
Open Source: ✅
Container: ❌
Code: ✅
|
| Ignore by `.snyk` file (add the issue to a `.snyk` file in the repository; for Open Source; the `.snyk` file must be in the same folder as the manifest file; applies to the `snyk test` and `snyk monitor` commands) |
Open Source: ✅
Container: ✅
Code: ❌
|
Open Source: ✅
Container: ✅
Code: ❌
|
diff --git a/scan-fix-and-prevent/manage-risk/prioritize-issues-for-fixing/malicious-packages.md b/scan-fix-and-prevent/manage-risk/prioritize-issues-for-fixing/malicious-packages.md
index 07feea1db884..3c0b1aa1acdf 100644
--- a/scan-fix-and-prevent/manage-risk/prioritize-issues-for-fixing/malicious-packages.md
+++ b/scan-fix-and-prevent/manage-risk/prioritize-issues-for-fixing/malicious-packages.md
@@ -83,7 +83,7 @@ More details about this type of attack are described in the [malicious versions
## Verifying the provenance of packages
-At present, Snyk Open Source and Snyk Container scanners are unable to differentiate between internal and external packages, meaning that they cannot determine if a package has been imported from a public or a private registry. This capability will be added in the future. Meanwhile, you might see inaccurate alerts related to packages imported from a private registry.
+At present, Snyk Open Source and Snyk Container scanners cannot differentiate between internal and external packages, meaning that they cannot determine if a package has been imported from a public or a private registry. Snyk plans to add this capability in the future. Meanwhile, you might see inaccurate alerts related to packages imported from a private registry.
A Snyk alert is a warning that an attack has targeted the organization, not an implication that the organization published the malware.
@@ -147,13 +147,13 @@ If you do not have an `.npmrc` file or it does not specify a registry, npm uses
If you use npm, you can host your private packages on the npm registry.
-If your company is using this [service](https://docs.npmjs.com/about-private-packages), then the public registry will be https://registry.npmjs.org.
+If your company is using this [service](https://docs.npmjs.com/about-private-packages), then the public registry is https://registry.npmjs.org.
-In this case, you will need to verify that the packages used are private, by logging in to the npm website.
+In this case, you must verify that the packages used are private, by logging in to the npm website.
## Remediation of malicious package findings
-If you find evidence that a malicious package was installed in your environment, you should do the following:
+If you find evidence that a malicious package was installed in your environment, do the following:
* Immediately remove it from the local drive, both the local folder `node_modules` and global package manager cache.
* Remove it from the package registry proxy cache and database if it exists.
diff --git a/scan-fix-and-prevent/manage-risk/prioritize-issues-for-fixing/prioritization-for-snyk-essentials.md b/scan-fix-and-prevent/manage-risk/prioritize-issues-for-fixing/prioritization-for-snyk-essentials.md
index e8ae8d45cd15..4308788c1fcd 100644
--- a/scan-fix-and-prevent/manage-risk/prioritize-issues-for-fixing/prioritization-for-snyk-essentials.md
+++ b/scan-fix-and-prevent/manage-risk/prioritize-issues-for-fixing/prioritization-for-snyk-essentials.md
@@ -2,4 +2,4 @@
Snyk uses holistic application intelligence to help you better identify and prioritize your Container, Code, and Open Source issues based on the risk they pose to your application. You can also prioritize your issues based on asset classification as defined in asset-related policies.
-You can access the **Issues** page from the Snyk Web UI. The **Issues** page provides a centralized view of all the issues identified by Snyk with additional asset context. This will empower AppSec teams to better triage and remediate issues in Snyk. **Issues** is available at the Group level or at the Organization level.
+You can access the **Issues** page from the Snyk Web UI. The **Issues** page provides a centralized view of all the issues identified by Snyk with additional asset context. This empowers AppSec teams to better triage and remediate issues in Snyk. **Issues** is available at the Group level or at the Organization level.
diff --git a/scan-fix-and-prevent/manage-risk/prioritize-issues-for-fixing/priority-score-vs-risk-score.md b/scan-fix-and-prevent/manage-risk/prioritize-issues-for-fixing/priority-score-vs-risk-score.md
index 1d01197a9f8b..3bb071c116cb 100644
--- a/scan-fix-and-prevent/manage-risk/prioritize-issues-for-fixing/priority-score-vs-risk-score.md
+++ b/scan-fix-and-prevent/manage-risk/prioritize-issues-for-fixing/priority-score-vs-risk-score.md
@@ -2,7 +2,7 @@
The Snyk Risk score and Priority score are keys to security management. Both types of score help Organizations handle current threats and prepare for future vulnerabilities, leading to a more robust security framework.
-The Priority and Risk Scores rank the issues and the urgency of fixing them. Both scores provide a number between 1 and 1000, where 1 means low severity and 1000 means high severity. Snyk uses these numbers to indicate the urgency of remediating a vulnerability.
+The Priority and Risk Scores rank the issues and the urgency of fixing them. Both scores provide a number between 1 and 1,000, where 1 means low severity and 1,000 means high severity. Snyk uses these numbers to indicate the urgency of remediating a vulnerability.
{% hint style="info" %}
Risk score assesses the potential impact of vulnerabilities, prioritizing those with severe consequences.
@@ -14,7 +14,7 @@ Risk Score and Priority Score are fundamental to vulnerability management. Risk
If you want to compare scores, ensure you are looking at the same type of score and for the same product. For example, you can compare a Risk score from Snyk Open Source with another Risk score from Snyk Open Source but cannot compare a Risk score from Snyk Open Source with another Risk score from Snyk Container.
-By default, the Priority score is enabled for Snyk Container, Snyk Code, Snyk IaC, and Snyk Open Source issues. If the user enables the Risk score from Snyk Preview, then the scores are applied like this:
+By default, the Priority score is enabled for Snyk Container, Snyk Code, Snyk IaC, and Snyk Open Source issues. If you enable the Risk score from Snyk Preview, then Snyk applies the scores like this:
* Risk score is applied to Snyk Container and Snyk Open Source issues.
* Priority score is applied to Snyk Code and Snyk IaC issues.
@@ -44,8 +44,8 @@ Priority Score helps your team quickly prioritize and address urgent Project vul
The assessment model used by the Priority score focuses on two factors:
-* Impact - Snyk analyses the possibility of a fix to address multiple vulnerabilities. The Priority score increases exponentially with the number of vulnerabilities addressed by a fix.
-* Actionability - Snyk analyses how easy it is to remediate a vulnerability.
+* Impact - Snyk analyzes the possibility of a fix to address multiple vulnerabilities. The Priority score increases exponentially with the number of vulnerabilities addressed by a fix.
+* Actionability - Snyk analyzes how easy it is to remediate a vulnerability.
## When and why to use the Risk score
@@ -85,7 +85,7 @@ Scan your source code and apply the following filters to your list of found vuln
### Risk score use case
-Let's assume that you are integrating a new third-party library into an existing application, and after a scan, you discover that the library has several vulnerabilities. Filter the vulnerabilities using the Risk score to determine which vulnerabilities pose the greatest threat.
+Assume that you are integrating a new third-party library into an existing application, and after a scan, you discover that the library has several vulnerabilities. Filter the vulnerabilities using the Risk score to determine which vulnerabilities pose the greatest threat.
Remember that Risk score must first be enabled from the [Snyk Preview](https://app.gitbook.com/s/IgtgtomLQ2TUgSKOMSAm/snyk-hierarchy/snyk-preview) screen and can only be applied to Snyk Open Source and Snyk Container.
@@ -97,7 +97,7 @@ Scan your source code and apply the following filters to your list of found vuln
* Computed fixability: Fixable
* Exploit maturity: Mature
-After you apply the filters, you have a list of the most critical vulnerabilities that need to be fixed before safely integrating the third-party library with your application. Fixing these critical issues you are preventing a potential security breach and are also safeguarding the integrity of your application.
+After you apply the filters, you have a list of the most critical vulnerabilities that need to be fixed before safely integrating the third-party library with your application. By fixing these critical issues, you prevent a potential security breach and safeguard the integrity of your application.
Given the high severity and the mature exploit, the risk score for this issue would be elevated, indicating an urgent need for action. In this scenario, organizations should prioritize patching this vulnerability immediately due to the high risk of exploitation.
diff --git a/scan-fix-and-prevent/manage-risk/prioritize-issues-for-fixing/priority-score.md b/scan-fix-and-prevent/manage-risk/prioritize-issues-for-fixing/priority-score.md
index 622c0d65889d..f8eb8252e7bd 100644
--- a/scan-fix-and-prevent/manage-risk/prioritize-issues-for-fixing/priority-score.md
+++ b/scan-fix-and-prevent/manage-risk/prioritize-issues-for-fixing/priority-score.md
@@ -1,8 +1,8 @@
# Priority Score
-The Snyk Priority Score is a single value assigned to an issue, to help you quickly and easily decide which issues are most important to fix. Scores range from 0 to 1,000; the higher the score, the more important it is to fix that issue.
+The Snyk Priority Score is a single value assigned to an issue, to help you quickly decide which issues are most important to fix. Scores range from 0 to 1,000. The higher the score, the more important it is to fix that issue.
-The Snyk Priority Score is determined based on a number of industry-standard criteria, including CVSS score, trending vulnerabilities, reachability, availability of exploits, and other factors. These factors yield scores with a high degree of granularity. This granularity avoids having many issues with the same score, allowing you to determine the importance of an issue quickly and accurately.
+The Snyk Priority Score is determined based on a number of industry-standard criteria, including CVSS score, trending vulnerabilities, reachability, availability of exploits, and other factors. These factors yield scores with a high degree of granularity. This granularity avoids having many issues with the same score, letting you determine the importance of an issue quickly and accurately.
{% hint style="info" %}
Snyk does not use the CVSS score alone to determine priority; other factors are also considered.
@@ -22,7 +22,7 @@ You can filter issues by Priority Score range in the left sidebar.
## View issues by Priority Score
-The **Issues** tab on the Project details allows you to filter issues by Priority Score. You can find more details on how to filter your issues on the [Manage and remediate issues](https://app.gitbook.com/s/L7HyJj9FsK1W4pNt8Gzl/implementation-guides/enterprise-implementation-guide/manage-and-remediate-issues) page.
+The **Issues** tab on the Project details lets you filter issues by Priority Score. You can find more details on how to filter your issues on the [Manage and remediate issues](https://app.gitbook.com/s/L7HyJj9FsK1W4pNt8Gzl/implementation-guides/enterprise-implementation-guide/manage-and-remediate-issues) page.
## View Priority Score in the Snyk API
diff --git a/scan-fix-and-prevent/manage-risk/prioritize-issues-for-fixing/reachability-analysis.md b/scan-fix-and-prevent/manage-risk/prioritize-issues-for-fixing/reachability-analysis.md
index d7c1d492a93f..5ce75160a7f7 100644
--- a/scan-fix-and-prevent/manage-risk/prioritize-issues-for-fixing/reachability-analysis.md
+++ b/scan-fix-and-prevent/manage-risk/prioritize-issues-for-fixing/reachability-analysis.md
@@ -6,11 +6,11 @@
Reachability analysis is in General Availability (GA) for specific [integrations and programming languages](reachability-analysis.md#supported-languages-and-integrations).
{% endhint %}
-Snyk reachability analysis allows you to analyze risk by identifying whether your application is calling a code element (for example, functions, classes, modules, and more) related to the vulnerability, thus raising the chances of that vulnerability being exploited in the context of your application.
+Snyk reachability analysis lets you analyze risk by identifying whether your application is calling a code element (for example, functions, classes, modules, and more) related to the vulnerability, raising the chances of that vulnerability being exploited in the context of your application.
-Reachability analysis can be used as an indicator to make decisions, or as part of a broader risk-based prioritization approach using the Snyk Risk Score.
+You can use reachability analysis as an indicator to make decisions, or as part of a broader risk-based prioritization approach using the Snyk Risk Score.
-Snyk uses a combination of static program analysis and various AI techniques to determine the reachability of a given vulnerability, with validation conducted by security research experts. These capabilities enable Snyk to quickly analyze the code without requiring the application to be built prior to the scan.
+Snyk uses a combination of static program analysis and various AI techniques to determine the reachability of a given vulnerability, with validation conducted by security research experts. These capabilities enable Snyk to quickly analyze the code without requiring the application to be built before the scan.
To use this feature, Snyk must analyze your source code. To learn more, visit [How Snyk handles your data](https://app.gitbook.com/s/ELvljsaLKPkSpffOkmsQ/how-snyk-handles-your-data).
@@ -21,8 +21,8 @@ Snyk uses a combination of security expert analysis, program analysis, and vario
* Enriching vulnerabilities with the patches applied to fix them - as part of the Snyk vulnerability curation process, Snyk references the fix commit that the maintainer applied.
* Related elements analysis - Based on the commit fix, Snyk uses DeepCode AI program analysis to analyze the code elements and other parameters related to the vulnerability.
* Root Cause analysis - Snyk uses DeepCode AI and Natural Language Processing (NLP) techniques to automatically rank the related code elements by their chances of being the root cause of the vulnerability.
-* Reachability analysis - As issues are found in your application by a Snyk scan, the DeepCode program analysis engine is used to analyze the call graph of your application in relation to the call graph between the open-source dependencies used. A path between your application and a code element ranked as a root cause will yield a “Reachable” vulnerability.
-* Security experts supervision - Snyk security experts will manually verify and mark elements as root causes in order to make the entire analysis more accurate over time
+* Reachability analysis - As a Snyk scan finds issues in your application, the DeepCode program analysis engine analyzes the call graph of your application in relation to the call graph between the open-source dependencies used. A path between your application and a code element ranked as a root cause yields a “Reachable” vulnerability.
+* Security experts supervision - Snyk security experts manually verify and mark elements as root causes to make the entire analysis more accurate over time
The following considerations related to false positives and false negatives apply to Reachable vulnerability analysis.
@@ -30,7 +30,7 @@ Program analysis requires a trade-off between accurate results, minimizing false
To facilitate this trade-off, Snyk DeepCode analysis applies real-time decision-making to determine whether to under-approximate the set of reachable elements based on analysis of the likelihood that a reachable path will be found in a specific environment.
-For example, it is not always possible to give a precise answer when reflection programming is used. In such a case, neither returning a large set of false positives nor returning “Not reachable” will suffice. The agentic capability of Snyk analysis optimizes in order to retrieve the most accurate and complete result possible for a given code structure.
+For example, it is not always possible to give a precise answer when reflection programming is used. In such a case, neither returning a large set of false positives nor returning “Not reachable” will suffice. The agentic capability of Snyk analysis optimizes to retrieve the most accurate and complete result possible for a given code structure.
{% hint style="info" %}
Changes in the first-party code, in the vulnerability analysis, and enhancements in the SAST engine can impact the results. Therefore, vulnerabilities labeled as **Not path found** can change to **Reachable** over time.
@@ -160,7 +160,7 @@ After it is identified, a vulnerability has one of the following reachability st
* `NOT APPLICABLE` - Reachability is not supported for this vulnerability.
{% hint style="info" %}
-A vulnerability with the status `NO PATH FOUND` it does not mean that the vulnerability is completely unreachable or unexploitable.
+A vulnerability with the status `NO PATH FOUND` does not mean that the vulnerability is completely unreachable or unexploitable.
{% endhint %}
Reachability analysis status is available on the Project page, as part of the Risk Score, in the [Issues Detail report](../analytics/reports-tab/exposure-and-coverage-reports.md#issues-detail-report), and through the API endpoint [Get issues by Group ID](https://app.gitbook.com/s/IEEjSXQQu36y0vmFV8zf/snyk-api/reference/issues#groups-group_id-issues).
@@ -177,7 +177,7 @@ For Projects that have been imported through a CLI monitor, the Reachability sta
### Reachability analysis as part of the Risk Score
-[Risk Score](risk-score.md) helps you apply holistic risk-based prioritization that combines multiple factors, associated with either the vulnerability or the context of your application. Reachability analysis is such a contextual factor that will significantly increase the overall score.
+[Risk Score](risk-score.md) helps you apply holistic risk-based prioritization that combines multiple factors, associated with either the vulnerability or the context of your application. Reachability analysis is such a contextual factor that significantly increases the overall score.
Risk Score is available on the Projects page and through the API and Reports.
@@ -190,7 +190,7 @@ Risk Score is available on the Projects page and through the API and Reports.
Snyk supports Reachability CLI version `1.1301.0` and greater. To perform Reachability analysis, use the `--reachability=true` option.
{% hint style="info" %}
-When using `--reachability`, Snyk returns a new findings schema. Some legacy fields may not be available in this schema. Before using, please first check your usage to ensure automations do not fail.
+When using `--reachability`, Snyk returns a new findings schema. Some legacy fields might not be available in this schema. Before using, first check your usage to ensure automations do not fail.
{% endhint %}
By default, Snyk uploads source code from the current working directory for Reachability analysis. To specify source files for analysis in a separate directory, use the `--source-dir` option.
diff --git a/scan-fix-and-prevent/manage-risk/prioritize-issues-for-fixing/risk-score.md b/scan-fix-and-prevent/manage-risk/prioritize-issues-for-fixing/risk-score.md
index d1a8500152ee..02a9650bf9ef 100644
--- a/scan-fix-and-prevent/manage-risk/prioritize-issues-for-fixing/risk-score.md
+++ b/scan-fix-and-prevent/manage-risk/prioritize-issues-for-fixing/risk-score.md
@@ -8,11 +8,11 @@ Risk Score is in Early Access and available for Snyk Open Source and Snyk Contai
Use [Snyk Preview](https://app.gitbook.com/s/IgtgtomLQ2TUgSKOMSAm/snyk-hierarchy/snyk-preview) to replace the Priority Score with the new Risk Score for Snyk Open Source and Snyk Container issues.
{% endhint %}
-The Snyk Risk Score is a single value assigned to an issue, applied by automatic risk analysis for all vulnerability-type issues. License issues are not supported. Risk Score is based on the potential impact and likelihood of exploitability. Ranging from 0 to 1,000, the score represents the risk imposed on your environment and enables a risk-based prioritization approach.
+The Snyk Risk Score is a single value assigned to an issue, applied by automatic risk analysis for all vulnerability-type issues. License issues are not supported. Risk Score is based on the potential impact and likelihood of exploitability. Ranging from 0 to 1,000, the score represents the risk imposed on your environment and supports a risk-based prioritization approach.
-Risk score remains the same over time if the contributing factors do not change. However, some contributing factors, such as the Exploit Prediction Scoring System (EPSS), can potentially change frequently. The number of days since the vulnerability was first published is also a factor and causes the score to change once, when the number of days becomes more than one year, and the likelihood subscore decreases.
+Risk score remains the same over time if the contributing factors do not change. However, some contributing factors, such as the Exploit Prediction Scoring System (EPSS), can potentially change frequently. The number of days since the vulnerability was first published is also a factor and causes the score to change one time, when the number of days becomes more than one year, and the likelihood subscore decreases.
-Since real risk is scarce, you should expect a significant drift in the distribution of scores, as can be seen in this example of Project score distributions:
+Since real risk is scarce, expect a significant drift in the distribution of scores, as shown in this example of Project score distributions:
Example Project scores distribution
@@ -50,11 +50,11 @@ The Risk model results from extensive research conducted by the Snyk Security Da
Objective impact factors are the CVSS impact metrics, Availability, Confidentiality, Integrity, and Scope, calculated based on the CVSS impact subscore. For Container issues, Provider Urgency is also taken into account.
-The business criticality Project attribute will be taken into account as a contextual impact factor, increasing or decreasing the impact subscore. For more information, see [Project attributes](../../snyk-platform-administration/snyk-projects/project-attributes.md).
+Snyk takes the business criticality Project attribute into account as a contextual impact factor, increasing or decreasing the impact subscore. For more information, see [Project attributes](../../snyk-platform-administration/snyk-projects/project-attributes.md).
### Likelihood subscore
-Objective likelihood factors are taken into account:
+Snyk takes objective likelihood factors into account:
* Exploit Maturity
* Exploit Prediction Scoring System (EPSS)
@@ -133,7 +133,7 @@ User-defined Project attribute representing the subjective business impact of th
| `Low` | Impact subscore decreases significantly. |
{% hint style="info" %}
-When you apply a business criticality attribute to a Project, a retest is required for the Risk Scores to incorporate the new data. When no Business Criticality is assigned, the Impact subscore will not be affected.
+When you apply a business criticality attribute to a Project, you must retest the Project for the Risk Scores to incorporate the new data. When no Business Criticality is assigned, the Impact subscore is not affected.
{% endhint %}
When the business criticality for a Project is not configured, the `high` default value is used so that the subscore remains unaffected.
@@ -269,7 +269,7 @@ Building on [past studies](https://arxiv.org/pdf/2301.07972.pdf), Snyk research
Snyk static code analysis determines whether the vulnerable method is being called. This is supported for Java and JavaScript. For more details, navigate to the [Reachability analysis](reachability-analysis.md) page.
-When Reachability is not enabled, the Likelihood subscore will not change, and the factor will not show up.
+When Reachability is not enabled, the Likelihood subscore does not change, and the factor does not show up.
| Possible input values | Score impact |
| --------------------- | ---------------------------------------------------------------------- |
diff --git a/scan-fix-and-prevent/manage-risk/prioritize-issues-for-fixing/set-up-insights/README.md b/scan-fix-and-prevent/manage-risk/prioritize-issues-for-fixing/set-up-insights/README.md
index 6e7393001888..74f0abed86cd 100644
--- a/scan-fix-and-prevent/manage-risk/prioritize-issues-for-fixing/set-up-insights/README.md
+++ b/scan-fix-and-prevent/manage-risk/prioritize-issues-for-fixing/set-up-insights/README.md
@@ -6,15 +6,15 @@ Customize prioritization using the Set up Insights option and an application tha
### What risk factors do I need?
-The Set up insights product operates by providing you with the following risk factors for your vulnerabilities:
+The Set up Insights product provides the following risk factors for your vulnerabilities:
* [Deployed](../assets-and-risk-factors/risk-factor-deployed.md): Is my code and container image deployed anywhere?
* [OS condition](../assets-and-risk-factors/risk-factor-os-condition.md): Does this vulnerability apply to my operating system?
* [Public facing](../assets-and-risk-factors/risk-factor-public-facing.md): Does my container have any internet exposure?
-### Risk factors usage criteria
+### Risk factors use criteria
-To get data about these four risk factors, you must meet the following criteria:
+To get data about these risk factors, you must meet the following criteria:
#### Loaded package risk factor
@@ -34,17 +34,17 @@ You need to meet the following conditions to use the Deployed and Public facing
* For both risk factors, you have a container image that is deployed onto a Kubernetes cluster, where you can deploy the [Kubernetes Connector](set-up-insights-kubernetes-connector.md).
-Ensure you meet these requirements to gather data for all four risk factors for the code in your scanned image.
+Ensure you meet these requirements to gather data for all the risk factors for the code in your scanned image.
### Maximize your insights
Snyk recommends that you also perform the following steps to get the maximum value out of insights:
-* Scan the third-party dependencies using Snyk Open Source,
+* Scan the third-party dependencies using Snyk Open Source
* Scan the source code using Snyk Code
* Start with one application and expand from there
-By scanning both the source code and the third-party dependencies, you will get risk factors data, which provides the application context to better prioritize your open issues.
+By scanning both the source code and the third-party dependencies, you get risk factors data, which provides the application context to better prioritize your open issues.
## Prioritization process overview
@@ -64,17 +64,17 @@ The Kubernetes Connector is different from the Kubernetes Controller, Snyk-Monit
The Insights settings are organized into three main categories:
-* [Risk factors](./#risk-factors) - allows you to enable or disable the risk factors involved in calculating the risk of your identified issues.
-* [Provider selection](./#provider-selection) - allows you to configure the Kubernetes providers.
-* [Kubernetes cluster mapping](./#kubernetes-cluster-mapping) - allows you to match the clusters identified by providers with the preferred names.
+* [Risk factors](./#risk-factors) - lets you enable or disable the risk factors involved in calculating the risk of your identified issues.
+* [Provider selection](./#provider-selection) - lets you configure the Kubernetes providers.
+* [Kubernetes cluster mapping](./#kubernetes-cluster-mapping) - lets you match the clusters identified by providers with the preferred names.
-All these settings can be found in the Snyk Web UI, under Group Settings, the Settings option.
+You can find all these settings in the Snyk Web UI, under Group Settings, the Settings option.
### Risk factors
-You can enable or disable the available risk factors: [Deployed](../assets-and-risk-factors/risk-factor-deployed.md), [OS condition](../assets-and-risk-factors/risk-factor-os-condition.md), [Public facing](../assets-and-risk-factors/risk-factor-public-facing.md). When a risk factor is disabled, it will not be used to calculate issues.
+You can enable or disable the available risk factors: [Deployed](../assets-and-risk-factors/risk-factor-deployed.md), [OS condition](../assets-and-risk-factors/risk-factor-os-condition.md), [Public facing](../assets-and-risk-factors/risk-factor-public-facing.md). When a risk factor is disabled, Snyk does not use it to calculate issues.
-You can enable or disable the risk factors from Snyk web UI under Group **Settings** > **Settings** option > **Risk factors**.
+You can enable or disable the risk factors from the Snyk Web UI under Group **Settings** > **Settings** option > **Risk factors**.
### Provider selection
@@ -82,7 +82,7 @@ You can set up multiple Kubernetes providers to gather relevant risk factors fro
The default provider setting is used when two or more providers report data for the same Kubernetes cluster. When the same deployment is identified, select which one should take priority. When no default provider is selected, the earliest data available is used.
-Individual providers can also be disabled here if they should not be used when calculating Insights.
+You can also disable individual providers here if they should not be used when calculating Insights.
{% hint style="info" %}
Consider setting up a default provider. When a default provider is not configured, Snyk prioritizes data from the first provider added.
@@ -102,12 +102,12 @@ Ensure each source name is assigned to only one cluster mapping.
When prioritizing issues, it is important to understand the available integration options and associated risk factors.
-Here are the integration options that you can choose from when setting up issues prioritization. You can customize the settings by navigating to the Group level Snyk web UI, the Setting menu, and then the Insights option.
+Here are the integration options that you can choose from when setting up issues prioritization. You can customize the settings by navigating to the Group level Snyk Web UI, the Setting menu, and then the Insights option.
-* [Kubernetes Connector](set-up-insights-kubernetes-connector.md): Offers comprehensive monitoring for your Kubernetes deployments. This integration helps identify vulnerabilities within Kubernetes clusters and provides data on workload vulnerabilities, infrastructure misconfigurations, and potential malicious activity.
+* [Kubernetes Connector](set-up-insights-kubernetes-connector.md): Offers comprehensive monitoring for your Kubernetes deployments. This integration helps identify vulnerabilities in Kubernetes clusters and provides data on workload vulnerabilities, infrastructure misconfigurations, and potential malicious activity.
-By leveraging these integration options, you can ensure comprehensive coverage and accurate prioritization of security risks.
+These integration options help you ensure comprehensive coverage and accurate prioritization of security risks.
-The **Deployed** risk factor offers more specific and actionable insights into the actual state and behavior of your applications, enabling better prioritization and remediation efforts.
+The **Deployed** risk factor offers more specific and actionable insights into the actual state and behavior of your applications, supporting better prioritization and remediation efforts.
The **Public facing** risk factor is less commonly used in all available integration options because it covers broader, more external threats that are harder to quantify and track within an internal monitoring system.
diff --git a/scan-fix-and-prevent/manage-risk/prioritize-issues-for-fixing/set-up-insights/set-up-insights-associating-snyk-open-source-code-and-container-projects.md b/scan-fix-and-prevent/manage-risk/prioritize-issues-for-fixing/set-up-insights/set-up-insights-associating-snyk-open-source-code-and-container-projects.md
index a257b3a94ee2..73432e790386 100644
--- a/scan-fix-and-prevent/manage-risk/prioritize-issues-for-fixing/set-up-insights/set-up-insights-associating-snyk-open-source-code-and-container-projects.md
+++ b/scan-fix-and-prevent/manage-risk/prioritize-issues-for-fixing/set-up-insights/set-up-insights-associating-snyk-open-source-code-and-container-projects.md
@@ -26,7 +26,7 @@ The container image is the build artifact that is deployed and running on your K
## Use Project tags to link Projects
-Add Snyk [Project tags](../../../snyk-platform-administration/snyk-projects/project-tags.md) to all the Projects used by your application to link these Projects together and allow Snyk to represent the whole application that you are testing.
+Add Snyk [Project tags](../../../snyk-platform-administration/snyk-projects/project-tags.md) to all the Projects used by your application to link these Projects together and let Snyk represent the whole application that you are testing.
To associate two Projects together, add the exact same tag to both Projects. For example, add the same tag to your Snyk Open Source Projects and Snyk Container Project if they are related to each other.
@@ -34,9 +34,9 @@ See the examples at the end of this section.
## Requirements for Project tags
-* The same tag must be applied to the container image and Code or Open Source Projects,
-* The tag must follow the specified format,
-* The Projects do not have to be in the same Snyk Organization to be mapped but must be in the same Snyk Group,
+* The same tag must be applied to the container image and Code or Open Source Projects
+* The tag must follow the specified format
+* The Projects do not have to be in the same Snyk Organization to be mapped but must be in the same Snyk Group
Project tags
@@ -83,7 +83,7 @@ Project Tags can be applied as follows:
Product
Method
Project Source
Snyk Code
API
UI
For projects created by
Git Import
Snyk Open Source
API
UI
CLI
For projects created by
Git Import
CLI Monitor
Snyk Container
API
UI
CLI
For projects created by
Git Import
CLI Monitor
Container Registry Integration
{% hint style="info" %}
-Snyk recommends applying the tags through the API in order to automate the process. For more information, see the endpoint [Add a tag to a project](https://app.gitbook.com/s/IEEjSXQQu36y0vmFV8zf/snyk-api/reference/projects-v1#org-orgid-project-projectid-tags).
+Snyk recommends applying the tags through the API to automate the process. For more information, see the endpoint [Add a tag to a project](https://app.gitbook.com/s/IEEjSXQQu36y0vmFV8zf/snyk-api/reference/projects-v1#org-orgid-project-projectid-tags).
{% endhint %}
## UI example for Project tags
diff --git a/scan-fix-and-prevent/manage-risk/prioritize-issues-for-fixing/set-up-insights/set-up-insights-image-scanning.md b/scan-fix-and-prevent/manage-risk/prioritize-issues-for-fixing/set-up-insights/set-up-insights-image-scanning.md
index 987b2ea64124..e3f595ae2e38 100644
--- a/scan-fix-and-prevent/manage-risk/prioritize-issues-for-fixing/set-up-insights/set-up-insights-image-scanning.md
+++ b/scan-fix-and-prevent/manage-risk/prioritize-issues-for-fixing/set-up-insights/set-up-insights-image-scanning.md
@@ -2,9 +2,9 @@
To determine the risk factors and prioritize your Code, Open Source, and Container issues, you must scan your container images using [Snyk Container](../../../scan-with-snyk/snyk-container/).
-The container image is at the center of the application model that powers Snyk Enterprise. A container image includes your source code and dependencies, and it is deployed to your running environment, enabling Snyk to use the container image to bridge the development and deployment states.\
+The container image is at the center of the application model that powers Snyk Enterprise. A container image includes your source code and dependencies, and it is deployed to your running environment, so Snyk can use the container image to bridge the development and deployment states.\
\
-Snyk will identify any deployed container images using the [Kubernetes Connector](set-up-insights-kubernetes-connector.md) and compare the deployed container images to the list of scanned images you have scanned using [Snyk Container](../../../scan-with-snyk/snyk-container/).
+Snyk identifies any deployed container images using the [Kubernetes Connector](set-up-insights-kubernetes-connector.md) and compares the deployed container images to the list of scanned images you scanned using [Snyk Container](../../../scan-with-snyk/snyk-container/).
{% hint style="info" %}
Snyk recommends that you scan each image using at least one of the Snyk Container integrations.
@@ -22,13 +22,13 @@ For details, see [Snyk CLI for container security](https://app.gitbook.com/s/IEE
## Snyk Container registry scanning
-The names will match if you are importing images to Snyk from the same container registry that you are referencing in your Kubernetes deployments.
+The names match if you are importing images to Snyk from the same container registry that you are referencing in your Kubernetes deployments.
For details, see [Snyk Container - Integrations](../../../scan-with-snyk/snyk-container/container-registry-integrations/).
## Snyk Container scanning with Kubernetes integration
-The names of the container images will match because the deployed image is scanned by Snyk and created as a Project.
+The names of the container images match because Snyk scans the deployed image and creates it as a Project.
{% hint style="info" %}
To ensure you have set up your Kubernetes Connector properly, navigate to the **Set up Insights** tab on the **Issues** page and check the **Image coverage** section to view the data Insights has access to.
diff --git a/scan-fix-and-prevent/manage-risk/prioritize-issues-for-fixing/set-up-insights/set-up-insights-kubernetes-connector.md b/scan-fix-and-prevent/manage-risk/prioritize-issues-for-fixing/set-up-insights/set-up-insights-kubernetes-connector.md
index 3186357382af..7ede0443f00b 100644
--- a/scan-fix-and-prevent/manage-risk/prioritize-issues-for-fixing/set-up-insights/set-up-insights-kubernetes-connector.md
+++ b/scan-fix-and-prevent/manage-risk/prioritize-issues-for-fixing/set-up-insights/set-up-insights-kubernetes-connector.md
@@ -17,7 +17,7 @@ The Kubernetes connector is the agent deployed in your Kubernetes clusters to co
Before you can deploy the Kubernetes connector in your Kubernetes clusters, ensure you have the following:
-* A Snyk Organization to which the Kubernetes information collected will be sent to be stored. This could be a new Organization.
+* A Snyk Organization to which Snyk sends the collected Kubernetes information for storage. This can be a new Organization.
* A Snyk service account created specifically to be used with the Kubernetes connector. For instructions on creating a service account, see [Service accounts](https://app.gitbook.com/s/IgtgtomLQ2TUgSKOMSAm/service-accounts/service-accounts). For the roles and permissions, Snyk recommends:
* Creating a new specific role for this service account
* Taking a least privilege approach, granting the new specific role the sole permission required to **Publish Kubernetes Resources**.
@@ -38,9 +38,9 @@ This example illustrates creating a new role called **Kubernetes connector**
### Assign permissions to this role
-Navigate to the newly created role and [select edit](https://app.gitbook.com/s/IgtgtomLQ2TUgSKOMSAm/user-management/user-role-management#edit-a-custom-role); you will also be taken to this page immediately after creating the role.
+Navigate to the newly created role and [select edit](https://app.gitbook.com/s/IgtgtomLQ2TUgSKOMSAm/user-management/user-role-management#edit-a-custom-role). Snyk also takes you to this page immediately after you create the role.
-Scroll to the bottom of the page, tick the **Publish Kubernetes Resources** permission, and save the changes by clicking the **Update Role Permissions** button.
+Scroll to the bottom of the page, select the **Publish Kubernetes Resources** permission, and save the changes by clicking **Update Role Permissions**.
Publish Kubernetes Resources permission
@@ -58,11 +58,11 @@ Create a new service account with your chosen name, and from the dropdown, selec
Select the Kubernetes Agent role
-After the service account is created, you will see the API token. Copy the API token and save it somewhere safe; you will need this to configure the agent in the Helm chart.
+After you create the service account, the API token appears. Copy the API token and save it somewhere safe. You need this to configure the agent in the Helm chart.
### Install the Kubernetes connector in your Kubernetes clusters
-Snyk recommends using the Helm Chart to deploy the agent; the Helm Chart will create the associated permissions for the agent to run on your cluster. The user installing the Helm Chart needs sufficient permissions on the Kubernetes cluster to create new roles.\
+Snyk recommends using the Helm Chart to deploy the agent. The Helm Chart creates the associated permissions for the agent to run on your cluster. The user installing the Helm Chart needs sufficient permissions on the Kubernetes cluster to create new roles.\
\
[Follow the instructions on the Kubernetes-scanner GitHub repo](https://github.com/snyk/kubernetes-scanner) to use the Helm Chart to deploy the [latest released version](https://github.com/snyk/kubernetes-scanner/releases).
@@ -93,8 +93,8 @@ If you have only the existing agent installed, Snyk can compute only the **Deplo
**What happens to my data if I delete the Kubernetes connector?**
-If you choose to delete the Kubernetes connector, your data and risk factors will remain available for 48 hours.
+If you choose to delete the Kubernetes connector, your data and risk factors remain available for 48 hours.
**What happens to my data if the Kubernetes connector stops working?**
-If, for any reason, the Kubernetes connector stops working, your data and risk factors will remain available for 48 hours.
+If, for any reason, the Kubernetes connector stops working, your data and risk factors remain available for 48 hours.
diff --git a/scan-fix-and-prevent/manage-risk/prioritize-issues-for-fixing/set-up-insights/set-up-insights-user-permissions.md b/scan-fix-and-prevent/manage-risk/prioritize-issues-for-fixing/set-up-insights/set-up-insights-user-permissions.md
index b82b10d5bfff..f9f62ed9f0f2 100644
--- a/scan-fix-and-prevent/manage-risk/prioritize-issues-for-fixing/set-up-insights/set-up-insights-user-permissions.md
+++ b/scan-fix-and-prevent/manage-risk/prioritize-issues-for-fixing/set-up-insights/set-up-insights-user-permissions.md
@@ -2,4 +2,4 @@
Set up Insights is available at the Group level, so [grant relevant users the Group viewer or the Organization Collaborator role](https://app.gitbook.com/s/IgtgtomLQ2TUgSKOMSAm/user-management/user-role-management#manage-roles). This is the minimum required permission, but Group Admins can also view Prioritization.
-After you have the right permission, you will see a new **Issues UI** option in the left navigation at the Group level. On the Issues page, you can also see two tabs, one for viewing and customizing your **Issues**, and one to **Set up Insights**.
+After you have the right permission, a new **Issues UI** option appears in the navigation at the Group level. On the Issues page, you can also see two tabs, one for viewing and customizing your **Issues**, and one to **Set up Insights**.
diff --git a/scan-fix-and-prevent/manage-risk/prioritize-issues-for-fixing/severity-levels.md b/scan-fix-and-prevent/manage-risk/prioritize-issues-for-fixing/severity-levels.md
index ff1a506d06de..4a3af0d00780 100644
--- a/scan-fix-and-prevent/manage-risk/prioritize-issues-for-fixing/severity-levels.md
+++ b/scan-fix-and-prevent/manage-risk/prioritize-issues-for-fixing/severity-levels.md
@@ -45,7 +45,7 @@ The Common Vulnerability Scoring System (CVSS) determines the severity level of
Snyk supports the [CVSS framework version 4.0](https://www.first.org/cvss/v4-0/), along with the previous version, [CVSS framework version 3.1](https://www.first.org/cvss/v3-1/), to designate the characteristics and severity of vulnerabilities.
-Vulnerabilities published prior to the support of CVSS v4.0, are based on the 3.1 version of CVSS to define severities.
+Vulnerabilities published before the support of CVSS v4.0 are based on the 3.1 version of CVSS to define severities.
| **Level** | **CVSS score** |
| --------- | -------------- |
@@ -68,7 +68,7 @@ There are multiple CVSS Scores for the same vulnerability for several reasons:
* When evaluating the severity of a vulnerability, it is important to note that there is no single CVSS vector. There are multiple CVSS vectors defined by multiple vendors; the [National Vulnerability Database](https://nvd.nist.gov/) (NVD) is one.
* The majority of vulnerabilities published by Snyk originate from [proprietary research](https://security.snyk.io/disclosed-vulnerabilities), public information sources, or through third-party disclosures.
-* For example, when Snyk discovered the Critical Severity [Spring4Shell vulnerability](https://security.snyk.io/vuln/SNYK-JAVA-ORGSPRINGFRAMEWORK-2436751), the advisory was published on March 30, 2022, with the CVSS vector analysis. This was before an official CVE was assigned and before NVD conducted its analysis, which was published nine days later on April 8, 2022.
+* For example, when Snyk discovered the Critical Severity [Spring4Shell vulnerability](https://security.snyk.io/vuln/SNYK-JAVA-ORGSPRINGFRAMEWORK-2436751), the advisory was published on March 30, 2022, with the CVSS vector analysis. This was before an official CVE was assigned and before NVD conducted its analysis, which was published nine days later, on April 8, 2022.
* Having some differences in CVSS vectors is normal and expected. The likelihood of certain attack vectors will involve discrepancies and judgments made about them that make sense for the application and use cases of open source software users.
* The severity of a vulnerability is influenced by a variety of factors, including whether it comes from a "red team" angle or a "blue team" angle. To arrive at an objective and actionable rating, Snyk analysts examine the full range of data, from vendors to reporters to attackers.
* There are times when a vendor discovers additional information about a vulnerability that can affect its severity. Users can find all the relevant information used to determine the severity that Snyk curated in the description and references of the advisory.
diff --git a/scan-fix-and-prevent/manage-risk/prioritize-issues-for-fixing/using-the-issues-ui/export-and-customize-views.md b/scan-fix-and-prevent/manage-risk/prioritize-issues-for-fixing/using-the-issues-ui/export-and-customize-views.md
index 01c4aacb39b1..ec103659544a 100644
--- a/scan-fix-and-prevent/manage-risk/prioritize-issues-for-fixing/using-the-issues-ui/export-and-customize-views.md
+++ b/scan-fix-and-prevent/manage-risk/prioritize-issues-for-fixing/using-the-issues-ui/export-and-customize-views.md
@@ -2,6 +2,6 @@
By using the **Modify Columns** dropdown, you can customize the data you see in your table view by choosing from a variety of options.
-You can also export the data from your table view in CSV format, but note that your choice of visible columns within the product will not affect the exported data.
+You can also export the data from your table view in CSV format, but note that your choice of visible columns in the product does not affect the exported data.
-Filters applied to the issue data will affect the exported data.
+Filters applied to the issue data do affect the exported data.
diff --git a/scan-fix-and-prevent/manage-risk/prioritize-issues-for-fixing/using-the-issues-ui/filter-your-issues.md b/scan-fix-and-prevent/manage-risk/prioritize-issues-for-fixing/using-the-issues-ui/filter-your-issues.md
index 63ff9d14fc82..0b83eae40eec 100644
--- a/scan-fix-and-prevent/manage-risk/prioritize-issues-for-fixing/using-the-issues-ui/filter-your-issues.md
+++ b/scan-fix-and-prevent/manage-risk/prioritize-issues-for-fixing/using-the-issues-ui/filter-your-issues.md
@@ -4,7 +4,7 @@ Snyk Issues operates at the Group level and provides a holistic view of all the
## Funnel view
-The funnel view is a visual representation of your application's issues and risk factors. It allows you to filter the list of issues by specific risk factors or a combination of them. The **Deployed** and **Public facing** risk factors are clickable filters.
+The funnel view is a visual representation of your application's issues and risk factors. It lets you filter the list of issues by specific risk factors or a combination of them. The **Deployed** and **Public facing** risk factors are clickable filters.
{% hint style="info" %}
The OS Condition risk factor is now available only in the table view of the Issues UI.
@@ -21,7 +21,7 @@ By using the filters above the table view, you can filter your issues by the fol
* **Source code** - view only issues related to specific source code.
* **Issue severity** - view only critical, high, medium, or low-severity issues.
* **"Fixed in" Available** - filter issues based on the "Fixed in" version availability.
-* **Project name** - filter issues based on the name(s) of selected Project(s).
+* **Project name** - filter issues based on the names of selected Projects.
* **Snyk Product** - view only issues scanned by specific Snyk products.
* **Add filter** - filter issues based on additional options. Click the **Show all project filters** option to view all available filters, organized by General, Assets, Issues, Projects.
diff --git a/scan-fix-and-prevent/manage-risk/prioritize-issues-for-fixing/vulnerabilities-with-social-trends.md b/scan-fix-and-prevent/manage-risk/prioritize-issues-for-fixing/vulnerabilities-with-social-trends.md
index b207e6c35a2d..2bcecc5b0e74 100644
--- a/scan-fix-and-prevent/manage-risk/prioritize-issues-for-fixing/vulnerabilities-with-social-trends.md
+++ b/scan-fix-and-prevent/manage-risk/prioritize-issues-for-fixing/vulnerabilities-with-social-trends.md
@@ -2,9 +2,9 @@
Snyk Social Trends shows a **Trending** notification for issues that are being actively discussed on X (formerly known as Twitter).
-Social Trends are calculated as part of the priority score by default. You can look at the top tweets mentioning this vulnerability by clicking on **View Tweets**.
+Snyk calculates Social Trends as part of the priority score by default. To see the top tweets mentioning this vulnerability, click **View Tweets**.
-Snyk determines that a vulnerability is trending and displays the Trending banner as follows: trending?
+Snyk determines that a vulnerability is trending and displays the Trending banner as follows:
* Snyk monitors mentions of known vulnerabilities on X, calculating the trend of tweets and reactions.
* Bots and other noise are canceled out to guarantee accuracy.
@@ -12,5 +12,5 @@ Snyk determines that a vulnerability is trending and displays the Trending banne
* The **Trending** notification remains live until several days after the trend dissipates.
{% hint style="info" %}
-See [Priority Score](priority-score.md) for more information on how vulnerabilities are prioritized by Snyk.
+See [Priority Score](priority-score.md) for more information on how Snyk prioritizes vulnerabilities.
{% endhint %}
diff --git a/scan-fix-and-prevent/manage-risk/prioritize-issues-for-fixing/vulnerable-conditions.md b/scan-fix-and-prevent/manage-risk/prioritize-issues-for-fixing/vulnerable-conditions.md
index 6c7033832a28..e375b4bc9abc 100644
--- a/scan-fix-and-prevent/manage-risk/prioritize-issues-for-fixing/vulnerable-conditions.md
+++ b/scan-fix-and-prevent/manage-risk/prioritize-issues-for-fixing/vulnerable-conditions.md
@@ -24,7 +24,7 @@ This feature is available only for the Java (Gradle and Maven) ecosystem when yo
In the context of your application, the Triage Assistant evaluates the vulnerable conditions, which helps you determine the exploitability of your application.
-Snyk Code ([SAST](https://snyk.io/learn/application-security/sast-vs-dast/)) engine is used to read your first-party code and to check the conditions for the vulnerabilities found by Snyk Open Source (SCA).
+The Snyk Code ([SAST](https://snyk.io/learn/application-security/sast-vs-dast/)) engine reads your first-party code and checks the conditions for the vulnerabilities found by Snyk Open Source (SCA).
{% hint style="info" %}
To provide this feature, Snyk takes a temporary copy of your Git repository contents. For more information, see [How Snyk handles your data](https://app.gitbook.com/s/ELvljsaLKPkSpffOkmsQ/how-snyk-handles-your-data).
@@ -46,4 +46,4 @@ Jackson Vulnerable Conditions must meet all of the following conditions for the
## When is a vulnerability with Exploit Maturity not exploitable?
-A vulnerability may have exploits available in the wild or detailed explanations of how to exploit it, but as long as not all the conditions are not met, the vulnerability will remain unexploitable.
+A vulnerability may have exploits available in the wild or detailed explanations of how to exploit it, but as long as not all the conditions are met, the vulnerability remains unexploitable.
diff --git a/scan-fix-and-prevent/scan-with-snyk/error-catalog.md b/scan-fix-and-prevent/scan-with-snyk/error-catalog.md
index 978dd9be2541..443af5b136cb 100644
--- a/scan-fix-and-prevent/scan-with-snyk/error-catalog.md
+++ b/scan-fix-and-prevent/scan-with-snyk/error-catalog.md
@@ -2,7 +2,7 @@
## Snyk Error Codes
-The error codes in the table below describe the codes that you may encounter while working with the [Snyk API](https://app.gitbook.com/s/IEEjSXQQu36y0vmFV8zf/snyk-api/snyk-api) or [CLI](https://app.gitbook.com/s/IEEjSXQQu36y0vmFV8zf/snyk-cli). When errors are encountered using the API, they will also have an appropriate [HTTP status code](https://en.wikipedia.org/wiki/List_of_HTTP_status_codes). If you encounter errors without an error code, use the HTTP status code to determine the appropriate action.
+The following table describes the codes that you might encounter while working with the [Snyk API](https://app.gitbook.com/s/IEEjSXQQu36y0vmFV8zf/snyk-api/snyk-api) or [CLI](https://app.gitbook.com/s/IEEjSXQQu36y0vmFV8zf/snyk-cli). Errors encountered through the API also have an appropriate [HTTP status code](https://en.wikipedia.org/wiki/List_of_HTTP_status_codes). If you encounter errors without an error code, use the HTTP status code to determine the appropriate action.
***
diff --git a/scan-fix-and-prevent/scan-with-snyk/import-project-repository/remove-imported-repository-from-a-project.md b/scan-fix-and-prevent/scan-with-snyk/import-project-repository/remove-imported-repository-from-a-project.md
index 815aac7b6caf..cd83cbcc60dc 100644
--- a/scan-fix-and-prevent/scan-with-snyk/import-project-repository/remove-imported-repository-from-a-project.md
+++ b/scan-fix-and-prevent/scan-with-snyk/import-project-repository/remove-imported-repository-from-a-project.md
@@ -7,7 +7,7 @@ If you do not want Snyk to continue testing one or more of your imported reposit
* Delete the repository from your Snyk Account.
{% hint style="info" %}
-If you remove the entire repository from your Account, your repository will no longer be analyzed by any of the Snyk products.
+If you remove the entire repository from your Account, no Snyk product analyzes your repository any longer.
{% endhint %}
* Remove only the **Code analysis** Project from your Snyk Account in one of the following ways:
@@ -15,24 +15,24 @@ If you remove the entire repository from your Account, your repository will no l
* Delete the Project from your Snyk Account.
{% hint style="info" %}
-If you remove only the **Code analysis** Project, other Snyk products that are enabled in your account will continue to analyze the imported repository.
+If you remove only the **Code analysis** Project, other Snyk products that are enabled in your account continue to analyze the imported repository.
{% endhint %}
## **Remove imported repository methods**
-To select the right method for you for removing repositories from Snyk testing, consider what will happen in each of the following actions:
+To select the right method for removing repositories from Snyk testing, consider what happens in each of the following actions:
-* Deactivating an imported repository will:
- * Remove the webhook from Snyk to the SCM repository.
- * Disable pull request tests for new vulnerabilities.
- * Disable the Fix Pull Requests option from being opened for newly discovered vulnerabilities
- * Disable recurring tests; email alerts about newly discovered vulnerabilities will be turned off.
-* Deleting a Snyk Project or an imported repository will:
- * Delete the entire Project or repository and all its historical snapshot data from Snyk.
- * Remove the webhook from the SCM repository.
+* Deactivating an imported repository does the following:
+ * Removes the webhook from Snyk to the SCM repository.
+ * Disables pull request tests for new vulnerabilities.
+ * Disables the Fix Pull Requests option from being opened for newly discovered vulnerabilities.
+ * Disables recurring tests and turns off email alerts about newly discovered vulnerabilities.
+* Deleting a Snyk Project or an imported repository does the following:
+ * Deletes the entire Project or repository and all its historical snapshot data from Snyk.
+ * Removes the webhook from the SCM repository.
{% hint style="info" %}
-Deleting a Snyk Project or an imported repository will not have any effect on your source code.
+Deleting a Snyk Project or an imported repository does not have any effect on your source code.
If you want to remove specific directories or files from the Snyk Code test, use [the exclude option in the `.snyk` file](exclude-directories-and-files-from-project-import.md).
{% endhint %}
@@ -43,7 +43,7 @@ For instructions on deleting repositories, see the Project actions [Delete, Acti
## **Deactivate and delete a Snyk Code Project**
-To stop Snyk Code from testing an imported repository, you can either deactivate or delete the **Code analysis** Project in the repository. The **Code analysis** Project will no longer be active in the repository and Snyk Code will stop testing the repository, but other Snyk products will continue to scan the repository files.
+To stop Snyk Code from testing an imported repository, you can either deactivate or delete the **Code analysis** Project in the repository. The **Code analysis** Project is no longer active in the repository, and Snyk Code stops testing the repository, but other Snyk products continue to scan the repository files.
Follow these steps to deactivate or delete the Code analysis Project:
@@ -59,11 +59,11 @@ Follow these steps to deactivate or delete the Code analysis Project:
Deactivating a Project keeps it on the **Projects** page along with the issues count from the last scan, which contributes to the Target-level aggregate when Projects are grouped by Target. Deleting the Project removes all values from the page.
{% endhint %}
-The **Code analysis** Project you selected is either deactivated or deleted, and its repository will no longer be tested by Snyk Code.
+The **Code analysis** Project you selected is either deactivated or deleted, and Snyk Code no longer tests its repository.
If you want Snyk Code to resume its testing after you delete or deactivate the **Code analysis** Project of a repository, do the following:
* After deleting the Code analysis Project, re-import the repository to Snyk and then refresh the **Projects** page to view the results of the re-import.
-* After deactivating the Code analysis Project, re-activate the **Code analysis** Project via the **Settings** page of the Project. After you deactivate a Project, the **Deactivate project** button changes to **Activate project**, and a new **Activate** button appears at the top of the page. Click one of these buttons to re-activate the Project:
+* After deactivating the Code analysis Project, re-activate the **Code analysis** Project through the **Settings** page of the Project. After you deactivate a Project, the **Deactivate project** button changes to **Activate project**, and a new **Activate** button appears at the top of the page. Click one of these buttons to re-activate the Project:
Activate project button on Code analysis Project Settings page
diff --git a/scan-fix-and-prevent/scan-with-snyk/project-repositories/snyk-repo-content-sync.md b/scan-fix-and-prevent/scan-with-snyk/project-repositories/snyk-repo-content-sync.md
index ff763b1f5558..24d975648f30 100644
--- a/scan-fix-and-prevent/scan-with-snyk/project-repositories/snyk-repo-content-sync.md
+++ b/scan-fix-and-prevent/scan-with-snyk/project-repositories/snyk-repo-content-sync.md
@@ -31,6 +31,6 @@ Push events trigger synchronization using webhooks. Snyk creates a webhook when
## Considerations for Early Access
-* Ignore history: For file renames, path changes, or .Net Framework upgrades, Snyk treats the change as a delete and create action. Snyk does not carry over the Project history and previous ignores to the new Project.
+* Ignore history: For file renames, path changes, or .NET Framework upgrades, Snyk treats the change as a delete and create action. Snyk does not carry over the Project history and previous ignores to the new Project.
* Manual deactivations: When you enable this feature, previously deactivated Projects remain inactive. To reactivate a Project, navigate to the relevant Snyk Project and click **Activate**.
* PR checks: Snyk detects new Projects only when you merge them into the monitored branch. Snyk does not detect them during pull request checks.
diff --git a/scan-fix-and-prevent/scan-with-snyk/pull-requests/README.md b/scan-fix-and-prevent/scan-with-snyk/pull-requests/README.md
index e820b712c228..284dc2325cc3 100644
--- a/scan-fix-and-prevent/scan-with-snyk/pull-requests/README.md
+++ b/scan-fix-and-prevent/scan-with-snyk/pull-requests/README.md
@@ -2,7 +2,7 @@
## Snyk Fix PRs
-Fix pull or merge requests are created automatically by Snyk when new issues are identified in Project tests or a retest is run on a Project that has identified vulnerabilities. This feature applies to Projects imported through an SCM integration such as GitHub Enterprise or Azure.
+Snyk creates fix pull or merge requests automatically when it identifies new issues in Project tests or when you run a retest on a Project that has identified vulnerabilities. This feature applies to Projects imported through an SCM integration such as GitHub Enterprise or Azure.
For more information on how integrations use fix and upgrade pull requests, see [Upgrade open source dependencies with automatic PRs](snyk-pull-or-merge-requests/enable-automatic-upgrade-prs-for-new-dependency-upgrades.md).
@@ -12,15 +12,15 @@ For a full description of Snyk Fix PRs, see [Snyk Fix Pull Requests](snyk-pull-o
## PR Checks
-Pull request checks are tests that run on generated pull requests to identify new issues with Projects. This allows you to prevent issues from being introduced into your code before merging to the main branch.
+Pull request checks are tests that run on generated pull requests to identify new issues with Projects. This lets you prevent issues from entering your code before you merge to the main branch.
-PR Checks that are configured to “Only fail when the issues found have a fix available” rely on Snyk FixPR support and, therefore, will not alert for projects in languages that do not support FixPRs.
+PR Checks that are configured to “Only fail when the issues found have a fix available” rely on Snyk Fix PR support and, therefore, do not alert for Projects in languages that do not support Fix PRs.
For a full description of PR Checks, see [Pull Request Checks](pull-request-checks/).
## The differences between Fix PRs and PR Checks
-* Snyk Fix pull or merge requests are initiated by Snyk when a new issue is identified in a Project test or retest. PR Checks or merge requests are initiated by Snyk when there are code changes in an Organization or Project.
+* Snyk initiates Fix pull or merge requests when it identifies a new issue in a Project test or retest. Snyk initiates PR Checks or merge requests when there are code changes in an Organization or Project.
* Snyk Fix PRs are used for the remediation of issues. PR checks are used for the prevention of issues.
* Snyk Fix PRs are automatic or manual requests made to resolve issues with fixes available, for example, an upgrade or a patch. PR checks are tests made on code changes based on conditions you [configured](pull-request-checks/configure-pull-request-checks.md) during setup, which identify vulnerabilities that could affect your code before the merge.
* Snyk Fix PRs trigger when an issue is detected from a daily scan or test. PR checks trigger when you make a code change in a PR.
diff --git a/scan-fix-and-prevent/scan-with-snyk/pull-requests/pull-request-checks/README.md b/scan-fix-and-prevent/scan-with-snyk/pull-requests/pull-request-checks/README.md
index 7f67be027dc9..27c09869215d 100644
--- a/scan-fix-and-prevent/scan-with-snyk/pull-requests/pull-request-checks/README.md
+++ b/scan-fix-and-prevent/scan-with-snyk/pull-requests/pull-request-checks/README.md
@@ -2,27 +2,27 @@
## Introduction to automated security scans with PR checks
-The [Snyk PR Checks](configure-pull-request-checks.md) feature allows developers to auto-scan their PRs for issues before merging their code. As Snyk acts as an automated pseudo-team member (an “expert security reviewer”), it finds potential issues, leaving review notes on your PR before the code is committed.
+The [Snyk PR Checks](configure-pull-request-checks.md) feature lets developers auto-scan their PRs for issues before merging their code. As Snyk acts as an automated pseudo-team member (an “expert security reviewer”), it finds potential issues, leaving review notes on your PR before you commit the code.
-While PRs are the points in the development process where code reviews happen, PR Checks allow security scanning to be integrated with developer workflows, empowering dev teams and helping to prevent security issues from occurring in deployed code.
+While PRs are the points in the development process where code reviews happen, PR Checks integrate security scanning with developer workflows, empowering dev teams and helping to prevent security issues from occurring in deployed code.
-As part of the [Snyk Pull Request Experience](pull-request-experience.md), the Snyk Issue Summary Comment feature allows you to receive a PR comment on each pull request, summarizing the most recent PR Check results according to the type of check and the count of findings by severity. This reduces context switching by displaying additional information about the PR Check scan results in the pull request.
+As part of the [Snyk Pull Request Experience](pull-request-experience.md), the Snyk Issue Summary Comment feature lets you receive a PR comment on each pull request, summarizing the most recent PR Check results according to the type of check and the count of findings by severity. This reduces context switching by displaying additional information about the PR Check scan results in the pull request.
## **Test the change**
-The Snyk PR Checks feature allows you to test a change to the current codebase to see if that change introduces a problem. This change testing makes it easier to maintain the security of your codebase on an ongoing basis.
+The Snyk PR Checks feature lets you test a change to the current codebase to see if that change introduces a problem. This change testing helps you maintain the security of your codebase on an ongoing basis.
For developers, change-related flaws are relevant and easy to fix, and fixing change-related flaws rather than accumulated flaws makes rolling out secure code easier. You can detect security issues early in the development process, see the test results immediately after you write new code, and find and fix issues as they emerge, all in your native workflow.
## **Testing “before” and “after”**
-The Snyk PR Checks feature runs live tests of the “before and after” branch with the PR and fails only if the new branch has more issues. This allows you to address problems that have been introduced since the last scan, for example, new vulnerabilities introduced externally. Snyk PR Checks are triggered by a change in your code, and find issues across the entire repository. Thus, a PR check finds issues in your code as well as other issues introduced since the last Snyk scan.Use the Snyk PR Checks feature to prevent new security issues from entering your codebase by automatically scanning code changes in real time as soon as you submit a pull request (PR) in your source code manager (SCM).
+The Snyk PR Checks feature runs live tests of the “before and after” branch with the PR and fails only if the new branch has more issues. This lets you address problems introduced since the last scan, for example, new vulnerabilities introduced externally. A change in your code triggers Snyk PR Checks, which find issues across the entire repository. A PR check finds issues in your code as well as other issues introduced since the last Snyk scan. Use the Snyk PR Checks feature to prevent new security issues from entering your codebase by automatically scanning code changes in real time as soon as you submit a pull request (PR) in your source code manager (SCM).
## Why use PR Checks
| Benefits | Details |
| --------------------------------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
-| Automatically scanned pull request | Scan code changes in real-time as soon as a pull request is submitted, to catch potential issues before they go into production. |
+| Automatically scanned pull request | Scan code changes in real time as soon as you submit a pull request, to catch potential issues before they go into production. |
| Results displayed in your source code manager | Make use of security reviews and notes left by Snyk on your pull requests. |
| Code change testing for security issues | Test changes to your codebase for any security issues, ensuring that your code stays secure over time. |
| Branch testing |
Test branches before and after implementing changes to fail only if the new branch has introduced issues. Prevent merging pull requests with failed security issues. Note that Snyk monitors all pull requests made to the monitored repository.
|
@@ -40,7 +40,7 @@ The following diagram explains how Snyk Checks PRs in your development workflow.
PR checks proceed as follows:
1. A developer creates a pull request (PR) in an SCM integrated with Snyk.
-2. A webhook is triggered from the SCM to Snyk
+2. The SCM triggers a webhook to Snyk.
3. Snyk automatically scans the code changes in the PR for issues.
4. Snyk leaves security reviews and notes on the PR.
5. The developer can view the PR Checks results and fix identified issues before merging the code.
diff --git a/scan-fix-and-prevent/scan-with-snyk/pull-requests/pull-request-checks/analyze-pr-checks-results.md b/scan-fix-and-prevent/scan-with-snyk/pull-requests/pull-request-checks/analyze-pr-checks-results.md
index 59cc65574cb7..eba3362b7d05 100644
--- a/scan-fix-and-prevent/scan-with-snyk/pull-requests/pull-request-checks/analyze-pr-checks-results.md
+++ b/scan-fix-and-prevent/scan-with-snyk/pull-requests/pull-request-checks/analyze-pr-checks-results.md
@@ -12,7 +12,7 @@ Check the status of the PR Checks results in the integrated SCM to identify secu
The following status indicators can appear for your Snyk PR checks in the integrated SCM:
-
Result status
Description
Success/Passed
No issues were discovered and the manifest file was not changed.
Pending
The PR Checks are still running.
Failed/Issues found
Security issues were identified in the pull request. In this scenario, you need to manually set the result status to Passed.
Error
Out-of-sync package.json and package.lock files, failure to find or to read the manifest file.
Canceled
The test limit has been reached.
+
Result status
Description
Success/Passed
Snyk discovered no issues and the manifest file did not change.
Pending
The PR Checks are still running.
Failed/Issues found
Snyk identified security issues in the pull request. In this scenario, you must manually set the result status to Passed.
Error
Out-of-sync package.json and package.lock files, failure to find or to read the manifest file.
Canceled
The test reached the test limit.
{% hint style="info" %}
For false positive or false negative results, see [Troubleshooting PR Checks](troubleshoot-pr-checks.md).
@@ -54,15 +54,15 @@ Confirm your selected issue and click **Open a Fix PR** to open a pull request i
2. Find the conversation card showing the PR Checks results. For this example, the result is set to **Failed** and is manually changed to **Passed**.
{% hint style="info" %}
-Issues that have previously been ignored via the Snyk Web UI in the associated Open Source or code analysis Project are not flagged in these checks. This reflects [ignored issues](../../../manage-risk/prioritize-issues-for-fixing/ignore-issues/) across feature branch PRs.
+Issues that you have previously ignored through the Snyk Web UI in the associated Open Source or code analysis Project are not flagged in these checks. This reflects [ignored issues](../../../manage-risk/prioritize-issues-for-fixing/ignore-issues/) across feature branch PRs.
{% endhint %}
PR Checks card in the Conversations tab, GitHub
-3. Expand list of files that have been checked for this issue.
+3. Expand the list of files that Snyk checked for this issue.
4. (Optional) Click **View test page** to examine the issue details.\
\
- You can get a complete picture of the vulnerability by clicking **Show more detail** for technical security information and remediation options.\
+ To get a complete picture of the vulnerability, click **Show more detail** for technical security information and remediation options.\
\
To return to the main issue page, click **Project**.
@@ -73,7 +73,7 @@ Issues that have previously been ignored via the Snyk Web UI in the associated O
Marking PR Checks result as successful
{% hint style="warning" %}
-Marking a vulnerability as successful does not ignore the issue but only allows the security checks for the PR to pass in this current branch. If the issue is not fixed, it shows up in future commits and PR Checks after you merge it with the target branch.
+Marking a vulnerability as successful does not ignore the issue but only lets the security checks for the PR pass in this current branch. If you do not fix the issue, it shows up in future commits and PR Checks after you merge it with the target branch.
{% endhint %}
The issue is marked as **Passed** and shows up as **Skipped** in the PR Checks card in GitHub.
diff --git a/scan-fix-and-prevent/scan-with-snyk/pull-requests/pull-request-checks/configure-pull-request-checks.md b/scan-fix-and-prevent/scan-with-snyk/pull-requests/pull-request-checks/configure-pull-request-checks.md
index d734e17e1968..13dec221dca0 100644
--- a/scan-fix-and-prevent/scan-with-snyk/pull-requests/pull-request-checks/configure-pull-request-checks.md
+++ b/scan-fix-and-prevent/scan-with-snyk/pull-requests/pull-request-checks/configure-pull-request-checks.md
@@ -5,7 +5,7 @@
PR Checks for **Bitbucket Server** integrations require Bitbucket Server version 7.4 and above, or Bitbucket Data Center version 8 or above.\
\
-When using a brokered connection Snyk Broker version 5.4.9 and above is required.
+When using a brokered connection, you must use Snyk Broker version 5.4.9 and above.
{% endhint %}
## Prerequisites for automated PR Checks
@@ -52,7 +52,7 @@ The configuration settings apply to all Projects in that Organization. You can a
* [ ] **Code Analysis**: Enable this option to fail the PR on new vulnerabilities detected in your Git repository. If the severity is higher than your threshold, the PR is not merged into the main branch.
* [ ] **Fail conditions**: Select the severity threshold at which the PR fails. For example, if you select **Medium**, the PR fails on issues found at this level or higher, while it is merged for **Low** severity issues.
-PR Checks that are configured to “Only fail when the issues found have a fix available” rely on Snyk FixPR support and, therefore, will not alert for projects in languages that do not support FixPR Checks.
+PR Checks that are configured to “Only fail when the issues found have a fix available” rely on Snyk FixPR support and so do not alert for projects in languages that do not support FixPR Checks.
{% hint style="info" %}
A PR test is configured to be optional or blocking within your source control management platform, such as GitHub’s branch protection rules. To learn more on issue prevention, visit [Phase 6: Rolling out the prevention stage](https://app.gitbook.com/s/L7HyJj9FsK1W4pNt8Gzl/implementation-guides/enterprise-implementation-guide/automate-prevention-measures).
@@ -71,13 +71,13 @@ If you cannot see the **Code Analysis** section, ensure that your user has the G
* [ ] **Only fail when the PR is adding a dependency with issues**: Set this condition to fail PR when there is at least one dependency with security issues.
* [ ] **Fail if the repo has any issues**: Set this condition to fail a PR for any security issues found in the Git repository.
* [ ] **Only fail for high or critical severity issues**: Select additional failure conditions based on the severity threshold.
-* [ ] **Only fail when the issues found have a fix available**: Set this condition on for the PR check to fail when the PR introduces new vulnerabilities that are fixable by Snyk. PR checks don't fail on newly introduced vulnerabilities if Snyk is unable to fix them.
+* [ ] **Only fail when the issues found have a fix available**: Set this condition on for the PR check to fail when the PR introduces new vulnerabilities that are fixable by Snyk. PR checks don't fail on newly introduced vulnerabilities if Snyk cannot fix them.
-When switched on, this will cause the PR check to fail when the PR introduces new vulnerabilities that are fixable by Snyk. PR checks will not fail on newly introduced vulnerabilities if Snyk is unable to fix them.
+When switched on, this causes the PR check to fail when the PR introduces new vulnerabilities that are fixable by Snyk. PR checks do not fail on newly introduced vulnerabilities if Snyk cannot fix them.
PR check settings to analyze open-source and licensing issues
-4. Either click **Save** to save the changes, select the Save dropdown and click **Apply changes to all overridden Projects** to extend the current configuration to Projects with custom settings. For more information, see [Configure PR Checks at the Project level](configure-pull-request-checks.md#configure-pr-checks-at-the-project-level).
+4. Either click **Save** to save the changes, or select the **Save** dropdown and click **Apply changes to all overridden Projects** to extend the current configuration to Projects with custom settings. For more information, see [Configure PR Checks at the Project level](configure-pull-request-checks.md#configure-pr-checks-at-the-project-level).
## Configure PR checks at the Project level
diff --git a/scan-fix-and-prevent/scan-with-snyk/pull-requests/pull-request-checks/pull-request-experience.md b/scan-fix-and-prevent/scan-with-snyk/pull-requests/pull-request-checks/pull-request-experience.md
index 84e85eb1fe79..ee191984f65c 100644
--- a/scan-fix-and-prevent/scan-with-snyk/pull-requests/pull-request-checks/pull-request-experience.md
+++ b/scan-fix-and-prevent/scan-with-snyk/pull-requests/pull-request-checks/pull-request-experience.md
@@ -16,15 +16,15 @@ The Pull Request Experience consists of the following features:
Issue summary comment provides a collated view of the last PR Check results, categorizing findings by severity and type directly within the pull request.
-Inline comments give a granular view of the pull request with information on severity, the data flow of vulnerabilities, and more. This allows you to make quick decisions on issue prioritization and remediation.
+Inline comments give a granular view of the pull request with information on severity, the data flow of vulnerabilities, and more. This lets you make quick decisions on issue prioritization and remediation.
-Snyk Agent fix in the PR enables action to be taken based on the previous features in the Pull Request Experience and the recommendations given.
+Snyk Agent fix in the PR lets you act on the previous features in the Pull Request Experience and the recommendations given.
## Prerequisites
### User role requirement
-To configure and manage the pull request experience, the user must be a [Group Admin](https://app.gitbook.com/s/IgtgtomLQ2TUgSKOMSAm/user-management/pre-defined-roles#group-level-permissions). This is to ensure access to all integrations for setup as the pull request experience is configured at the Organization level.
+To configure and manage the pull request experience, you must be a [Group Admin](https://app.gitbook.com/s/IgtgtomLQ2TUgSKOMSAm/user-management/pre-defined-roles#group-level-permissions). This ensures access to all integrations for setup, because you configure the pull request experience at the Organization level.
### Pull request checks enablement
@@ -43,11 +43,11 @@ Ensure the following is complete:
In addition to the general SCM and PR Checks prerequisites, certain features in the pull request experience have their own requirements:
* To configure the inline comments feature, enable the **Code analysis** PR checks setting. This is located on the Organization level under **Settings** > **Integrations**.
-* If you are using the GitHub Integration, specify a dedicated GitHub account by supplying a **GitHub Personal Access Token (PAT)** in the integration settings. This is required to be able to add inline comments or Agent Fix
+* If you are using the GitHub Integration, specify a dedicated GitHub account by supplying a **GitHub Personal Access Token (PAT)** in the integration settings. This is required to add inline comments or Agent Fix.
### SCM permission and access scope requirements
-The pull request experience integrates with various SCM platforms, each with specific requirements for a successful configuration with Snyk. Your existing SCM integration setup will work with the Pull Request experience out of the box, except for GitHub (OAuth) which requires an additional Fix PR token. For additional information, see [User permissions and access scopes](https://app.gitbook.com/s/IEEjSXQQu36y0vmFV8zf/integrations/scm-integrations/user-permissions-and-access-scopes).
+The pull request experience integrates with various SCM platforms, each with specific requirements for a successful configuration with Snyk. Your existing SCM integration setup works with the Pull Request experience out of the box, except for GitHub (OAuth), which requires an additional Fix PR token. For additional information, see [User permissions and access scopes](https://app.gitbook.com/s/IEEjSXQQu36y0vmFV8zf/integrations/scm-integrations/user-permissions-and-access-scopes).
{% hint style="info" %}
For information on which SCM integrations are supported in each pull request experience feature, see the individual feature sections: [Issue Summary Comment](pull-request-experience.md#issue-summary-comment), [Inline Comments](pull-request-experience.md#inline-comments), and [Snyk Agent Fix in the PR](pull-request-experience.md#snyk-agent-fix-in-the-pr).
@@ -73,7 +73,7 @@ The issue summary comment feature adds a comment to each pull request, summarizi
The inline comments feature adds a detailed comment for each issue identified by the Snyk Code pull request check. Each comment includes the severity level, the name, and a short description of the issue, helpful links for further information, and, if applicable, the data flow. For best results, Snyk recommends generating and applying fixes for a single inline comment at a time to avoid situations where applying a fix causes conflicts with another previously generated fix.
{% hint style="info" %}
-This feature is limited to 10 inline comments at pull request level. The summary comment will display a message if the cap is surpassed.
+This feature is limited to 10 inline comments at pull request level. The summary comment displays a message if you surpass the cap.
{% endhint %}
For GitLab and Azure Repos, consider the following conditions:
@@ -90,10 +90,10 @@ For Brokered integrations, the Data Flow section in the inline comments is avail
**Release status**
Snyk Agent fix in the PR is in [Early Access](https://app.gitbook.com/s/L7HyJj9FsK1W4pNt8Gzl/snyk-release-process#early-access-features).\
-Snyk Agent fix in the PR will work only on inline comments created after the feature is enabled.
+Snyk Agent fix in the PR works only on inline comments created after you enable the feature.
{% endhint %}
-The Snyk Agent fix in the PR feature enables the user to request and apply fixes for vulnerabilities identified by the Snyk Code pull request check and posted as inline comments. By enabling this feature, the user is able to interact with inline comments in the following way:
+The Snyk Agent fix in the PR feature lets you request and apply fixes for vulnerabilities identified by the Snyk Code pull request check and posted as inline comments. When you enable this feature, you can interact with inline comments in the following way:
* Request an initial fix by replying to an inline comment using the `@snyk /fix` command.
@@ -102,14 +102,14 @@ The Snyk Agent fix in the PR feature enables the user to request and apply fixes
Request a fix by replying to the inline comment
* Request a different suggestion by replying with the `@snyk /fix` command to a previously generated fix. Snyk Agent fix can generate up to five potential fixes, depending on the issue type.
-* Apply a specific fix by using the `@snyk /apply #` command, where # is the number of the suggestion the user wishes to apply. A commit is created by Snyk on the PR branch, containing the selected fix.
+* Apply a specific fix by using the `@snyk /apply #` command, where # is the number of the suggestion you want to apply. Snyk creates a commit on the PR branch, containing the selected fix.
### Exceptions
* The `@snyk /fix` command can be used only for automatically fixable vulnerabilities, identified in the inline comments with a zap icon and command description. See [fix-code-vulnerabilities-automatically.md](../../snyk-code/manage-code-vulnerabilities/fix-code-vulnerabilities-automatically.md "mention") for supported languages and limitations.
* Fixes expire after the time displayed in each suggestion, in accordance with the [How Snyk handles your data #Cache retention period related to vulnerability source data](https://app.gitbook.com/s/ELvljsaLKPkSpffOkmsQ/how-snyk-handles-your-data#cache-retention-period-related-to-vulnerability-source-data "mention"). After expiration, a new fix can be requested by using the `@snyk /fix` command.
* Snyk Agent fix in the PR is not supported for [Snyk Code Local Engine](../../snyk-code/snyk-code-local-engine.md).
-* The `@snyk /fix` and `@snyk /apply #` commands can be used only as replies to the Inline Comments created by Snyk, commands created on other comment threads will not be processed.
+* The `@snyk /fix` and `@snyk /apply #` commands can be used only as replies to the Inline Comments created by Snyk. Snyk does not process commands created on other comment threads.
## Troubleshooting
@@ -160,7 +160,7 @@ The following features require specific Snyk Broker versions:
### The Snyk Agent fix in the PR is not working after enabling the setting
-When you enable the Snyk Agent Fix in the PR setting, a background process is initiated to upgrade the [Snyk webhooks](../snyk-pull-or-merge-requests/#snyk-scm-webhooks) in the user's repository to include the pull request comment event subscription required for the feature. This process can take a couple of minutes to complete. During this time, the feature will not be fully active or available, and Snyk will not be able to react to commands in the PR.
+When you enable the Snyk Agent Fix in the PR setting, Snyk starts a background process to upgrade the [Snyk webhooks](../snyk-pull-or-merge-requests/#snyk-scm-webhooks) in your repository to include the pull request comment event subscription required for the feature. This process can take a couple of minutes to complete. During this time, the feature is not fully active or available, and Snyk cannot react to commands in the PR.
To troubleshoot the webhook upgrade process, go to the repository settings page of your SCM, and confirm that the Snyk webhook is subscribed to the 'Pull request review comments' event.
diff --git a/scan-fix-and-prevent/scan-with-snyk/pull-requests/pull-request-checks/troubleshoot-pr-checks.md b/scan-fix-and-prevent/scan-with-snyk/pull-requests/pull-request-checks/troubleshoot-pr-checks.md
index 5b03e8ac9b18..9ff05ed38b1a 100644
--- a/scan-fix-and-prevent/scan-with-snyk/pull-requests/pull-request-checks/troubleshoot-pr-checks.md
+++ b/scan-fix-and-prevent/scan-with-snyk/pull-requests/pull-request-checks/troubleshoot-pr-checks.md
@@ -7,20 +7,20 @@ The following table lists general issues with PR checks and how to address them.
| Scenario | Description | Action |
| --------------------------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
| PR check not triggered. | The repository is imported to Snyk, but when a PR is raised it does not trigger a PR check. |
|
-| PR check is expected but does not run. | The PR check is listed in the Git repository (SCM) as expected but never completes. |
This issue is generally caused by a Branch Protection rule requiring the PR check. If the Project has been disabled or removed from Snyk, the PR check will not run, but the branch protection rule is still in force until removed or edited.
Check for Branch Protection rules and confirm that the Project is imported and active.
|
-| Multiple Security and Licence PR checks run on a single Pull Request. | When a PR is submitted, multiple Snyk PR checks of the same type run against it, possibly with different results. |
If a repository is imported into multiple Snyk Organizations, PR checks will run on the repository for any configured Organization.
Check the name of the PR check as it includes the Organization name against which the check is run. Alternatively, selecting the PR check details will take you to the results for the relevant Organization.
|
-| PR Check found vulnerabilities but Pull Request is not blocked. | Controlling whether a PR test is optional or blocking is configured within your source control management platform, such as GitHub’s branch protection rules. | To learn more about issue prevention, visit [Phase 6: Rolling out the prevention stage.](https://app.gitbook.com/s/L7HyJj9FsK1W4pNt8Gzl/implementation-guides/enterprise-implementation-guide/automate-prevention-measures) |
+| PR check is expected but does not run. | The PR check is listed in the Git repository (SCM) as expected but never completes. |
A Branch Protection rule requiring the PR check generally causes this issue. If you disabled or removed the Project from Snyk, the PR check does not run, but the branch protection rule is still in force until you remove or edit it.
Check for Branch Protection rules and confirm that the Project is imported and active.
|
+| Multiple Security and Licence PR checks run on a single Pull Request. | When you submit a PR, multiple Snyk PR checks of the same type run against it, possibly with different results. |
If you import a repository into multiple Snyk Organizations, PR checks run on the repository for any configured Organization.
Check the name of the PR check, because it includes the Organization name against which the check runs. Alternatively, selecting the PR check details takes you to the results for the relevant Organization.
|
+| PR Check found vulnerabilities but Pull Request is not blocked. | You configure whether a PR test is optional or blocking in your source control management platform, such as GitHub’s branch protection rules. | To learn more about issue prevention, visit [Phase 6: Rolling out the prevention stage.](https://app.gitbook.com/s/L7HyJj9FsK1W4pNt8Gzl/implementation-guides/enterprise-implementation-guide/automate-prevention-measures) |
## Open-source and licensing checks
-PR checks that are configured to “Only fail when the issues found have a fix available” will not alert for projects in languages that do not support Fix PR checks. For more information, see [Supported languages](https://app.gitbook.com/s/L7HyJj9FsK1W4pNt8Gzl/supported-languages/supported-languages-list) to check feature support.
+PR checks that are configured to “Only fail when the issues found have a fix available” do not alert for projects in languages that do not support Fix PR checks. For more information, see [Supported languages](https://app.gitbook.com/s/L7HyJj9FsK1W4pNt8Gzl/supported-languages/supported-languages-list) to check feature support.
If you come across false positive or false negative results, you can take action to diagnose and report the issue.
| Scenario | Description | Action |
| -------------- | ------------------------------------------------------------------------------------------------------- | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
-| False positive | The result is marked as Failed by Snyk because it has identified an issue that does not actually exist. |
Contact support to update the dependency version if Snyk has misidentified an issue for a package version.
If Snyk did not detect the vulnerability due to a misidentified package or the absence of code trace, contact support.
|
## Code analysis checks
diff --git a/scan-fix-and-prevent/scan-with-snyk/pull-requests/snyk-pull-or-merge-requests/README.md b/scan-fix-and-prevent/scan-with-snyk/pull-requests/snyk-pull-or-merge-requests/README.md
index f3038e28dc97..d2aa5d08f074 100644
--- a/scan-fix-and-prevent/scan-with-snyk/pull-requests/snyk-pull-or-merge-requests/README.md
+++ b/scan-fix-and-prevent/scan-with-snyk/pull-requests/snyk-pull-or-merge-requests/README.md
@@ -1,18 +1,18 @@
# Snyk Pull or Merge Requests
-In addition to providing fix advice, Snyk enables you create automatic or manual pull requests for supported package managers and ecosystems. To create PRs automatically in implementations with Snyk Broker, your administrator must upgrade to v4.55.0 or later.
+In addition to providing fix advice, Snyk lets you create automatic or manual pull requests for supported package managers and ecosystems. To create PRs automatically in implementations with Snyk Broker, your administrator must upgrade to v4.55.0 or later.
{% hint style="info" %}
For the basic steps in fixing vulnerabilities, see [Fix your vulnerabilities](../../snyk-open-source/manage-vulnerabilities/fix-your-vulnerabilities.md). To ensure your language is supported, see [Languages supported for Fix Pull Requests or Merge Requests](../../snyk-open-source/manage-vulnerabilities/troubleshoot-fixing-vulnerabilities-with-snyk-open-source.md#languages-supported-for-fix-pull-requests-or-merge-requests) and [Supported browsers](https://app.gitbook.com/s/L7HyJj9FsK1W4pNt8Gzl/getting-started-guides/getting-started#supported-browsers) pages.
{% endhint %}
{% hint style="info" %}
-Administrators and account owners can manage the settings for Snyk upgrade pull requests from the Snyk Web UI at both the Organization and Project levels. You can configure whether the feature is enabled (the default) and specify the conditions under which Snyk should submit upgrade pull requests, if at all.
+Administrators and account owners can manage the settings for Snyk upgrade pull requests from the Snyk Web UI at both the Organization and Project levels. You can configure whether the feature is enabled (the default) and specify the conditions under which Snyk submits upgrade pull requests, if at all.
{% endhint %}
## Manual Fix PRs
-For specific supported languages, you can create pull requests to remediate issues using the Snyk web UI. These combine Snyk fix advice with the list of remediated vulnerabilities to create a pull request that developers can review and merge into their repo's main branch.
+For specific supported languages, you can create pull requests to remediate issues using the Snyk Web UI. These combine Snyk fix advice with the list of remediated vulnerabilities to create a pull request that developers can review and merge into their repository's main branch.
You can start the process from any supported Project's open source vulnerability view.
diff --git a/scan-fix-and-prevent/scan-with-snyk/pull-requests/snyk-pull-or-merge-requests/breakability-risk-levels.md b/scan-fix-and-prevent/scan-with-snyk/pull-requests/snyk-pull-or-merge-requests/breakability-risk-levels.md
index 985f92e851e8..5840a759ae10 100644
--- a/scan-fix-and-prevent/scan-with-snyk/pull-requests/snyk-pull-or-merge-requests/breakability-risk-levels.md
+++ b/scan-fix-and-prevent/scan-with-snyk/pull-requests/snyk-pull-or-merge-requests/breakability-risk-levels.md
@@ -6,7 +6,7 @@
Breakability analysis is in Early Access and available only with Enterprise plans. To enable the feature, see [Snyk Preview](https://app.gitbook.com/s/IgtgtomLQ2TUgSKOMSAm/snyk-hierarchy/snyk-preview).
{% endhint %}
-Snyk analyzes dependency upgrades to predict if a proposed change will break your build or application. Breakability analysis assigns a risk level to each upgrade to help you decide whether to auto-merge a fix or review it manually.
+Snyk analyzes dependency upgrades to predict whether a proposed change breaks your build or application. Breakability analysis assigns a risk level to each upgrade to help you decide whether to auto-merge a fix or review it manually.
Snyk assesses the practical impact of a change rather than relying only on version numbers. For example, a major version update (v2.0) can appear risky based on the version number, even if the code change is trivial.
@@ -20,7 +20,7 @@ Snyk classifies risk based on two factors:
{% hint style="info" %}
With breakability analysis, Snyk sends package information to a Large Language Model (LLM). This information includes the current and proposed upgrade versions. Snyk does not transmit application data. Future features involving application context require you to enable them separately.
-Ensure to review AI-generated content for accuracy before use.
+Review AI-generated content for accuracy before use.
{% endhint %}
## Risk level definitions and actions
@@ -87,7 +87,7 @@ The following use cases show how the logic applies.
| ---------------------- | ----------------------- | -------------------- | ------------------------------------------------------------------------------------------------------------------------------------ |
| Security patch | From `1.4.4` to `1.4.5` | Low | The changelog confirms only security fixes and no behavioral changes. |
| Ancient runtime drop | From `3.0` to `4.0` | Low | The upgrade is a major version, but the only change is dropping Node.js v4 (EOL 2018). There is no practical impact. |
-| Missing documentation | From `2.1` to `2.2` | Medium | The upgrade is a minor version, but there is no changelog. Snyk cannot detemine if it is safe, so it flags it for review. |
+| Missing documentation | From `2.1` to `2.2` | Medium | The upgrade is a minor version, but there is no changelog. Snyk cannot determine if it is safe, so it flags it for review. |
| API removal | From `3.0` to `4.0` | High | The changelog confirms that `_.pluck` was removed and must be replaced with `_.map`. Code changes are required. |
| Long term support drop | From `5.0` to `6.0` | High | The upgrade drops support for Java 17, which is an active LTS. This upgrade breaks builds that are running on standard environments. |
| | | | |
diff --git a/scan-fix-and-prevent/scan-with-snyk/pull-requests/snyk-pull-or-merge-requests/customize-pr-templates/apply-a-custom-pr-template.md b/scan-fix-and-prevent/scan-with-snyk/pull-requests/snyk-pull-or-merge-requests/customize-pr-templates/apply-a-custom-pr-template.md
index 5faff3aafcdc..fce8529bb517 100644
--- a/scan-fix-and-prevent/scan-with-snyk/pull-requests/snyk-pull-or-merge-requests/customize-pr-templates/apply-a-custom-pr-template.md
+++ b/scan-fix-and-prevent/scan-with-snyk/pull-requests/snyk-pull-or-merge-requests/customize-pr-templates/apply-a-custom-pr-template.md
@@ -2,11 +2,11 @@
## Create and manage a custom PR template using the API
-You can create a custom PR template using the API endpoint [Create or update pull request template for Group](https://app.gitbook.com/s/IEEjSXQQu36y0vmFV8zf/snyk-api/reference/pull-request-templates#post-groups-group_id-settings-pull_request_template). Send an API request that contains a JSON payload with the custom properties. This request configures a Group-level pull request template that will be used on any Organization or Project within that Group. The pull request template created using the Snyk API can be updated at any time, and all Projects in the Group are automatically updated with the latest changes.
+You can create a custom PR template using the API endpoint [Create or update pull request template for Group](https://app.gitbook.com/s/IEEjSXQQu36y0vmFV8zf/snyk-api/reference/pull-request-templates#post-groups-group_id-settings-pull_request_template). Send an API request that contains a JSON payload with the custom properties. This request configures a Group-level pull request template for use on any Organization or Project in that Group. You can update the pull request template created using the Snyk API at any time, and Snyk automatically updates all Projects in the Group with the latest changes.
API configuration of PR templates is available only at the Group level.
-When a custom template is uploaded using an API request, all Snyk PRs in that Group adopt this format, effectively switching off the default Snyk template for the customizable properties. Strings are the only acceptable values; lists and numbers are not allowed.
+When you upload a custom template using an API request, all Snyk PRs in that Group adopt this format, effectively switching off the default Snyk template for the customizable properties. Strings are the only acceptable values. Lists and numbers are not allowed.
If any customizable properties are missing from your custom template, Snyk reverts to the default values for these properties when opening a pull request.
@@ -16,7 +16,7 @@ The following properties are customizable using the API:
* `commit_message` - customize the PR commit message
* `description` - customize the PR description
-You cannot customize the branch name for your PRs. The branch name of your PRs will use the Snyk default value.
+You cannot customize the branch name for your PRs. The branch name of your PRs uses the Snyk default value.
You can retrieve the custom PR template for your Group using the endpoint [Get pull request template for Group](https://apidocs.snyk.io/?#get-/groups/-group_id-/settings/pull_request_template). This is useful if you want to consider changing your template, and in troubleshooting.
@@ -28,7 +28,7 @@ To delete the template, use the endpoint [Delete pull request template for group
Manually create the YAML template by using the [mustache](https://mustache.github.io) syntax for templating and add the file to your Project or repository.
-When a custom template is uploaded to your Project, all PRs from Snyk for the Project adopt this format, effectively switching off the default Snyk template for the customized properties. Strings are the only acceptable values; lists and numbers are not allowed. If any customizable properties are missing from your template, Snyk reverts to the default values for these properties when opening a pull request.
+When you upload a custom template to your Project, all PRs from Snyk for the Project adopt this format, effectively switching off the default Snyk template for the customized properties. Strings are the only acceptable values. Lists and numbers are not allowed. If any customizable properties are missing from your template, Snyk reverts to the default values for these properties when opening a pull request.
#### YAML multiline operators
@@ -56,7 +56,7 @@ The following properties are customizable:
* `commitMessage` - customize the PR commit message
* `description` - customize the PR description
-You cannot customize the branch name for your PRs. The branch name of your PRs will use the Snyk default value.
+You cannot customize the branch name for your PRs. The branch name of your PRs uses the Snyk default value.
### Use the YAML custom PR template
diff --git a/scan-fix-and-prevent/scan-with-snyk/pull-requests/snyk-pull-or-merge-requests/customize-pr-templates/troubleshooting-and-limitations-for-custom-pr-templates.md b/scan-fix-and-prevent/scan-with-snyk/pull-requests/snyk-pull-or-merge-requests/customize-pr-templates/troubleshooting-and-limitations-for-custom-pr-templates.md
index f4aadfdf41f1..abb325e53f8f 100644
--- a/scan-fix-and-prevent/scan-with-snyk/pull-requests/snyk-pull-or-merge-requests/customize-pr-templates/troubleshooting-and-limitations-for-custom-pr-templates.md
+++ b/scan-fix-and-prevent/scan-with-snyk/pull-requests/snyk-pull-or-merge-requests/customize-pr-templates/troubleshooting-and-limitations-for-custom-pr-templates.md
@@ -24,9 +24,9 @@ You can add Jira tickets to your PR, but Snyk is limited to those created using
### Failure to open PR
-If a PR cannot be opened, Snyk cannot identify errors when a PR cannot be opened.
+If a PR cannot be opened, Snyk cannot identify the errors that prevented it.
### No line between variables
-When you are customizing the YAML file, it is possible that a new line will not be added between variables when two lines start with a variable `{{}}`.
+When you are customizing the YAML file, a new line might not be added between variables when two lines start with a variable `{{}}`.
diff --git a/scan-fix-and-prevent/scan-with-snyk/pull-requests/snyk-pull-or-merge-requests/customize-pr-templates/variables-list-and-description.md b/scan-fix-and-prevent/scan-with-snyk/pull-requests/snyk-pull-or-merge-requests/customize-pr-templates/variables-list-and-description.md
index 91b70ec97f95..af177f6fad61 100644
--- a/scan-fix-and-prevent/scan-with-snyk/pull-requests/snyk-pull-or-merge-requests/customize-pr-templates/variables-list-and-description.md
+++ b/scan-fix-and-prevent/scan-with-snyk/pull-requests/snyk-pull-or-merge-requests/customize-pr-templates/variables-list-and-description.md
@@ -25,7 +25,7 @@ To automatically link Jira to the relevant pull requests, include a list of asso
**Output**
-The commit message of your PR will be:
+The commit message of your PR is:
```json
This pull request is from Snyk and relates to JIRA-1,JIRA-2,JIRA-3
@@ -53,7 +53,7 @@ This is the Snyk Project URL and can be used to link to the Snyk Project page.
**Output**
-The description of your PR will be:
+The description of your PR is:
```yaml
To find more details, see the Snyk project https://app.snyk.io/org/my-org/project/xx-xxx-xx-xx
@@ -81,7 +81,7 @@ This is the Snyk Project name. You can add the Snyk Project name to your descrip
**Output**
-The description of your PR will be:
+The description of your PR is:
```yaml
Fix applied to project my-org/project:filename
@@ -107,7 +107,7 @@ This is the Snyk Organization name. You can add the Snyk Organization name to yo
**Output**
-The description of your PR will be:
+The description of your PR is:
```yaml
Fix applied by my-org
@@ -115,7 +115,7 @@ Fix applied by my-org
**`package_name: string`**
-This is the name of the package being fixed or upgraded. When more than one package is changed, this variable will default to the first one.
+This is the name of the package being fixed or upgraded. When more than one package is changed, this variable defaults to the first one.
Follow this example to display in the description the package name of the first dependency being fixed in the PR.
@@ -135,7 +135,7 @@ Follow this example to display in the description the package name of the first
**Output**
-The description of your PR will be:
+The description of your PR is:
```yaml
Fixes adm-zip
@@ -143,7 +143,7 @@ Fixes adm-zip
**`package_from: string`**
-This is the version of the package that is being fixed or upgraded. In cases where more than one package is changed, this variable will default to the `from` version of the first one.
+This is the version of the package that is being fixed or upgraded. In cases where more than one package is changed, this variable defaults to the `from` version of the first one.
**Input**
@@ -161,7 +161,7 @@ This is the version of the package that is being fixed or upgraded. In cases whe
**Output**
-The description of your PR will be:
+The description of your PR is:
```yaml
Fix is applied by moving from 0.4.7
@@ -169,7 +169,7 @@ Fix is applied by moving from 0.4.7
**`package_to: string`**
-The package is transitioning to this particular version. In cases where more than one package is changed, this variable will default to the `to` version of the first one.
+The package is transitioning to this particular version. In cases where more than one package is changed, this variable defaults to the `to` version of the first one.
**Input**
@@ -187,7 +187,7 @@ The package is transitioning to this particular version. In cases where more tha
**Output**
-The description of your PR will be:
+The description of your PR is:
```yaml
Fix is applied by moving to 0.5.2
@@ -212,7 +212,7 @@ This is the number of issues in your Project or repository that are covered by t
**Output**
-The description of your PR will be:
+The description of your PR is:
```yaml
The PR will fix 98 issues.
@@ -394,7 +394,7 @@ This variable is for container projects only. It can be used to display the name
**Output**
-The description of your PR will be:
+The description of your PR is:
```
We recommend upgrading to node:xx.xx.x
@@ -420,7 +420,7 @@ This variable is for container projects only. It can be used to display the curr
**Output**
-The description of your PR will be:
+The description of your PR is:
```
The current base image is: node:xx.xx.x
@@ -448,7 +448,7 @@ For example, `docker.io/library/node:18-alpine` becomes `node:18-alpine`.
**Output**
-The description of your PR will be:
+The description of your PR is:
```
Upgrade to node:18-alpine
@@ -476,7 +476,7 @@ For example, `docker.io/library/node:16` becomes `node:16`.
**Output**
-The description of your PR will be:
+The description of your PR is:
```
Upgrading from node:16
@@ -527,7 +527,7 @@ commitMessage: |
**Output**
-The commit message of your PR will be:
+The commit message of your PR is:
```yaml
This pull request is from Snyk and relates to JIRA-1,JIRA-2,JIRA-3
@@ -548,7 +548,7 @@ description: |
**Output**
-The description of your PR will be:
+The description of your PR is:
```yaml
To find more details, see the Snyk project https://app.snyk.io/org/my-org/project/xx-xxx-xx-xx
@@ -569,7 +569,7 @@ description: |
**Output**
-The description of your PR will be:
+The description of your PR is:
```yaml
Fix applied to project my-org/project:filename
@@ -588,7 +588,7 @@ description: |
**Output**
-The description of your PR will be:
+The description of your PR is:
```yaml
Fix applied by my-org
@@ -596,7 +596,7 @@ Fix applied by my-org
**`package_name: string`**
-This is the name of the package being fixed or upgraded. When more than one package is changed, this variable will default to the first one.
+This is the name of the package being fixed or upgraded. When more than one package is changed, this variable defaults to the first one.
Follow this example to display in the description the package name of the first dependency being fixed in the PR.
@@ -609,7 +609,7 @@ description: |
**Output**
-The description of your PR will be:
+The description of your PR is:
```yaml
Fixes adm-zip
@@ -617,7 +617,7 @@ Fixes adm-zip
**`package_from: string`**
-This is the version of the package that is being fixed or upgraded. In cases where more than one package is changed, this variable will default to the `from` version of the first one.
+This is the version of the package that is being fixed or upgraded. In cases where more than one package is changed, this variable defaults to the `from` version of the first one.
**Input**
@@ -629,7 +629,7 @@ description: |
**Output**
-The description of your PR will be:
+The description of your PR is:
```yaml
Fix is applied by moving from 0.4.7
@@ -637,7 +637,7 @@ Fix is applied by moving from 0.4.7
**`package_to: string`**
-The package is transitioning to this particular version. In cases where more than one package is changed, this variable will default to the `to` version of the first one.
+The package is transitioning to this particular version. In cases where more than one package is changed, this variable defaults to the `to` version of the first one.
**Input**
@@ -649,7 +649,7 @@ description: |
**Output**
-The description of your PR will be:
+The description of your PR is:
```yaml
Fix is applied by moving to 0.5.2
@@ -668,7 +668,7 @@ description: |
**Output**
-The description of your PR will be:
+The description of your PR is:
```yaml
The PR will fix 98 issues.
@@ -677,7 +677,7 @@ The PR will fix 98 issues.
**`product_is_container: boolean`**
-This variable can be used to customize attributes based on whether the PR is a Container product. Currently there are two different product types at Snyk which can open PRs (Open Source PRs and Container Prs). Using this variable will help you customise your template to differentiate between the two.
+This variable can be used to customize attributes based on whether the PR is a Container product. Currently there are two different product types at Snyk which can open PRs (Open Source PRs and Container Prs). Using this variable will help you customize your template to differentiate between the two.
**Input**
@@ -702,7 +702,7 @@ If your project is a Container project, the description will be:
**`product_is_open_source: boolean`**
-This variable can be used to customize attributes based on whether the PR is an Open Source product. Currently there are two different product types at Snyk which can open PRs (Open Source PRs and Container Prs). Using this variable will help you customise your template to differentiate between the two.
+This variable can be used to customize attributes based on whether the PR is an Open Source product. Currently there are two different product types at Snyk which can open PRs (Open Source PRs and Container Prs). Using this variable will help you customize your template to differentiate between the two.
**Input**
@@ -739,7 +739,7 @@ description: |
**Output**
-The description of your PR will be:
+The description of your PR is:
```yaml
Is this a fix pr? true
@@ -758,7 +758,7 @@ description: |
**Output**
-The description of your PR will be:
+The description of your PR is:
```yaml
Is this a backlog pr? false
@@ -777,7 +777,7 @@ description: |
**Output**
-The description of your PR will be:
+The description of your PR is:
```yaml
Is this an upgrade pr? false
@@ -829,7 +829,7 @@ This variable is for container projects only. It can be used to display the name
**Output**
-The description of your PR will be:
+The description of your PR is:
```
We recommend upgrading to node:xx.xx.x
@@ -855,7 +855,7 @@ This variable is for container projects only. It can be used to display the curr
**Output**
-The description of your PR will be:
+The description of your PR is:
```
The current base image is: node:xx.xx.x
@@ -876,7 +876,7 @@ description: |
**Output**
-The description of your PR will be:
+The description of your PR is:
```yaml
Upgrade to node:18-alpine
@@ -897,7 +897,7 @@ description: |
**Output**
-The description of your PR will be:
+The description of your PR is:
```yaml
Upgrading from node:16
@@ -916,7 +916,7 @@ description: |
**Output**
-The description of your PR will be:
+The description of your PR is:
```yaml
This is a fix pull request
diff --git a/scan-fix-and-prevent/scan-with-snyk/pull-requests/snyk-pull-or-merge-requests/enable-automatic-backlog-prs-for-previously-known-vulnerabilities.md b/scan-fix-and-prevent/scan-with-snyk/pull-requests/snyk-pull-or-merge-requests/enable-automatic-backlog-prs-for-previously-known-vulnerabilities.md
index 9fcac813f729..03d3b57b73b5 100644
--- a/scan-fix-and-prevent/scan-with-snyk/pull-requests/snyk-pull-or-merge-requests/enable-automatic-backlog-prs-for-previously-known-vulnerabilities.md
+++ b/scan-fix-and-prevent/scan-with-snyk/pull-requests/snyk-pull-or-merge-requests/enable-automatic-backlog-prs-for-previously-known-vulnerabilities.md
@@ -11,10 +11,10 @@ When Snyk creates automatic PRs for vulnerabilities, the following rules are app
* If you select **Retest now** for the Project, a scan is run manually, and the 24-hour window is marked as having had a scan run. No automatic PR is created until the next automated scan runs.
* One pull request is created per Project with a [priority score](../../../manage-risk/prioritize-issues-for-fixing/priority-score.md) of 700 and above.
-* Fixing a vulnerability by upgrading a package may sometimes introduce a new vulnerability. Snyk will only automatically create such a pull request if the fixed vulnerabilities are a higher severity than any new ones introduced.
+* Fixing a vulnerability by upgrading a package can sometimes introduce a new vulnerability. Snyk automatically creates such a pull request only if the fixed vulnerabilities are a higher severity than any new ones introduced.
* Pull requests are created based on the **Test & Automated Pull Request Frequency** settings.
* To update the **Test & Automated Pull Request Frequency**, navigate to **Projects** and select your Open Source Project.
- * Navigate to **Settings** and select an option from the pulldown list.
+ * Navigate to **Settings** and select an option from the dropdown list.
To determine when your last 24-hour window began, check the Project issue card for **Snapshot taken by recurring test**.
@@ -42,7 +42,7 @@ The configuration settings apply to all Projects in that Organization. You can a
This retrieves previously declared vulnerabilities from the Project's backlog.
4. Select the **Fix Strategy** for your Backlog PRs.
-* By default, the fix strategy will be a single PR at the vulnerability level. Snyk opens one PR each day for issues in your backlog, fixing the top vulnerability it finds.
+* By default, the fix strategy is a single PR at the vulnerability level. Snyk opens one PR each day for issues in your backlog, fixing the top vulnerability it finds.
* You can check **Fix all vulnerabilities for the same dependency in a single PR**. This selects the vulnerability with the highest priority and a fix to resolve it, as well as fixes for other vulnerabilities in the same dependency.
5. Click **Save**.
diff --git a/scan-fix-and-prevent/scan-with-snyk/pull-requests/snyk-pull-or-merge-requests/enable-automatic-fix-prs.md b/scan-fix-and-prevent/scan-with-snyk/pull-requests/snyk-pull-or-merge-requests/enable-automatic-fix-prs.md
index 83256d84200e..a373bdbccbc1 100644
--- a/scan-fix-and-prevent/scan-with-snyk/pull-requests/snyk-pull-or-merge-requests/enable-automatic-fix-prs.md
+++ b/scan-fix-and-prevent/scan-with-snyk/pull-requests/snyk-pull-or-merge-requests/enable-automatic-fix-prs.md
@@ -15,7 +15,7 @@ The following rules are applied to the creation of automatic PRs for vulnerabili
* One pull request is created per Project.
* A new vulnerability is a vulnerability in the current recurring scan that was not present in the previous scan of the same Project.
* If either the vulnerability is new and has a fix available or the fix is new and is not ignored, a Fix PR can be created.
-* Fixing a vulnerability by upgrading a package may sometimes introduce a new vulnerability. Snyk will only automatically create a pull request if the fixed vulnerabilities are of a higher severity than any new ones introduced.
+* Fixing a vulnerability by upgrading a package can sometimes introduce a new vulnerability. Snyk automatically creates a pull request only if the fixed vulnerabilities are of a higher severity than any new ones introduced.
For known vulnerabilities, visit [Configure Automatic Backlog PRs.](enable-automatic-backlog-prs-for-previously-known-vulnerabilities.md)
@@ -40,7 +40,7 @@ If you check **Fix all vulnerabilities for the same dependency in a single PR**,
## Set creation thresholds for score and severity
-For every new actionable vulnerability found on each recurring test, Snyk raises a Fix PR. This may not be ideal depending on the velocity you are looking for in your Organization, so setting up specific criteria to match your needs can be achieved by setting thresholds.
+For every new actionable vulnerability found on each recurring test, Snyk raises a Fix PR. This might not be ideal depending on the velocity you are looking for in your Organization, so you can set thresholds to match your needs.
To decide which automatic Fix PRs are visible to you, you can set a custom threshold for **Score** or **Severity**. Depending on your Organization's configuration, the dropdown contains either the **Risk Score** or the **Priority Score**.
diff --git a/scan-fix-and-prevent/scan-with-snyk/pull-requests/snyk-pull-or-merge-requests/enable-automatic-upgrade-prs-for-new-dependency-upgrades.md b/scan-fix-and-prevent/scan-with-snyk/pull-requests/snyk-pull-or-merge-requests/enable-automatic-upgrade-prs-for-new-dependency-upgrades.md
index 32077ad43357..c65f64b2fd3b 100644
--- a/scan-fix-and-prevent/scan-with-snyk/pull-requests/snyk-pull-or-merge-requests/enable-automatic-upgrade-prs-for-new-dependency-upgrades.md
+++ b/scan-fix-and-prevent/scan-with-snyk/pull-requests/snyk-pull-or-merge-requests/enable-automatic-upgrade-prs-for-new-dependency-upgrades.md
@@ -6,7 +6,7 @@
This feature is supported for the following SCM integrations: GitHub, GitHub Enterprise, GitHub Cloud App, Bitbucket Server, Bitbucket Cloud, Bitbucket Connect, GitLab, and Azure Repos.
{% endhint %}
-Keeping dependencies up-to-date is crucial for security, performance, and compatibility. Snyk simplifies the process by scanning Projects for outdated dependencies and proposing updates through automated pull requests. This allows teams to:
+Keeping dependencies up-to-date is crucial for security, performance, and compatibility. Snyk simplifies the process by scanning Projects for outdated dependencies and proposing updates through automated pull requests. This lets teams:
* Review and merge changes in a controlled way.
* Keep Projects aligned with the latest package versions.
@@ -37,7 +37,7 @@ You can also use this feature with Snyk Broker. To use this feature, you must up
After importing a Git repository, Snyk continuously monitors for vulnerabilities, license, and dependency health issues. In addition to fix advice through the web UI, Snyk can automatically create pull requests (PRs) to solve for a variety of vulnerability types according to your configuration settings.
-You can configure Snyk to regularly check your dependency health, recommend dependency upgrades, and automatically submit PRs for upgrades for either an entire Organization or a specific Project. After configuration, Snyk will automatically create PRs for all applicable dependencies as upgrades become available for scanned Projects.
+You can configure Snyk to regularly check your dependency health, recommend dependency upgrades, and automatically submit PRs for upgrades for either an entire Organization or a specific Project. After configuration, Snyk automatically creates PRs for all applicable dependencies as upgrades become available for scanned Projects.
{% hint style="info" %}
Automatic dependency upgrade PRs are available only for the following SCM integrations: GitHub, GitHub Enterprise, and Bitbucket Cloud.
diff --git a/scan-fix-and-prevent/scan-with-snyk/snyk-code/README.md b/scan-fix-and-prevent/scan-with-snyk/snyk-code/README.md
index 5cdc3bf93f6e..88e622341c24 100644
--- a/scan-fix-and-prevent/scan-with-snyk/snyk-code/README.md
+++ b/scan-fix-and-prevent/scan-with-snyk/snyk-code/README.md
@@ -2,7 +2,7 @@
## Overview
-Snyk Code is a developer-first static application security testing (SAST) solution. By scanning code in real-time and providing actionable insights directly in the developer workflow across IDEs, repositories, and CI/CD pipelines, you can identify and address vulnerabilities early on. The AI-based engine results in fewer false positives for your developers, improving code quality and security. You can scan your code using the following options:
+Snyk Code is a developer-first static application security testing (SAST) solution. By scanning code in real time and providing actionable insights directly in the developer workflow across IDEs, repositories, and CI/CD pipelines, you can identify and address vulnerabilities early on. The AI-based engine results in fewer false positives for your developers, improving code quality and security. You can scan your code using the following options:
* Snyk web UI (including [PR checks](../pull-requests/pull-request-checks/))
* [Snyk IDE](https://app.gitbook.com/s/IEEjSXQQu36y0vmFV8zf/integrations/snyk-ide-plugins-and-extensions)
@@ -25,7 +25,7 @@ The following table shows the Snyk Code features, including analysis, managing s
Snyk Code is powered by a semantic, AI-based analysis engine and can analyze the following in your code:
-* API usage: Identifies multiple potential issues, including API misuses, null dereferences, and type mismatches, by modeling the use of memory in variables and references. This mechanism can also identify the use of insecure functions.
+* API use: Identifies multiple potential issues, including API misuses, null dereferences, and type mismatches, by modeling the use of memory in variables and references. This mechanism can also identify the use of insecure functions.
* Coding issues: Finds problems such as dead code, branches that are predefined, and branches having the same code on each side.
* Control flow: Identifies null dereference or race conditions by modeling each possible control flow in the application.
* Data flow: Follows the flow of data within the application from the source to the sink. Combined with AI-based learning of external insecure data sources, data sinks, and sanitation functions, this enables a strong taint analysis.
diff --git a/scan-fix-and-prevent/scan-with-snyk/snyk-code/configure-snyk-code.md b/scan-fix-and-prevent/scan-with-snyk/snyk-code/configure-snyk-code.md
index fb94d0428622..d1534218192c 100644
--- a/scan-fix-and-prevent/scan-with-snyk/snyk-code/configure-snyk-code.md
+++ b/scan-fix-and-prevent/scan-with-snyk/snyk-code/configure-snyk-code.md
@@ -8,7 +8,7 @@ To use Snyk Code in an [IDE](https://app.gitbook.com/s/IEEjSXQQu36y0vmFV8zf/inte
2. [Integrate Git repository with Snyk](configure-snyk-code.md#integrate-git-repository-with-snyk)
3. [Import repositories to scan with Snyk Code](configure-snyk-code.md#import-repositories-to-scan-with-snyk-code)
-Snyk Code only scans and tests new repositories that are imported to Snyk. If a repository has already been imported, Snyk Code analysis will not be applied. To analyze repositories that have already been imported, you will need to [re-import them](import-project-with-snyk-code.md#re-import-repository-to-snyk).
+Snyk Code only scans and tests new repositories that are imported to Snyk. If you have already imported a repository, Snyk Code analysis does not apply to it. To analyze repositories that you have already imported, [re-import them](import-project-with-snyk-code.md#re-import-repository-to-snyk).
## Prerequisites for using Snyk Code in Snyk Web UI
diff --git a/scan-fix-and-prevent/scan-with-snyk/snyk-code/manage-code-vulnerabilities/README.md b/scan-fix-and-prevent/scan-with-snyk/snyk-code/manage-code-vulnerabilities/README.md
index 3d5c51fec884..75cfbb4f03bb 100644
--- a/scan-fix-and-prevent/scan-with-snyk/snyk-code/manage-code-vulnerabilities/README.md
+++ b/scan-fix-and-prevent/scan-with-snyk/snyk-code/manage-code-vulnerabilities/README.md
@@ -26,7 +26,7 @@ The following provides an overview of the testing process in Snyk Code based on
### Retesting code repository
-If you want to check for the most recent vulnerabilities in your repository, you can do a manual test by selecting the **Retest now** option. This will trigger Snyk Code to take a fresh snapshot of your repository and analyze its source code files. The results will then be displayed on the Code Analysis page. Take into consideration that Snyk counts a manual test as a new test. See [What counts as a test?](https://app.gitbook.com/s/ELvljsaLKPkSpffOkmsQ/what-counts-as-a-test)
+If you want to check for the most recent vulnerabilities in your repository, you can do a manual test by selecting the **Retest now** option. This triggers Snyk Code to take a fresh snapshot of your repository and analyze its source code files. The results then appear on the Code Analysis page. Take into consideration that Snyk counts a manual test as a new test. See [What counts as a test?](https://app.gitbook.com/s/ELvljsaLKPkSpffOkmsQ/what-counts-as-a-test)
You can also use the **Retest now** option to apply the exclusion rules of the `.snyk` file to an imported repository. See [Exclude directories and files from Project import](../../import-project-repository/exclude-directories-and-files-from-project-import.md).
@@ -97,7 +97,7 @@ To access the repository on the integrated Git repository platform, navigate to
The result history is shown on the **History** page of the **Code Analysis** Project. This page displays the snapshots taken when a test was performed. You can review Snyk Code test results for all the testing phases. See [Code testing from import to retest](./#code-testing-from-import-to-retest).
-On the **History** page, only two distinct snapshots are displayed. A snapshot is deemed unique if either the repository or its associated vulnerability findings have altered since the last assessment, resulting in a snapshot that showcases these changes. If there have been no changes in the repository or the vulnerability results since the last test, the new snapshot will replicate the prior one. Consequently, this will be listed as an additional test run on the **History** page. This means while the page may present multiple test entries, only up to two will feature distinct results.
+The **History** page displays only two distinct snapshots. A snapshot is unique if either the repository or its associated vulnerability findings have changed since the last assessment, resulting in a snapshot that shows these changes. If there have been no changes in the repository or the vulnerability results since the last test, the new snapshot replicates the prior one. As a result, the page lists this as an additional test run. This means that while the page can present multiple test entries, only up to two feature distinct results.
To view Project history:
@@ -122,8 +122,7 @@ Manage Project settings as follows:
Snyk Code goes beyond simple static analysis by tracking vulnerabilities across multiple scans, even as your codebase evolves. This ensures consistent and accurate vulnerability management, regardless of code refactoring, file renaming, or positional changes.\
\
-Consider a scenario where a vulnerability exists in `file1.js` on line 45. After a code refactor, the vulnerability persists but is now located in a different file and line. To effectively address such scenarios, Snyk Code employs a sophisticated issue-tracking system. To tracks vulnerabilities\
-Snyk Code performs the following:
+Consider a scenario where a vulnerability exists in `file1.js` on line 45. After a code refactor, the vulnerability persists but is now located in a different file and line. To address such scenarios, Snyk Code uses an issue-tracking system. To track vulnerabilities, Snyk Code performs the following:
1. Fingerprint matching:
* Generates a min-hash of the code's syntax tree for each vulnerability.
diff --git a/scan-fix-and-prevent/scan-with-snyk/snyk-code/manage-code-vulnerabilities/breakdown-of-code-analysis.md b/scan-fix-and-prevent/scan-with-snyk/snyk-code/manage-code-vulnerabilities/breakdown-of-code-analysis.md
index 5ddf6a7df599..503b3636efac 100644
--- a/scan-fix-and-prevent/scan-with-snyk/snyk-code/manage-code-vulnerabilities/breakdown-of-code-analysis.md
+++ b/scan-fix-and-prevent/scan-with-snyk/snyk-code/manage-code-vulnerabilities/breakdown-of-code-analysis.md
@@ -6,7 +6,7 @@ When you import repositories, Snyk Code automatically tests for vulnerabilities
## Code analysis components
-This table summarises the elements of a Code analysis Project.
+This table summarizes the elements of a Code analysis Project.
Component
Description
Header
Includes the details of the imported repository with a link to the repository in the Git repository, the Project name, and the Projects tabs: Overview, History, and Settings.
The Project Summary Information area
Includes the dates of the repository import and the last test of the repository, the Retest now option for an on-demand test, the name of the user who imported the repository, the name of the Project owner, and the number of code files that were analyzed and not analyzed. See Retesting code repository
Provides additional details about the discovered vulnerability type, best practices for preventing this issue, and code examples of fixes.
CWE
The CWE (Common Weakness Enumeration) ID of the specific vulnerability type and a link to the CWE website, where this vulnerability type is described. See Example: CWE-22: Path Traversal.
Identifies the lead for the Project in your Organization for administrative purposes only; it does not impact the Snyk Project itself. This is not a required field and is left blank by default.
The Environment attribute describes the software's context, ranging from client-side (Frontend) to server-side (Backend), private (Internal) to public (External), across platforms like Mobile, Cloud (SaaS), On-Premises, Hosted services, and Distributed systems.
When the Risk Score feature is enabled, the Business Criticality attribute automatically influences the score, scaling it to the most significant attribute level. See Risk Score.
The Snyk Project tags feature enables the addition, removal, and use of custom metadata tags to organize and filter Projects, simplifying Project management and navigation.
Analysis summary
The number of code files analyzed in the repository and the percentage of the analyzed files out of the total repository code files.
Repo breakdown
Analyzed Files: Includes files that have been reviewed by Snyk Code, encompassing recognized extensions and programming languages.
Unanalyzed Files: Consists of text files yet to be analyzed because of unsupported languages or extensions.
Unknown: Files without recognized extensions, potentially including multimedia content (such as pictures and videos), binaries, proprietary format files, or any other formats that fall outside Snyk Code's scope of interest.
@@ -14,11 +14,11 @@ This table summarises the elements of a Code analysis Project.
Data flow shows the location of the discovered issue in your source code and how it flows throughout your application. It shows the taint flow of the issue in the code, with a step-by-step visualization from the source to the sink, presenting the code lines of all the steps in the flow.
-The source is the input point of the potential problem. This is a point in the application where a user or an external device can enter data, which will potentially violate the security of the application. For example, in an SQL Injection issue, the source will be a form or any other data input area filled by a user.
+The source is the input point of the potential problem. This is a point in the application where a user or an external device can enter data that can potentially violate the security of the application. For example, in an SQL Injection issue, the source is a form or any other data input area filled by a user.
-The sink is the operation in the code where the application executes the problem. This point must receive clean input, or it can be exploited. For example, in an SQL Injection issue, the sink will be the internal operation that instructs the DB to perform certain actions according to the received input.
+The sink is the operation in the code where the application executes the problem. This point must receive clean input, or an attacker can exploit it. For example, in an SQL Injection issue, the sink is the internal operation that instructs the DB to perform certain actions according to the received input.
-Every issue discovered by Snyk Code has a data flow. If an issue has only one step, for example, in the case of hardcoded secrets, the source of the issue will be displayed on the Data flow page.
+Every issue discovered by Snyk Code has a data flow. If an issue has only one step, for example, in the case of hardcoded secrets, the source of the issue appears on the Data flow page.
### View Data flow
@@ -41,7 +41,7 @@ In the following Path Traversal issue, the developer has not sanitized the input
### Open Data flow external link
-To open the displayed source code on the Git repository, select the file name above the right panel. In this example, the file name is "routes/profileImageUrlUpload.ts".
+To open the displayed source code on the Git repository, select the file name. In this example, the file name is "routes/profileImageUrlUpload.ts".
The source code appears in the integrated Git repository, showing you exactly where to fix the vulnerability. You can make the required fix to address the vulnerability in your code.
@@ -55,7 +55,7 @@ To explore in-depth details about the specific vulnerability identified, you can
Some vulnerabilities contain links to interactive lessons on understanding, fixing, and preventing vulnerability. See [Snyk Learn](https://learn.snyk.io/).
-
Fix analysis page for Path Traversal vulnerability
+
Fix analysis page for Path Traversal vulnerability
### View Fix analysis
@@ -75,7 +75,7 @@ The **Fix analysis** page enables you to do the following:
### **Open Fix analysis external link**
-To open the code fix for the vulnerability on the Git repository, select the Git repository above the right panel. This will show you the differences in the Git repository code that address the issue. In this example, the Git repository name is "eclipse-vertx/vert.x".
+To open the code fix for the vulnerability on the Git repository, select the Git repository name. This shows you the differences in the Git repository code that address the issue. In this example, the Git repository name is "eclipse-vertx/vert.x".
Fix analysis of a Path Traversal vulnerability issue
@@ -124,6 +124,6 @@ For CWE-22 Path Traversal, if the vulnerability occurs in a test, it is Low seve
## Example: CWE-601: Open Redirect
-For CWE-2601 Open Redirect, if the vulnerability occurs in a test, it is Low severity. If not, and it comes from a direct source, it is Medium severity.
+For CWE-601 Open Redirect, if the vulnerability occurs in a test, it is Low severity. If not, and it comes from a direct source, it is Medium severity.
Decision flow chart for Priority Score CWE-601 Open Redirect
diff --git a/scan-fix-and-prevent/scan-with-snyk/snyk-code/manage-code-vulnerabilities/fix-code-vulnerabilities-automatically.md b/scan-fix-and-prevent/scan-with-snyk/snyk-code/manage-code-vulnerabilities/fix-code-vulnerabilities-automatically.md
index 1ae03fb0f263..e6ba9e2e1d9e 100644
--- a/scan-fix-and-prevent/scan-with-snyk/snyk-code/manage-code-vulnerabilities/fix-code-vulnerabilities-automatically.md
+++ b/scan-fix-and-prevent/scan-with-snyk/snyk-code/manage-code-vulnerabilities/fix-code-vulnerabilities-automatically.md
@@ -8,7 +8,7 @@ As of May 2026, Snyk Agent Fix has been upgraded to a new agentic architecture f
Snyk Agent Fix provides production-ready code fixes to address security vulnerabilities and code quality flaws detected by Snyk Code. It offers full rule coverage for all supported languages.
-Snyk Agent Fix uses an agentic architecture that combines Snyk proprietary security intelligence with advanced large language models (LLMs). Key advantages include:
+Snyk Agent Fix uses an agentic architecture that combines Snyk proprietary security intelligence with large language models (LLMs). Key advantages include:
* Dynamic few-shot prompting: Instead of relying on fine-tuning, the architecture uses the Snyk database of more than 35,000 expert-written fixes to provide real-world context to the LLM during inference. Every sample includes vulnerable code from real open-source projects and fixes written by Snyk security experts.
* Agentic retries: If a generated fix fails a Snyk Code scan, the system analyzes the error, feeds it back into the model, and generates a corrected version.
diff --git a/scan-fix-and-prevent/scan-with-snyk/snyk-code/snyk-code-local-engine.md b/scan-fix-and-prevent/scan-with-snyk/snyk-code/snyk-code-local-engine.md
index b6246a167d1f..88c54bac9642 100644
--- a/scan-fix-and-prevent/scan-with-snyk/snyk-code/snyk-code-local-engine.md
+++ b/scan-fix-and-prevent/scan-with-snyk/snyk-code/snyk-code-local-engine.md
@@ -1,6 +1,6 @@
# Snyk Code Local Engine
-Snyk Code Local Engine (SCLE) is a fully contained version of the Snyk Code Engine that allows you to avoid uploading your code to the internet. When you use the Local Engine, only the scan is performed locally. Your scan results are uploaded to Snyk so you can view them on the Snyk Web UI.
+Snyk Code Local Engine (SCLE) is a fully contained version of the Snyk Code Engine that lets you avoid uploading your code to the internet. When you use the Local Engine, only the scan runs locally. Snyk uploads your scan results so you can view them on the Snyk Web UI.
This high-level architecture diagram shows the components and their interactions. Snyk scans a request for a Git repository through the Snyk Code Local Engine, which returns the results to Snyk.
@@ -29,13 +29,13 @@ The core requirements to deploy the Snyk Code Local Engine are:
The Snyk Code Local Engine is modular and can be customized to run specific integrations or everything at once. It can also scale as you prefer, with one or multiple nodes.
-Each of the Kubernetes nodes will require at least the following free resources to run it:
+Each of the Kubernetes nodes requires at least the following free resources to run it:
* 55 GB RAM
* 14 Core CPU
* 50GB Ephemeral Storage
-The size of the minimum node will depend on what your environment requires, but these are the minimum free resources required.
+The size of the minimum node depends on what your environment requires, but these are the minimum free resources required.
The total required resources for each flavor of the Snyk Code Local Engine are identified in the following list. Actual memory and storage consumption depend on the usage and the size of repositories scanned. The minimum total required resources can then be divided into multiple nodes.
diff --git a/scan-fix-and-prevent/scan-with-snyk/snyk-container/README.md b/scan-fix-and-prevent/scan-with-snyk/snyk-container/README.md
index 63d3d79f4527..873ad5d9385d 100644
--- a/scan-fix-and-prevent/scan-with-snyk/snyk-container/README.md
+++ b/scan-fix-and-prevent/scan-with-snyk/snyk-container/README.md
@@ -8,7 +8,7 @@ Containers provide a standard packaging format for applications, but container i
## Snyk Container functions
-Snyk Container provides tools and integrations to quickly find and fix vulnerabilities. This allows you to create images that have security built-in from the start.
+Snyk Container provides tools and integrations to quickly find and fix vulnerabilities. This lets you create images that have security built-in from the start.
## Snyk Container integrations
diff --git a/scan-fix-and-prevent/scan-with-snyk/snyk-container/container-registry-integrations/README.md b/scan-fix-and-prevent/scan-with-snyk/snyk-container/container-registry-integrations/README.md
index f7746634552e..f0a56f62e6d3 100644
--- a/scan-fix-and-prevent/scan-with-snyk/snyk-container/container-registry-integrations/README.md
+++ b/scan-fix-and-prevent/scan-with-snyk/snyk-container/container-registry-integrations/README.md
@@ -10,7 +10,7 @@ For example, it is common to use the Snyk CLI to provide fast feedback to develo
The main Container integrations are:
-* CLI: Use for local investigation or testing an image you have built. This integration enables you to get early feedback on your machine and use as a gatekeeping stage in CI. It also serves a tool in CD for Snyk to capture snapshots and identify newly discovered vulnerabilities. For details, see [Snyk CLI for container security](https://app.gitbook.com/s/IEEjSXQQu36y0vmFV8zf/snyk-cli/snyk-cli/scan-and-maintain-projects-using-the-cli/snyk-cli-for-snyk-container).
+* CLI: Use for local investigation or testing an image you have built. This integration gives you early feedback on your machine and serves as a gatekeeping stage in CI. It also serves a tool in CD for Snyk to capture snapshots and identify newly discovered vulnerabilities. For details, see [Snyk CLI for container security](https://app.gitbook.com/s/IEEjSXQQu36y0vmFV8zf/snyk-cli/snyk-cli/scan-and-maintain-projects-using-the-cli/snyk-cli-for-snyk-container).
* SCM: Snyk can detect Dockerfiles directly from Git repositories and provide recommendations for updating the base image to a less vulnerable one. For details, see [Scan your Dockerfile](../scan-your-dockerfile/).
* Container registries: Use to test a large number of images or if you cannot modify many CI pipelines.
* Kubernetes: Monitor running workloads with additional context concerning how the workload has been configured to run. For details, see [Overview of the Kubernetes integration](../kubernetes-integration/overview-of-kubernetes-integration/).
@@ -21,6 +21,6 @@ For cloud-hosted container registries, Snyk does not import and scan images that
## Choose your Snyk Container integration
-Depending on your needs and context, in order to monitor for new vulnerabilities in container images, Snyk recommends choosing one of the following integration points: CLI, a container registry integration, or Kubernetes integration. By choosing only one of these testing methods, you can ensure the best outcome when identifying vulnerabilities and reduce noise.
+Depending on your needs and context, to monitor for new vulnerabilities in container images, Snyk recommends choosing one of the following integration points: CLI, a container registry integration, or Kubernetes integration. By choosing only one of these testing methods, you can ensure the best outcome when identifying vulnerabilities and reduce noise.
Because the Snyk CLI is highly customizable with CLI options, it has the broadest scope of all the integrations. You can run `snyk container monitor` as part of your continuous deployment pipeline and capture a snapshot of the container image as it is being deployed. For more information, see [Snyk CLI for Snyk Container](https://app.gitbook.com/s/IEEjSXQQu36y0vmFV8zf/snyk-cli/snyk-cli/scan-and-maintain-projects-using-the-cli/snyk-cli-for-snyk-container).
diff --git a/scan-fix-and-prevent/scan-with-snyk/snyk-container/container-registry-integrations/integrate-with-amazon-elastic-container-registry-ecr/README.md b/scan-fix-and-prevent/scan-with-snyk/snyk-container/container-registry-integrations/integrate-with-amazon-elastic-container-registry-ecr/README.md
index 4fa33090acbe..188d86dcb455 100644
--- a/scan-fix-and-prevent/scan-with-snyk/snyk-container/container-registry-integrations/integrate-with-amazon-elastic-container-registry-ecr/README.md
+++ b/scan-fix-and-prevent/scan-with-snyk/snyk-container/container-registry-integrations/integrate-with-amazon-elastic-container-registry-ecr/README.md
@@ -1,6 +1,6 @@
# Integrate with Amazon Elastic Container Registry (ECR)
-Snyk integrates with Amazon Elastic Container Registry (ECR) to enable you to import your Projects and monitor your containers for vulnerabilities. Snyk tests the Projects you have imported for any known security vulnerabilities found at a frequency you control.
+Snyk integrates with Amazon Elastic Container Registry (ECR) so you can import your Projects and monitor your containers for vulnerabilities. Snyk tests the Projects you have imported for any known security vulnerabilities found at a frequency you control.
Refer to the following pages for details:
diff --git a/scan-fix-and-prevent/scan-with-snyk/snyk-container/container-registry-integrations/integrate-with-amazon-elastic-container-registry-ecr/amazon-elastic-container-registry-ecr-add-images-to-snyk.md b/scan-fix-and-prevent/scan-with-snyk/snyk-container/container-registry-integrations/integrate-with-amazon-elastic-container-registry-ecr/amazon-elastic-container-registry-ecr-add-images-to-snyk.md
index cef90d19d554..f9fdc5ec519b 100644
--- a/scan-fix-and-prevent/scan-with-snyk/snyk-container/container-registry-integrations/integrate-with-amazon-elastic-container-registry-ecr/amazon-elastic-container-registry-ecr-add-images-to-snyk.md
+++ b/scan-fix-and-prevent/scan-with-snyk/snyk-container/container-registry-integrations/integrate-with-amazon-elastic-container-registry-ecr/amazon-elastic-container-registry-ecr-add-images-to-snyk.md
@@ -19,18 +19,18 @@ Log in to your account and navigate to the relevant Group and Organization you w
2. If you want to import all of the associated images, select any of the repositories.
3. To select multiple images, expand and collapse repositories.
4. Click **Add selected images.**\
- A status bar appears at the top of the page as the images are imported; you can continue working in the meantime.
+ A status bar appears at the top of the page as Snyk imports the images. You can continue working in the meantime.
5. When the import ends, a notification of success or failure appears at the top of the page. Click **Refresh Page** to view the **Projects** page with the newly imported images.\
Images are grouped by repository and linked individually to a detailed **Projects** page.
-6. You can now connect your Git repo to this Project to use your Dockerfile for enriched fix advice.\
+6. You can now connect your Git repository to this Project to use your Dockerfile for enriched fix advice.\
For more information, see [Detect vulnerable base images from your Dockerfile](../../scan-your-dockerfile/detect-vulnerable-base-images-from-your-dockerfile.md).
You can filter to view only ECR Projects, which are marked with a unique icon.
Example of an ECR Project
-Amazon ECR integration works like other Snyk integration. To continue to monitor, fix, and manage your Projects, see the relevant pages in the Snyk user documentation.
+Amazon ECR integration works like other Snyk integrations. To continue to monitor, fix, and manage your Projects, see the relevant pages in the Snyk user documentation.
{% hint style="info" %}
-For application vulnerabilities within container images, any changes to the application will not be reflected with a manual or recurring retest. A re-import of the image is required. See [Detecting application vulnerabilities in container images ](../../use-snyk-container/detect-application-vulnerabilities-in-container-images.md)for more information.
+For application vulnerabilities in container images, a manual or recurring retest does not reflect any changes to the application. You must re-import the image. See [Detecting application vulnerabilities in container images ](../../use-snyk-container/detect-application-vulnerabilities-in-container-images.md)for more information.
{% endhint %}
diff --git a/scan-fix-and-prevent/scan-with-snyk/snyk-container/container-registry-integrations/integrate-with-amazon-elastic-container-registry-ecr/configure-integration-for-amazon-elastic-container-registry-ecr.md b/scan-fix-and-prevent/scan-with-snyk/snyk-container/container-registry-integrations/integrate-with-amazon-elastic-container-registry-ecr/configure-integration-for-amazon-elastic-container-registry-ecr.md
index f1a65a6c1d60..a514e28608bc 100644
--- a/scan-fix-and-prevent/scan-with-snyk/snyk-container/container-registry-integrations/integrate-with-amazon-elastic-container-registry-ecr/configure-integration-for-amazon-elastic-container-registry-ecr.md
+++ b/scan-fix-and-prevent/scan-with-snyk/snyk-container/container-registry-integrations/integrate-with-amazon-elastic-container-registry-ecr/configure-integration-for-amazon-elastic-container-registry-ecr.md
@@ -1,14 +1,14 @@
# Configure integration for Amazon Elastic Container Registry (ECR)
{% hint style="warning" %}
-When you connect to the ECR integration, ensure that the us-east-2 region is activated. This is required for the STS (Security Token Service) to work properly. For more information, see the [related support article](https://support.snyk.io/s/article/Connecting-to-ECR-Integration-gives-error-Could-not-connect-to-ECR-Please-ensure-your-credentials-are-correctly-configured).
+When you connect to the ECR integration, ensure that the us-east-2 region is activated. The STS (Security Token Service) requires this region to work properly. For more information, see the [related support article](https://support.snyk.io/s/article/Connecting-to-ECR-Integration-gives-error-Could-not-connect-to-ECR-Please-ensure-your-credentials-are-correctly-configured).
{% endhint %}
This page explains how to enable integration between one Amazon ECR registry and a Snyk Organization and start managing your image security. To integrate with multiple registries, create a unique Organization for each one.
To enable integration, you must first create a read-only AWS Identity and Access Management (IAM) role. The role delegates read-only access to all repositories in your registry for Snyk per Organization by indicating the list of permitted Snyk-assigned Organization IDs.
-After you create the IAM role, when integrating additional organizations, you can add the additional Organization IDs as needed.
+After you create the IAM role, when integrating additional Organizations, you can add the additional Organization IDs as needed.
Additionally, after you create the IAM role, allow a few minutes for AWS to update the role on their servers before continuing:
diff --git a/scan-fix-and-prevent/scan-with-snyk/snyk-container/container-registry-integrations/integrate-with-amazon-elastic-container-registry-ecr/enable-snyk-permissions-to-access-amazon-elastic-container-registry-ecr-for-the-first-time.md b/scan-fix-and-prevent/scan-with-snyk/snyk-container/container-registry-integrations/integrate-with-amazon-elastic-container-registry-ecr/enable-snyk-permissions-to-access-amazon-elastic-container-registry-ecr-for-the-first-time.md
index a65c56965cc6..84107abcfc1f 100644
--- a/scan-fix-and-prevent/scan-with-snyk/snyk-container/container-registry-integrations/integrate-with-amazon-elastic-container-registry-ecr/enable-snyk-permissions-to-access-amazon-elastic-container-registry-ecr-for-the-first-time.md
+++ b/scan-fix-and-prevent/scan-with-snyk/snyk-container/container-registry-integrations/integrate-with-amazon-elastic-container-registry-ecr/enable-snyk-permissions-to-access-amazon-elastic-container-registry-ecr-for-the-first-time.md
@@ -1,7 +1,7 @@
# Enable Snyk permissions to access Amazon Elastic Container Registry (ECR) for the first time
{% hint style="warning" %}
-When you connect to the ECR integration, ensure that the us-east-2 region is activated. This is required for the STS (Security Token Service) to work properly. For more information, see the [related support article](https://support.snyk.io/s/article/Connecting-to-ECR-Integration-gives-error-Could-not-connect-to-ECR-Please-ensure-your-credentials-are-correctly-configured).
+When you connect to the ECR integration, ensure that the us-east-2 region is activated. The STS (Security Token Service) requires this region to work properly. For more information, see the [related support article](https://support.snyk.io/s/article/Connecting-to-ECR-Integration-gives-error-Could-not-connect-to-ECR-Please-ensure-your-credentials-are-correctly-configured).
{% endhint %}
This process explains how to set up a resource role in AWS and the necessary policies. For additional information, see the [Amazon ECR documentation](https://docs.aws.amazon.com/AmazonECR/latest/userguide/ecr_managed_policies.html).
diff --git a/scan-fix-and-prevent/scan-with-snyk/snyk-container/container-registry-integrations/integrate-with-digitalocean.md b/scan-fix-and-prevent/scan-with-snyk/snyk-container/container-registry-integrations/integrate-with-digitalocean.md
index d311295d6a29..64a078f58d4e 100644
--- a/scan-fix-and-prevent/scan-with-snyk/snyk-container/container-registry-integrations/integrate-with-digitalocean.md
+++ b/scan-fix-and-prevent/scan-with-snyk/snyk-container/container-registry-integrations/integrate-with-digitalocean.md
@@ -1,6 +1,6 @@
# Integrate with DigitalOcean
-Snyk integrates with DigitalOcean to enable you to import your container images and monitor them for vulnerabilities.
+Snyk integrates with DigitalOcean so you can import your container images and monitor them for vulnerabilities.
Snyk tests the images you have imported (Projects) for any known security vulnerabilities, testing them at a frequency you control, and alerts you when new issues are detected.
@@ -26,18 +26,18 @@ This page explains how to set up DigitalOcean integration in Snyk and start mana
If you are using self-hosted DigitalOcean, contact [Snyk Support](https://support.snyk.io) to provide you with a token. For more information, see [Snyk Container for self-hosted container registries (with Broker)](https://app.gitbook.com/s/IgtgtomLQ2TUgSKOMSAm/snyk-broker/snyk-broker-container-registry-agent/integrate-with-self-hosted-container-registries-broker).
{% hint style="info" %}
-For a successful connection, ensure you have a repository in DigitalOcean repository.
+For a successful connection, ensure you have a repository in DigitalOcean.
{% endhint %}
-Snyk tests the connection values, and the page reloads, now displaying DigitalOcean integration information. The **Add your DigitalOcean images to Snyk** button becomes available.If the connection to DigitalOcean fails, a notification appears under the **Connected to DigitalOcean** section.
+Snyk tests the connection values, and the page reloads, now displaying DigitalOcean integration information. The **Add your DigitalOcean images to Snyk** button becomes available. If the connection to DigitalOcean fails, a notification appears under the **Connected to DigitalOcean** section.
When the connection is successful, you can use Snyk to scan your images from DigitalOcean.
## Scan container images from DigitalOcean in Snyk
-Snyk tests and monitors your DigitalOcean container images by evaluating the image tags in your repositories. After you import images to Snyk, your image vulnerabilities are identified and can be triaged easily.
+Snyk tests and monitors your DigitalOcean container images by evaluating the image tags in your repositories. After you import images to Snyk, Snyk identifies your image vulnerabilities so you can triage them.
-The steps follow to add images from DigitalOcean to Snyk.
+Follow these steps to add images from DigitalOcean to Snyk.
## **Prerequisites for DigitalOcean image scanning**
@@ -53,8 +53,8 @@ The steps follow to add images from DigitalOcean to Snyk.
The view **Which images do you want to test?** opens, displaying the available images for your connected registry, grouped by each of your repositories
4. Select single or multiple images to be imported to Snyk.\
You can select by choosing a specific image or by selecting an entire repository. You can also search by image name to find specific images to import.
-5. To finish, click **Add selected repositories** on the top right.\
- A status bar appears at the top of the page as the images are imported; you can continue working in the meantime.
+5. To finish, click **Add selected repositories**.\
+ A status bar appears at the top of the page as Snyk imports the images. You can continue working in the meantime.
6. When the import ends:
1. You can view the newly imported image, marked with a **NEW** tag, on the **Projects** page. Images are grouped by repository and are each linked individually to a detailed **Project** page.
2. An **import log** becomes available; you can reach it at the top of the Projects list.
@@ -65,5 +65,5 @@ DigitalOcean imports are indicated with a unique icon. You can filter the integr
DigitalOcean Projects in Projects listing
{% hint style="info" %}
-For application vulnerabilities within container images, any changes to the application will not be reflected with a manual or recurring retest. A re-import of the image is required. For more information, see [Detecting application vulnerabilities in container images](../use-snyk-container/detect-application-vulnerabilities-in-container-images.md).
+For application vulnerabilities in container images, a manual or recurring retest does not reflect any changes to the application. You must re-import the image. For more information, see [Detecting application vulnerabilities in container images](../use-snyk-container/detect-application-vulnerabilities-in-container-images.md).
{% endhint %}
diff --git a/scan-fix-and-prevent/scan-with-snyk/snyk-container/container-registry-integrations/integrate-with-docker-hub/README.md b/scan-fix-and-prevent/scan-with-snyk/snyk-container/container-registry-integrations/integrate-with-docker-hub/README.md
index 39050257ea32..ba6c5d6b1629 100644
--- a/scan-fix-and-prevent/scan-with-snyk/snyk-container/container-registry-integrations/integrate-with-docker-hub/README.md
+++ b/scan-fix-and-prevent/scan-with-snyk/snyk-container/container-registry-integrations/integrate-with-docker-hub/README.md
@@ -1,6 +1,6 @@
# Integrate with Docker Hub
-Snyk integrates with Docker Hub to enable you to import snapshots of your Projects to the Snyk Web UI and then test and monitor image layers directly from your registries. Refer to these pages for details:
+Snyk integrates with Docker Hub so you can import snapshots of your Projects to the Snyk Web UI and then test and monitor image layers directly from your registries. Refer to these pages for details:
* [Configure integration for Docker Hub](configure-the-integration-with-docker-hub.md)
* [Docker Hub - add Projects and images to the Snyk UI](docker-hub-add-projects-and-images-to-the-snyk-ui.md)
diff --git a/scan-fix-and-prevent/scan-with-snyk/snyk-container/container-registry-integrations/integrate-with-docker-hub/docker-hub-add-projects-and-images-to-the-snyk-ui.md b/scan-fix-and-prevent/scan-with-snyk/snyk-container/container-registry-integrations/integrate-with-docker-hub/docker-hub-add-projects-and-images-to-the-snyk-ui.md
index 069227ab1fe9..64b1e743273e 100644
--- a/scan-fix-and-prevent/scan-with-snyk/snyk-container/container-registry-integrations/integrate-with-docker-hub/docker-hub-add-projects-and-images-to-the-snyk-ui.md
+++ b/scan-fix-and-prevent/scan-with-snyk/snyk-container/container-registry-integrations/integrate-with-docker-hub/docker-hub-add-projects-and-images-to-the-snyk-ui.md
@@ -19,11 +19,11 @@ Snyk tests and monitors Docker Hub repositories and images by evaluating root fo
* Expand and collapse repositories to select multiple images.
5. Click **Add selected repositories**.
- On the **Projects** page, a status bar appears at the top of the page as the images are imported; you can continue working in the meantime.
+ On the **Projects** page, a status bar appears at the top of the page as Snyk imports the images. You can continue working in the meantime.
6. When the import ends, a notification of success or failure appears at the top of the **Projects** page.\
Click **Refresh** to view the **Projects** page with the newly imported images.\
Images are grouped by repository and are each linked individually to a detailed **Projects** page.
-7. You can now connect your Git repository to this Project in order to use your Dockerfile for enriched fix advice. For more information, see [Detect vulnerable base images from your Dockerfile](../../scan-your-dockerfile/detect-vulnerable-base-images-from-your-dockerfile.md).
+7. You can now connect your Git repository to this Project to use your Dockerfile for enriched fix advice. For more information, see [Detect vulnerable base images from your Dockerfile](../../scan-your-dockerfile/detect-vulnerable-base-images-from-your-dockerfile.md).
When repositories and images are imported, a confirmation appears in green at the top of the screen. Docker Hub files are indicated with a unique icon.
@@ -31,8 +31,8 @@ You can also filter to view only Docker Hub Projects.
Example of a Docker Hub Project
-Docker Hub integration works like other Snyk integrations. To continue to monitor, fix and manage your Projects, see the relevant pages in the Snyk documentation.
+Docker Hub integration works like other Snyk integrations. To continue to monitor, fix, and manage your Projects, see the relevant pages in the Snyk documentation.
{% hint style="info" %}
-For application vulnerabilities within container images, any changes to the application will not be reflected with a manual or recurring retest. A re-import of the image is required. See [Detecting application vulnerabilities in container images ](../../use-snyk-container/detect-application-vulnerabilities-in-container-images.md)for more information.
+For application vulnerabilities in container images, a manual or recurring retest does not reflect any changes to the application. You must re-import the image. See [Detecting application vulnerabilities in container images ](../../use-snyk-container/detect-application-vulnerabilities-in-container-images.md)for more information.
{% endhint %}
diff --git a/scan-fix-and-prevent/scan-with-snyk/snyk-container/container-registry-integrations/integrate-with-github-container-registry.md b/scan-fix-and-prevent/scan-with-snyk/snyk-container/container-registry-integrations/integrate-with-github-container-registry.md
index 3acd69920392..7642c34ad130 100644
--- a/scan-fix-and-prevent/scan-with-snyk/snyk-container/container-registry-integrations/integrate-with-github-container-registry.md
+++ b/scan-fix-and-prevent/scan-with-snyk/snyk-container/container-registry-integrations/integrate-with-github-container-registry.md
@@ -1,6 +1,6 @@
# Integrate with GitHub Container registry
-Snyk integrates with the GitHub Container registry to enable you to import your container images and monitor them for vulnerabilities.
+Snyk integrates with the GitHub Container registry so you can import your container images and monitor them for vulnerabilities.
Snyk tests the images you have imported (Projects) for any known security vulnerabilities, testing them at a frequency you control, and alerts you when new issues are detected.
@@ -33,7 +33,7 @@ See the Snyk blog to learn more about [container registry security and security
## Scan images from GitHub Container registry in Snyk
-Snyk tests and monitors your GitHub container images by evaluating their tags in your repositories. After you have imported images to Snyk, image vulnerabilities are identified and can be triaged efficiently.
+Snyk tests and monitors your GitHub container images by evaluating their tags in your repositories. After you have imported images to Snyk, Snyk identifies image vulnerabilities so you can triage them.
Follow these steps to add images from the GitHub container registry to Snyk.
@@ -52,8 +52,8 @@ Follow these steps to add images from the GitHub container registry to Snyk.
Note that GitHub Container Registry does not follow docker v2 API. Therefore, it is not possible to list images in repositories. Therefore you must specify the images you wish to scan manually.
5. Select single or multiple images to be imported to Snyk.\
You can choose a specific image or an entire repository. You can also search by image name to find specific images to import.
-6. To finish, click **Add selected repositories** on the top-right.\
- A status bar appears at the top of the page as the images are imported; you can continue working in the meantime.
+6. To finish, click **Add selected repositories**.\
+ A status bar appears at the top of the page as Snyk imports the images. You can continue working in the meantime.
7. When the import ends:
* You can view the newly imported image, marked with a **NEW** tag, on the **Projects** page. Images are grouped by repository and are each linked individually to a detailed **Project** page.
* An import log becomes available; you can reach it at the top of the Projects list.
@@ -64,5 +64,5 @@ GitHub container registry imports are designated with a unique icon. You can fil
Example of a GitHub Project
{% hint style="info" %}
-For application vulnerabilities within container images, any changes to the application will not be reflected with a manual or recurring retest. A re-import of the image is required. For more information, see [Detecting application vulnerabilities in container images](../use-snyk-container/detect-application-vulnerabilities-in-container-images.md).
+For application vulnerabilities in container images, a manual or recurring retest does not reflect any changes to the application. You must re-import the image. For more information, see [Detecting application vulnerabilities in container images](../use-snyk-container/detect-application-vulnerabilities-in-container-images.md).
{% endhint %}
diff --git a/scan-fix-and-prevent/scan-with-snyk/snyk-container/container-registry-integrations/integrate-with-gitlab-container-registry.md b/scan-fix-and-prevent/scan-with-snyk/snyk-container/container-registry-integrations/integrate-with-gitlab-container-registry.md
index 1a5830a98cd5..eda25ba8576d 100644
--- a/scan-fix-and-prevent/scan-with-snyk/snyk-container/container-registry-integrations/integrate-with-gitlab-container-registry.md
+++ b/scan-fix-and-prevent/scan-with-snyk/snyk-container/container-registry-integrations/integrate-with-gitlab-container-registry.md
@@ -1,6 +1,6 @@
# Integrate with GitLab Container Registry
-Snyk integrates with GitLab Container Registry to enable you to import your container images and monitor them for vulnerabilities.
+Snyk integrates with GitLab Container Registry so you can import your container images and monitor them for vulnerabilities.
Snyk tests the images you have imported (Projects) for any known security vulnerabilities, testing them at a frequency you control, and alerts you when new issues are detected.
@@ -32,9 +32,9 @@ When the connection is successful, you can use Snyk to scan your images from Git
## Scan images from GitLab Container Registry in Snyk
-Snyk tests and monitors your GitLab container images by evaluating the image tags in your repositories. After you have imported images to Snyk, your image vulnerabilities are identified and can be triaged easily.
+Snyk tests and monitors your GitLab container images by evaluating the image tags in your repositories. After you have imported images to Snyk, Snyk identifies your image vulnerabilities so you can triage them.
-The steps follow for adding images from GitLab Container Registry to Snyk.
+Follow these steps to add images from GitLab Container Registry to Snyk.
## **Prerequisites for GitLab container image scanning**
@@ -51,8 +51,8 @@ The steps follow for adding images from GitLab Container Registry to Snyk.
Note that GitLab Container Registry does not follow Docker v2 API. Therefore, it is not possible to list images in a repository, and you must manually specify the images you wish to scan.
5. Select single or multiple images to be imported to Snyk.\
You can select by choosing a specific image or selecting an entire repository. You can also search by image name to find specific images to import.
-6. To finish, click **Add selected repositories** on the top right.\
- A status bar appears at the top of the page as the images are imported; you can continue working in the meantime.
+6. To finish, click **Add selected repositories**.\
+ A status bar appears at the top of the page as Snyk imports the images. You can continue working in the meantime.
7. When the import ends:
* You can view the newly imported image, marked with a **NEW** tag, on the **Projects** page. Images are grouped by repository and are each linked individually to a detailed **Project** page.
* An import log becomes available; you can reach it at the top of the Projects list.
@@ -63,5 +63,5 @@ GitLab Container Registry imports are designated with a unique icon. You can fil
Example of a GitLab Project
{% hint style="info" %}
-For application vulnerabilities within container images, any changes to the application will not be reflected with a manual or recurring retest. A re-import of the image is required. For more information, see [Detecting application vulnerabilities in container images](../use-snyk-container/detect-application-vulnerabilities-in-container-images.md).
+For application vulnerabilities in container images, a manual or recurring retest does not reflect any changes to the application. You must re-import the image. For more information, see [Detecting application vulnerabilities in container images](../use-snyk-container/detect-application-vulnerabilities-in-container-images.md).
{% endhint %}
diff --git a/scan-fix-and-prevent/scan-with-snyk/snyk-container/container-registry-integrations/integrate-with-google-artifact-registry-gar.md b/scan-fix-and-prevent/scan-with-snyk/snyk-container/container-registry-integrations/integrate-with-google-artifact-registry-gar.md
index c165983ff3a7..d1965bb56b57 100644
--- a/scan-fix-and-prevent/scan-with-snyk/snyk-container/container-registry-integrations/integrate-with-google-artifact-registry-gar.md
+++ b/scan-fix-and-prevent/scan-with-snyk/snyk-container/container-registry-integrations/integrate-with-google-artifact-registry-gar.md
@@ -50,16 +50,16 @@ To add images from GAR:
* Type the name of a single image for import in the **Image Name** field.
* Select any of the repositories for which you want to import all of the associated images.
* Expand and collapse repositories to select multiple images across multiple repositories.
-4. Click **Add selected repositories**. As the images are imported, a status bar appears at the top of the page. You can continue working while Snyk imports the images.
+4. Click **Add selected repositories**. As Snyk imports the images, a status bar appears at the top of the page. You can continue working while Snyk imports the images.
When the import ends, a notification of success or failure appears at the top of the page. Click **Refresh** to view the **Projects** page with the newly imported images. The images are grouped by repository and linked individually to a detailed **Projects** page.
-You can now connect your Git repo to this Project in order to use your Dockerfile for enriched fix advice. For more information, see [Adding your Dockerfile and testing your base image](../scan-your-dockerfile/detect-vulnerable-base-images-from-your-dockerfile.md).
+You can now connect your Git repository to this Project to use your Dockerfile for enriched fix advice. For more information, see [Adding your Dockerfile and testing your base image](../scan-your-dockerfile/detect-vulnerable-base-images-from-your-dockerfile.md).
GAR files are indicated with a unique icon. You can now filter to view only those Projects.
Examples of GAR Projects
{% hint style="info" %}
-For application vulnerabilities within container images, any changes to the application will not be reflected with a manual or recurring retest. You must re-import the image. For more information, see [Detecting application vulnerabilities in container images](../use-snyk-container/detect-application-vulnerabilities-in-container-images.md).
+For application vulnerabilities in container images, a manual or recurring retest does not reflect any changes to the application. You must re-import the image. For more information, see [Detecting application vulnerabilities in container images](../use-snyk-container/detect-application-vulnerabilities-in-container-images.md).
{% endhint %}
diff --git a/scan-fix-and-prevent/scan-with-snyk/snyk-container/container-registry-integrations/integrate-with-google-container-registry-gcr.md b/scan-fix-and-prevent/scan-with-snyk/snyk-container/container-registry-integrations/integrate-with-google-container-registry-gcr.md
index 502eb96bc530..c6a5936a5ea6 100644
--- a/scan-fix-and-prevent/scan-with-snyk/snyk-container/container-registry-integrations/integrate-with-google-container-registry-gcr.md
+++ b/scan-fix-and-prevent/scan-with-snyk/snyk-container/container-registry-integrations/integrate-with-google-container-registry-gcr.md
@@ -1,7 +1,7 @@
# Integrate with Google Container Registry (GCR)
{% hint style="warning" %}
-Google Container Registry (GCR) has been [officially deprecated](https://cloud.google.com/container-registry/docs/release-notes#May_15_2023) by Google and is no longer supported. Google has replaced GCR with the new Google Artifact Registry (GAR). All Snyk customers should **immediately** migrate to the [Snyk GAR integration](integrate-with-google-artifact-registry-gar.md). \
+Google Container Registry (GCR) has been [officially deprecated](https://cloud.google.com/container-registry/docs/release-notes#May_15_2023) by Google and is no longer supported. Google has replaced GCR with the new Google Artifact Registry (GAR). All Snyk customers must **immediately** migrate to the [Snyk GAR integration](integrate-with-google-artifact-registry-gar.md). \
\
Note that Google currently redirects `gcr.io` paths to GAR. Your legacy Snyk GCR integration may continue to work if the credentials provided to Snyk also have the `roles/artifactregistry.reader` and `roles/resourcemanager.projects.list` roles authorized for them. However, this redirect may stop functioning in the future. We strongly recommend that you migrate to the [Snyk GAR integration](integrate-with-google-artifact-registry-gar.md) at the earliest to avoid any unwanted service interruptions.
{% endhint %}
@@ -16,7 +16,7 @@ From the relevant project in Google, ensure you have created a service account f
To enable GCR permissions:
-1. Go to the Google Cloud Platform Console [Credentials](https://console.cloud.google.com/apis/credentials) page, select the Project that you want to integrate with, and then select setting up a new service account key.
+1. Navigate to the Google Cloud Platform Console [Credentials](https://console.cloud.google.com/apis/credentials) page, select the Project that you want to integrate with, and then select setting up a new service account key.
2. From the view that opens choose the service account from the dropdown list that you created for this integration and configure a new key for that account with these values:
* **Service account name** - assign a unique name for the account to help you remember its uses later on.
* **Role** - Storage Object Viewer (roles/storage.objectViewer)
@@ -46,7 +46,7 @@ You must be onboarded to your Organization by an administrator and have configur
Snyk tests and monitors Google Container Registry (GCR) container images by evaluating root folders and custom file locations.
-To add images from GAR:
+To add images from GCR:
1. In the Snyk Web UI, navigate to the Organization you want to manage.
2. Navigate to **Projects** > **Add Projects**. The list of integrations already configured in your account opens. The view displays all of the available images for the registry to which you connected, grouped by each of your repositories.
@@ -58,12 +58,12 @@ To add images from GAR:
When the import ends, a notification of success or failure appears at the top of the page. Click **Refresh** to view the **Projects** page with the newly imported images. The images are grouped by repository and linked individually to a detailed **Projects** page.
-You can now connect your Git repo to this Project in order to use your Dockerfile for enriched fix advice. For more information, see [Adding your Dockerfile and testing your base image](../scan-your-dockerfile/detect-vulnerable-base-images-from-your-dockerfile.md).
+You can now connect your Git repository to this Project to use your Dockerfile for enriched fix advice. For more information, see [Adding your Dockerfile and testing your base image](../scan-your-dockerfile/detect-vulnerable-base-images-from-your-dockerfile.md).
GCR files are indicated with a unique icon. You can now filter to view only those Projects.
Examples of GCR Projects
{% hint style="info" %}
-For application vulnerabilities within container images, any changes to the application will not be reflected with a manual or recurring retest. You must re-import the image. For more information, see [Detecting application vulnerabilities in container images](../use-snyk-container/detect-application-vulnerabilities-in-container-images.md).
+For application vulnerabilities in container images, a manual or recurring retest does not reflect any changes to the application. You must re-import the image. For more information, see [Detecting application vulnerabilities in container images](../use-snyk-container/detect-application-vulnerabilities-in-container-images.md).
{% endhint %}
diff --git a/scan-fix-and-prevent/scan-with-snyk/snyk-container/container-registry-integrations/integrate-with-harbor-container-registry.md b/scan-fix-and-prevent/scan-with-snyk/snyk-container/container-registry-integrations/integrate-with-harbor-container-registry.md
index daa1ae5f21b4..e34a12c8ca35 100644
--- a/scan-fix-and-prevent/scan-with-snyk/snyk-container/container-registry-integrations/integrate-with-harbor-container-registry.md
+++ b/scan-fix-and-prevent/scan-with-snyk/snyk-container/container-registry-integrations/integrate-with-harbor-container-registry.md
@@ -5,7 +5,7 @@
This feature is available only with Enterprise plans. For more information, see [pricing plans](https://snyk.io/plans/).
{% endhint %}
-Snyk integrates with Harbor Container Registry to enable you to import your container images and monitor them for vulnerabilities.
+Snyk integrates with Harbor Container Registry so you can import your container images and monitor them for vulnerabilities.
Snyk tests the images you have imported (referred to as Projects) for any known security vulnerabilities, testing them at a frequency you control, and alerts you when new issues are detected.
@@ -33,11 +33,11 @@ Integration setup requires a Harbor user with sufficient permissions to access t
Snyk tests the connection values, and the page reloads, now displaying Harbor integration information. The **Add your Harbor images to Snyk** button becomes available. If the connection to Harbor fails, a notification appears under the **Connected to Harbor** section.
-Once the connection is successful, you can use Snyk to scan your images from Harbor.
+When the connection is successful, you can use Snyk to scan your images from Harbor.
## Scan container images from Harbor in Snyk
-Snyk tests and monitors your Harbor container images by evaluating the image tags in your repositories. After your container images are imported to Snyk, your image vulnerabilities are identified and can be triaged easily.
+Snyk tests and monitors your Harbor container images by evaluating the image tags in your repositories. After you import your container images to Snyk, Snyk identifies your image vulnerabilities so you can triage them.
Follow these instructions to add images from Harbor to Snyk.
@@ -54,8 +54,8 @@ Follow these instructions to add images from Harbor to Snyk.
3. Select the **Harbor** option or **Other** if Harbor does not appear.
4. The view **Which images do you want to test?** opens, displaying all of the available images for your connected registry, grouped by each of your repositories.
5. Select single or multiple images to be imported to Snyk by choosing a specific image or by selecting an entire repository. You can also search by image name to find specific images to import.
-6. To finish, click **Add selected repositories** on the top right.\
- A status bar appears at the top of the page as the images are imported; you can continue working in the meantime.
+6. To finish, click **Add selected repositories**.\
+ A status bar appears at the top of the page as Snyk imports the images. You can continue working in the meantime.
7. When the import ends:
1. You can view the newly imported image, marked with a **NEW** tag, on the **Projects** page. Images are grouped by repository and are each linked individually to a detailed Projects page.
2. An import log becomes available; you can reach it from the top of the Projects list.
@@ -66,5 +66,5 @@ Harbor imports are indicated with a unique icon. You can also filter to view onl
Harbor Projects in Projects listing
{% hint style="info" %}
-For application vulnerabilities within container images, any changes to the application will not be reflected with a manual or recurring retest. A re-import of the image is required. For more information, see [Detecting application vulnerabilities in container images](../use-snyk-container/detect-application-vulnerabilities-in-container-images.md).
+For application vulnerabilities in container images, a manual or recurring retest does not reflect any changes to the application. You must re-import the image. For more information, see [Detecting application vulnerabilities in container images](../use-snyk-container/detect-application-vulnerabilities-in-container-images.md).
{% endhint %}
diff --git a/scan-fix-and-prevent/scan-with-snyk/snyk-container/container-registry-integrations/integrate-with-jfrog-artifactory/README.md b/scan-fix-and-prevent/scan-with-snyk/snyk-container/container-registry-integrations/integrate-with-jfrog-artifactory/README.md
index 97965b85cac7..89aee8d756d8 100644
--- a/scan-fix-and-prevent/scan-with-snyk/snyk-container/container-registry-integrations/integrate-with-jfrog-artifactory/README.md
+++ b/scan-fix-and-prevent/scan-with-snyk/snyk-container/container-registry-integrations/integrate-with-jfrog-artifactory/README.md
@@ -5,7 +5,7 @@
This feature is available only with Enterprise plans. For more information, see [pricing plans](https://snyk.io/plans/).
{% endhint %}
-Snyk integrates with JFrog Artifactory Container Registry to enable you to import your Projects and monitor your containers for vulnerabilities. Snyk tests the Projects you have imported for any known security vulnerabilities found at a frequency you control.
+Snyk integrates with JFrog Artifactory Container Registry so you can import your Projects and monitor your containers for vulnerabilities. Snyk tests the Projects you have imported for any known security vulnerabilities found at a frequency you control.
Refer to the following pages for details:
diff --git a/scan-fix-and-prevent/scan-with-snyk/snyk-container/container-registry-integrations/integrate-with-jfrog-artifactory/add-artifactory-images-to-snyk.md b/scan-fix-and-prevent/scan-with-snyk/snyk-container/container-registry-integrations/integrate-with-jfrog-artifactory/add-artifactory-images-to-snyk.md
index 4e5b3b093bcc..41906ffe036c 100644
--- a/scan-fix-and-prevent/scan-with-snyk/snyk-container/container-registry-integrations/integrate-with-jfrog-artifactory/add-artifactory-images-to-snyk.md
+++ b/scan-fix-and-prevent/scan-with-snyk/snyk-container/container-registry-integrations/integrate-with-jfrog-artifactory/add-artifactory-images-to-snyk.md
@@ -10,24 +10,24 @@ Snyk tests and monitors your Artifactory container images by evaluating the tags
## **Steps to adding Artifactory images to Snyk**
* Log in to your account and navigate to the relevant Group and Organization you want to manage.
-* Go to **Projects** and click **Add projects**. The list of integrations already configured on your account opens.
+* Navigate to **Projects** and click **Add projects**. The list of integrations already configured on your account opens.
* The view **Which images do you want to test?** opens, displaying all of the available images for the registry to which you connected, grouped by each of your repositories.
* Select single or multiple images using any or all of the following methods:
- * Type the name of a single image for import in the Image Name field (at number 1, the image name field, in the image above),
- * Select any of the repositories if you want to import all of the associated images (at number 2, the second item listed in the image above).
- * Expand and collapse repositories to select multiple images (at number 3, the third image listed in the image above) across multiple repositories.
+ * Type the name of a single image for import in the **Image Name** field.
+ * Select any of the repositories if you want to import all of the associated images.
+ * Expand and collapse repositories to select multiple images across multiple repositories.
* Click **Add selected repositories**.
- A status bar appears at the top of the page as the images are imported; you can continue working in the meantime.
-* When the import ends, a notification of success or failure appears at the top of the page. Click Refresh to view the Projects page with the newly imported images. Images are grouped by repository and are each linked individually to a detailed Projects page.
-* You can now connect your Git repo to this Project in order to use your Dockerfile for enriched fix advice. For more information, see [Adding your Dockerfile and testing your base image](../../scan-your-dockerfile/detect-vulnerable-base-images-from-your-dockerfile.md).
+ A status bar appears at the top of the page as Snyk imports the images. You can continue working in the meantime.
+* When the import ends, a notification of success or failure appears at the top of the page. Click **Refresh** to view the **Projects** page with the newly imported images. Images are grouped by repository and are each linked individually to a detailed **Projects** page.
+* You can now connect your Git repository to this Project to use your Dockerfile for enriched fix advice. For more information, see [Adding your Dockerfile and testing your base image](../../scan-your-dockerfile/detect-vulnerable-base-images-from-your-dockerfile.md).
-Images are indicated with a unique icon. You can filter to view only the Artifactory Projects.
+Images are indicated with a unique icon. You can filter to view only the Artifactory Projects.
List of Artifactory Projects
-Artifactory integration works like other Snyk integrations. To continue to monitor, fix and manage your Projects, see the relevant pages in the Snyk user documentation.
+Artifactory integration works like other Snyk integrations. To continue to monitor, fix, and manage your Projects, see the relevant pages in the Snyk user documentation.
{% hint style="info" %}
-For application vulnerabilities within container images, any changes to the application will not be reflected with a manual or recurring retest. A re-import of the image is required. For more information, see [Detecting application vulnerabilities in container images](../../use-snyk-container/detect-application-vulnerabilities-in-container-images.md).
+For application vulnerabilities in container images, a manual or recurring retest does not reflect any changes to the application. You must re-import the image. For more information, see [Detecting application vulnerabilities in container images](../../use-snyk-container/detect-application-vulnerabilities-in-container-images.md).
{% endhint %}
diff --git a/scan-fix-and-prevent/scan-with-snyk/snyk-container/container-registry-integrations/integrate-with-jfrog-artifactory/configuring-your-jfrog-artifactory-container-registry-integration.md b/scan-fix-and-prevent/scan-with-snyk/snyk-container/container-registry-integrations/integrate-with-jfrog-artifactory/configuring-your-jfrog-artifactory-container-registry-integration.md
index 3e5e2dcfe270..04b33885205b 100644
--- a/scan-fix-and-prevent/scan-with-snyk/snyk-container/container-registry-integrations/integrate-with-jfrog-artifactory/configuring-your-jfrog-artifactory-container-registry-integration.md
+++ b/scan-fix-and-prevent/scan-with-snyk/snyk-container/container-registry-integrations/integrate-with-jfrog-artifactory/configuring-your-jfrog-artifactory-container-registry-integration.md
@@ -15,7 +15,7 @@ The instructions on this page explain how to enable integration between one Arti
2. Navigate to **Integrations**. From the list of integrations, select **Artifactory.**\
The configuration page opens.
3. Enter your credentials:
- * **Username and Password -** use your Artifactory login credentials. If you're using SSO configuration, you must generate an access token in Artifactory and use the token details to login.
+ * **Username and Password -** use your Artifactory login credentials. If you are using SSO configuration, you must generate an access token in Artifactory and use the token details to log in.
* **Container registry name -** the full registry URL: `.jfrog.io/artifactory/api/docker/`
Artifactory account credentials
diff --git a/scan-fix-and-prevent/scan-with-snyk/snyk-container/container-registry-integrations/integrate-with-microsoft-azure-container-registry-acr/add-images-to-snyk-from-acr.md b/scan-fix-and-prevent/scan-with-snyk/snyk-container/container-registry-integrations/integrate-with-microsoft-azure-container-registry-acr/add-images-to-snyk-from-acr.md
index 994ed75c26e1..36813c7a8c72 100644
--- a/scan-fix-and-prevent/scan-with-snyk/snyk-container/container-registry-integrations/integrate-with-microsoft-azure-container-registry-acr/add-images-to-snyk-from-acr.md
+++ b/scan-fix-and-prevent/scan-with-snyk/snyk-container/container-registry-integrations/integrate-with-microsoft-azure-container-registry-acr/add-images-to-snyk-from-acr.md
@@ -10,26 +10,26 @@ Snyk tests and monitors Microsoft Azure Container Registry (ACR) container image
## Steps to add images to Snyk from ACR
1. Log in to your account and navigate to the relevant Group and Organization you want to manage.
-2. Go to **Projects**, and click **Add projects**. The list of integrations already configured on your account opens.
+2. Navigate to **Projects**, and click **Add projects**. The list of integrations already configured on your account opens.
The view **Which images do you want to test?** opens, displaying all of the available images for the registry to which you connected, grouped by each of your repositories, similar to the following:
1. Select single or multiple images using any or all of the following methods:
- 1. Type the name of a single image for import in the **Image Name** field (at number 1, the Image Name field in the image above),
- 2. Select any of the repositories if you want to import all of the associated images (at number 2, the second item listed in the image above).
- 3. Expand and collapse repositories to select multiple images at number 3, the third item listed in the image above) across multiple repositories.
+ 1. Type the name of a single image for import in the **Image Name** field.
+ 2. Select any of the repositories if you want to import all of the associated images.
+ 3. Expand and collapse repositories to select multiple images across multiple repositories.
2. Click **Add selected repositories**.
- A status bar appears at the top of the page as the images are imported; you can continue working in the meantime.
+ A status bar appears at the top of the page as Snyk imports the images. You can continue working in the meantime.
3. When the import ends, a notification of success or failure appears at the top of the page. Click **Refresh** to view the **Projects** page with the newly imported images.\
Images are grouped by repository and linked individually to a detailed Projects page.
-4. You can now connect your Git repository to this Project in order to use your Dockerfile for enriched fix advice.\
+4. You can now connect your Git repository to this Project to use your Dockerfile for enriched fix advice.\
For more information, see [Adding your Dockerfile and testing your base image](../../scan-your-dockerfile/detect-vulnerable-base-images-from-your-dockerfile.md).
ACR files are indicated with a unique icon. You can filter to view only ACR Projects.
-ACR integration works like other Snyk integrations. To continue to monitor, fix and manage your Projects, see the relevant pages in the Snyk user documentation.
+ACR integration works like other Snyk integrations. To continue to monitor, fix, and manage your Projects, see the relevant pages in the Snyk user documentation.
{% hint style="info" %}
-For application vulnerabilities within container images, any changes to the application will not be reflected with a manual or recurring retest. A re-import of the image is required. For more information, see [Detecting application vulnerabilities in container images](../../use-snyk-container/detect-application-vulnerabilities-in-container-images.md).
+For application vulnerabilities in container images, a manual or recurring retest does not reflect any changes to the application. You must re-import the image. For more information, see [Detecting application vulnerabilities in container images](../../use-snyk-container/detect-application-vulnerabilities-in-container-images.md).
{% endhint %}
diff --git a/scan-fix-and-prevent/scan-with-snyk/snyk-container/container-registry-integrations/integrate-with-nexus-container-registry.md b/scan-fix-and-prevent/scan-with-snyk/snyk-container/container-registry-integrations/integrate-with-nexus-container-registry.md
index 1df95f5730ac..74a93c5a4eb7 100644
--- a/scan-fix-and-prevent/scan-with-snyk/snyk-container/container-registry-integrations/integrate-with-nexus-container-registry.md
+++ b/scan-fix-and-prevent/scan-with-snyk/snyk-container/container-registry-integrations/integrate-with-nexus-container-registry.md
@@ -5,7 +5,7 @@
This feature is available only with Enterprise plans. For more information, see [pricing plans](https://snyk.io/plans/).
{% endhint %}
-Snyk integrates with Nexus Container Registry to enable you to import your container images and monitor them for vulnerabilities.
+Snyk integrates with Nexus Container Registry so you can import your container images and monitor them for vulnerabilities.
Snyk tests the images you have imported (Projects) for any known security vulnerabilities, testing them at a frequency you control, and alerts you when new issues are detected.
@@ -34,7 +34,7 @@ If the connection to Nexus fails, a notification appears under the **Connected t
When the connection is successful, you can use Snyk to scan your images from Nexus.
-Snyk tests and monitors your Nexus container images by evaluating the image tags in your repositories. After you have imported images to Snyk, the image vulnerabilities are identified and can be triaged easily.
+Snyk tests and monitors your Nexus container images by evaluating the image tags in your repositories. After you have imported images to Snyk, Snyk identifies the image vulnerabilities so you can triage them.
Follow these steps to add images from Nexus to Snyk.
@@ -52,8 +52,8 @@ Follow these steps to add images from Nexus to Snyk.
The view **Which images do you want to test?** view opens, displaying all available images for your connected registry, grouped by each of your repositories.
4. Select single or multiple images to be imported to Snyk.\
You can choose a specific image or select an entire repository. You can also search by image name to find specific images to import.
-5. To finish, click **Add selected repositories** on the top-right.\
- A status bar appears at the top of the page as the images are imported; you can continue working in the meantime.
+5. To finish, click **Add selected repositories**.\
+ A status bar appears at the top of the page as Snyk imports the images. You can continue working in the meantime.
6. When the import ends:
1. You can view the newly imported image, marked with a **NEW** tag, on the **Projects** page. Images are grouped by repository and are each linked individually to a detailed **Project** page.
2. An **import log** becomes available; you can reach it at the top of the Projects list.
@@ -64,5 +64,5 @@ Nexus imports are indicated with a unique icon. You can also filter to view only
Example of a Nexus Project
{% hint style="info" %}
-For application vulnerabilities within container images, any changes to the application will not be reflected with a manual or recurring retest. A re-import of the image is required. For more information, see [Detecting application vulnerabilities in container images](../use-snyk-container/detect-application-vulnerabilities-in-container-images.md).
+For application vulnerabilities in container images, a manual or recurring retest does not reflect any changes to the application. You must re-import the image. For more information, see [Detecting application vulnerabilities in container images](../use-snyk-container/detect-application-vulnerabilities-in-container-images.md).
{% endhint %}
diff --git a/scan-fix-and-prevent/scan-with-snyk/snyk-container/container-registry-integrations/integrate-with-quay-container-registry.md b/scan-fix-and-prevent/scan-with-snyk/snyk-container/container-registry-integrations/integrate-with-quay-container-registry.md
index 67e1f7eb8918..89b121c6d45b 100644
--- a/scan-fix-and-prevent/scan-with-snyk/snyk-container/container-registry-integrations/integrate-with-quay-container-registry.md
+++ b/scan-fix-and-prevent/scan-with-snyk/snyk-container/container-registry-integrations/integrate-with-quay-container-registry.md
@@ -1,6 +1,6 @@
# Integrate with Quay Container Registry
-Snyk integrates with Quay Container Registry to enable you to import your container images and monitor them for vulnerabilities.
+Snyk integrates with Quay Container Registry so you can import your container images and monitor them for vulnerabilities.
Snyk tests the images you have imported (Projects) for any known security vulnerabilities, testing them at a frequency you control, and alerts you when new issues are detected.
@@ -28,7 +28,7 @@ Snyk tests the connection values, and the page reloads, displaying Quay integrat
When the connection succeeds, you can use Snyk to scan your images from Quay.
-Snyk tests and monitors your Quay container images by evaluating the tags in your repositories. After import to Snyk, your image vulnerabilities are identified and can be triaged easily.
+Snyk tests and monitors your Quay container images by evaluating the tags in your repositories. After import to Snyk, Snyk identifies your image vulnerabilities so you can triage them.
## Scan container images from Quay in Snyk
@@ -47,8 +47,8 @@ Snyk tests and monitors your Quay container images by evaluating the tags in you
5. Select single or multiple images to be imported to Snyk.\
You can select by choosing a specific image or by selecting an entire repository.\
You can also search by image name to find specific images to import.
-6. To finish, click **Add selected repositories** at the top right.\
- A status bar appears at the top of the page as the images are imported; you can continue working in the meantime.
+6. To finish, click **Add selected repositories**.\
+ A status bar appears at the top of the page as Snyk imports the images. You can continue working in the meantime.
7. When the import ends:
1. You can view the newly imported image, marked with a **NEW** tag, on the **Projects** page; Images are grouped by repository and linked individually to a detailed **Project** page.\
An **import log** becomes available; you can reach it at the top of the Projects list.
@@ -57,5 +57,5 @@ Snyk tests and monitors your Quay container images by evaluating the tags in you
Quay imports are designated with a unique icon. You can filter to view only Quay Projects.
{% hint style="info" %}
-For application vulnerabilities within container images, any changes to the application will not be reflected with a manual or recurring retest. A re-import of the image is required. For more information, see [Detecting application vulnerabilities in container images](../use-snyk-container/detect-application-vulnerabilities-in-container-images.md).
+For application vulnerabilities in container images, a manual or recurring retest does not reflect any changes to the application. You must re-import the image. For more information, see [Detecting application vulnerabilities in container images](../use-snyk-container/detect-application-vulnerabilities-in-container-images.md).
{% endhint %}
diff --git a/scan-fix-and-prevent/scan-with-snyk/snyk-container/how-snyk-container-works/README.md b/scan-fix-and-prevent/scan-with-snyk/snyk-container/how-snyk-container-works/README.md
index d6fa97a00550..eda6448b8520 100644
--- a/scan-fix-and-prevent/scan-with-snyk/snyk-container/how-snyk-container-works/README.md
+++ b/scan-fix-and-prevent/scan-with-snyk/snyk-container/how-snyk-container-works/README.md
@@ -29,7 +29,7 @@ After Snyk has the list of installed software, Snyk looks that up in the Snyk Vu
Snyk supports testing OCI-compliant and Docker v2-compliant images but does not support images that combine both OCI and Docker v2 standards into a single archive.
{% endhint %}
-When providing public base image recommendations, Snyk's logic considers the origin repository, flavor, and version of the base image it detects. This means that Snyk's upgrade recommendations aim to reduce the number or severity of found vulnerabilities, with minor version upgrades typically maintaining compatibility with the currently used base image.
+When providing public base image recommendations, Snyk considers the origin repository, flavor, and version of the base image it detects. This means that the Snyk upgrade recommendations aim to reduce the number or severity of found vulnerabilities, with minor version upgrades typically maintaining compatibility with the base image you use.
## Official advisory resources used by Snyk Container
diff --git a/scan-fix-and-prevent/scan-with-snyk/snyk-container/how-snyk-container-works/operating-system-distributions-supported-by-snyk-container.md b/scan-fix-and-prevent/scan-with-snyk/snyk-container/how-snyk-container-works/operating-system-distributions-supported-by-snyk-container.md
index be4b63c3edd3..d1e4bef5af36 100644
--- a/scan-fix-and-prevent/scan-with-snyk/snyk-container/how-snyk-container-works/operating-system-distributions-supported-by-snyk-container.md
+++ b/scan-fix-and-prevent/scan-with-snyk/snyk-container/how-snyk-container-works/operating-system-distributions-supported-by-snyk-container.md
@@ -2,7 +2,7 @@
Snyk detects vulnerabilities in images based on operating systems listed on this page along with the specific versions that are supported. For the latest updates, see [Snyk updates](https://updates.snyk.io).
-If you use an unsupported distribution, for example, one that has reached its end of life (EOL) and is no longer being maintained, Snyk displays a message to tell you the distribution is unsupported. Due to a lack of security updates for unsupported distributions, it is possible that you will not receive notifications about vulnerabilities. However, it does not mean that your image is secure.
+If you use an unsupported distribution, for example, one that has reached its end of life (EOL) and is no longer being maintained, Snyk displays a message to tell you the distribution is unsupported. Due to a lack of security updates for unsupported distributions, you might not receive notifications about vulnerabilities. However, this does not mean that your image is secure.
{% hint style="info" %}
Snyk also supports images using packages from these distributions, but without the associated package manager, such as Distroless images.
diff --git a/scan-fix-and-prevent/scan-with-snyk/snyk-container/how-snyk-container-works/severity-levels-of-detected-linux-vulnerabilities.md b/scan-fix-and-prevent/scan-with-snyk/snyk-container/how-snyk-container-works/severity-levels-of-detected-linux-vulnerabilities.md
index 581841336848..5d523b13c1e9 100644
--- a/scan-fix-and-prevent/scan-with-snyk/snyk-container/how-snyk-container-works/severity-levels-of-detected-linux-vulnerabilities.md
+++ b/scan-fix-and-prevent/scan-with-snyk/snyk-container/how-snyk-container-works/severity-levels-of-detected-linux-vulnerabilities.md
@@ -10,7 +10,7 @@ In certain cases, NVD assigns a different CVSS vector and severity score from th
## Relative importance feature
-Relative importance asserts a common severity for a vulnerability and shows the underlying detailed information for that severity based on multiple sources. This allows developers and analysts to view a common level of importance and exposes the underlying information that contributed to the asserted severity.
+Relative importance asserts a common severity for a vulnerability and shows the underlying detailed information for that severity based on multiple sources. This lets developers and analysts view a common level of importance and exposes the underlying information that contributed to the asserted severity.
Snyk supports relative importance in Ubuntu, Debian, Red Hat Enterprise Linux (RHEL), CentOS, Amazon Linux, Oracle Linux, and SUSE Linux Enterprise Server (SLES).
diff --git a/scan-fix-and-prevent/scan-with-snyk/snyk-container/kubernetes-integration/install-the-snyk-controller/authenticate-to-private-container-registries.md b/scan-fix-and-prevent/scan-with-snyk/snyk-container/kubernetes-integration/install-the-snyk-controller/authenticate-to-private-container-registries.md
index b7a8aac95851..8c3082cb0133 100644
--- a/scan-fix-and-prevent/scan-with-snyk/snyk-container/kubernetes-integration/install-the-snyk-controller/authenticate-to-private-container-registries.md
+++ b/scan-fix-and-prevent/scan-with-snyk/snyk-container/kubernetes-integration/install-the-snyk-controller/authenticate-to-private-container-registries.md
@@ -2,9 +2,9 @@
If you are using private container registries, you must create a `dockercfg.json` file that contains the credentials to the registry. Then you must create a secret, which must be called `snyk-monitor`.
-The `dockercfg.json` file is necessary to allow the monitor to look up images in private registries. Usually, your credentials are in `$HOME/.docker/config.json`. However, the credentials must also be added to the `dockercfg.json` file. The Snyk Controller is not able to access these registries if the credentials are only stored in `$HOME/.docker/config.json`
+The `dockercfg.json` file is necessary to allow the monitor to look up images in private registries. Usually, your credentials are in `$HOME/.docker/config.json`. However, the credentials must also be added to the `dockercfg.json` file. The Snyk Controller cannot access these registries if the credentials are only stored in `$HOME/.docker/config.json`
-The steps below explain how to authenticate to private container registries.
+The following steps explain how to authenticate to private container registries.
## Configure the dockercfg.json file
@@ -15,7 +15,7 @@ Ensure the file containing your credentials is named `dockercfg.json`. This file
{% endhint %}
{% hint style="info" %}
-Ensure the formatting is correct, including new line characters and whitespace in the `dockercfg.json` file. Malformed files will result in authentication failures.
+Ensure the formatting is correct, including new line characters and whitespace in the `dockercfg.json` file. Malformed files result in authentication failures.
{% endhint %}
The locations where your cluster runs and where your registries run determine the combination of entries in your `dockercfg.json` file. The file can contain credentials for multiple registries.
diff --git a/scan-fix-and-prevent/scan-with-snyk/snyk-container/kubernetes-integration/install-the-snyk-controller/install-the-snyk-controller-on-amazon-elastic-kubernetes-service-amazon-eks.md b/scan-fix-and-prevent/scan-with-snyk/snyk-container/kubernetes-integration/install-the-snyk-controller/install-the-snyk-controller-on-amazon-elastic-kubernetes-service-amazon-eks.md
index 8df350ad18b0..691f7e5c7a5b 100644
--- a/scan-fix-and-prevent/scan-with-snyk/snyk-container/kubernetes-integration/install-the-snyk-controller/install-the-snyk-controller-on-amazon-elastic-kubernetes-service-amazon-eks.md
+++ b/scan-fix-and-prevent/scan-with-snyk/snyk-container/kubernetes-integration/install-the-snyk-controller/install-the-snyk-controller-on-amazon-elastic-kubernetes-service-amazon-eks.md
@@ -8,13 +8,13 @@ Ensure you have reviewed the [prerequisites for installing the Snyk Controller](
The installation steps work best for EKS and ECR with the same AWS account. If you have a different setup, contact [Snyk support](https://support.snyk.io).
{% endhint %}
-Installing the Snyk Controller enables you to import and test your running EKS workloads and identify vulnerabilities in their associated images and configurations that can make the workloads less secure. After the workload is imported, Snyk continues to monitor the workload, identifying additional security issues, as new images are deployed and the workload configuration changes.
+Installing the Snyk Controller lets you import and test your running EKS workloads and identify vulnerabilities in their associated images and configurations that can make the workloads less secure. After the workload is imported, Snyk continues to monitor the workload, identifying additional security issues, as new images are deployed and the workload configuration changes.
The steps described below provide instructions for configuring the Snyk Controller to pull and scan private images from ECR.
To install Amazon EKS:
-1\. Access your Kubernetes environment. Run the following command in order to add the Snyk Charts repository to Helm:
+1\. Access your Kubernetes environment. Run the following command to add the Snyk Charts repository to Helm:
```
helm repo add snyk-charts https://snyk.github.io/kubernetes-monitor --force-update
@@ -51,18 +51,18 @@ kubectl create secret generic snyk-monitor \
--from-literal=serviceAccountApiToken=bdca4123-dbca-4343-bbaa-1313cbad4231
```
-5\. Attach policies or roles for nodes. You can do this using one of the below options:
+5\. Attach policies or roles for nodes. You can do this using one of the following options:
#### Attach policies for worker nodes
1. Attach the `NodeInstanceRole` policy. See [Using Amazon ECR Images with Amazon EKS](https://docs.aws.amazon.com/AmazonECR/latest/userguide/ECR_on_EKS.html).
2. Attach the `AmazonEC2ContainerRegistryReadOnly` policy to your EKS worker nodes.\
- The Snyk Controller is now able to pull private images when running on those worker nodes.
+ The Snyk Controller can now pull private images when running on those worker nodes.
#### Create an EKS node role for your Node Group and add the Trust Relationship for the IAM Role
1. Follow the instructions on [Amazon EKS node IAM role](https://docs.aws.amazon.com/eks/latest/userguide/create-node-role.html) and check your existing node role. Ensure you have attached the policy `AmazonEC2ContainerRegistryReadOnly`**.**
-2. For the Snyk Controller to successfully assume the IAM role and pull images from ECR, the role's trust policy must be configured to trust your EKS cluster's OIDC provider. Create the trust policy document in JSON format and apply this trust policy document to the IAM role that the Snyk Controller will use.
+2. For the Snyk Controller to successfully assume the IAM role and pull images from ECR, the role's trust policy must be configured to trust your EKS cluster's OIDC provider. Create the trust policy document in JSON format and apply this trust policy document to the IAM role that the Snyk Controller uses.
```
{
diff --git a/scan-fix-and-prevent/scan-with-snyk/snyk-container/kubernetes-integration/install-the-snyk-controller/install-the-snyk-controller-with-openshift-4-and-operatorhub.md b/scan-fix-and-prevent/scan-with-snyk/snyk-container/kubernetes-integration/install-the-snyk-controller/install-the-snyk-controller-with-openshift-4-and-operatorhub.md
index 7e9dcc7d3fea..1c13e23825f6 100644
--- a/scan-fix-and-prevent/scan-with-snyk/snyk-container/kubernetes-integration/install-the-snyk-controller/install-the-snyk-controller-with-openshift-4-and-operatorhub.md
+++ b/scan-fix-and-prevent/scan-with-snyk/snyk-container/kubernetes-integration/install-the-snyk-controller/install-the-snyk-controller-with-openshift-4-and-operatorhub.md
@@ -1,5 +1,5 @@
# Install the Snyk Controller with OpenShift 4 and OperatorHub
-The Snyk Controller V2 is currently not available in the OpenShift Marketplace nor available as a community version.
+The Snyk Controller V2 is not available in the OpenShift Marketplace nor available as a community version.
You can still install Snyk Controller V2 in OpenShift using the Helm install instructions. See [Install the Snyk Controller with Helm (Azure and Google Cloud Platform)](install-the-snyk-controller-with-helm-azure-and-google-cloud-platform.md).
diff --git a/scan-fix-and-prevent/scan-with-snyk/snyk-container/kubernetes-integration/install-the-snyk-controller/optional-installation-steps-for-snyk-controller-with-helm.md b/scan-fix-and-prevent/scan-with-snyk/snyk-container/kubernetes-integration/install-the-snyk-controller/optional-installation-steps-for-snyk-controller-with-helm.md
index f97eb6703f2f..4dcd7138cef3 100644
--- a/scan-fix-and-prevent/scan-with-snyk/snyk-container/kubernetes-integration/install-the-snyk-controller/optional-installation-steps-for-snyk-controller-with-helm.md
+++ b/scan-fix-and-prevent/scan-with-snyk/snyk-container/kubernetes-integration/install-the-snyk-controller/optional-installation-steps-for-snyk-controller-with-helm.md
@@ -118,7 +118,7 @@ helm upgrade --install snyk-monitor snyk-charts/snyk-monitor \
By default, Snyk ignores scanning certain namespaces believed to be internal to Kubernetes. For the full list, see [Configuring excluded namespaces](https://github.com/snyk/kubernetes-monitor/tree/master/snyk-monitor#configuring-excluded-namespaces).\
\
-You can change the default, as Snyk allows you to configure the excluded namespaces.
+You can change the default, as Snyk lets you configure the excluded namespaces.
When you add your own list of namespaces to exclude with the `excludedNamespaces` setting, Snyk overrides the default settings and uses the list of namespaces you provide.
@@ -151,7 +151,7 @@ helm upgrade --install snyk-monitor snyk-charts/snyk-monitor \
## Configure Snyk Controller CPU
-If more or less CPU is required in order to deploy the controller, configure the HelmChart default value for requests (X) and limits (Y) with the `--set` flag.
+If more or less CPU is required to deploy the controller, configure the HelmChart default value for requests (X) and limits (Y) with the `--set` flag.
```
helm upgrade --install snyk-monitor snyk-charts/snyk-monitor \
diff --git a/scan-fix-and-prevent/scan-with-snyk/snyk-container/kubernetes-integration/integrate-with-sysdig.md b/scan-fix-and-prevent/scan-with-snyk/snyk-container/kubernetes-integration/integrate-with-sysdig.md
index 212b50ccbfbc..de934f9cffb6 100644
--- a/scan-fix-and-prevent/scan-with-snyk/snyk-container/kubernetes-integration/integrate-with-sysdig.md
+++ b/scan-fix-and-prevent/scan-with-snyk/snyk-container/kubernetes-integration/integrate-with-sysdig.md
@@ -7,7 +7,7 @@ To enhance its capabilities when detecting workload information, Snyk has partne
For a successful integration with Sysdig, the Snyk Controller requires an extra Sysdig Secret in the `snyk-monitor` namespace. The Sysdig Secret name is `snyk-sysdig-secret`.
{% hint style="info" %}
-Execute the commands below after installing Sysdig, in order to allow the Snyk Controller to detect Sysdig in the cluster.
+Run the following commands after installing Sysdig, to allow the Snyk Controller to detect Sysdig in the cluster.
{% endhint %}
Create the `snyk-sysdig-secret` in the `snyk-monitor` namespace:
@@ -38,7 +38,7 @@ Your Snyk Controller now collects data from Sysdig every 30 minutes.
## Enrich Snyk vulnerability data and priority score
-To enrich the priority score of vulnerabilities it detects, Snyk uses packages executed at runtime. This allows Snyk to better prioritize which vulnerabilities to fix first. The priority score is available on both the **Project** page and in the [Snyk public API](https://app.gitbook.com/s/IEEjSXQQu36y0vmFV8zf/snyk-api/reference/projects-v1#org-orgid-project-projectid-aggregated-issues).
+To enrich the priority score of vulnerabilities it detects, Snyk uses packages executed at runtime. This lets Snyk better prioritize which vulnerabilities to fix first. The priority score is available on both the **Project** page and in the [Snyk public API](https://app.gitbook.com/s/IEEjSXQQu36y0vmFV8zf/snyk-api/reference/projects-v1#org-orgid-project-projectid-aggregated-issues).
.png>)
@@ -51,7 +51,7 @@ After enabling the Sysdig integration, allow 30 minutes before manually importin
## Application support
-For application vulnerabilities, Snyk currently provides support for the following languages:
+For application vulnerabilities, Snyk provides support for the following languages:
* Java
* JavaScript
diff --git a/scan-fix-and-prevent/scan-with-snyk/snyk-container/kubernetes-integration/overview-of-kubernetes-integration/README.md b/scan-fix-and-prevent/scan-with-snyk/snyk-container/kubernetes-integration/overview-of-kubernetes-integration/README.md
index ebd4ca355108..4b7e963312f6 100644
--- a/scan-fix-and-prevent/scan-with-snyk/snyk-container/kubernetes-integration/overview-of-kubernetes-integration/README.md
+++ b/scan-fix-and-prevent/scan-with-snyk/snyk-container/kubernetes-integration/overview-of-kubernetes-integration/README.md
@@ -5,7 +5,7 @@
Kubernetes integration is available only with Enterprise plans. For more information, see [plans and pricing](https://snyk.io/plans/).
{% endhint %}
-Snyk is able to integrate with Kubernetes, enabling you to import and scan your running workloads. This helps you identify vulnerabilities in their associated images and configurations that can make those workloads less secure. After workloads are imported, Snyk continues to monitor them and to identify additional security issues as new images are deployed and the workload configuration changes.
+Snyk integrates with Kubernetes, letting you import and scan your running workloads. This helps you identify vulnerabilities in their associated images and configurations that can make those workloads less secure. After workloads are imported, Snyk continues to monitor them and to identify additional security issues as new images are deployed and the workload configuration changes.
## **How Kubernetes integration works**
@@ -46,7 +46,7 @@ Snyk Container Kubernetes integration uses Red Hat UBI (Universal Base Image).
Before downloading or using this application, you must agree to the Red Hat subscription agreement located on the [Red Hat website](https://www.redhat.com/en/about/agreements). If you do not agree with these terms, do not download or use the application.
-If you have an existing Red Hat Enterprise Agreement (or other negotiated agreement with Red Hat) with terms that govern subscription services associated with Containers, then your existing agreement will be the controlling agreement.
+If you have an existing Red Hat Enterprise Agreement (or other negotiated agreement with Red Hat) with terms that govern subscription services associated with Containers, then your existing agreement is the controlling agreement.
## Kubernetes integration troubleshooting
diff --git a/scan-fix-and-prevent/scan-with-snyk/snyk-container/kubernetes-integration/overview-of-kubernetes-integration/enable-the-kubernetes-integration.md b/scan-fix-and-prevent/scan-with-snyk/snyk-container/kubernetes-integration/overview-of-kubernetes-integration/enable-the-kubernetes-integration.md
index 85716778627c..bf4bc13e9494 100644
--- a/scan-fix-and-prevent/scan-with-snyk/snyk-container/kubernetes-integration/overview-of-kubernetes-integration/enable-the-kubernetes-integration.md
+++ b/scan-fix-and-prevent/scan-with-snyk/snyk-container/kubernetes-integration/overview-of-kubernetes-integration/enable-the-kubernetes-integration.md
@@ -27,7 +27,7 @@ In this window, the following sections are available:
| Section | Description |
| ------------------------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ |
-| **Connected to Kubernetes** |
This section appears after you have successfully connected, allowing you to add your workloads from the Dashboard, from the Projects page.
When the Kubernetes integration is not yet set up, this is the only section that appears in this window, together with the Connect button. See Overview of the Kubernetes integration.
|
+| **Connected to Kubernetes** |
This section appears after you have successfully connected, letting you add your workloads from the Dashboard, from the Projects page.
When the Kubernetes integration is not yet set up, this is the only section that appears in this window, together with the Connect button. See Overview of the Kubernetes integration.
|
| **Integration ID** |
The Integration ID is a UUID and appears in the format abcd1234-abcd-1234-abcd-1234abcd1234.
If you have not set up the connection yet, click Connect and use this ID to set up your configuration.
If you have set up configuration, this information is visible on the page.
|
| **Snyk controller versions** | Displays the version of the Snyk controller you have installed on your clusters. |
-| **Disconnect from Kubernetes** | Allows you to remove this integration from this Organization. To do this, click **Disconnect**. |
+| **Disconnect from Kubernetes** | Lets you remove this integration from this Organization. To do this, click **Disconnect**. |
diff --git a/scan-fix-and-prevent/scan-with-snyk/snyk-container/kubernetes-integration/overview-of-kubernetes-integration/how-snyk-controller-handles-your-data.md b/scan-fix-and-prevent/scan-with-snyk/snyk-container/kubernetes-integration/overview-of-kubernetes-integration/how-snyk-controller-handles-your-data.md
index d4bd2c9db284..ea18b63270a0 100644
--- a/scan-fix-and-prevent/scan-with-snyk/snyk-container/kubernetes-integration/overview-of-kubernetes-integration/how-snyk-controller-handles-your-data.md
+++ b/scan-fix-and-prevent/scan-with-snyk/snyk-container/kubernetes-integration/overview-of-kubernetes-integration/how-snyk-controller-handles-your-data.md
@@ -3,9 +3,9 @@
After you install the Snyk Controller in your Kubernetes cluster, it pulls images from your container registries:
1. The Snyk Controller has read-only access to the Kubernetes workloads and container registries.
-2. The Snyk Controller pulls images to disk, scans them, and then deletes the images once the scanning completes.
-3. The Snyk Controller collects only the minimum relevant information in order to perform vulnerability analysis, specifically the list of dependencies in the image and the workload metadata.
-4. The data that the Snyk Controller collects is stored in Snyk's backend, but it is deleted after eight days. Below is the data that Snyk Controller collects:
+2. The Snyk Controller pulls images to disk, scans them, and then deletes the images after the scanning completes.
+3. The Snyk Controller collects only the minimum relevant information to perform vulnerability analysis, specifically the list of dependencies in the image and the workload metadata.
+4. The data that the Snyk Controller collects is stored in the Snyk backend, but it is deleted after eight days. The Snyk Controller collects the following data:
* Workload metadata (Kubernetes configuration):
* Labels, annotations
* PodSpec
diff --git a/scan-fix-and-prevent/scan-with-snyk/snyk-container/kubernetes-integration/overview-of-kubernetes-integration/supported-workloads-container-registries-languages-and-operating-systems.md b/scan-fix-and-prevent/scan-with-snyk/snyk-container/kubernetes-integration/overview-of-kubernetes-integration/supported-workloads-container-registries-languages-and-operating-systems.md
index 3a3d715974a0..97c4c37d5204 100644
--- a/scan-fix-and-prevent/scan-with-snyk/snyk-container/kubernetes-integration/overview-of-kubernetes-integration/supported-workloads-container-registries-languages-and-operating-systems.md
+++ b/scan-fix-and-prevent/scan-with-snyk/snyk-container/kubernetes-integration/overview-of-kubernetes-integration/supported-workloads-container-registries-languages-and-operating-systems.md
@@ -18,7 +18,7 @@ The Controller detects these workloads by tracing the chain of owner references
For example, given a Pod, the Controller can detect that it is owned by a ReplicaSet, which in turn is owned by a Deployment, which in turn has no other owners. The workload detected is thus the Deployment.
-In cases where a workload is owned by a Custom Resource, the `snyk monitor` currently cannot proceed and must assume that the current workload is the topmost parent that the Controller was able to process.
+In cases where a workload is owned by a Custom Resource, the `snyk monitor` cannot proceed and must assume that the current workload is the topmost parent that the Controller could process.
## Supported container registries
diff --git a/scan-fix-and-prevent/scan-with-snyk/snyk-container/scan-container-images.md b/scan-fix-and-prevent/scan-with-snyk/snyk-container/scan-container-images.md
index 41c8846234db..ec5261baffca 100644
--- a/scan-fix-and-prevent/scan-with-snyk/snyk-container/scan-container-images.md
+++ b/scan-fix-and-prevent/scan-with-snyk/snyk-container/scan-container-images.md
@@ -27,7 +27,7 @@ You can see the history of all the repositories and container registry images im
To see vulnerability information for that Project, select an imported Project from the target list.
-Click on a Project entry to see details of the vulnerabilities found, including where it was introduced, how to fix it, and other details about the vulnerability.
+Click a Project entry to see details of the vulnerabilities found, including where it was introduced, how to fix it, and other details about the vulnerability.
## Fix vulnerabilities in your container images
diff --git a/scan-fix-and-prevent/scan-with-snyk/snyk-container/scan-your-dockerfile/README.md b/scan-fix-and-prevent/scan-with-snyk/snyk-container/scan-your-dockerfile/README.md
index 2c7230a92bb5..71e06379ce8b 100644
--- a/scan-fix-and-prevent/scan-with-snyk/snyk-container/scan-your-dockerfile/README.md
+++ b/scan-fix-and-prevent/scan-with-snyk/snyk-container/scan-your-dockerfile/README.md
@@ -1,6 +1,6 @@
# Scan your Dockerfile
-Snyk Container allows you to analyze your Dockerfile and scan base images from the Dockerfile.
+Snyk Container lets you analyze your Dockerfile and scan base images from the Dockerfile.
## Prerequisites for Dockerfile analysis
diff --git a/scan-fix-and-prevent/scan-with-snyk/snyk-container/scan-your-dockerfile/automatically-link-your-dockerfile-with-container-images-using-labels.md b/scan-fix-and-prevent/scan-with-snyk/snyk-container/scan-your-dockerfile/automatically-link-your-dockerfile-with-container-images-using-labels.md
index 158d2410b650..876bf378ea8b 100644
--- a/scan-fix-and-prevent/scan-with-snyk/snyk-container/scan-your-dockerfile/automatically-link-your-dockerfile-with-container-images-using-labels.md
+++ b/scan-fix-and-prevent/scan-with-snyk/snyk-container/scan-your-dockerfile/automatically-link-your-dockerfile-with-container-images-using-labels.md
@@ -1,10 +1,10 @@
# Automatically link your Dockerfile with container images using labels
-Snyk allows you to link manually or automatically from a Dockerfile to all container images built from it. You can use this to understand the security impact on your running applications and understand which images can be better secured or need to be rebuilt when you take action and update the Dockerfile base image.
+Snyk lets you link manually or automatically from a Dockerfile to all container images built from it. You can use this to understand the security impact on your running applications and understand which images you can secure better or must rebuild when you take action and update the Dockerfile base image.
## How linked images work
-When it is imported or rescanned, the image is analyzed and scanned for vulnerabilities. Image labels are also retrieved from the image manifest. Snyk then checks that:
+When you import or rescan the image, Snyk analyzes and scans it for vulnerabilities. Snyk also retrieves image labels from the image manifest. Snyk then checks that:
* Image labels defining the Dockerfile location exist:
* (Mandatory) `org.opencontainers.image.source` - URL to the Project repository, for example, `org.opencontainers.image.source="https://github.com/example/test"`
@@ -25,9 +25,9 @@ Using container registry integration, you can get automatic links between import
## Automatically update and remove links
-Links are automatically updated if the Dockerfile labels are updated and are targeting a new location. This can happen during a re-scan or during a recurring scan.
+Snyk automatically updates links if the Dockerfile labels are updated and target a new location. This can happen during a rescan or during a recurring scan.
-Links are removed if:
+Snyk removes links if:
* The image Project or Dockerfile Project is deleted.
* The Dockerfile labels are updated so that they target the Dockerfile location without an existing Project in Snyk or
diff --git a/scan-fix-and-prevent/scan-with-snyk/snyk-container/scan-your-dockerfile/detect-vulnerable-base-images-from-your-dockerfile.md b/scan-fix-and-prevent/scan-with-snyk/snyk-container/scan-your-dockerfile/detect-vulnerable-base-images-from-your-dockerfile.md
index 242200e8ac68..c8d831841ee9 100644
--- a/scan-fix-and-prevent/scan-with-snyk/snyk-container/scan-your-dockerfile/detect-vulnerable-base-images-from-your-dockerfile.md
+++ b/scan-fix-and-prevent/scan-with-snyk/snyk-container/scan-your-dockerfile/detect-vulnerable-base-images-from-your-dockerfile.md
@@ -36,13 +36,13 @@ The following information is displayed: **Current image**, **Minor upgrades**, *
## Scan the base image from a Dockerfile
-Snyk detects vulnerable base images by scanning your Dockerfile when you import a Git repository. This allows you to examine security issues before building the image and thus helps solve potential problems before they land in your registry or in production.
+Snyk detects vulnerable base images by scanning your Dockerfile when you import a Git repository. This lets you examine security issues before building the image and helps solve potential problems before they land in your registry or in production.
{% hint style="info" %}
When scanning Dockerfiles, Snyk can provide vulnerability information and base image recommendations for supported base images. If you need help, contact [Snyk Support](https://support.snyk.io).
{% endhint %}
-After you [integrate your Git repository with Snyk](https://app.gitbook.com/s/IEEjSXQQu36y0vmFV8zf/integrations/scm-integrations/organization-level-integrations), any Dockerfiles in that repository are automatically identified and shown in the Web UI as Projects.
+After you [integrate your Git repository with Snyk](https://app.gitbook.com/s/IEEjSXQQu36y0vmFV8zf/integrations/scm-integrations/organization-level-integrations), Snyk automatically identifies any Dockerfiles in that repository and shows them in the Web UI as Projects.
Dockerfiles displayed in the Project list
diff --git a/scan-fix-and-prevent/scan-with-snyk/snyk-container/scan-your-dockerfile/fix-vulnerable-base-images-in-your-dockerfile.md b/scan-fix-and-prevent/scan-with-snyk/snyk-container/scan-your-dockerfile/fix-vulnerable-base-images-in-your-dockerfile.md
index 772dda3ab634..c9a5f0cf5d98 100644
--- a/scan-fix-and-prevent/scan-with-snyk/snyk-container/scan-your-dockerfile/fix-vulnerable-base-images-in-your-dockerfile.md
+++ b/scan-fix-and-prevent/scan-with-snyk/snyk-container/scan-your-dockerfile/fix-vulnerable-base-images-in-your-dockerfile.md
@@ -2,7 +2,7 @@
## Automatic Pull Requests (PRs)
-Snyk detects vulnerable base images by scanning your Dockerfile when importing a Git repository and helps you fix them using automatic pull requests. This allows you to examine security issues before you build the image and fix them before they land in your registry or in production.
+Snyk detects vulnerable base images by scanning your Dockerfile when importing a Git repository and helps you fix them using automatic pull requests. This lets you examine security issues before you build the image and fix them before they land in your registry or in production.
Supported Git-based repository managers for Dockerfile fix PRs include:
@@ -15,7 +15,7 @@ Supported Git-based repository managers for Dockerfile fix PRs include:
* GitHub Server
* Azure Repos
-For any Dockerfile Project created in Snyk, if the base image is a [Docker Official image](https://docs.docker.com/docker-hub/official_images/), the results include a list of suitable base images that can be used instead of the existing, more vulnerable one. For more information, see [Analyze and fix container images](../use-snyk-container/analyze-and-fix-container-images.md).
+For any Dockerfile Project created in Snyk, if the base image is a [Docker Official image](https://docs.docker.com/docker-hub/official_images/), the results include a list of suitable base images you can use instead of the existing, more vulnerable one. For more information, see [Analyze and fix container images](../use-snyk-container/analyze-and-fix-container-images.md).
Snyk then automatically issues a fix pull request against your Dockerfile to upgrade to the latest minor version available.
@@ -35,7 +35,7 @@ To enable automatic update PRs, navigate to **Settings** > **Integrations** and
## Open a fix PR manually
-Alternatively, you can open a fix PR manually from the Project page by clicking **Open a Fix PR** for the base image version you wish to upgrade to.
+Alternatively, you can open a fix PR manually from the Project page by clicking **Open a Fix PR** for the base image version you want to upgrade to.
Open a fix PR
diff --git a/scan-fix-and-prevent/scan-with-snyk/snyk-container/use-snyk-container/analyze-and-fix-container-images.md b/scan-fix-and-prevent/scan-with-snyk/snyk-container/use-snyk-container/analyze-and-fix-container-images.md
index d2bbcfa9790c..95db5a6ec3c7 100644
--- a/scan-fix-and-prevent/scan-with-snyk/snyk-container/use-snyk-container/analyze-and-fix-container-images.md
+++ b/scan-fix-and-prevent/scan-with-snyk/snyk-container/use-snyk-container/analyze-and-fix-container-images.md
@@ -67,7 +67,7 @@ When providing public base image recommendations, Snyk bases its logic on the or
The Snyk recommendations for upgrading the base image refer to:
* **Minor upgrades**: the safest and best minor upgrade available
-* **Major upgrades**: an option for a major upgrade that will reduce more vulnerabilities but with greater risk
+* **Major upgrades**: an option for a major upgrade that reduces more vulnerabilities but with greater risk
* **Alternative upgrades**: viable image options for replacing your current base image with possible different base images that provide the least amount of vulnerabilities.
* Recommendation to rebuild your base image if it is outdated.
diff --git a/scan-fix-and-prevent/scan-with-snyk/snyk-container/use-snyk-container/detect-application-vulnerabilities-in-container-images.md b/scan-fix-and-prevent/scan-with-snyk/snyk-container/use-snyk-container/detect-application-vulnerabilities-in-container-images.md
index 917802cc4cc4..fbaa8b8f7fd7 100644
--- a/scan-fix-and-prevent/scan-with-snyk/snyk-container/use-snyk-container/detect-application-vulnerabilities-in-container-images.md
+++ b/scan-fix-and-prevent/scan-with-snyk/snyk-container/use-snyk-container/detect-application-vulnerabilities-in-container-images.md
@@ -2,19 +2,19 @@
In one scan, Snyk can detect the vulnerabilities in your application dependencies from container images, as well as from the operating system.
-Detecting application vulnerabilities is intended for scanning third-party images. This feature was not designed for detecting issues in code developed in-house, where the user has access to the source code and can shift left and detect Issues earlier in the SDLC by using Snyk Code and Snyk Open Source.
+Detecting application vulnerabilities is intended for scanning third-party images. This feature is not designed for detecting issues in code developed in-house, where the user has access to the source code and can shift left and detect issues earlier in the SDLC by using Snyk Code and Snyk Open Source.
Detecting application vulnerabilities in container images for Container Registry integration is supported for Node, Ruby, PHP, Python, Go binaries, and Java. For the CLI and Kubernetes, this feature is supported for Node, PHP, Python, Go binaries, and Java.
After you integrate with a container registry and import your Projects, Snyk scans your image for vulnerabilities.
-For application Projects created from images that are imported from container registry integrations, the applications are not re-imported during recurring scans or manual rescans.
+For application Projects created from images that are imported from container registry integrations, Snyk does not re-import the applications during recurring scans or manual rescans.
-Instead, the application dependencies that are found during the initial image import are scanned for new vulnerabilities.
+Instead, Snyk scans the application dependencies found during the initial image import for new vulnerabilities.
-If new dependencies are introduced in an application within an image, they will not be detected by recurring scans or manual rescans. To detect new or updated applications within images from container registries, you must re-import the image to Snyk.
+If new dependencies are introduced in an application within an image, recurring scans or manual rescans do not detect them. To detect new or updated applications within images from container registries, you must re-import the image to Snyk.
-For applications found in images imported from the Kubernetes integration, existing applications will be re-imported, but new apps added to the image will not be imported during recurring scans. To detect new applications within images from Kubernetes, you must re-import the image to Snyk.
+For applications found in images imported from the Kubernetes integration, Snyk re-imports existing applications, but does not import new apps added to the image during recurring scans. To detect new applications within images from Kubernetes, you must re-import the image to Snyk.
## Enable container registries vulnerability scan
@@ -47,7 +47,7 @@ Snyk Container CLI supports scanning Java applications embedded in container ima
### Nested jars depth option
-When `--app-vulns` is enabled, you can also use the `--nested-jars-depth=n` option to set how many levels of nested jars Snyk will unpack. The implicit default is 1. When you specify 2, it means that Snyk unzips jars in jars; 3 means Snyk unzips jars in jars in jars, and so on.
+When `--app-vulns` is enabled, you can also use the `--nested-jars-depth=n` option to set how many levels of nested jars Snyk unpacks. The implicit default is 1. When you specify 2, it means that Snyk unzips jars in jars; 3 means Snyk unzips jars in jars in jars, and so on.
To opt out of any scans you feel are unnecessary, use `--nested-jar-depth=0` .
@@ -57,7 +57,7 @@ Snyk Container CLI could report Maven packages suffixed with a version of @unkno
## View application vulnerabilities and licensing issues
-When the **Detect application vulnerabilities** feature is enabled, it allows you to see:
+When the **Detect application vulnerabilities** feature is enabled, you can see:
* Dependency vulnerabilities and licensing issues of manifest files detected in your container image
* Vulnerabilities detected in operating system packages.
diff --git a/scan-fix-and-prevent/scan-with-snyk/snyk-container/use-snyk-container/detect-the-container-base-image.md b/scan-fix-and-prevent/scan-with-snyk/snyk-container/use-snyk-container/detect-the-container-base-image.md
index 142a0ea89414..aaa63d678daa 100644
--- a/scan-fix-and-prevent/scan-with-snyk/snyk-container/use-snyk-container/detect-the-container-base-image.md
+++ b/scan-fix-and-prevent/scan-with-snyk/snyk-container/use-snyk-container/detect-the-container-base-image.md
@@ -1,6 +1,6 @@
# Detect the container base image
-Detecting vulnerable base images allows you to identify the source of your vulnerabilities and fix them by updating the base image according to recommendations.
+Detecting vulnerable base images lets you identify the source of your vulnerabilities and fix them by updating the base image according to recommendations.
You can detect your base image after you configure a [container integration](../#snyk-container-integrations) (such as the CLI or a container registry integration).
@@ -12,12 +12,12 @@ For details about supported container registries, see [Container security integr
To identify vulnerable base images, you can use one of the following methods:
-* Auto-detection - when Snyk analyses your container image, it extracts relevant metadata from the image manifest, and detects the base image. This method analyses `rootfs` layers from the image manifest, which can be equivalent to more than one image or image tag in DockerHub.
+* Auto-detection - when Snyk analyzes your container image, it extracts relevant metadata from the image manifest, and detects the base image. This method analyzes `rootfs` layers from the image manifest, which can be equivalent to more than one image or image tag in DockerHub.
* Dockerfile - Snyk can also detect vulnerable base images using your Dockerfile. It can either be attached with a `--file` flag to your CLI `snyk container test` scan, linked from an SCM through your Project settings, or detected and scanned when you import a Git repository. Compared to auto-detection, using your Dockerfile can be more accurate but requires an additional step.\
\
For multi-stage Dockerfiles, Snyk detects the base image included in the image introduced in the final `FROM` line. According to [Docker's multi-stage build documentation](https://docs.docker.com/develop/develop-images/multistage-build/#use-multi-stage-builds), this happens because using multiple `FROM` statements lets you "selectively copy artifacts from one stage to another, leaving behind everything you don't want in the final image."
-For either method, a Project in the Snyk UI is created.
+For either method, Snyk creates a Project in the Snyk UI.
{% hint style="info" %}
Snyk supports only a subset of official Docker images. If you need help, contact [Snyk Support](https://support.snyk.io).
@@ -33,7 +33,7 @@ When you scan a Docker image in Snyk, you can see the instruction in the image l
If the base image is a Snyk-supported image, the results include recommendations for upgrades to resolve some of the discovered vulnerabilities.
-This allows you to see vulnerability counts in minor and major upgrades and in alternative base images, which might have fewer vulnerabilities. Based on this information, you can decide whether to upgrade your base image and which one is the best.
+This lets you see vulnerability counts in minor and major upgrades and in alternative base images, which might have fewer vulnerabilities. Based on this information, you can decide whether to upgrade your base image and which one is the best.
You can see the base image vulnerabilities in your Project among the vulnerabilities added by your instructions, sorted by their priority score.
diff --git a/scan-fix-and-prevent/scan-with-snyk/snyk-container/use-snyk-container/sync-your-container-registry.md b/scan-fix-and-prevent/scan-with-snyk/snyk-container/use-snyk-container/sync-your-container-registry.md
index 77224a2846fb..2a11758fc25a 100644
--- a/scan-fix-and-prevent/scan-with-snyk/snyk-container/use-snyk-container/sync-your-container-registry.md
+++ b/scan-fix-and-prevent/scan-with-snyk/snyk-container/use-snyk-container/sync-your-container-registry.md
@@ -12,8 +12,8 @@ The sync process runs on a schedule you define and performs the following action
* Lists tags: Snyk enumerates all available image tags for each repository.
* Applies policy: Snyk evaluates the images against your import policy to determine which images to import or delete.
* Creates output:
- * For each matching repository, Snyk creates a target (e.g., `mycompany/web-app`). The target naming follows the pattern: `{repository_name}`
- * For each matching image tag, Snyk creates a Project under that target (e.g., `mycompany/web-app:latest`), which contains the vulnerability scan results. The Project naming follows the pattern: `{repository_name}:{tag}`
+ * For each matching repository, Snyk creates a target (for example, `mycompany/web-app`). The target naming follows the pattern: `{repository_name}`
+ * For each matching image tag, Snyk creates a Project under that target (for example, `mycompany/web-app:latest`), which contains the vulnerability scan results. The Project naming follows the pattern: `{repository_name}:{tag}`
## Policy configuration
diff --git a/scan-fix-and-prevent/scan-with-snyk/snyk-container/use-snyk-container/use-custom-base-image-recommendations/README.md b/scan-fix-and-prevent/scan-with-snyk/snyk-container/use-snyk-container/use-custom-base-image-recommendations/README.md
index 3f34097d984a..246be016eb43 100644
--- a/scan-fix-and-prevent/scan-with-snyk/snyk-container/use-snyk-container/use-custom-base-image-recommendations/README.md
+++ b/scan-fix-and-prevent/scan-with-snyk/snyk-container/use-snyk-container/use-custom-base-image-recommendations/README.md
@@ -12,9 +12,9 @@ When scanning a container image, Snyk provides recommendations based on the base
Customers often maintain their own internal base images, built on top of Docker Official Images or other upstream images. These are provided as a service to a wider set of development teams. For example: `somecompany/base-python:3.12.1`.
-The Custom Base Image Recommendation feature (CBIR) allows Snyk to recommend an image upgrade from a pool of your internal images. This allows teams to be notified of newer versions of their internal base images, along with a vulnerability count, in order to help with image selection.\
+The Custom Base Image Recommendation feature (CBIR) lets Snyk recommend an image upgrade from a pool of your internal images. This notifies teams of newer versions of their internal base images, along with a vulnerability count, to help with image selection.\
\
-Snyk does not use the vulnerability data in order to detemine which version to display. All versions in the pool of images to recommend that are considered upgrades to the current image are offered. This provides users with the most control over what images to recommend and which not.\
+Snyk does not use the vulnerability data to determine which version to display. Snyk offers all versions in the pool of images to recommend that are considered upgrades to the current image. This provides users with the most control over which images to recommend and which not.\
\
You can remove images that must not be recommended by disabling the **Include in recommendations** option. For more information, see [Mark the created Project as a custom base image](./#mark-the-created-project-as-a-custom-base-image).
@@ -30,7 +30,7 @@ As opposed to public Docker Official Images, Snyk can detect a custom base image
All custom base image recommendations are considered minor upgrades, regardless of the image tag.
-To determine the latest version of a base image across Projects imported into the same repository, Snyk allows configuring a versioning schema. For more information, see [Versioning schemas for custom base images.](versioning-schema-for-custom-base-images.md)
+To determine the latest version of a base image across Projects imported into the same repository, Snyk lets you configure a versioning schema. For more information, see [Versioning schemas for custom base images.](versioning-schema-for-custom-base-images.md)
The Custom Base Image Recommendation feature supports Automatic fix PRs. If you are not using the latest version of the base image, then immediately after image import Snyk automatically issues a fix pull request against your Dockerfile to upgrade to the latest available custom base image version.
@@ -39,14 +39,14 @@ The Custom Base Image Recommendation feature supports Automatic fix PRs. If you
The recommendations provided by the CBIR feature rely on versioned tags that comply with the versioning schema configured.
{% hint style="info" %}
-It is possible to add the "latest" tag to this pool as a single selection, or as part of a custom versioning scheme. However, Snyk does not recommend doing this, as it negates the benefits of the CBIR feature. The following information considers that the recommendations are not configured with the "latest" tag included in recommendations.
+You can add the "latest" tag to this pool as a single selection, or as part of a custom versioning scheme. However, Snyk does not recommend doing this, as it negates the benefits of the CBIR feature. The following information considers that the recommendations are not configured with the "latest" tag included in recommendations.
{% endhint %}
### Latest and other rolling image tags
Snyk recommends that you do not add the "latest" tag to the versioning schema pool along with other tags, so that Snyk does not provide this as an update. The same is true for other similar rolling tags.
-For any image that uses the "latest" tag, Snyk recommends moving to the current latest image (by versioned tag) in that repository. This is because when the container that Snyk scans was built using the "latest" tag, this tag may or may not have referenced the same image that is considered the latest image.
+For any image that uses the "latest" tag, Snyk recommends moving to the current latest image (by versioned tag) in that repository. This is because when the container that Snyk scans was built using the "latest" tag, this tag might not have referenced the same image that is considered the latest image.
### **Recommendations for upgrading the base image**
@@ -70,7 +70,7 @@ The following steps explain how to configure custom base images. The team that i
1. From the Web UI, open the Project with the imported base image.
2. On the Project page, navigate to **Settings**.
-3. Enable **Custom Base Image**. This allows Snyk to recognize this image as a base image in other Projects.
+3. Enable **Custom Base Image**. This lets Snyk recognize this image as a base image in other Projects.
4. If you want Snyk to use this image as a source to determine the best upgrade path, enable **Include in recommendations**.
{% hint style="info" %}
@@ -109,7 +109,7 @@ Use `--file` (mandatory) to specify the path to the Dockerfile.
### Use a previously imported image and set the Dockerfile
-You can modify previously imported container Projects in order to attach a Dockerfile.
+You can modify previously imported container Projects to attach a Dockerfile.
On the Project page for the application image, navigate to **Settings** and configure the Dockerfile by clicking **Configure Dockerfile** and selecting your source control system from the dropdown.
@@ -124,7 +124,7 @@ Choose the Dockerfile repository and add the path to your Dockerfile. Click **Up
Next, navigate to the **Project** page to see the recommendations for the image.
{% hint style="info" %}
-You may need to retest a Project when you set the Dockerfile for an existing project.
+You might need to retest a Project when you set the Dockerfile for an existing project.
{% endhint %}
Example of Custom Base Image Recommendations
@@ -132,4 +132,4 @@ You may need to retest a Project when you set the Dockerfile for an existing pro
## Known limitations of CBIR
* When you scan an application image, custom base image recommendations do not appear unless you attach the Dockerfile to the scanned Project.
-* The image registry is ignored when recommendations are given for custom base images. When Snyk shows recommendations and fix PRs, images with the same repository but different registries are treated as coming from the same registry (the current base image's registry).
+* Snyk ignores the image registry when it gives recommendations for custom base images. When Snyk shows recommendations and fix PRs, it treats images with the same repository but different registries as coming from the same registry (the current base image's registry).
diff --git a/scan-fix-and-prevent/scan-with-snyk/snyk-container/use-snyk-container/use-custom-base-image-recommendations/custom-versioning-schema-for-custom-base-images.md b/scan-fix-and-prevent/scan-with-snyk/snyk-container/use-snyk-container/use-custom-base-image-recommendations/custom-versioning-schema-for-custom-base-images.md
index 4db21a59daa5..416f41304812 100644
--- a/scan-fix-and-prevent/scan-with-snyk/snyk-container/use-snyk-container/use-custom-base-image-recommendations/custom-versioning-schema-for-custom-base-images.md
+++ b/scan-fix-and-prevent/scan-with-snyk/snyk-container/use-snyk-container/use-custom-base-image-recommendations/custom-versioning-schema-for-custom-base-images.md
@@ -1,6 +1,6 @@
# Custom versioning schema for custom base images
-The Custom Versioning Schema (CVS) is a way for Snyk to understand your company’s container image tag versioning schema. It enables Snyk to give more accurate base image upgrade recommendations.
+The Custom Versioning Schema (CVS) is a way for Snyk to understand your company’s container image tag versioning schema. It helps Snyk give more accurate base image upgrade recommendations.
## Prerequisites for Snyk CVS
@@ -8,7 +8,7 @@ CVS is part of the Snyk Container Custom Base Images feature. For more informati
## When to use CVS
-If your container image's tags follow a versioning schema other than [Semantic Versioning](https://semver.org/) (SemVer), it is highly recommended that you select the Custom Versioning Schema for your image repositories.
+If your container image's tags follow a versioning schema other than [Semantic Versioning](https://semver.org/) (SemVer), Snyk recommends that you select the Custom Versioning Schema for your image repositories.
## CVS expression guide
@@ -24,17 +24,17 @@ snyk/example:1.2_V4
snyk/example:1.3_V1
```
-Because this repository’s image tags do not follow the semantic versioning standard, it is necessary to describe the tags using a custom versioning schema.
+Because this repository’s image tags do not follow the semantic versioning standard, you must describe the tags using a custom versioning schema.
The `snyk/example` tag schema is defined by the following elements, in this order:
1. A number whose value has the highest significance (MAJOR part)
2. A period
-3. Another number, whose significance is less than the first number number (MINOR part)
+3. Another number, whose significance is less than the first number (MINOR part)
4. An underscore followed by the letter "V" (version)
5. A number whose value is the least significant.
-For Snyk to understand the different parts and their role, it is necessary to define a schema. In this regular expression, named groups represent the significant variables.
+For Snyk to understand the different parts and their role, you must define a schema. In this regular expression, named groups represent the significant variables.
The schema below is a translated version of the above example and its elements.
@@ -179,7 +179,7 @@ Since `1.3` and `1.3.5` have the same issue as `1.2` and `1.2.4`, the recommenda
* CVS uses a subset of the ECMAScript regex. See the [guide on ECMAScript regex syntax by MDN](https://developer.mozilla.org/en-US/docs/Web/JavaScript/Guide/Regular_Expressions).
* Backreferences and lookahead assertions are not supported. Internally, Snyk uses the RE2 library. For a full list of unsupported features, see [Syntax on re2 GitHub](https://github.com/google/re2/wiki/Syntax).
-* Note that the regular expression string is parsed as an ECMAScript regex and then internally converted to RE2 syntax. For example, use the `(?re)` syntax for grouping. `(?Pre)` will not parse correctly.
+* Note that the regular expression string is parsed as an ECMAScript regex and then internally converted to RE2 syntax. For example, use the `(?re)` syntax for grouping. `(?Pre)` does not parse correctly.
* In the list of [supported features](https://github.com/google/re2/wiki/Syntax), take into consideration only the feature**,** not the syntax.
### Size limitations
@@ -194,7 +194,7 @@ The maximum length of the expression is 1,000 characters, with up to 100 COMPARE
### Compare logic
-* If a compare group is an unsigned integer, compare its numeric value. Else, it will be treated as a string.
+* If a compare group is an unsigned integer, compare its numeric value. Otherwise, Snyk treats it as a string.
* Comparison of non-numeric characters is done by comparing their sequences of UTF-16 code unit values. For more information, see [ECMAScript® 2023 Language Specification, 7.2.13 IsLessThan](https://tc39.es/ecma262/#sec-abstract-relational-comparison).
### Matcher logic
diff --git a/scan-fix-and-prevent/scan-with-snyk/snyk-container/use-snyk-container/use-custom-base-image-recommendations/versioning-schema-for-custom-base-images.md b/scan-fix-and-prevent/scan-with-snyk/snyk-container/use-snyk-container/use-custom-base-image-recommendations/versioning-schema-for-custom-base-images.md
index 34c6c91c78bd..a3b8019b5cd4 100644
--- a/scan-fix-and-prevent/scan-with-snyk/snyk-container/use-snyk-container/use-custom-base-image-recommendations/versioning-schema-for-custom-base-images.md
+++ b/scan-fix-and-prevent/scan-with-snyk/snyk-container/use-snyk-container/use-custom-base-image-recommendations/versioning-schema-for-custom-base-images.md
@@ -6,7 +6,7 @@ You can manage the versioning schema for images imported to Projects for a repos
Snyk recommends updating a custom base image to the latest available version from the pool of images imported as Projects, marked as custom base images, and enabled for recommendations. For more information, see [Enable CBIR](./#enable-cbir).
-To determine which is the latest version, Snyk uses a versioning schema that allows comparing image tags.
+To determine which is the latest version, Snyk uses a versioning schema that lets you compare image tags.
Snyk supports the following versioning schemas.
@@ -30,10 +30,10 @@ The following commonly used examples are not supported SemVer tags:
## Single Selection
-This versioning schema allows you to manually set a single image as a recommendation.
+This versioning schema lets you set a single image as a recommendation.
-When selecting an image, any other previously selected images are automatically unselected.
+When you select an image, Snyk automatically unselects any other previously selected images.
## Custom versioning schema
-If none of the above schemas match your requirements, you may create a custom versioning schema. For more information, see [Custom Versioning Schema for custom base images](custom-versioning-schema-for-custom-base-images.md).
+If none of the preceding schemas match your requirements, you can create a custom versioning schema. For more information, see [Custom Versioning Schema for custom base images](custom-versioning-schema-for-custom-base-images.md).
diff --git a/scan-fix-and-prevent/scan-with-snyk/snyk-essentials.md b/scan-fix-and-prevent/scan-with-snyk/snyk-essentials.md
index 6778cc6f8951..8b15bff2c5e3 100644
--- a/scan-fix-and-prevent/scan-with-snyk/snyk-essentials.md
+++ b/scan-fix-and-prevent/scan-with-snyk/snyk-essentials.md
@@ -4,7 +4,7 @@ Snyk Essentials helps AppSec teams better operationalize and scale the use of Sn
## Overview
-Snyk Essentials enables:
+Snyk Essentials provides:
* Automated app asset discovery: Continually discover application assets and classify them by business context, ensuring security is in sync with development.
* Tailored security controls: Define and manage appropriate security and compliance requirements, and verify that the correct controls are in place.
@@ -31,7 +31,7 @@ Snyk Essentials includes the following features:
* You have the necessary permissions to onboard cloud-based SCM tools (Azure DevOps, GitHub, GitLab, and so on) to Snyk Essentials for repository asset discovery.
{% hint style="info" %}
-When you integrate a Git code repository with Snyk Essentials, you should use a secondary token with a broad, complete view of the code repository, not only of what you imported into Snyk.
+When you integrate a Git code repository with Snyk Essentials, use a secondary token with a broad, complete view of the code repository, not only of what you imported into Snyk.
Use a secondary token to countercheck everything onboarded using Snyk.
@@ -60,7 +60,7 @@ The security controls associated with the asset. Navigate to the [Coverage contr
### Coverage
-An assessment of whether applicable assets are scanned and tested by security tools (for example, Snyk Open Source), as it relates to an application security program. It represents a type of policy that allows you to specify what controls should be applied and, optionally, how often it needs to be run.
+An assessment of whether applicable assets are scanned and tested by security tools (for example, Snyk Open Source), as it relates to an application security program. It represents a type of policy that lets you specify which controls to apply and, optionally, how often to run them.
### Tags
diff --git a/scan-fix-and-prevent/scan-with-snyk/snyk-iac/cloud-platform-integrations/aws-integration/README.md b/scan-fix-and-prevent/scan-with-snyk/snyk-iac/cloud-platform-integrations/aws-integration/README.md
index c7dcb712ca51..3e5a9324bcbc 100644
--- a/scan-fix-and-prevent/scan-with-snyk/snyk-iac/cloud-platform-integrations/aws-integration/README.md
+++ b/scan-fix-and-prevent/scan-with-snyk/snyk-iac/cloud-platform-integrations/aws-integration/README.md
@@ -13,7 +13,7 @@ To set up an AWS integration, you need the following:
* A new Snyk Organization, with appropriate feature flags assigned by your Snyk contact
* A Snyk Group Administrator or Organization Administrator [role](https://app.gitbook.com/s/IgtgtomLQ2TUgSKOMSAm/user-management/pre-defined-roles)
* Access to an [AWS](https://aws.amazon.com/) account and associated credentials with permissions to create a read-only IAM role
-* Access to the [Terraform CLI](https://www.terraform.io/downloads), [AWS CLI](https://aws.amazon.com/cli/), or [AWS Management Console](https://console.aws.amazon.com) to create the IAM role for Snyk via Terraform or AWS CloudFormation
+* Access to the [Terraform CLI](https://www.terraform.io/downloads), [AWS CLI](https://aws.amazon.com/cli/), or [AWS Management Console](https://console.aws.amazon.com) to create the IAM role for Snyk using Terraform or AWS CloudFormation
* If you are using Terraform or the AWS CLI, ensure you configure it with your AWS credentials. See the instructions for [Terraform](https://registry.terraform.io/providers/hashicorp/aws/latest/docs#authentication-and-configuration) or the [AWS CLI](https://docs.aws.amazon.com/cli/latest/userguide/cli-configure-quickstart.html)
* API only: An Organization-level [service account](https://app.gitbook.com/s/IgtgtomLQ2TUgSKOMSAm/service-accounts/service-accounts) with an Org Admin role to use the Snyk API
* API only: An API client such as [curl](https://curl.se/), [HTTPie](https://httpie.io/), or [Postman](https://www.postman.com/)
diff --git a/scan-fix-and-prevent/scan-with-snyk/snyk-iac/cloud-platform-integrations/aws-integration/aws-integration-api/README.md b/scan-fix-and-prevent/scan-with-snyk/snyk-iac/cloud-platform-integrations/aws-integration/aws-integration-api/README.md
index 9b8f996c1363..b14e4538583c 100644
--- a/scan-fix-and-prevent/scan-with-snyk/snyk-iac/cloud-platform-integrations/aws-integration/aws-integration-api/README.md
+++ b/scan-fix-and-prevent/scan-with-snyk/snyk-iac/cloud-platform-integrations/aws-integration/aws-integration-api/README.md
@@ -1,14 +1,14 @@
# AWS Integration: API
-Before you can onboard an AWS account to Snyk via the API, you need access to the AWS account and associated credentials with permissions to create a read-only Identity and Access Management (IAM) role. See the prerequisites on the [AWS integration](../) page.
+Before you can onboard an AWS account to Snyk using the API, you need access to the AWS account and associated credentials with permissions to create a read-only Identity and Access Management (IAM) role. See the prerequisites on the [AWS integration](../) page.
-The steps follow to onboard an AWS account via the API:
+The steps follow to onboard an AWS account using the API:
1. [Download an infrastructure as code (IaC) template](step-1-download-iam-role-iac-template-api.md): to give Snyk permissions to scan your account.
2. [Create an AWS IAM role](step-2-create-the-snyk-iam-role-api.md): using the template you downloaded.
3. [Create and scan a Cloud Environment.](step-3-create-and-scan-a-cloud-environment-api.md)
-When you have completed the steps, you will be able to do the following:
+After you complete the steps, you can do the following:
* View the cloud configuration issues Snyk finds. See [Manage cloud issues](../../../getting-started-with-cloud-scans/manage-cloud-issues/).
* Prioritize your vulnerabilities with cloud context.
diff --git a/scan-fix-and-prevent/scan-with-snyk/snyk-iac/cloud-platform-integrations/aws-integration/aws-integration-api/step-1-download-iam-role-iac-template-api.md b/scan-fix-and-prevent/scan-with-snyk/snyk-iac/cloud-platform-integrations/aws-integration/aws-integration-api/step-1-download-iam-role-iac-template-api.md
index 59e9427b382b..05459ef43828 100644
--- a/scan-fix-and-prevent/scan-with-snyk/snyk-iac/cloud-platform-integrations/aws-integration/aws-integration-api/step-1-download-iam-role-iac-template-api.md
+++ b/scan-fix-and-prevent/scan-with-snyk/snyk-iac/cloud-platform-integrations/aws-integration/aws-integration-api/step-1-download-iam-role-iac-template-api.md
@@ -2,7 +2,7 @@
Before you can create a Cloud Environment, you must download an Infrastructure as Code (IaC) template declaring a read-only Identity and Access Management (IAM) role that Snyk can assume to scan the configuration of resources in your Amazon Web Services (AWS) account.
-You will use this IaC template to provision the role in [Step 2: Create the Snyk IAM role](step-2-create-the-snyk-iam-role-api.md).
+Use this IaC template to provision the role in [Step 2: Create the Snyk IAM role](step-2-create-the-snyk-iam-role-api.md).
You can choose the template format, either [Terraform HCL](https://www.terraform.io/language/syntax/configuration) or [AWS CloudFormation](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/Welcome.html). The IAM permissions are identical in both, so pick the format you are most comfortable working with.
@@ -76,7 +76,7 @@ Example response with CloudFormation template:
The `data.attributes.data` field in the preceding output is an escaped JSON string containing the Terraform or CloudFormation template with the IAM role and policy.
-Before you can use the template to provision the resources, you need to unescape the JSON. This can be accomplished in the following ways:
+Before you can use the template to provision the resources, you need to unescape the JSON. You can do this in the following ways:
* [Use jq](step-1-download-iam-role-iac-template-api.md#use-jq)
* [Transform the content manually](step-1-download-iam-role-iac-template-api.md#transform-the-content-manually)
@@ -90,7 +90,7 @@ Before you can use the template to provision the resources, you need to unescape
| jq -r .data.attributes.data > snyk_iac_template
```
- This will place the properly-formatted template into the file `snyk_iac_template` in your current working directory.
+ This places the properly formatted template into the file `snyk_iac_template` in your current working directory.
3. Rename the file with a `.tf` extension (Terraform) or `.yaml` (CloudFormation).
### Transform the content manually
@@ -101,7 +101,7 @@ Before you can use the template to provision the resources, you need to unescape
## Optional: Change IAM role name
-By default, the name of the Snyk IAM role is `snyk-cloud-role`. If your Organization has specific role naming requirements, you have the option to change this name in the Terraform or CloudFormation template.
+By default, the name of the Snyk IAM role is `snyk-cloud-role`. If your Organization has specific role naming requirements, you can change this name in the Terraform or CloudFormation template.
In **Terraform**, the role name is on line 19:
diff --git a/scan-fix-and-prevent/scan-with-snyk/snyk-iac/cloud-platform-integrations/aws-integration/aws-integration-api/step-3-create-and-scan-a-cloud-environment-api.md b/scan-fix-and-prevent/scan-with-snyk/snyk-iac/cloud-platform-integrations/aws-integration/aws-integration-api/step-3-create-and-scan-a-cloud-environment-api.md
index 2946b9bcfd8e..fe2b5371ee7f 100644
--- a/scan-fix-and-prevent/scan-with-snyk/snyk-iac/cloud-platform-integrations/aws-integration/aws-integration-api/step-3-create-and-scan-a-cloud-environment-api.md
+++ b/scan-fix-and-prevent/scan-with-snyk/snyk-iac/cloud-platform-integrations/aws-integration/aws-integration-api/step-3-create-and-scan-a-cloud-environment-api.md
@@ -80,7 +80,7 @@ The response is a JSON document containing details about your newly created Clou
}
```
-Snyk automatically triggers a scan when an environment is created.
+Snyk automatically triggers a scan when you create an environment.
{% hint style="info" %}
The `data.attributes.status` field in the JSON output is set to `in_progress`. This means that Snyk has created your environment and has started scanning it.
@@ -88,7 +88,7 @@ The `data.attributes.status` field in the JSON output is set to `in_progress`. T
## Check to see if the scan is finished
-If you wish, see if the scan is finished by sending another API request in the format that follows to get environment details. You can find the environment ID in the `data.id` field of the JSON output when you create the environment.
+To see if the scan is finished, send another API request in the format that follows to get environment details. You can find the environment ID in the `data.id` field of the JSON output when you create the environment.
```
curl -X GET \
diff --git a/scan-fix-and-prevent/scan-with-snyk/snyk-iac/cloud-platform-integrations/aws-integration/aws-integration-web-ui/README.md b/scan-fix-and-prevent/scan-with-snyk/snyk-iac/cloud-platform-integrations/aws-integration/aws-integration-web-ui/README.md
index 5724c9273dcd..c94e947a905e 100644
--- a/scan-fix-and-prevent/scan-with-snyk/snyk-iac/cloud-platform-integrations/aws-integration/aws-integration-web-ui/README.md
+++ b/scan-fix-and-prevent/scan-with-snyk/snyk-iac/cloud-platform-integrations/aws-integration/aws-integration-web-ui/README.md
@@ -1,14 +1,14 @@
# AWS Integration: Web UI
-Before you can onboard an AWS account via the Web UI, you need access to the AWS account and associated credentials with permissions to create a read-only Identity and Access Management (IAM) role. See the prerequisites on the [AWS integration](../) page.
+Before you can onboard an AWS account using the Web UI, you need access to the AWS account and associated credentials with permissions to create a read-only Identity and Access Management (IAM) role. See the prerequisites on the [AWS integration](../) page.
-The steps follow to onboard an AWS account via the Web UI:
+The steps follow to onboard an AWS account using the Web UI:
1. [Download an infrastructure as code (IaC) template](step-1-download-iam-role-iac-template-web-ui.md) to give Snyk permissions to scan your account.
2. [Create an AWS IAM role](step-2-create-the-snyk-iam-role.md) using the template you downloaded.
3. [Create and scan a Cloud Environment](step-3-create-and-scan-a-cloud-environment-web-ui.md).
-When you have completed the steps, you will be able to do the following:
+After you complete the steps, you can do the following:
* View the cloud configuration issues Snyk finds. See [Manage cloud issues](../../../getting-started-with-cloud-scans/manage-cloud-issues/).
* Prioritize your vulnerabilities with cloud context.
diff --git a/scan-fix-and-prevent/scan-with-snyk/snyk-iac/cloud-platform-integrations/aws-integration/aws-integration-web-ui/step-2-create-the-snyk-iam-role.md b/scan-fix-and-prevent/scan-with-snyk/snyk-iac/cloud-platform-integrations/aws-integration/aws-integration-web-ui/step-2-create-the-snyk-iam-role.md
index c69e4d5786e7..51e95a62c399 100644
--- a/scan-fix-and-prevent/scan-with-snyk/snyk-iac/cloud-platform-integrations/aws-integration/aws-integration-web-ui/step-2-create-the-snyk-iam-role.md
+++ b/scan-fix-and-prevent/scan-with-snyk/snyk-iac/cloud-platform-integrations/aws-integration/aws-integration-web-ui/step-2-create-the-snyk-iam-role.md
@@ -7,7 +7,7 @@ You have downloaded the Terraform or Amazon Web Services (AWS) CloudFormation te
The process to create the Snyk IAM role is the same whether you are using the [Snyk Web UI](step-1-download-iam-role-iac-template-web-ui.md) or [Snyk API](../aws-integration-api/step-1-download-iam-role-iac-template-api.md) to onboard your AWS account.
-The IAM role you will provision has the following policies attached to it:
+The IAM role you provision has the following policies attached to it:
* The AWS-managed [SecurityAudit](https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_job-functions.html#jf_security-auditor) read-only policy.
* A supplemental inline policy granting required read permissions not covered by SecurityAudit.
@@ -42,7 +42,7 @@ terraform apply
4\. Enter `yes` when Terraform asks if you want to perform the actions.
-Terraform then creates the IAM role. When the role has been created, you will see the following output:
+Terraform then creates the IAM role. When the role has been created, you see the following output:
```
Apply complete! Resources: 1 added, 0 changed, 0 destroyed.
@@ -78,15 +78,15 @@ If the output says `"CREATE_COMPLETE"`, AWS has finished creating your role.
1. Log in to the [AWS Management Console](https://console.aws.amazon.com).
2. Navigate to [CloudFormation](https://console.aws.amazon.com/cloudformation).
-3. Select the **Create stack** button:
+3. Select **Create stack**:
Select the Create stack button in the AWS Management Console
-4\. Select **With new resources (standard)** from the drop-down menu.
+4\. Select **With new resources (standard)** from the dropdown menu.
-5\. On the **Create stack** page, in the **Specify template** section and select **Upload a template file**.
+5\. On the **Create stack** page, in the **Specify template** section, select **Upload a template file**.
-6\. Click the **Choose file** button that appears and select your CloudFormation file containing the Snyk IAM role.
+6\. Click **Choose file** and select your CloudFormation file containing the Snyk IAM role.
7\. Select **Next**.
@@ -102,7 +102,7 @@ If the output says `"CREATE_COMPLETE"`, AWS has finished creating your role.
13\. Select **Create stack**.
-14\. AWS launches the stack, and you'll see a page with stack details. You can select the **Refresh** button to refresh its status:
+14\. AWS launches the stack, and you see a page with stack details. Select **Refresh** to refresh its status:
Select the Refresh button to refresh the stack status in the AWS Management Console
diff --git a/scan-fix-and-prevent/scan-with-snyk/snyk-iac/cloud-platform-integrations/aws-integration/aws-integration-web-ui/step-3-create-and-scan-a-cloud-environment-web-ui.md b/scan-fix-and-prevent/scan-with-snyk/snyk-iac/cloud-platform-integrations/aws-integration/aws-integration-web-ui/step-3-create-and-scan-a-cloud-environment-web-ui.md
index 028984a38470..fde36cc5d782 100644
--- a/scan-fix-and-prevent/scan-with-snyk/snyk-iac/cloud-platform-integrations/aws-integration/aws-integration-web-ui/step-3-create-and-scan-a-cloud-environment-web-ui.md
+++ b/scan-fix-and-prevent/scan-with-snyk/snyk-iac/cloud-platform-integrations/aws-integration/aws-integration-web-ui/step-3-create-and-scan-a-cloud-environment-web-ui.md
@@ -51,9 +51,9 @@ arn:aws:iam::123412341234:role/snyk-cloud-role
## Create and scan the AWS Environment
1. In the Snyk Web UI **Add AWS Environment** modal where you downloaded the IAM role template, enter your role ARN in the **IAM role ARN** field.
-2. Optionally, enter an environment name. If one is not provided, Snyk will use your AWS account alias.
+2. Optionally, enter an environment name. If one is not provided, Snyk uses your AWS account alias.
3. Select **Approve and begin scan**.
-4. You will see a confirmation message: "AWS environment successfully added." Select **Add another environment** to return to the **Add AWS Environment** modal and onboard a new account, or select **Go to settings** if you are finished:
+4. You see a confirmation message: "AWS environment successfully added." Select **Add another environment** to return to the **Add AWS Environment** modal and onboard a new account, or select **Go to settings** if you are finished:
Success message after adding an AWS environment in the Snyk Web UI
diff --git a/scan-fix-and-prevent/scan-with-snyk/snyk-iac/cloud-platform-integrations/azure-integration-for-cloud-configurations/README.md b/scan-fix-and-prevent/scan-with-snyk/snyk-iac/cloud-platform-integrations/azure-integration-for-cloud-configurations/README.md
index 085a547c2e38..8e24ed3bfec3 100644
--- a/scan-fix-and-prevent/scan-with-snyk/snyk-iac/cloud-platform-integrations/azure-integration-for-cloud-configurations/README.md
+++ b/scan-fix-and-prevent/scan-with-snyk/snyk-iac/cloud-platform-integrations/azure-integration-for-cloud-configurations/README.md
@@ -19,8 +19,8 @@ To add an Azure integration for cloud configurations, you need the following:
* [A federated identity credential](https://learn.microsoft.com/en-us/azure/active-directory/develop/workload-identity-federation)\
If you are using Terraform to create this [resource](https://registry.terraform.io/providers/hashicorp/azuread/latest/docs/resources/application_federated_identity_credential#api-permissions), your user must have either the Application Administrator or Global Administrator directory role.
* [A service principal](https://learn.microsoft.com/en-us/azure/active-directory/develop/app-objects-and-service-principals#service-principal-object) with read-only permissions\
- If you are .using Terraform to create this [resource](https://registry.terraform.io/providers/hashicorp/azuread/latest/docs/resources/service_principal), your user must have either the Application Administrator or Global Administrator directory role.
-* Access to the [Terraform CLI](https://www.terraform.io/downloads) or Azure CLI ([locally](https://learn.microsoft.com/en-us/cli/azure/) or via the [Cloud Shell](https://portal.azure.com/#home)) to create the above resources via Terraform or Bash script\
+ If you are using Terraform to create this [resource](https://registry.terraform.io/providers/hashicorp/azuread/latest/docs/resources/service_principal), your user must have either the Application Administrator or Global Administrator directory role.
+* Access to the [Terraform CLI](https://www.terraform.io/downloads) or Azure CLI ([locally](https://learn.microsoft.com/en-us/cli/azure/) or through the [Cloud Shell](https://portal.azure.com/#home)) to create these resources using Terraform or Bash script\
If you are using Terraform or the Azure CLI locally, ensure you configure it with your Azure credentials. See the instructions for [Terraform](https://registry.terraform.io/providers/hashicorp/azuread/latest/docs#authenticating-to-azure-active-directory) or the [Azure CLI](https://learn.microsoft.com/en-us/cli/azure/authenticate-azure-cli).
* API only: An Organization-level [service account](https://app.gitbook.com/s/IgtgtomLQ2TUgSKOMSAm/service-accounts/service-accounts) with an Org Admin role to use the Snyk API
* API only: An API client such as [curl](https://curl.se/), [HTTPie](https://httpie.io/), or [Postman](https://www.postman.com/)
diff --git a/scan-fix-and-prevent/scan-with-snyk/snyk-iac/cloud-platform-integrations/azure-integration-for-cloud-configurations/azure-integration-api/README.md b/scan-fix-and-prevent/scan-with-snyk/snyk-iac/cloud-platform-integrations/azure-integration-for-cloud-configurations/azure-integration-api/README.md
index 42145d5fdaab..f0e8a6fbf701 100644
--- a/scan-fix-and-prevent/scan-with-snyk/snyk-iac/cloud-platform-integrations/azure-integration-for-cloud-configurations/azure-integration-api/README.md
+++ b/scan-fix-and-prevent/scan-with-snyk/snyk-iac/cloud-platform-integrations/azure-integration-for-cloud-configurations/azure-integration-api/README.md
@@ -1,12 +1,12 @@
# Azure Integration: API
-To onboard an Azure subscription to Snyk via the API:
+To onboard an Azure subscription to Snyk using the API:
1. [Download an infrastructure as code (IaC) template or Bash script:](step-1-download-azure-app-registration-iac-template-or-script-api.md) to give Snyk permissions to scan your subscription.
2. [Create an Entra ID app registration:](step-2-create-the-entra-id-app-registration-api.md) using the template or script you downloaded.
3. [Create and scan a Cloud Environment.](step-3-create-and-scan-a-cloud-environment-for-azure-api.md)
-When you have completed the steps, you will be able to do the following:
+When you have completed the steps, you can do the following:
* View the cloud configuration issues Snyk finds. See [Manage cloud issues](../../../getting-started-with-cloud-scans/manage-cloud-issues/).
* Prioritize your vulnerabilities with cloud context.
diff --git a/scan-fix-and-prevent/scan-with-snyk/snyk-iac/cloud-platform-integrations/azure-integration-for-cloud-configurations/azure-integration-api/step-1-download-azure-app-registration-iac-template-or-script-api.md b/scan-fix-and-prevent/scan-with-snyk/snyk-iac/cloud-platform-integrations/azure-integration-for-cloud-configurations/azure-integration-api/step-1-download-azure-app-registration-iac-template-or-script-api.md
index 8ed3c15009df..24f322f61b0a 100644
--- a/scan-fix-and-prevent/scan-with-snyk/snyk-iac/cloud-platform-integrations/azure-integration-for-cloud-configurations/azure-integration-api/step-1-download-azure-app-registration-iac-template-or-script-api.md
+++ b/scan-fix-and-prevent/scan-with-snyk/snyk-iac/cloud-platform-integrations/azure-integration-for-cloud-configurations/azure-integration-api/step-1-download-azure-app-registration-iac-template-or-script-api.md
@@ -8,7 +8,7 @@ Before you can create a Cloud Environment for an Azure subscription, you must **
This infrastructure gives Snyk read-only permission to scan the configuration of resources in your subscription.
-You will use the IaC template or Bash script you downloaded to **provision** the infrastructure in [Step 2: Create the Entra ID app registration (API)](step-2-create-the-entra-id-app-registration-api.md).
+You use the IaC template or Bash script you downloaded to **provision** the infrastructure in [Step 2: Create the Entra ID app registration (API)](step-2-create-the-entra-id-app-registration-api.md).
Both methods create the same infrastructure, so pick the method you are most comfortable working with.
@@ -44,7 +44,7 @@ curl -X POST \
The preceding example is [curl](https://curl.se/), but you can use any API client, such as [Postman](https://www.postman.com/) or [HTTPie](https://httpie.io/).
{% endhint %}
-If you plan to use the [Azure Cloud Shell](https://portal.azure.com/#cloudshell/) to execute the Bash script instead of running the Azure CLI locally, execute the curl command above in the Cloud Shell.
+If you plan to use the [Azure Cloud Shell](https://portal.azure.com/#cloudshell/) to execute the Bash script instead of running the Azure CLI locally, execute the preceding curl command in the Cloud Shell.
## Understand the API response
@@ -90,7 +90,7 @@ Example response with Bash script:
The `data.attributes.data` field in the preceding output is an escaped JSON string containing the Terraform template or Bash script with the Entra ID app registration, federated identity credential, and service principal.
-Before you can use the template to provision the resources, you need to unescape the JSON. This can be accomplished in the following ways:
+Before you can use the template to provision the resources, you need to unescape the JSON. You can do this in the following ways:
* [Use jq](step-1-download-azure-app-registration-iac-template-or-script-api.md#use-jq)
* [Transform the content manually](step-1-download-azure-app-registration-iac-template-or-script-api.md#transform-the-content-manually)
@@ -100,7 +100,7 @@ Before you can use the template to provision the resources, you need to unescape
1. Download and install [jq](https://stedolan.github.io/jq/download/).
2. When you are submitting the API request during template retrieval, append the following to the end of the command:\
`| jq -r .data.attributes.data > snyk_azure_permissions`\
- This will place the properly-formatted template into the file `snyk_azure_permissions` in your current working directory.
+ This places the properly-formatted template into the file `snyk_azure_permissions` in your current working directory.
3. Rename the file with a `.tf` (Terraform) or `.sh` (Bash) extension.
### Transform the content manually
diff --git a/scan-fix-and-prevent/scan-with-snyk/snyk-iac/cloud-platform-integrations/azure-integration-for-cloud-configurations/azure-integration-web-ui/README.md b/scan-fix-and-prevent/scan-with-snyk/snyk-iac/cloud-platform-integrations/azure-integration-for-cloud-configurations/azure-integration-web-ui/README.md
index c375c7dac3d2..cf80e1c3760d 100644
--- a/scan-fix-and-prevent/scan-with-snyk/snyk-iac/cloud-platform-integrations/azure-integration-for-cloud-configurations/azure-integration-web-ui/README.md
+++ b/scan-fix-and-prevent/scan-with-snyk/snyk-iac/cloud-platform-integrations/azure-integration-for-cloud-configurations/azure-integration-web-ui/README.md
@@ -1,12 +1,12 @@
# Azure Integration: Web UI
-The steps follow to onboard an Azure subscription to Snyk via the API:
+The steps follow to onboard an Azure subscription to Snyk using the Web UI:
1. [Download an infrastructure as code (IaC) template or Bash script:](step-1-download-azure-app-registration-iac-template-or-script-web-ui.md) to give Snyk permissions to scan your subscription.
2. [Create an Entra ID app registration:](step-2-create-the-entra-id-app-registration.md) using the template or script you downloaded.
3. [Create and scan a Cloud Environment.](step-3-create-and-scan-a-cloud-environment-for-azure-web-ui.md)
-When you have completed the steps, you will be able to do the following:
+When you have completed the steps, you can do the following:
* View the cloud configuration issues Snyk finds. See [Manage cloud issues](../../../getting-started-with-cloud-scans/manage-cloud-issues/).
* Prioritize your vulnerabilities with cloud context.
diff --git a/scan-fix-and-prevent/scan-with-snyk/snyk-iac/cloud-platform-integrations/azure-integration-for-cloud-configurations/azure-integration-web-ui/step-1-download-azure-app-registration-iac-template-or-script-web-ui.md b/scan-fix-and-prevent/scan-with-snyk/snyk-iac/cloud-platform-integrations/azure-integration-for-cloud-configurations/azure-integration-web-ui/step-1-download-azure-app-registration-iac-template-or-script-web-ui.md
index d9875d47ff3f..5984e2547340 100644
--- a/scan-fix-and-prevent/scan-with-snyk/snyk-iac/cloud-platform-integrations/azure-integration-for-cloud-configurations/azure-integration-web-ui/step-1-download-azure-app-registration-iac-template-or-script-web-ui.md
+++ b/scan-fix-and-prevent/scan-with-snyk/snyk-iac/cloud-platform-integrations/azure-integration-for-cloud-configurations/azure-integration-web-ui/step-1-download-azure-app-registration-iac-template-or-script-web-ui.md
@@ -8,7 +8,7 @@ Before you can create a Cloud Environment for an Azure subscription, you must **
This infrastructure gives Snyk read-only permission to scan the configuration of resources in your subscription.
-You will use the IaC template or Bash script you downloaded to provision the infrastructure in [Step 2: Create the Entra ID application](step-2-create-the-entra-id-app-registration.md).
+You use the IaC template or Bash script you downloaded to provision the infrastructure in [Step 2: Create the Entra ID application](step-2-create-the-entra-id-app-registration.md).
Both methods create the same infrastructure, so pick the method you are most comfortable working with.
diff --git a/scan-fix-and-prevent/scan-with-snyk/snyk-iac/cloud-platform-integrations/azure-integration-for-cloud-configurations/azure-integration-web-ui/step-2-create-the-entra-id-app-registration.md b/scan-fix-and-prevent/scan-with-snyk/snyk-iac/cloud-platform-integrations/azure-integration-for-cloud-configurations/azure-integration-web-ui/step-2-create-the-entra-id-app-registration.md
index ddf8e86fb0e8..ad7d8cfb3707 100644
--- a/scan-fix-and-prevent/scan-with-snyk/snyk-iac/cloud-platform-integrations/azure-integration-for-cloud-configurations/azure-integration-web-ui/step-2-create-the-entra-id-app-registration.md
+++ b/scan-fix-and-prevent/scan-with-snyk/snyk-iac/cloud-platform-integrations/azure-integration-for-cloud-configurations/azure-integration-web-ui/step-2-create-the-entra-id-app-registration.md
@@ -5,7 +5,7 @@
You have downloaded the Terraform template declaring the [Azure Active Directory (AD) application registration](https://learn.microsoft.com/en-us/azure/active-directory/develop/app-objects-and-service-principals#application-registration), [federated identity credential](https://learn.microsoft.com/en-us/azure/active-directory/develop/workload-identity-federation), and [service principal](https://learn.microsoft.com/en-us/azure/active-directory/develop/app-objects-and-service-principals#service-principal-object) for Snyk. Now you need to provision the infrastructure.
{% endhint %}
-To scan an Azure subscription, Snyk takes the permissions of a service principal with a [Reader](https://learn.microsoft.com/en-us/azure/role-based-access-control/built-in-roles#reader) role that allows Snyk to scan the configuration of your subscription resources.
+To scan an Azure subscription, Snyk takes the permissions of a service principal with a [Reader](https://learn.microsoft.com/en-us/azure/role-based-access-control/built-in-roles#reader) role that lets Snyk scan the configuration of your subscription resources.
Additionally, Snyk has a security feature that locks the federated credential for a subscription and tenant to the Organization that onboards it. This ensures that nobody can guess the credential's name and onboard it into a separate Organization to see those resources.
@@ -14,12 +14,12 @@ Additionally, Snyk has a security feature that locks the federated credential fo
You can create the app registration, federated identity credential, and service principal using one of the following tools, according to the type of file you downloaded from Snyk:
* [Terraform](step-2-create-the-entra-id-app-registration.md#create-azure-app-registration-infrastructure-using-terraform): Terraform CLI
-* [Bash](step-2-create-the-entra-id-app-registration.md#create-azure-app-registration-infrastructure-using-the-azure-cli): Azure CLI, installed locally or accessed via Cloud Shell
+* [Bash](step-2-create-the-entra-id-app-registration.md#create-azure-app-registration-infrastructure-using-the-azure-cli): Azure CLI, installed locally or accessed through Cloud Shell
### Create Azure app registration infrastructure using Terraform
{% hint style="info" %}
-Before you use the [Terraform CLI](https://www.terraform.io/downloads), ensure you [configure it to use your Azure credentials](https://registry.terraform.io/providers/hashicorp/azuread/latest/docs#authenticating-to-azure-active-directory). Your user must have either the Application Administrator or Global Administrator directory role. This is required to create the [federated identity credential](https://registry.terraform.io/providers/hashicorp/azuread/latest/docs/resources/application_federated_identity_credential#api-permissions) and [service principal](https://registry.terraform.io/providers/hashicorp/azuread/latest/docs/resources/service_principal) via Terraform.
+Before you use the [Terraform CLI](https://www.terraform.io/downloads), ensure you [configure it to use your Azure credentials](https://registry.terraform.io/providers/hashicorp/azuread/latest/docs#authenticating-to-azure-active-directory). Your user must have either the Application Administrator or Global Administrator directory role. This is required to create the [federated identity credential](https://registry.terraform.io/providers/hashicorp/azuread/latest/docs/resources/application_federated_identity_credential#api-permissions) and [service principal](https://registry.terraform.io/providers/hashicorp/azuread/latest/docs/resources/service_principal) using Terraform.
{% endhint %}
1. In your terminal, navigate to the directory containing the Terraform file you downloaded (named `snyk-permissions-azure.tf` if downloaded from the Snyk Web UI).
@@ -37,7 +37,7 @@ terraform apply
4. Enter `yes` when Terraform asks if you want to perform the actions.
-Terraform then provisions the infrastructure. When it is finished, you will see the following output:
+Terraform then provisions the infrastructure. When it is finished, you see the following output:
```
Apply complete! Resources: 4 added, 0 changed, 0 destroyed.
@@ -68,7 +68,7 @@ chmod 755 snyk-permissions-azure.sh
./snyk-permissions-azure.sh
```
-The Azure CLI then creates the AD app registration, federated identity credential, and service principal. When it is finished, you will see JSON output with information about the created infrastructure.
+The Azure CLI then creates the AD app registration, federated identity credential, and service principal. When it is finished, you see JSON output with information about the created infrastructure.
**Copy the application ID,** the last item in the output:
diff --git a/scan-fix-and-prevent/scan-with-snyk/snyk-iac/cloud-platform-integrations/azure-integration-for-cloud-configurations/azure-integration-web-ui/step-3-create-and-scan-a-cloud-environment-for-azure-web-ui.md b/scan-fix-and-prevent/scan-with-snyk/snyk-iac/cloud-platform-integrations/azure-integration-for-cloud-configurations/azure-integration-web-ui/step-3-create-and-scan-a-cloud-environment-for-azure-web-ui.md
index f50c635a59ac..1dfa63a98996 100644
--- a/scan-fix-and-prevent/scan-with-snyk/snyk-iac/cloud-platform-integrations/azure-integration-for-cloud-configurations/azure-integration-web-ui/step-3-create-and-scan-a-cloud-environment-for-azure-web-ui.md
+++ b/scan-fix-and-prevent/scan-with-snyk/snyk-iac/cloud-platform-integrations/azure-integration-for-cloud-configurations/azure-integration-web-ui/step-3-create-and-scan-a-cloud-environment-for-azure-web-ui.md
@@ -8,10 +8,10 @@ You have created the Azure app registration, federated identity credential, and
The steps follow to create and scan a Cloud Environment for Azure using the Web UI.
1. In the Snyk Web UI **Add Azure Environment** modal where you downloaded the Terraform template or Bash script, enter your application ID in the **Application ID** field.
-2. Optionally, enter an environment name. If one is not provided, Snyk will use your subscription name.\
+2. Optionally, enter an environment name. If one is not provided, Snyk uses your subscription name.\

3. Select **Approve and begin scan**.
-4. You will see a confirmation message: "Azure environment successfully added." Select **Add another environment** to return to the **Add Azure Environment** modal and onboard a new subscription, or select **Go to settings** if you are finished.
+4. You see a confirmation message: "Azure environment successfully added." Select **Add another environment** to return to the **Add Azure Environment** modal and onboard a new subscription, or select **Go to settings** if you are finished.
You can now do the following:
diff --git a/scan-fix-and-prevent/scan-with-snyk/snyk-iac/cloud-platform-integrations/google-cloud-integration/README.md b/scan-fix-and-prevent/scan-with-snyk/snyk-iac/cloud-platform-integrations/google-cloud-integration/README.md
index c5c795b44771..7afb696d0f7e 100644
--- a/scan-fix-and-prevent/scan-with-snyk/snyk-iac/cloud-platform-integrations/google-cloud-integration/README.md
+++ b/scan-fix-and-prevent/scan-with-snyk/snyk-iac/cloud-platform-integrations/google-cloud-integration/README.md
@@ -1,6 +1,6 @@
# Google Cloud integration
-Snyk integrations with your [Google Cloud](https://cloud.google.com/) Projects to find issues in your cloud configurations and generate cloud context to help you prioritize your vulnerabilities.
+Snyk integrates with your [Google Cloud](https://cloud.google.com/) Projects to find issues in your cloud configurations and generate cloud context to help you prioritize your vulnerabilities.
You can onboard a Google Cloud account to Snyk using the following methods:
diff --git a/scan-fix-and-prevent/scan-with-snyk/snyk-iac/cloud-platform-integrations/google-cloud-integration/google-cloud-integration-api/README.md b/scan-fix-and-prevent/scan-with-snyk/snyk-iac/cloud-platform-integrations/google-cloud-integration/google-cloud-integration-api/README.md
index 72a2fbbb3a12..43144b3968b6 100644
--- a/scan-fix-and-prevent/scan-with-snyk/snyk-iac/cloud-platform-integrations/google-cloud-integration/google-cloud-integration-api/README.md
+++ b/scan-fix-and-prevent/scan-with-snyk/snyk-iac/cloud-platform-integrations/google-cloud-integration/google-cloud-integration-api/README.md
@@ -1,12 +1,12 @@
# Google Cloud Integration: API
-To onboard a Google Cloud Project to Snyk via the API:
+To onboard a Google Cloud Project to Snyk using the API:
1. [Download an infrastructure as code (IaC) template](step-1-download-service-account-iac-template-api.md) to give Snyk permissions to scan your account.
2. [Create a Google service account](step-2-create-the-google-service-account-api.md) using the template you downloaded.
3. [Create and scan a Cloud Environment.](step-3-create-and-scan-a-cloud-environment-for-google-api.md)
-When you have completed the steps, you will be able to do the following:
+When you have completed the steps, you can do the following:
* View the cloud configuration issues Snyk finds. See [Manage cloud issues](../../../getting-started-with-cloud-scans/manage-cloud-issues/).
* Prioritize your vulnerabilities with cloud context.
diff --git a/scan-fix-and-prevent/scan-with-snyk/snyk-iac/cloud-platform-integrations/google-cloud-integration/google-cloud-integration-api/step-1-download-service-account-iac-template-api.md b/scan-fix-and-prevent/scan-with-snyk/snyk-iac/cloud-platform-integrations/google-cloud-integration/google-cloud-integration-api/step-1-download-service-account-iac-template-api.md
index 9b91cbf5c5b3..401928d5585c 100644
--- a/scan-fix-and-prevent/scan-with-snyk/snyk-iac/cloud-platform-integrations/google-cloud-integration/google-cloud-integration-api/step-1-download-service-account-iac-template-api.md
+++ b/scan-fix-and-prevent/scan-with-snyk/snyk-iac/cloud-platform-integrations/google-cloud-integration/google-cloud-integration-api/step-1-download-service-account-iac-template-api.md
@@ -4,7 +4,7 @@ Before you can create a Cloud Environment, you must download an infrastructure a
The template also enables a set of [Google service APIs](https://cloud.google.com/service-usage/docs/enabled-service) for your Google Cloud Project. This ensures that Snyk can use the necessary APIs to scan your Project's resources.
-You will use this IaC template to provision the role in [Step 2: Create the Google service account (API)](step-2-create-the-google-service-account-api.md).
+You use this IaC template to provision the role in [Step 2: Create the Google service account (API)](step-2-create-the-google-service-account-api.md).
## Retrieve the IaC template
@@ -54,7 +54,7 @@ The response is a JSON document like the one that follows (trimmed for length):
The `data.attributes.data` field in the preceding output is an escaped JSON string containing the Terraform template with the Google service account.
-Before you can use the template to provision the resources, you must unescape the JSON. This can be accomplished in either of the following ways:
+Before you can use the template to provision the resources, you must unescape the JSON. You can do this in either of the following ways:
* [Use `jq`](step-1-download-service-account-iac-template-api.md#use-jq)
* [Transform the content manually](step-1-download-service-account-iac-template-api.md#transform-the-content-manually)
@@ -68,7 +68,7 @@ Before you can use the template to provision the resources, you must unescape th
| jq -r .data.attributes.data > snyk_google_iac_template.tf
```
-This will place the properly-formatted template into the file `snyk_google_iac_template.tf` in your current working directory.
+This places the properly-formatted template into the file `snyk_google_iac_template.tf` in your current working directory.
### Transform the content manually
diff --git a/scan-fix-and-prevent/scan-with-snyk/snyk-iac/cloud-platform-integrations/google-cloud-integration/google-cloud-integration-api/step-3-create-and-scan-a-cloud-environment-for-google-api.md b/scan-fix-and-prevent/scan-with-snyk/snyk-iac/cloud-platform-integrations/google-cloud-integration/google-cloud-integration-api/step-3-create-and-scan-a-cloud-environment-for-google-api.md
index da74eca773ce..062cd69c7c35 100644
--- a/scan-fix-and-prevent/scan-with-snyk/snyk-iac/cloud-platform-integrations/google-cloud-integration/google-cloud-integration-api/step-3-create-and-scan-a-cloud-environment-for-google-api.md
+++ b/scan-fix-and-prevent/scan-with-snyk/snyk-iac/cloud-platform-integrations/google-cloud-integration/google-cloud-integration-api/step-3-create-and-scan-a-cloud-environment-for-google-api.md
@@ -9,7 +9,7 @@ To send a request to the [Snyk API](https://apidocs.snyk.io/?version=2022-12-21%
## Send the Snyk API request
-Send a request to the Snyk API in the format below to create the Cloud Environment:
+Send a request to the Snyk API in the following format to create the Cloud Environment:
```
curl -X POST \
diff --git a/scan-fix-and-prevent/scan-with-snyk/snyk-iac/cloud-platform-integrations/google-cloud-integration/google-cloud-integration-web-ui/README.md b/scan-fix-and-prevent/scan-with-snyk/snyk-iac/cloud-platform-integrations/google-cloud-integration/google-cloud-integration-web-ui/README.md
index f6d6c9334638..972527787ed5 100644
--- a/scan-fix-and-prevent/scan-with-snyk/snyk-iac/cloud-platform-integrations/google-cloud-integration/google-cloud-integration-web-ui/README.md
+++ b/scan-fix-and-prevent/scan-with-snyk/snyk-iac/cloud-platform-integrations/google-cloud-integration/google-cloud-integration-web-ui/README.md
@@ -1,12 +1,12 @@
# Google Cloud Integration: Web UI
-The steps follow to onboard a Google Cloud Project to Snyk via the Web UI:
+The steps follow to onboard a Google Cloud Project to Snyk using the Web UI:
1. [Download an infrastructure as code (IaC) template](step-1-download-service-account-iac-template-web-ui.md) to give Snyk permissions to scan your Project.
2. [Create a Google service account](step-2-create-the-google-service-account-web-ui.md) using the template you downloaded.
3. [Create and scan a Cloud Environment.](step-3-create-and-scan-a-cloud-environment-for-google-web-ui.md)
-When you have completed the steps, you wlll be able to do the following:
+When you have completed the steps, you can do the following:
* View the cloud configuration issues Snyk finds. See [Manage cloud issues](../../../getting-started-with-cloud-scans/manage-cloud-issues/).
* Prioritize your vulnerabilities with cloud context.
diff --git a/scan-fix-and-prevent/scan-with-snyk/snyk-iac/cloud-platform-integrations/google-cloud-integration/google-cloud-integration-web-ui/step-1-download-service-account-iac-template-web-ui.md b/scan-fix-and-prevent/scan-with-snyk/snyk-iac/cloud-platform-integrations/google-cloud-integration/google-cloud-integration-web-ui/step-1-download-service-account-iac-template-web-ui.md
index c7232d235725..4114537bdf8e 100644
--- a/scan-fix-and-prevent/scan-with-snyk/snyk-iac/cloud-platform-integrations/google-cloud-integration/google-cloud-integration-web-ui/step-1-download-service-account-iac-template-web-ui.md
+++ b/scan-fix-and-prevent/scan-with-snyk/snyk-iac/cloud-platform-integrations/google-cloud-integration/google-cloud-integration-web-ui/step-1-download-service-account-iac-template-web-ui.md
@@ -4,7 +4,7 @@ Before you can create a Cloud Environment, you must download an infrastructure a
The template also enables a set of [Google service APIs](https://cloud.google.com/service-usage/docs/enabled-service) for your Google Cloud Project. This ensures that Snyk can use the necessary APIs to scan your Project's resources.
-You will use this IaC template to provision the role in [Step 2: Create the Google service account](step-2-create-the-google-service-account-web-ui.md).
+You use this IaC template to provision the role in [Step 2: Create the Google service account](step-2-create-the-google-service-account-web-ui.md).
## Download the IaC template
diff --git a/scan-fix-and-prevent/scan-with-snyk/snyk-iac/cloud-platform-integrations/google-cloud-integration/google-cloud-integration-web-ui/step-2-create-the-google-service-account-web-ui.md b/scan-fix-and-prevent/scan-with-snyk/snyk-iac/cloud-platform-integrations/google-cloud-integration/google-cloud-integration-web-ui/step-2-create-the-google-service-account-web-ui.md
index 9efaa253e0bb..171ca985f32b 100644
--- a/scan-fix-and-prevent/scan-with-snyk/snyk-iac/cloud-platform-integrations/google-cloud-integration/google-cloud-integration-web-ui/step-2-create-the-google-service-account-web-ui.md
+++ b/scan-fix-and-prevent/scan-with-snyk/snyk-iac/cloud-platform-integrations/google-cloud-integration/google-cloud-integration-web-ui/step-2-create-the-google-service-account-web-ui.md
@@ -7,7 +7,7 @@ You have downloaded the Terraform template declaring the [Google service account
The process to create the Google service account is the same whether you are using the [Snyk Web UI](step-1-download-service-account-iac-template-web-ui.md) or [Snyk API](../google-cloud-integration-api/step-1-download-service-account-iac-template-api.md) to onboard your Google Project.
-To scan a Google Cloud Project, Snyk takes the permissions of a tightly-scoped Google service account that allows Snyk to scan the configuration of your Project resources.
+To scan a Google Cloud Project, Snyk takes the permissions of a tightly-scoped Google service account that lets Snyk scan the configuration of your Project resources.
The service account you create is granted the following read-only Identity and Access Management (IAM) roles:
@@ -28,7 +28,7 @@ Snyk scans the Google Cloud Project specified by the `project_id` [variable](htt
default = "your-project-id"
```
-* Set the `project_id` variable when you apply the Terraform. In the following section, [Apply Terraform](step-2-create-the-google-service-account-web-ui.md#apply-terraform), you will apply Terraform to create the Google service account. At that time, you can use Terraform's [-var](https://www.terraform.io/language/values/variables#variables-on-the-command-line) option to set the `project_id` variable to your Project ID:
+* Set the `project_id` variable when you apply the Terraform. In the following section, [Apply Terraform](step-2-create-the-google-service-account-web-ui.md#apply-terraform), you apply Terraform to create the Google service account. At that time, you can use Terraform's [-var](https://www.terraform.io/language/values/variables#variables-on-the-command-line) option to set the `project_id` variable to your Project ID:
```
terraform apply -var="project_id=your-project-id"
@@ -59,7 +59,7 @@ terraform apply
4\. Enter `yes` when Terraform asks if you want to perform the actions.
-Terraform then creates the Google service account. When it is finished, you will see the following output:
+Terraform then creates the Google service account. When it is finished, you see the following output:
```
Apply complete! Resources: 22 added, 0 changed, 0 destroyed.
diff --git a/scan-fix-and-prevent/scan-with-snyk/snyk-iac/cloud-platform-integrations/google-cloud-integration/google-cloud-integration-web-ui/step-3-create-and-scan-a-cloud-environment-for-google-web-ui.md b/scan-fix-and-prevent/scan-with-snyk/snyk-iac/cloud-platform-integrations/google-cloud-integration/google-cloud-integration-web-ui/step-3-create-and-scan-a-cloud-environment-for-google-web-ui.md
index 2954c461d463..4beed66c4498 100644
--- a/scan-fix-and-prevent/scan-with-snyk/snyk-iac/cloud-platform-integrations/google-cloud-integration/google-cloud-integration-web-ui/step-3-create-and-scan-a-cloud-environment-for-google-web-ui.md
+++ b/scan-fix-and-prevent/scan-with-snyk/snyk-iac/cloud-platform-integrations/google-cloud-integration/google-cloud-integration-web-ui/step-3-create-and-scan-a-cloud-environment-for-google-web-ui.md
@@ -11,9 +11,9 @@ To create and scan a Cloud Environment for Google, you must provide the Google s
For example, `snyk-cloud-mt-us-abcd1234@my-project.iam.gserviceaccount.com`
2. Enter the identity provider in the **Identity provider** field. This must be a full URL including workload identity pool ID, identity provider ID, and project ID.\
For example, `https://iam.googleapis.com/projects/12345567/locations/global/workloadIdentityPools/workload-identity-123456/providers/identity-provider-123456`
-3. Optionally, enter an environment name. If one is not provided, Snyk will use your Google Project name.
+3. Optionally, enter an environment name. If one is not provided, Snyk uses your Google Project name.
4. Select **Approve and begin scan**.
-5. You will see a confirmation message: **Google Cloud environment successfully added**.\
+5. You see a confirmation message: **Google Cloud environment successfully added**.\
Select **Add another environment** to return to the **Add Google Cloud Environment** modal and onboard a new account, or select **Go to settings** if you are finished:
Success message after adding a Google Cloud environment in the Snyk Web UI
diff --git a/scan-fix-and-prevent/scan-with-snyk/snyk-iac/current-iac-custom-rules/README.md b/scan-fix-and-prevent/scan-with-snyk/snyk-iac/current-iac-custom-rules/README.md
index ca714a9e685d..320b6b753a5d 100644
--- a/scan-fix-and-prevent/scan-with-snyk/snyk-iac/current-iac-custom-rules/README.md
+++ b/scan-fix-and-prevent/scan-with-snyk/snyk-iac/current-iac-custom-rules/README.md
@@ -6,7 +6,7 @@
IaC custom rules are available only with Enterprise plans. For more information, see [plans and pricing](https://snyk.io/plans/).
{% endhint %}
-Snyk IaC includes a comprehensive list of security rules, covering AWS, Azure, GCP, and Kubernetes. These rules are based on security research, best practices, recognized standards, and benchmarks. They are actively maintained by Snyk’s security engineering team, and new rules are released on a regular basis.
+Snyk IaC includes a comprehensive list of security rules, covering AWS, Azure, GCP, and Kubernetes. These rules are based on security research, best practices, recognized standards, and benchmarks. The Snyk security engineering team actively maintains them, and releases new rules on a regular basis.
These rules are intended to meet most of your needs on your first scan, but you may need to enforce additional security rules for your system, such as tagging standards.
@@ -35,6 +35,6 @@ Summary:
* Snyk IaC custom rules: generate issues
{% endhint %}
-The Snyk platform allows you to create your own [policies](../../../manage-risk/policies/) to manage how you prioritize and triage the issues Snyk identifies during scanning. For example, you can define policies to change the priority of an issue from medium to high if it has specific attributes, or to bulk ignore issues if they meet certain criteria.
+The Snyk platform lets you create your own [policies](../../../manage-risk/policies/) to manage how you prioritize and triage the issues Snyk identifies during scanning. For example, you can define policies to change the priority of an issue from medium to high if it has specific attributes, or to bulk ignore issues if they meet certain criteria.
-The Snyk IaC custom rules functionality enables you to define your own rules for misconfiguration checks that you would like to enforce. The result of a custom rule failing on a configuration file is generating an issue.
+The Snyk IaC custom rules functionality lets you define your own rules for misconfiguration checks that you want to enforce. The result of a custom rule failing on a configuration file is generating an issue.
diff --git a/scan-fix-and-prevent/scan-with-snyk/snyk-iac/current-iac-custom-rules/iac-custom-rules-within-a-pipeline.md b/scan-fix-and-prevent/scan-with-snyk/snyk-iac/current-iac-custom-rules/iac-custom-rules-within-a-pipeline.md
index 300245ef62fe..37901ee9cab8 100644
--- a/scan-fix-and-prevent/scan-with-snyk/snyk-iac/current-iac-custom-rules/iac-custom-rules-within-a-pipeline.md
+++ b/scan-fix-and-prevent/scan-with-snyk/snyk-iac/current-iac-custom-rules/iac-custom-rules-within-a-pipeline.md
@@ -14,16 +14,16 @@ Snyk uses the [snyk/custom-rules-example](https://github.com/snyk/custom-rules-e
Aims: Configure our pipeline to:
-* Verify that new rules or changes to the existing rules do nor break existing functionality.
+* Verify that new rules or changes to the existing rules do not break existing functionality.
* Publish the rules in `main` to an OCI registry.
* Enforce the use of custom rules in other pipelines.
* Optionally: Configure the custom rules using environment variables.
## Adding PR checks using GitHub Action
-An example of a PR check can be seen in [https://github.com/snyk/custom-rules-example/pull/5](https://github.com/snyk/custom-rules-example/pull/5) where there is an attempt to add a new rule called `my_rule`. This is the same rule shown for [learning how to write a rule](writing-rules-using-the-sdk/writing-a-rule.md).
+You can see an example of a PR check in [https://github.com/snyk/custom-rules-example/pull/5](https://github.com/snyk/custom-rules-example/pull/5), where there is an attempt to add a new rule called `my_rule`. This is the same rule shown for [learning how to write a rule](writing-rules-using-the-sdk/writing-a-rule.md).
-To verify that this rule works as expected, unit tests were implemented. To run the unit tests as part of PR checks, a GitHub Action was configured previously under `.github/workflows` called `test.yml`:
+To verify that this rule works as expected, this example implements unit tests. To run the unit tests as part of PR checks, a GitHub Action was configured previously under `.github/workflows` called `test.yml`:
{% code title=".github/workflows/test.yml" %}
```
@@ -56,8 +56,8 @@ jobs:
A few things to note about this workflow:
* It was configured to run on all non-`main` branches, so that it runs when PRs are open.
-* Steps were added steps to set up a Node.js environment to enable installing the `snyk-iac-rules` SDK using [npm](install-the-sdk.md#install-the-sdk-with-npm).
-* A step was added to run `snyk-iac-rules test`, which will cause the PR check to fail if any of the tests fail.
+* Steps were added to set up a Node.js environment to enable installing the `snyk-iac-rules` SDK using [npm](install-the-sdk.md#install-the-sdk-with-npm).
+* A step was added to run `snyk-iac-rules test`, which causes the PR check to fail if any of the tests fail.
{% hint style="info" %}
You must configure your `main` branch under `Settings` -> `Branches`first, so that no one can push directly to `main`.
@@ -67,7 +67,7 @@ You must configure your `main` branch under `Settings` -> `Branches`first, so th
Another way to test the rules is by testing the contract with the [Snyk CLI](https://app.gitbook.com/s/IEEjSXQQu36y0vmFV8zf/snyk-cli/snyk-cli) by using the [Snyk IaC GitHub Action](https://github.com/snyk/actions/tree/master/iac), making sure the generated bundle can be read by the CLI.
-To do this, you will need a step for installing the Snyk CLI and a `SNYK_TOKEN`, which can be found in your Snyk Account Settings.
+To do this, you need a step for installing the Snyk CLI and a `SNYK_TOKEN`, which you can find in your Snyk Account Settings.
{% code title=".github/workflows/test.yml" %}
```
@@ -101,7 +101,7 @@ You can also expand these tests to use [Shellspec](https://github.com/shellspec/
## Publishing the custom rules
-Once a PR passes its checks from the previous section and gets merged into the `main` branch, you can publish the Snyk rules to an OCI registry. This allows you to configure a separate pipeline, download the custom rules bundle from this location, and run the custom rules in order to catch misconfigurations.
+After a PR passes its checks from the previous section and gets merged into the `main` branch, you can publish the Snyk rules to an OCI registry. This lets you configure a separate pipeline, download the custom rules bundle from this location, and run the custom rules to catch misconfigurations.
For this, add another workflow under `.github/workflows` called `publish.yml`:
@@ -147,7 +147,7 @@ It looks like the previous workflow, but there are a few things to note about th
* It was configured to run only on `main` branches, so that it runs when PRs are merged.
* A step was added to authenticate with Docker Hub, our chosen OCI registry. For a list of supported registries, read about [pushing bundles](writing-rules-using-the-sdk/pushing-a-bundle.md). Use the [docker/login-action](https://github.com/docker/login-action) GitHub Action to do that and be sure to configure the GitHub secrets under `Settings` -> `Secrets`.
-* A step was added to run `snyk-iac-rules build` followed by `snyk-iac-rules push`, which will publish the generated custom rules bundle to an OCI registry.
+* A step was added to run `snyk-iac-rules build` followed by `snyk-iac-rules push`, which publishes the generated custom rules bundle to an OCI registry.
## Versioning rules
@@ -200,7 +200,7 @@ This means configuring the GitHub Action above with another job for updating Sny
}'
```
-This API call will update the chosen Snyk Group and all the Organizations underneath it to use the configured custom rules bundle.
+This API call updates the chosen Snyk Group and all the Organizations underneath it to use the configured custom rules bundle.
{% hint style="info" %}
To configure an Organization to use a different bundle, such as the `v2-beta` one, use the Snyk Settings page. You can either configure a new bundle or disable custom rules to allow using environment variables in the CI/CD pipeline to run the custom rules.
@@ -227,7 +227,7 @@ jobs:
SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }}
```
-The result is that the GitHub action will fail until the generated misconfigurations have been resolved:
+The result is that the GitHub action fails until the generated misconfigurations have been resolved:
```
Testing example.tf...
diff --git a/scan-fix-and-prevent/scan-with-snyk/snyk-iac/current-iac-custom-rules/sdk-reference.md b/scan-fix-and-prevent/scan-with-snyk/snyk-iac/current-iac-custom-rules/sdk-reference.md
index 4c2b25caad3e..3f54ab2c4de9 100644
--- a/scan-fix-and-prevent/scan-with-snyk/snyk-iac/current-iac-custom-rules/sdk-reference.md
+++ b/scan-fix-and-prevent/scan-with-snyk/snyk-iac/current-iac-custom-rules/sdk-reference.md
@@ -77,13 +77,13 @@ The mandatory configuration format you want to define your rule for. This genera
`--severity`=`low`|`medium`|`high`|`critical`
-The severity of the rule, which will show up when running the Snyk Infrastructure as Code CLI.
+The severity of the rule, which shows up when running the Snyk Infrastructure as Code CLI.
Default: `low`
`--title`=`TITLE`
-The title of the rule, which will show up when running the Snyk Infrastructure as Code CLI.
+The title of the rule, which shows up when running the Snyk Infrastructure as Code CLI.
### Parse options
diff --git a/scan-fix-and-prevent/scan-with-snyk/snyk-iac/current-iac-custom-rules/use-iac-custom-rules-with-cli/use-a-remote-iac-custom-rules-bundle.md b/scan-fix-and-prevent/scan-with-snyk/snyk-iac/current-iac-custom-rules/use-iac-custom-rules-with-cli/use-a-remote-iac-custom-rules-bundle.md
index c285a6991bee..29ba5eb6790e 100644
--- a/scan-fix-and-prevent/scan-with-snyk/snyk-iac/current-iac-custom-rules/use-iac-custom-rules-with-cli/use-a-remote-iac-custom-rules-bundle.md
+++ b/scan-fix-and-prevent/scan-with-snyk/snyk-iac/current-iac-custom-rules/use-iac-custom-rules-with-cli/use-a-remote-iac-custom-rules-bundle.md
@@ -8,7 +8,7 @@ After successfully pushing your custom rules bundle, you can enforce the use of
* [Snyk API](use-a-remote-iac-custom-rules-bundle.md#snyk-api-and-remote-custom-rules-bundle)
* [Environment variables](use-a-remote-iac-custom-rules-bundle.md#environment-variables-and-remote-custom-rules-bundle)
-Finally, after you have enforced your custom rules using one of these options, configure the Snyk Snyk CLI with your username and password to allow Snyk to authorize a pull from your OCI registry:
+After you have enforced your custom rules using one of these options, configure the Snyk CLI with your username and password to let Snyk authorize a pull from your OCI registry:
```
snyk config set oci-registry-username=
@@ -20,13 +20,13 @@ This sets the following Snyk environment variables:
* `SNYK_CFG_OCI_REGISTRY_USERNAME`
* `SNYK_CFG_OCI_REGISTRY_PASSWORD`
-After you have completed this configuration, you can run a Snyk IaC scan. The CLI will pull the bundle pushed to the configured container registry in the background.
+After you have completed this configuration, you can run a Snyk IaC scan. The CLI pulls the bundle pushed to the configured container registry in the background.
```
snyk iac test
```
-The resulting configuration scan issues will include issues from both the default Snyk rules and your custom rules. See also [Understanding the IaC CLI test results](https://app.gitbook.com/s/IEEjSXQQu36y0vmFV8zf/snyk-cli/snyk-cli/scan-and-maintain-projects-using-the-cli/snyk-cli-for-iac/understand-the-iac-cli-test-results).
+The resulting configuration scan issues include issues from both the default Snyk rules and your custom rules. See also [Understanding the IaC CLI test results](https://app.gitbook.com/s/IEEjSXQQu36y0vmFV8zf/snyk-cli/snyk-cli/scan-and-maintain-projects-using-the-cli/snyk-cli-for-iac/understand-the-iac-cli-test-results).
{% hint style="info" %}
Only one method for defining the bundle's path should be defined at any given time. Make sure to disable the custom rules settings using the Snyk settings page or the [Snyk API](https://app.gitbook.com/s/IEEjSXQQu36y0vmFV8zf/snyk-api/reference/iacsettings). Alternatively, clear any previously stored settings using [`snyk config unset`](https://app.gitbook.com/s/IEEjSXQQu36y0vmFV8zf/snyk-cli/snyk-cli/commands/config#unset-less-than-key-greater-than).
@@ -34,10 +34,10 @@ Only one method for defining the bundle's path should be defined at any given ti
## Snyk settings and remote custom rules bundle
-Snyk recommends you use the Snyk settings page to configure custom rules settings. This is a simple way to update the custom rules bundle's URL and tag whenever these are modified.
+Snyk recommends you use the Snyk settings page to configure custom rules settings. This is a way to update the custom rules bundle URL and tag whenever these are modified.
{% hint style="info" %}
-Tags are helpful for versioning your custom rules bundles. Configuring your updated bundle can be easily accomplished by setting the new version tag.
+Tags are helpful for versioning your custom rules bundles. To configure your updated bundle, set the new version tag.
{% endhint %}
You can configure these remote bundles on both the Organization and Group levels. Configuring a remote bundle for a Group applies the remote bundle to all the Organizations in the Group.
@@ -62,13 +62,13 @@ You can configure remote custom rules bundles on the Group level by navigating t
Registry URL and tag configured
-Your remote bundle of custom rules is now configured and will be used when testing IaC files.
+Your remote bundle of custom rules is now configured and is used when testing IaC files.
You can override remote bundle configurations for a Group using Snyk Settings.
-By default, configuring a remote bundle for a Group applies the remote bundle to all the Organizations in the Group. Thus if the Group configurations are updated, these changes apply to all of its Organizations.
+By default, configuring a remote bundle for a Group applies the remote bundle to all the Organizations in the Group. So if the Group configurations are updated, these changes apply to all of its Organizations.
-However, an Organization can still override the Group configurations and define its own bundle and tag. These will not change when the Group updates its configurations.
+However, an Organization can still override the Group configurations and define its own bundle and tag. These do not change when the Group updates its configurations.
To override the Group configurations, go to the Organization's `Rules` section in the Infrastructure as Code Settings.
@@ -80,15 +80,15 @@ To override the Group configurations, go to the Organization's `Rules` section i
Organization rules configuration updated
-* Now, configurations on the Group level will not override these customized settings for your Organization.
+* Now, configurations on the Group level do not override these customized settings for your Organization.
You can restore the inheritance of Group configurations at any time by using the **Reset to group default** button.
## Snyk API and remote custom rules bundle
-If manually updating the settings through the Snyk Settings page is too time-consuming, you can use the Snyk API, which allows you to send any variation of the custom rules settings using an API call.
+If manually updating the settings through the Snyk Settings page is too time-consuming, you can use the Snyk API, which lets you send any variation of the custom rules settings using an API call.
-* For example, in order to configure the custom rules bundle at the Group level, use the endpoint [Update the Infrastructure as Code settings for a group](https://app.gitbook.com/s/IEEjSXQQu36y0vmFV8zf/snyk-api/reference/iacsettings#groups-group_id-settings-iac) by providing the following body:
+* For example, to configure the custom rules bundle at the Group level, use the endpoint [Update the Infrastructure as Code settings for a group](https://app.gitbook.com/s/IEEjSXQQu36y0vmFV8zf/snyk-api/reference/iacsettings#groups-group_id-settings-iac) by providing the following body:
```
{
diff --git a/scan-fix-and-prevent/scan-with-snyk/snyk-iac/current-iac-custom-rules/writing-rules-using-the-sdk/README.md b/scan-fix-and-prevent/scan-with-snyk/snyk-iac/current-iac-custom-rules/writing-rules-using-the-sdk/README.md
index 6751e3a796bd..05bb7b7cefd2 100644
--- a/scan-fix-and-prevent/scan-with-snyk/snyk-iac/current-iac-custom-rules/writing-rules-using-the-sdk/README.md
+++ b/scan-fix-and-prevent/scan-with-snyk/snyk-iac/current-iac-custom-rules/writing-rules-using-the-sdk/README.md
@@ -1,6 +1,6 @@
# Writing rules using the SDK
-To get you started with the SDK, you will learn how to:
+To get you started with the SDK, you learn how to:
1. [Parse a fixture file](parsing-an-input-file.md), to help you understand how to write a rule.
2. [Write a rule with the SDK](writing-a-rule.md) using Rego.
diff --git a/scan-fix-and-prevent/scan-with-snyk/snyk-iac/current-iac-custom-rules/writing-rules-using-the-sdk/bundling-rules.md b/scan-fix-and-prevent/scan-with-snyk/snyk-iac/current-iac-custom-rules/writing-rules-using-the-sdk/bundling-rules.md
index 0d3060b73f66..3a0b5a15c6c8 100644
--- a/scan-fix-and-prevent/scan-with-snyk/snyk-iac/current-iac-custom-rules/writing-rules-using-the-sdk/bundling-rules.md
+++ b/scan-fix-and-prevent/scan-with-snyk/snyk-iac/current-iac-custom-rules/writing-rules-using-the-sdk/bundling-rules.md
@@ -20,7 +20,7 @@ Finally, you can check the contents of the bundle without extracting it by runni
tar -tf bundle.tar.gz
```
-The output will be all the files included in the bundle:
+The output is all the files included in the bundle:
```
/data.json
diff --git a/scan-fix-and-prevent/scan-with-snyk/snyk-iac/current-iac-custom-rules/writing-rules-using-the-sdk/examples-of-iac-custom-rules.md b/scan-fix-and-prevent/scan-with-snyk/snyk-iac/current-iac-custom-rules/writing-rules-using-the-sdk/examples-of-iac-custom-rules.md
index d5f692860929..1a743e10da74 100644
--- a/scan-fix-and-prevent/scan-with-snyk/snyk-iac/current-iac-custom-rules/writing-rules-using-the-sdk/examples-of-iac-custom-rules.md
+++ b/scan-fix-and-prevent/scan-with-snyk/snyk-iac/current-iac-custom-rules/writing-rules-using-the-sdk/examples-of-iac-custom-rules.md
@@ -6,7 +6,7 @@
You can find a full example of this guide in [this OPA Playground](https://play.openpolicyagent.org/p/SCYndBjWxh) and the [snyk/custom-rules-example](https://github.com/snyk/custom-rules-example) repository.
{% endhint %}
-Assume you have generated a new rule, `CUSTOM-RULE-1` using the SDK , that is, `snyk-iac-rules template --rule CUSTOM-RULE-1` and have a very simple fixture file containing a Terraform resource:
+Assume you have generated a new rule, `CUSTOM-RULE-1` using the SDK, that is, `snyk-iac-rules template --rule CUSTOM-RULE-1` and have a fixture file containing a Terraform resource:
{% code title="rules/CUSTOM-RULE-1/fixtures/denied.tf" %}
```
@@ -22,8 +22,8 @@ resource "aws_redshift_cluster" "denied" {
Now, modify the generated Rego to enforce resources tagged with an owner:
1. Create a variable `[name]` to enumerate across all of the `aws_redshift_cluster` resources. This variable can be named anything you like, for example, `i`, `j`, `name`, and so on.
-2. Store this into the resource variable by assigning the value to it with a walrus operator `:=`; e.g. `resource := input.resource.aws_redshift_cluster[name]`
-3. Check whether the owner tag exists for each resource; to do that, check if the path `resource.tags.owner` is defined. If it is undefined, it will evaluate as undefined. So, use the `NOT` keyword in front of it, which will evaluate to `TRUE`; for example,`not resource.tags.owner`
+2. Store this into the resource variable by assigning the value to it with a walrus operator `:=`. For example, `resource := input.resource.aws_redshift_cluster[name]`
+3. Check whether the owner tag exists for each resource. To do that, check if the path `resource.tags.owner` is defined. If it is undefined, it evaluates as undefined. So, use the `NOT` keyword in front of it, which evaluates to `TRUE`. For example,`not resource.tags.owner`
The modified Rego is:
@@ -50,7 +50,7 @@ deny[msg] {
{% endcode %}
{% hint style="info" %}
-To understand how the Rego code evaluates the Terraform file provided earlier, have a look at how the SDK is able to [parse a fixture file](parsing-an-input-file.md) into JSON.
+To understand how the Rego code evaluates the Terraform file provided earlier, have a look at how the SDK can [parse a fixture file](parsing-an-input-file.md) into JSON.
{% endhint %}
{% hint style="info" %}
@@ -240,7 +240,7 @@ deny[msg] {
```
{% endcode %}
-This will successfully return all the rules that deny.
+This successfully returns all the rules that deny.
{% hint style="info" %}
Snyk recommends always validating that your rule is correct by [updating and running the unit tests](testing-a-rule.md).
@@ -446,7 +446,7 @@ You can also iterate over many resources by adding them to an array of resources
]
```
-One way to leverage this is to implement denylist rules.
+One way to use this is to implement denylist rules.
For example, you may want to ensure that if someone defines a Kubernetes ConfigMap, then they cannot use it to store sensitive information such as passwords, secret keys, and access tokens.
diff --git a/scan-fix-and-prevent/scan-with-snyk/snyk-iac/current-iac-custom-rules/writing-rules-using-the-sdk/parsing-an-input-file.md b/scan-fix-and-prevent/scan-with-snyk/snyk-iac/current-iac-custom-rules/writing-rules-using-the-sdk/parsing-an-input-file.md
index 00af017ec12e..1a916ab98cde 100644
--- a/scan-fix-and-prevent/scan-with-snyk/snyk-iac/current-iac-custom-rules/writing-rules-using-the-sdk/parsing-an-input-file.md
+++ b/scan-fix-and-prevent/scan-with-snyk/snyk-iac/current-iac-custom-rules/writing-rules-using-the-sdk/parsing-an-input-file.md
@@ -1,6 +1,6 @@
# Parsing an input file
-It can be difficult to understand the internal representation of your input files as you write your Rego code. As you will see when you learn [how to write a rule](writing-a-rule.md), the input value is a JSON-like object, but the input files could also be YAML, Terraform, or [Terraform Plan JSON Output](https://www.terraform.io/docs/internals/json-format.html). To help you understand how these are translated into JSON, Snyk provides a `parse` command.
+It can be difficult to understand the internal representation of your input files as you write your Rego code. As you see when you learn [how to write a rule](writing-a-rule.md), the input value is a JSON-like object, but the input files could also be YAML, Terraform, or [Terraform Plan JSON Output](https://www.terraform.io/docs/internals/json-format.html). To help you understand how these are translated into JSON, Snyk provides a `parse` command.
You will need an IaC file to use as an input file. This input file can also be used when [testing the rules](testing-a-rule.md), which parses your files into JSON by default.
diff --git a/scan-fix-and-prevent/scan-with-snyk/snyk-iac/current-iac-custom-rules/writing-rules-using-the-sdk/pushing-a-bundle.md b/scan-fix-and-prevent/scan-with-snyk/snyk-iac/current-iac-custom-rules/writing-rules-using-the-sdk/pushing-a-bundle.md
index cd8cdd81f7ed..9096dea83bc7 100644
--- a/scan-fix-and-prevent/scan-with-snyk/snyk-iac/current-iac-custom-rules/writing-rules-using-the-sdk/pushing-a-bundle.md
+++ b/scan-fix-and-prevent/scan-with-snyk/snyk-iac/current-iac-custom-rules/writing-rules-using-the-sdk/pushing-a-bundle.md
@@ -1,6 +1,6 @@
# Pushing a bundle
-Optionally, once you have generated your custom rules bundle, you can distribute it automatically to one of our supported OCI registries by using the `push` command:
+Optionally, after you have generated your custom rules bundle, you can distribute it automatically to one of our supported OCI registries by using the `push` command:
```
snyk-iac-rules push -r docker.io/example/test bundle.tar.gz
@@ -10,7 +10,7 @@ snyk-iac-rules push -r docker.io/example/test bundle.tar.gz
Make sure to log into your container registry first, for example, by using Docker run `docker login` before running the `snyk-iac-rules push` command.
{% endhint %}
-Snyk uses the OCI registries that support the [OCI artifact specification](https://github.com/opencontainers/artifacts) and leverage [ORAS](https://github.com/deislabs/oras) to achieve that. Currently supported registries include
+Snyk uses the OCI registries that support the [OCI artifact specification](https://github.com/opencontainers/artifacts) and use [ORAS](https://github.com/deislabs/oras) to achieve that. Supported registries include
* [Google Container Registry](https://cloud.google.com/container-registry)
* [DockerHub](https://hub.docker.com)
@@ -24,7 +24,7 @@ Snyk uses the OCI registries that support the [OCI artifact specification](https
Snyk does not support insecure registries. The only protocol Snyk supports is HTTPS.
{% endhint %}
-After you have run the command, your custom rules bundle will be pushed to your OCI registry using the `latest` tag.
+After you have run the command, Snyk pushes your custom rules bundle to your OCI registry using the `latest` tag.
You can also provide your own tag if you want to version the bundle:
diff --git a/scan-fix-and-prevent/scan-with-snyk/snyk-iac/current-iac-custom-rules/writing-rules-using-the-sdk/testing-a-rule.md b/scan-fix-and-prevent/scan-with-snyk/snyk-iac/current-iac-custom-rules/writing-rules-using-the-sdk/testing-a-rule.md
index 7fe52c75ea02..2c4a4a909ba5 100644
--- a/scan-fix-and-prevent/scan-with-snyk/snyk-iac/current-iac-custom-rules/writing-rules-using-the-sdk/testing-a-rule.md
+++ b/scan-fix-and-prevent/scan-with-snyk/snyk-iac/current-iac-custom-rules/writing-rules-using-the-sdk/testing-a-rule.md
@@ -43,7 +43,7 @@ resource "aws_redshift_cluster" "allowed" {
```
{% endcode %}
-In the `want_msgs` field of the test case, you should add the msg fields of the resources that you expect your deny rule will evaluate and return, for example,`["input.resource.aws_redshift_cluster[denied].tags"]`.
+In the `want_msgs` field of the test case, add the msg fields of the resources that you expect your deny rule to evaluate and return, for example,`["input.resource.aws_redshift_cluster[denied].tags"]`.
{% hint style="info" %}
The `want_msgs` field should be an array containing hardcoded values corresponding to the computed `msg` field in the appropriate Rego rule.
@@ -79,20 +79,20 @@ To run all tests, run the following command:
snyk-iac-rules test
```
-If your tests pass successfully, you will see an output like the following, assuming you have three different rules in your `rules/` folder:
+If your tests pass successfully, you see an output like the following, assuming you have three different rules in your `rules/` folder:
```
PASS: 3/3
```
-However, if any of them fail, you will see an output like this:
+However, if any of them fail, you see an output like this:
```
data.rules.test_MY_RULE: FAIL (1.12234ms)
FAIL: 2/3
```
-If you have more than one rule in your `rule/`, folder you can target a specific test by running the following command:
+If you have more than one rule in your `rule/` folder, you can target a specific test by running the following command:
```
snyk-iac-rules test --run test_MY_RULE
diff --git a/scan-fix-and-prevent/scan-with-snyk/snyk-iac/current-iac-custom-rules/writing-rules-using-the-sdk/writing-a-rule.md b/scan-fix-and-prevent/scan-with-snyk/snyk-iac/current-iac-custom-rules/writing-rules-using-the-sdk/writing-a-rule.md
index f568c54eaa21..b15a1d04cabc 100644
--- a/scan-fix-and-prevent/scan-with-snyk/snyk-iac/current-iac-custom-rules/writing-rules-using-the-sdk/writing-a-rule.md
+++ b/scan-fix-and-prevent/scan-with-snyk/snyk-iac/current-iac-custom-rules/writing-rules-using-the-sdk/writing-a-rule.md
@@ -75,9 +75,9 @@ You must follow this format of the **msg** property to ensure the output is disp
The attributes are:
* **publicId:** a naming convention unique to your team, such as COMPANY-001. This should not contain/start with “SNYK-” to differentiate it from the internal Snyk rules.
-* **title:** a short title that should summarise the issue.
+* **title:** a short title that summarizes the issue.
* **severity:** this can be one of low/medium/high/critical.
-* **msg:** Snyk recommends changing only the resource name and property, for example,`input.aws_s3_bucket[%s].tags` to match your example. The function `sprintf` is provided by Rego and enables Snyk to provide a dynamic error message explaining exactly where the issue was found.
+* **msg:** Snyk recommends changing only the resource name and property, for example,`input.aws_s3_bucket[%s].tags` to match your example. Rego provides the `sprintf` function, which lets Snyk provide a dynamic error message explaining exactly where the issue was found.
The following attributes are optional but can be used to enhance the scan results in the Snyk CLI:
diff --git a/scan-fix-and-prevent/scan-with-snyk/snyk-iac/detect-manually-created-resources/configure-cloud-providers/configure-aws-provider.md b/scan-fix-and-prevent/scan-with-snyk/snyk-iac/detect-manually-created-resources/configure-cloud-providers/configure-aws-provider.md
index 2167a079181c..8bfbe6a8f29e 100644
--- a/scan-fix-and-prevent/scan-with-snyk/snyk-iac/detect-manually-created-resources/configure-cloud-providers/configure-aws-provider.md
+++ b/scan-fix-and-prevent/scan-with-snyk/snyk-iac/detect-manually-created-resources/configure-cloud-providers/configure-aws-provider.md
@@ -199,7 +199,7 @@ When the stack is deployed, attach the following policy to your IAM user. This a
}
```
-There is no automatic way to update the CloudFormation template from the Snyk side because you launched this template from your AWS account. Therefore you must update the template yourself to use the most recent Snyk role.
+There is no automatic way to update the CloudFormation template from the Snyk side because you launched this template from your AWS account. So you must update the template yourself to use the most recent Snyk role.
### Update the CloudFormation template using the AWS console
@@ -207,7 +207,7 @@ There is no automatic way to update the CloudFormation template from the Snyk si
* In the stack details pane, choose **Update**.
* Select **Replace current template** and specify the Snyk **Amazon S3 URL** `https://driftctl-cfn-templates.s3.eu-west-3.amazonaws.com/driftctl-role.yml`; click **Next.**
* On the **Specify stack details** and the **Configure stack options** pages, click **Next**.
-* In the **Change set preview** section, check that AWS CloudFormation will make the changes.
+* In the **Change set preview** section, check that AWS CloudFormation makes the changes.
* Because the Snyk template contains one IAM resource, select **I acknowledge that this template may create IAM resources**.
* To finish, click **Update stack**.
diff --git a/scan-fix-and-prevent/scan-with-snyk/snyk-iac/detect-manually-created-resources/filter-rules.md b/scan-fix-and-prevent/scan-with-snyk/snyk-iac/detect-manually-created-resources/filter-rules.md
index b16ba25b5f3a..7dfb4d92abed 100644
--- a/scan-fix-and-prevent/scan-with-snyk/snyk-iac/detect-manually-created-resources/filter-rules.md
+++ b/scan-fix-and-prevent/scan-with-snyk/snyk-iac/detect-manually-created-resources/filter-rules.md
@@ -2,7 +2,7 @@
You can use filter rules to describe resources and ignore resources. You can use both inclusion and exclusion logic.
-Filter rules allow you to build a complex include and exclude expression to include and exclude a set of resources in your workflow. This capability is powered by the expression language [JMESPath](https://jmespath.org).
+Filter rules let you build a complex include and exclude expression to include and exclude a set of resources in your workflow. The expression language [JMESPath](https://jmespath.org) powers this capability.
Filters are applied on a normalized `struct` that contains the following fields:
diff --git a/scan-fix-and-prevent/scan-with-snyk/snyk-iac/detect-manually-created-resources/get-started-with-snyk-iac-describe-on-aws.md b/scan-fix-and-prevent/scan-with-snyk/snyk-iac/detect-manually-created-resources/get-started-with-snyk-iac-describe-on-aws.md
index 648920c886af..df9a7cc1390c 100644
--- a/scan-fix-and-prevent/scan-with-snyk/snyk-iac/detect-manually-created-resources/get-started-with-snyk-iac-describe-on-aws.md
+++ b/scan-fix-and-prevent/scan-with-snyk/snyk-iac/detect-manually-created-resources/get-started-with-snyk-iac-describe-on-aws.md
@@ -2,9 +2,9 @@
## Step 1: Configure AWS authentication for your environment
-The [`snyk iac describe`](https://app.gitbook.com/s/IEEjSXQQu36y0vmFV8zf/snyk-cli/snyk-cli/commands/iac-describe) command requires authentication to your cloud provider in order to run properly. It requires only the lowest read-only access rights possible. You can use use the built-in AWS `ReadOnlyAccess` IAM policy for an IAM user as the default to get started.
+The [`snyk iac describe`](https://app.gitbook.com/s/IEEjSXQQu36y0vmFV8zf/snyk-cli/snyk-cli/commands/iac-describe) command requires authentication to your cloud provider to run properly. It requires only the lowest read-only access rights possible. You can use the built-in AWS `ReadOnlyAccess` IAM policy for an IAM user as the default to get started.
-`snyk iac describe` can reuse standard authentication methods for AWS, such as the `AWS_ACCESS_KEY_ID`, `AWS_SECRET_ACCESS_KEY`, and `AWS_REGION` [environment variables](https://docs.aws.amazon.com/cli/latest/userguide/cli-configure-envvars.html#envvars-list). When those are set, the Snyk CLI will automatically pick them up to authenticate on AWS.
+`snyk iac describe` can reuse standard authentication methods for AWS, such as the `AWS_ACCESS_KEY_ID`, `AWS_SECRET_ACCESS_KEY`, and `AWS_REGION` [environment variables](https://docs.aws.amazon.com/cli/latest/userguide/cli-configure-envvars.html#envvars-list). When those are set, the Snyk CLI automatically picks them up to authenticate on AWS.
Alternatively, you can configure the [AWS profile](https://docs.aws.amazon.com/cli/latest/userguide/cli-configure-profiles.html) in `~/.aws/credentials` and use the `AWS_PROFILE` environment variable.
diff --git a/scan-fix-and-prevent/scan-with-snyk/snyk-iac/detect-manually-created-resources/iac-sources-usage.md b/scan-fix-and-prevent/scan-with-snyk/snyk-iac/detect-manually-created-resources/iac-sources-usage.md
index c708399338a6..ef6a7cdcc657 100644
--- a/scan-fix-and-prevent/scan-with-snyk/snyk-iac/detect-manually-created-resources/iac-sources-usage.md
+++ b/scan-fix-and-prevent/scan-with-snyk/snyk-iac/detect-manually-created-resources/iac-sources-usage.md
@@ -1,4 +1,4 @@
-# IAC sources usage
+# IaC sources usage
## **Supported IaC sources**
diff --git a/scan-fix-and-prevent/scan-with-snyk/snyk-iac/detect-manually-created-resources/ignore-unmanaged-resources.md b/scan-fix-and-prevent/scan-with-snyk/snyk-iac/detect-manually-created-resources/ignore-unmanaged-resources.md
index 8bc26ea952a1..72a19f784373 100644
--- a/scan-fix-and-prevent/scan-with-snyk/snyk-iac/detect-manually-created-resources/ignore-unmanaged-resources.md
+++ b/scan-fix-and-prevent/scan-with-snyk/snyk-iac/detect-manually-created-resources/ignore-unmanaged-resources.md
@@ -37,7 +37,7 @@ exclude:
```
{% endcode %}
-The `.snyk` policy file also supports the negation of rules. This allows you to ignore everything except certain types. In this example, only S3 buckets will not be ignored:
+The `.snyk` policy file also supports the negation of rules. This lets you ignore everything except certain types. In this example, only S3 buckets are not ignored:
{% code title=".snyk" %}
```yaml
@@ -91,7 +91,7 @@ You can use the means to ignore resources explained on this page in combination
For details, run `snyk iac update-exclude-policy --help` .
-This command helps to generate a `.snyk` policy file, adding all the detected drifts to it in order to ignore them all.
+This command helps to generate a `.snyk` policy file, adding all the detected drifts to it to ignore them all.
For example, to ignore all the unmanaged resources at once, run the following command:
diff --git a/scan-fix-and-prevent/scan-with-snyk/snyk-iac/getting-started-with-cloud-scans/README.md b/scan-fix-and-prevent/scan-with-snyk/snyk-iac/getting-started-with-cloud-scans/README.md
index 95e9b3e8c355..83dad824ee51 100644
--- a/scan-fix-and-prevent/scan-with-snyk/snyk-iac/getting-started-with-cloud-scans/README.md
+++ b/scan-fix-and-prevent/scan-with-snyk/snyk-iac/getting-started-with-cloud-scans/README.md
@@ -16,7 +16,7 @@ To start using cloud scans you must have the following:
Navigate to your **Organization** **Settings** > **Cloud environments**.
-To add a cloud environment, select the **Add environment** drop-down and select the cloud provider. Follow the steps in [AWS Integration: Web UI](../cloud-platform-integrations/aws-integration/aws-integration-web-ui/), [Google Cloud Integration: Web UI](../cloud-platform-integrations/google-cloud-integration/google-cloud-integration-web-ui/), or [Azure Integration: Web UI](../cloud-platform-integrations/azure-integration-for-cloud-configurations/azure-integration-web-ui/) to create the environment.
+To add a cloud environment, select the **Add environment** dropdown and select the cloud provider. Follow the steps in [AWS Integration: Web UI](../cloud-platform-integrations/aws-integration/aws-integration-web-ui/), [Google Cloud Integration: Web UI](../cloud-platform-integrations/google-cloud-integration/google-cloud-integration-web-ui/), or [Azure Integration: Web UI](../cloud-platform-integrations/azure-integration-for-cloud-configurations/azure-integration-web-ui/) to create the environment.
You can also add an environment using the Snyk API:
diff --git a/scan-fix-and-prevent/scan-with-snyk/snyk-iac/getting-started-with-cloud-scans/manage-cloud-environments/README.md b/scan-fix-and-prevent/scan-with-snyk/snyk-iac/getting-started-with-cloud-scans/manage-cloud-environments/README.md
index 8468376f2bbb..105e82b60110 100644
--- a/scan-fix-and-prevent/scan-with-snyk/snyk-iac/getting-started-with-cloud-scans/manage-cloud-environments/README.md
+++ b/scan-fix-and-prevent/scan-with-snyk/snyk-iac/getting-started-with-cloud-scans/manage-cloud-environments/README.md
@@ -1,6 +1,6 @@
# Manage cloud environments
-This section provides information on how to work with Snyk environments. Environments are used onboard cloud provider accounts, and contain resources for cloud accounts and IaC+ SCM repositories, CLI test report, and Terraform Cloud/Enterprise run task report.
+This section provides information on how to work with Snyk environments. Environments onboard cloud provider accounts and contain resources for cloud accounts and IaC+ SCM repositories, CLI test reports, and Terraform Cloud/Enterprise run task reports.
* [View, add, and remove environments](view-add-and-remove-environments.md)
* [Find an environment ID](find-an-environment-id.md)
diff --git a/scan-fix-and-prevent/scan-with-snyk/snyk-iac/getting-started-with-cloud-scans/manage-cloud-environments/remove-a-cloud-environment.md b/scan-fix-and-prevent/scan-with-snyk/snyk-iac/getting-started-with-cloud-scans/manage-cloud-environments/remove-a-cloud-environment.md
index b5a705da858f..cfeeee3b7505 100644
--- a/scan-fix-and-prevent/scan-with-snyk/snyk-iac/getting-started-with-cloud-scans/manage-cloud-environments/remove-a-cloud-environment.md
+++ b/scan-fix-and-prevent/scan-with-snyk/snyk-iac/getting-started-with-cloud-scans/manage-cloud-environments/remove-a-cloud-environment.md
@@ -20,18 +20,18 @@ There is no output if the command is successful.
## Remove the Snyk AWS IAM role
-Removing an environment does not remove the Snyk Identity and Access Management (IAM) role. To fully remove Snyk's access to your Amazon Web Services (AWS) account, delete the IAM role using the same infrastructure as code tool that created it:
+Removing an environment does not remove the Snyk Identity and Access Management (IAM) role. To fully remove the access Snyk has to your Amazon Web Services (AWS) account, delete the IAM role using the same infrastructure as code tool that created it:
* **Terraform:** delete the role using the [terraform destroy](https://www.terraform.io/cli/commands/destroy) command.
* **CloudFormation:** delete the CloudFormation stack using the [AWS Management Console](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/cfn-console-delete-stack.html) or the AWS CLI [delete-stack command](https://awscli.amazonaws.com/v2/documentation/api/latest/reference/cloudformation/delete-stack.html).
## Remove the Google service account
-Removing an environment does not remove the Google service account. To fully remove Snyk's access to your Google project, delete the Google service account using the [Google Cloud console](https://cloud.google.com/iam/docs/creating-managing-service-accounts#iam-service-accounts-delete-console) or [CLI](https://cloud.google.com/iam/docs/creating-managing-service-accounts#iam-service-accounts-delete-gcloud).
+Removing an environment does not remove the Google service account. To fully remove the access Snyk has to your Google project, delete the Google service account using the [Google Cloud console](https://cloud.google.com/iam/docs/creating-managing-service-accounts#iam-service-accounts-delete-console) or [CLI](https://cloud.google.com/iam/docs/creating-managing-service-accounts#iam-service-accounts-delete-gcloud).
## Remove the Azure app registration, federated identity credential, and service principal
-Removing an environment does not remove the Azure app registration, federated identity credential, or service principal. To fully remove Snyk's access to your Azure subscription, delete the infrastructure according to the method you used to create it:
+Removing an environment does not remove the Azure app registration, federated identity credential, or service principal. To fully remove the access Snyk has to your Azure subscription, delete the infrastructure according to the method you used to create it:
* **Terraform:** use the [terraform destroy](https://www.terraform.io/cli/commands/destroy) command.
* **Azure CLI Bash script:** first, delete the Reader role assignment for the app registration (see docs: [Azure CLI](https://learn.microsoft.com/en-us/azure/role-based-access-control/role-assignments-remove#azure-cli) or [Azure Portal](https://learn.microsoft.com/en-us/azure/role-based-access-control/role-assignments-remove#azure-portal)), then delete the Azure app registration (see docs: [Azure CLI](https://learn.microsoft.com/en-us/cli/azure/ad/app?view=azure-cli-latest#az-ad-app-delete) or [Azure Portal](https://learn.microsoft.com/en-us/azure/active-directory/develop/howto-remove-app#remove-an-application-authored-by-you-or-your-organization)).
diff --git a/scan-fix-and-prevent/scan-with-snyk/snyk-iac/getting-started-with-cloud-scans/manage-cloud-environments/scan-a-cloud-environment.md b/scan-fix-and-prevent/scan-with-snyk/snyk-iac/getting-started-with-cloud-scans/manage-cloud-environments/scan-a-cloud-environment.md
index e307f7aec99b..db8118279928 100644
--- a/scan-fix-and-prevent/scan-with-snyk/snyk-iac/getting-started-with-cloud-scans/manage-cloud-environments/scan-a-cloud-environment.md
+++ b/scan-fix-and-prevent/scan-with-snyk/snyk-iac/getting-started-with-cloud-scans/manage-cloud-environments/scan-a-cloud-environment.md
@@ -29,11 +29,11 @@ curl -X POST \
}"
-Because `jq -r '.data[0].id` returns the ID of the first environment shown in the Snyk API [List environments](https://apidocs.snyk.io/#get-/orgs/-org_id-/cloud/environments) output, this technique is especially useful if your Organization has a single environment. You can also change the `0` to another number to scan a different environment; for example, `jq -r '.data[1].id` will return the ID of the second environment in the output.
+Because `jq -r '.data[0].id` returns the ID of the first environment shown in the Snyk API [List environments](https://apidocs.snyk.io/#get-/orgs/-org_id-/cloud/environments) output, this technique is especially useful if your Organization has a single environment. You can also change the `0` to another number to scan a different environment. For example, `jq -r '.data[1].id` returns the ID of the second environment in the output.
## Without `jq`
-If you so not have [jq](https://stedolan.github.io/jq/download/) installed, you can send a request to the Snyk API to return all your environment IDs, look for the ID of the environment you want to scan, and send another request to manually trigger the scan.
+If you do not have [jq](https://stedolan.github.io/jq/download/) installed, you can send a request to the Snyk API to return all your environment IDs, look for the ID of the environment you want to scan, and send another request to manually trigger the scan.
### Find the environment ID
diff --git a/scan-fix-and-prevent/scan-with-snyk/snyk-iac/getting-started-with-cloud-scans/manage-cloud-environments/update-a-cloud-environment.md b/scan-fix-and-prevent/scan-with-snyk/snyk-iac/getting-started-with-cloud-scans/manage-cloud-environments/update-a-cloud-environment.md
index b917b96b1afb..3cba65eb3779 100644
--- a/scan-fix-and-prevent/scan-with-snyk/snyk-iac/getting-started-with-cloud-scans/manage-cloud-environments/update-a-cloud-environment.md
+++ b/scan-fix-and-prevent/scan-with-snyk/snyk-iac/getting-started-with-cloud-scans/manage-cloud-environments/update-a-cloud-environment.md
@@ -82,7 +82,7 @@ curl -X PATCH \
#### Google
-`data.attributes.options.service_account_email` is required. You can choose to specify the Project ID explicitly with a `data.attributes.options.project_id` field, but it cannot be different from the current ProjectProject ID.
+`data.attributes.options.service_account_email` is required. You can choose to specify the Project ID explicitly with a `data.attributes.options.project_id` field, but it cannot be different from the current Project ID.
```
curl -X PATCH \
diff --git a/scan-fix-and-prevent/scan-with-snyk/snyk-iac/getting-started-with-cloud-scans/manage-cloud-environments/view-add-and-remove-environments.md b/scan-fix-and-prevent/scan-with-snyk/snyk-iac/getting-started-with-cloud-scans/manage-cloud-environments/view-add-and-remove-environments.md
index c71fe989f52a..7eaf5e0223a4 100644
--- a/scan-fix-and-prevent/scan-with-snyk/snyk-iac/getting-started-with-cloud-scans/manage-cloud-environments/view-add-and-remove-environments.md
+++ b/scan-fix-and-prevent/scan-with-snyk/snyk-iac/getting-started-with-cloud-scans/manage-cloud-environments/view-add-and-remove-environments.md
@@ -13,7 +13,7 @@ The cloud environments table displays the following information for each environ
## Add a cloud environment
-To add a cloud environment, select the **Add environment** drop-down and select the cloud provider. Follow the steps in [AWS Integration: Web UI](../../cloud-platform-integrations/aws-integration/aws-integration-web-ui/), [Google Cloud Integration: Web UI](../../cloud-platform-integrations/google-cloud-integration/google-cloud-integration-web-ui/), or [Azure Integration: Web UI](../../cloud-platform-integrations/azure-integration-for-cloud-configurations/azure-integration-web-ui/) to create the environment.
+To add a cloud environment, select the **Add environment** dropdown and select the cloud provider. Follow the steps in [AWS Integration: Web UI](../../cloud-platform-integrations/aws-integration/aws-integration-web-ui/), [Google Cloud Integration: Web UI](../../cloud-platform-integrations/google-cloud-integration/google-cloud-integration-web-ui/), or [Azure Integration: Web UI](../../cloud-platform-integrations/azure-integration-for-cloud-configurations/azure-integration-web-ui/) to create the environment.
diff --git a/scan-fix-and-prevent/scan-with-snyk/snyk-iac/getting-started-with-cloud-scans/manage-cloud-issues/ignoring-cloud-issues.md b/scan-fix-and-prevent/scan-with-snyk/snyk-iac/getting-started-with-cloud-scans/manage-cloud-issues/ignoring-cloud-issues.md
index 3190dd3ce22d..f4dcc77d80b2 100644
--- a/scan-fix-and-prevent/scan-with-snyk/snyk-iac/getting-started-with-cloud-scans/manage-cloud-issues/ignoring-cloud-issues.md
+++ b/scan-fix-and-prevent/scan-with-snyk/snyk-iac/getting-started-with-cloud-scans/manage-cloud-issues/ignoring-cloud-issues.md
@@ -12,16 +12,16 @@ Ignores are applied at the Organization level.
## Ignoring an issue
-To ignore an issue via the Snyk Web UI:
+To ignore an issue using the Snyk Web UI:
1. Navigate to your Organization's Cloud tab.
2. Select the issue you want to ignore.
-3. Select the **Ignore** button.\
+3. Select **Ignore**.\
-
The Ignore button in a coud issue in the Snyk Web UI
+
The Ignore button in a cloud issue in the Snyk Web UI
4. Add a comment about why this issue is ignored.
-5. From the **Ignore for** drop-down menu, set how long the issue should be ignored. You can permanently ignore an issue by selecting **Does not expire**, or you can ignore the issue for 14, 30, 60, or 90 days, or a custom time period.\
+5. From the **Ignore for** dropdown menu, set how long to ignore the issue. You can permanently ignore an issue by selecting **Does not expire**, or you can ignore the issue for 14, 30, 60, or 90 days, or a custom time period.\
Setting ignore details for a cloud issue in the Snyk Web UI
@@ -47,10 +47,10 @@ After an issue is ignored, you can unignore it or edit the ignore.
## Unignoring an issue
-To unignore an issue via the Snyk Web UI:
+To unignore an issue using the Snyk Web UI:
1. Select the ignored issue from your Organization's Cloud tab.
-2. Select the **Unignore** button.
+2. Select **Unignore**.
3. The message "Issue successfully unignored and will be applied on next scan" appears.\
In addition, the unignore pending state is shown in the issue panel: The ignore applied to this issue has been deleted and will be removed on the next scan.\
.png>)
@@ -60,10 +60,10 @@ To unignore an issue via the Snyk Web UI:
## Editing an ignore
-To edit an ignore via the Snyk Web UI:
+To edit an ignore using the Snyk Web UI:
1. Select the ignored issue from your Organization's Cloud tab.
-2. In the side panel, select the **Edit ignore** button.
+2. In the side panel, select **Edit ignore**.
3. Edit the comment, the ignore expiration date, or both.
4. Select **Confirm**.\
The message "Ignore successfully edited and will be applied on next scan" appears.
diff --git a/scan-fix-and-prevent/scan-with-snyk/snyk-iac/getting-started-with-cloud-scans/manage-cloud-issues/view-cloud-issues-in-the-snyk-web-ui.md b/scan-fix-and-prevent/scan-with-snyk/snyk-iac/getting-started-with-cloud-scans/manage-cloud-issues/view-cloud-issues-in-the-snyk-web-ui.md
index 082cbcec79ca..bbb87a720834 100644
--- a/scan-fix-and-prevent/scan-with-snyk/snyk-iac/getting-started-with-cloud-scans/manage-cloud-issues/view-cloud-issues-in-the-snyk-web-ui.md
+++ b/scan-fix-and-prevent/scan-with-snyk/snyk-iac/getting-started-with-cloud-scans/manage-cloud-issues/view-cloud-issues-in-the-snyk-web-ui.md
@@ -12,7 +12,7 @@ By default, Snyk displays open issues across all cloud environments in an Organi
Issues are grouped by rule by default.
-If you have grouped them by resource instead, you can group them by rule again by selecting the **Group by Resource** drop-down menu next to the search bar and selecting **Rule**:
+If you have grouped them by resource instead, you can group them by rule again by selecting the **Group by Resource** dropdown menu next to the search bar and selecting **Rule**:
Group by rule
@@ -46,7 +46,7 @@ By default, when you expand a rule you see all the resources with an open issue
## Group issues by resource
-If issues are currently grouped by rule, you can group them by resource instead by selecting the **Group by Rule** drop-down menu next to the search bar and selecting **Resource**:
+If issues are currently grouped by rule, you can group them by resource instead by selecting the **Group by Rule** dropdown menu next to the search bar and selecting **Resource**:
Group by resource
@@ -117,7 +117,7 @@ Select the **Resource** tab to view the scanned resource's attributes:
To filter which cloud issues are shown:
-1. Select the **Filter** drop-down menu. The name of the menu shows how many filters are selected, for example, "1 Filter".
+1. Select the **Filter** dropdown menu. The name of the menu shows how many filters are selected, for example, "1 Filter".
2. Select the parameter you want to filter by, for example "Severity".
3. Check the box for the values you want to show, for example "High".
@@ -129,7 +129,7 @@ You can also filter issues by compliance control, resource type, environment nam
## Search issues
-As you select filters from the **Filters** drop-down menu, the search bar is populated with key-value pairs.
+As you select filters from the **Filters** dropdown menu, the search bar is populated with key-value pairs.
To search cloud issues by key-value pair:
diff --git a/scan-fix-and-prevent/scan-with-snyk/snyk-iac/getting-started-with-cloud-scans/view-cloud-resources.md b/scan-fix-and-prevent/scan-with-snyk/snyk-iac/getting-started-with-cloud-scans/view-cloud-resources.md
index c2d7f0a5b261..6ff0935e66ce 100644
--- a/scan-fix-and-prevent/scan-with-snyk/snyk-iac/getting-started-with-cloud-scans/view-cloud-resources.md
+++ b/scan-fix-and-prevent/scan-with-snyk/snyk-iac/getting-started-with-cloud-scans/view-cloud-resources.md
@@ -1,6 +1,6 @@
# View cloud resources
-You can view all attributes for cloud resources in an Organization. This allows you to inventory all of your resources across cloud provider accounts or see the recorded state of any resource during the most recent scan.
+You can view all attributes for cloud resources in an Organization. This lets you inventory all of your resources across cloud provider accounts or see the recorded state of any resource during the most recent scan.
## View all resources
@@ -99,7 +99,7 @@ The following table lists some key attributes from the API response:
## Filter resource list
-Query parameters allow you to filter the list of resources.
+Query parameters let you filter the list of resources.
For example, to return resources from a single environment, add `environment_id=YOUR-ENVIRONMENT-ID` to the URL:
@@ -109,7 +109,7 @@ curl -X GET \
-H 'Authorization: token YOUR-API-TOKEN'
```
-Some parameters allow you to specify multiple values. To return resources in Amazon Web Services (AWS) regions `us-east-1` or `us-east-2`, add `location=us-east-1,us-east-2` to the URL:
+Some parameters let you specify multiple values. To return resources in Amazon Web Services (AWS) regions `us-east-1` or `us-east-2`, add `location=us-east-1,us-east-2` to the URL:
```
curl -X GET \
@@ -117,7 +117,7 @@ curl -X GET \
-H 'Authorization: token YOUR-API-TOKEN'
```
-You can combine query parameters by using the `&` symbol. To return only 5 AWS S3 buckets, add `resource_type=aws_s3_bucket&limit=5` to the URL:
+You can combine query parameters by using the `&` symbol. To return only five AWS S3 buckets, add `resource_type=aws_s3_bucket&limit=5` to the URL:
```
curl -X GET \
diff --git a/scan-fix-and-prevent/scan-with-snyk/snyk-iac/getting-started-with-current-iac.md b/scan-fix-and-prevent/scan-with-snyk/snyk-iac/getting-started-with-current-iac.md
index 1c902bbbe96c..bb82b820a3aa 100644
--- a/scan-fix-and-prevent/scan-with-snyk/snyk-iac/getting-started-with-current-iac.md
+++ b/scan-fix-and-prevent/scan-with-snyk/snyk-iac/getting-started-with-current-iac.md
@@ -2,7 +2,7 @@
You can use Snyk IaC (Infrastructure as Code) in the Snyk Web UI to find, view, and fix issues in configuration files. You can also use Snyk IaC in the Snyk CLI. For details, see [Snyk CLI for Infrastructure as Code](https://app.gitbook.com/s/IEEjSXQQu36y0vmFV8zf/snyk-cli/snyk-cli/scan-and-maintain-projects-using-the-cli/snyk-cli-for-iac).
-On this page, you will find steps to find, view, and fix issues in configuration files for the supported environments: [Terraform](scan-your-iac-source-code/scan-terraform-files/), [AWS CloudFormation](scan-your-iac-source-code/scan-cloudformation-files/), [Kubernetes](scan-your-iac-source-code/scan-kubernetes-configuration-files/), including Helm, and [Azure Resource Manager (ARM)](scan-your-iac-source-code/scan-arm-configuration-files.md). These steps are specific to the current IaC.
+On this page, you find steps to find, view, and fix issues in configuration files for the supported environments: [Terraform](scan-your-iac-source-code/scan-terraform-files/), [AWS CloudFormation](scan-your-iac-source-code/scan-cloudformation-files/), [Kubernetes](scan-your-iac-source-code/scan-kubernetes-configuration-files/), including Helm, and [Azure Resource Manager (ARM)](scan-your-iac-source-code/scan-arm-configuration-files.md). These steps are specific to the current IaC.
## **Prerequisites for Snyk IaC**
@@ -24,7 +24,7 @@ You must use the Snyk CLI to scan ARM configuration files. See [Scan ARM configu
## Import IaC Projects
-You will start by importing [Projects](../../snyk-platform-administration/snyk-projects/) you want to scan with Snyk. In these steps, you choose repositories for Snyk to test and re-test:
+Start by importing the [Projects](../../snyk-platform-administration/snyk-projects/) you want to scan with Snyk. In these steps, you choose repositories for Snyk to test and re-test:
1. Log in to Snyk and on your dashboard, select **Projects** from the navigation.
2. On the Projects page, from the **Add projects** dropdown, select the SCM where the repositories and projects that you want to scan are; for example, select GitHub.
@@ -36,7 +36,7 @@ You will start by importing [Projects](../../snyk-platform-administration/snyk-p
The import completes and the Projects page displays the Snyk Project imported.
{% hint style="info" %}
-After you have imported an IaC Project, Snyk re-tests your Project once a week by default. You can de-activate recurring tests on the **Settings** tab of the Projects page; Set **Test & Automated Pull Request Frequency** to **Test never**.
+After you have imported an IaC Project, Snyk re-tests your Project once a week by default. You can deactivate recurring tests on the **Settings** tab of the Projects page. Set **Test & Automated Pull Request Frequency** to **Test never**.
{% endhint %}
## View configuration file issues in IaC
@@ -103,7 +103,7 @@ Terraform Cloud and Helm do not show a code snippet, only the path details. Ther
### Example showing the code preview is not available
-If Snyk can not identify the exact line of the vulnerable path in the file, Snyk does not show a code snippet, only a message and the path details. If possible, Snyk shows the **Full details** button so you can see a preview of the full code.
+If Snyk cannot identify the exact line of the vulnerable path in the file, Snyk does not show a code snippet, only a message and the path details. If possible, Snyk shows the **Full details** button so you can see a preview of the full code.
Issue card without code snippet
diff --git a/scan-fix-and-prevent/scan-with-snyk/snyk-iac/scan-your-iac-source-code/scan-arm-configuration-files.md b/scan-fix-and-prevent/scan-with-snyk/snyk-iac/scan-your-iac-source-code/scan-arm-configuration-files.md
index 922fe7b41eba..be7bfc352b8b 100644
--- a/scan-fix-and-prevent/scan-with-snyk/snyk-iac/scan-your-iac-source-code/scan-arm-configuration-files.md
+++ b/scan-fix-and-prevent/scan-with-snyk/snyk-iac/scan-your-iac-source-code/scan-arm-configuration-files.md
@@ -1,7 +1,7 @@
# Scan ARM configuration files
-Snyk IaC currently supports scanning ARM configurations with the CLI only.
+Snyk IaC supports scanning ARM configurations with the CLI only.
-For the CLI, users can share their ARM scan results with the platform and present them in the UI by using the [Share CLI results feature](https://app.gitbook.com/s/IEEjSXQQu36y0vmFV8zf/snyk-cli/snyk-cli/scan-and-maintain-projects-using-the-cli/snyk-cli-for-iac/share-cli-results-with-the-snyk-web-ui).
+For the CLI, you can share your ARM scan results with the platform and present them in the UI by using the [Share CLI results feature](https://app.gitbook.com/s/IEEjSXQQu36y0vmFV8zf/snyk-cli/snyk-cli/scan-and-maintain-projects-using-the-cli/snyk-cli-for-iac/share-cli-results-with-the-snyk-web-ui).
For more information, see [Test your ARM files with the CLI tool](https://app.gitbook.com/s/IEEjSXQQu36y0vmFV8zf/snyk-cli/snyk-cli/scan-and-maintain-projects-using-the-cli/snyk-cli-for-iac/test-your-iac-files/arm-files).
diff --git a/scan-fix-and-prevent/scan-with-snyk/snyk-iac/scan-your-iac-source-code/scan-cloudformation-files/README.md b/scan-fix-and-prevent/scan-with-snyk/snyk-iac/scan-your-iac-source-code/scan-cloudformation-files/README.md
index aac46cd23802..b25e6b0b7938 100644
--- a/scan-fix-and-prevent/scan-with-snyk/snyk-iac/scan-your-iac-source-code/scan-cloudformation-files/README.md
+++ b/scan-fix-and-prevent/scan-with-snyk/snyk-iac/scan-your-iac-source-code/scan-cloudformation-files/README.md
@@ -1,6 +1,6 @@
# Scan CloudFormation files
-The following information is provided to help you scan CloudFormation files:
+Use the following information to scan CloudFormation files:
* [Configure your integration to find security issues in your CloudFormation files](configure-your-integration-to-find-security-issues-in-your-cloudformation-files-current-iac.md)
* [Scan and fix security issues in your CloudFormation files](scan-and-fix-security-issues-in-your-cloudformation-files-current-iac.md)
diff --git a/scan-fix-and-prevent/scan-with-snyk/snyk-iac/scan-your-iac-source-code/scan-cloudformation-files/configure-your-integration-to-find-security-issues-in-your-cloudformation-files-current-iac.md b/scan-fix-and-prevent/scan-with-snyk/snyk-iac/scan-your-iac-source-code/scan-cloudformation-files/configure-your-integration-to-find-security-issues-in-your-cloudformation-files-current-iac.md
index 9cdb5c1a0aa2..5b760002e968 100644
--- a/scan-fix-and-prevent/scan-with-snyk/snyk-iac/scan-your-iac-source-code/scan-cloudformation-files/configure-your-integration-to-find-security-issues-in-your-cloudformation-files-current-iac.md
+++ b/scan-fix-and-prevent/scan-with-snyk/snyk-iac/scan-your-iac-source-code/scan-cloudformation-files/configure-your-integration-to-find-security-issues-in-your-cloudformation-files-current-iac.md
@@ -1,6 +1,6 @@
# Configure your integration to find security issues in your CloudFormation files
-Snyk tests and monitors CloudFormation files from source code repositories. It gives advice on how to better secure cloud environments by catching misconfigurations before they are pushed to production, along with assistance on how best to fix them.
+Snyk tests and monitors CloudFormation files from source code repositories. It gives advice on how to better secure cloud environments by catching misconfigurations before you push them to production, along with assistance on how best to fix them.
## Supported Git repositories and CloudFormation file formats
@@ -13,7 +13,7 @@ Scanning CloudFormation provides security feedback on everything that is statica
### Prerequisites for scanning CloudFormation files
* You must be an administrator for the Organization you are configuring in Snyk.
-* Ensure you have already integrated your Git repository, For details, see [Git repository (SCM) integrations](https://app.gitbook.com/s/IEEjSXQQu36y0vmFV8zf/integrations/scm-integrations/organization-level-integrations).
+* Ensure you have already integrated your Git repository. For details, see [Git repository (SCM) integrations](https://app.gitbook.com/s/IEEjSXQQu36y0vmFV8zf/integrations/scm-integrations/organization-level-integrations).
### Configure Snyk to scan CloudFormation files
diff --git a/scan-fix-and-prevent/scan-with-snyk/snyk-iac/scan-your-iac-source-code/scan-cloudformation-files/scan-and-fix-security-issues-in-your-cloudformation-files-current-iac.md b/scan-fix-and-prevent/scan-with-snyk/snyk-iac/scan-your-iac-source-code/scan-cloudformation-files/scan-and-fix-security-issues-in-your-cloudformation-files-current-iac.md
index 2c0fb9332790..a708ce315426 100644
--- a/scan-fix-and-prevent/scan-with-snyk/snyk-iac/scan-your-iac-source-code/scan-cloudformation-files/scan-and-fix-security-issues-in-your-cloudformation-files-current-iac.md
+++ b/scan-fix-and-prevent/scan-with-snyk/snyk-iac/scan-your-iac-source-code/scan-cloudformation-files/scan-and-fix-security-issues-in-your-cloudformation-files-current-iac.md
@@ -1,6 +1,6 @@
# Scan and fix security issues in your CloudFormation files
-Snyk scans CloudFormation code for misconfigurations and security issues. After configuration files are scanned, Snyk reports on any misconfigurations based on the settings that administrators implement and makes recommendations for fixes accordingly.
+Snyk scans CloudFormation code for misconfigurations and security issues. After scanning configuration files, Snyk reports on any misconfigurations based on the settings that administrators implement and makes recommendations for fixes accordingly.
## **Prerequisites for scanning and fixing issues in CloudFormation files**
@@ -10,13 +10,13 @@ Snyk scans CloudFormation code for misconfigurations and security issues. After
## Scan and fix configuration files
* Log in to the account and navigate to the relevant Group and Organization.
-* If you imported your repositories for testing before the infrastructure as code feature was enabled by your administrator, from the Add project screen, re-import that repository in order to detect the CloudFormation code:
+* If you imported your repositories for testing before your administrator enabled the infrastructure as code feature, from the Add project screen, re-import that repository to detect the CloudFormation code:
Add project screen
Every time a repository is scanned, every CloudFormation file is imported as a separate Project, grouped together per repository, similar to the example shown.
-If you re-imported the repository in order to import the CloudFormation files, then Snyk imports and re-tests the already imported application manifest files, displaying the test time as "now".
+If you re-imported the repository to import the CloudFormation files, then Snyk imports and re-tests the already imported application manifest files, displaying the test time as "now".
List of CloudFormation Projects
diff --git a/scan-fix-and-prevent/scan-with-snyk/snyk-iac/scan-your-iac-source-code/scan-kubernetes-configuration-files/configure-integration-to-find-security-issues-in-kubernetes-configuration-files-current-iac.md b/scan-fix-and-prevent/scan-with-snyk/snyk-iac/scan-your-iac-source-code/scan-kubernetes-configuration-files/configure-integration-to-find-security-issues-in-kubernetes-configuration-files-current-iac.md
index 407322709e60..20e95aa95d02 100644
--- a/scan-fix-and-prevent/scan-with-snyk/snyk-iac/scan-your-iac-source-code/scan-kubernetes-configuration-files/configure-integration-to-find-security-issues-in-kubernetes-configuration-files-current-iac.md
+++ b/scan-fix-and-prevent/scan-with-snyk/snyk-iac/scan-your-iac-source-code/scan-kubernetes-configuration-files/configure-integration-to-find-security-issues-in-kubernetes-configuration-files-current-iac.md
@@ -1,10 +1,10 @@
# Configure integration to find security issues in Kubernetes configuration files
-Snyk tests and monitors Kubernetes configurations stored in your source code repositories and provides information, tips, and tricks to better [secure a Kubernetes environment](https://snyk.io/learn/kubernetes-security/). This helps to catch misconfigurations before they are pushed to production, as well as provide fixes for vulnerabilities.
+Snyk tests and monitors Kubernetes configurations stored in your source code repositories and provides information, tips, and tricks to better [secure a Kubernetes environment](https://snyk.io/learn/kubernetes-security/). This helps to catch misconfigurations before you push them to production, as well as provide fixes for vulnerabilities.
## Supported Git repositories and Kubernetes file formats
-Snyk scans your Kubernetes configuration files in JSON and YAML format when they are imported from your integrated Git repository.
+Snyk scans your Kubernetes configuration files in JSON and YAML format when you import them from your integrated Git repository.
## Configure Snyk to scan Kubernetes configuration files
diff --git a/scan-fix-and-prevent/scan-with-snyk/snyk-iac/scan-your-iac-source-code/scan-kubernetes-configuration-files/scan-and-fix-security-issues-in-helm-charts-current-iac.md b/scan-fix-and-prevent/scan-with-snyk/snyk-iac/scan-your-iac-source-code/scan-kubernetes-configuration-files/scan-and-fix-security-issues-in-helm-charts-current-iac.md
index aeaa7a6e9272..4d4b44754028 100644
--- a/scan-fix-and-prevent/scan-with-snyk/snyk-iac/scan-your-iac-source-code/scan-kubernetes-configuration-files/scan-and-fix-security-issues-in-helm-charts-current-iac.md
+++ b/scan-fix-and-prevent/scan-with-snyk/snyk-iac/scan-your-iac-source-code/scan-kubernetes-configuration-files/scan-and-fix-security-issues-in-helm-charts-current-iac.md
@@ -1,6 +1,6 @@
# Scan and fix security issues in Helm Charts
-In addition to scanning Kubernetes configuration files for misconfigurations and security issues, Snyk has support for templating Helm charts and scanning the resultant manifests. This templating functionality is only available when you import repositories using the Snyk UI. See the following sections for prerequisites and guidance on how to scan templated Helm charts using the Snyk CLI. After Helm charts are scanned, Snyk creates Projects for each template and dependency template, generates reports on any misconfigurations, and makes recommendations for fixing them.
+In addition to scanning Kubernetes configuration files for misconfigurations and security issues, Snyk has support for templating Helm charts and scanning the resultant manifests. This templating functionality is only available when you import repositories using the Snyk UI. See the following sections for prerequisites and guidance on how to scan templated Helm charts using the Snyk CLI. After scanning Helm charts, Snyk creates Projects for each template and dependency template, generates reports on any misconfigurations, and makes recommendations for fixing them.
## Prerequisites for scanning and fixing issues in Helm Charts
@@ -14,14 +14,14 @@ In addition to scanning Kubernetes configuration files for misconfigurations and
## Scan and fix your Helm Charts
* Log in to your account and navigate to the relevant Group and Organization that you want to manage.
-* If you imported your repositories for testing before configuration file detection was enabled by your administrator, you must re-import that repository in order to import the Helm chart:
+* If you imported your repositories for testing before your administrator enabled configuration file detection, you must re-import that repository to import the Helm chart:
Every time a repository is scanned, Snyk creates a Project for each template in your Helm Chart, grouped together by repository.
-If you re-imported the repository in order to import the configuration files, then Snyk imports and tests the configuration files and also re-tests the already imported application manifest files, displaying the test time as "now".
+If you re-imported the repository to import the configuration files, then Snyk imports and tests the configuration files and also re-tests the already imported application manifest files, displaying the test time as "now".
* Click the Project link you are interested in to view the scan results and to correct your configuration files accordingly.\
- Projects that were created from external dependencies will also be scanned, and issues will be shown.
+ Snyk also scans Projects created from external dependencies and shows their issues.
Helm Charts Project detail
@@ -38,7 +38,7 @@ helm template . --output-dir out
snyk iac test out/
```
-You can pass standard Helm values flags (for example, `--set`, `--value`, or both) to `helm template` in order to test a non-default configuration.
+You can pass standard Helm values flags (for example, `--set`, `--value`, or both) to `helm template` to test a non-default configuration.
You can script this process and run it in a CLI pipeline or helm-template files into a repository that can be imported into Snyk as Projects.
diff --git a/scan-fix-and-prevent/scan-with-snyk/snyk-iac/scan-your-iac-source-code/scan-kubernetes-configuration-files/scan-and-fix-security-issues-in-kubernetes-configuration-files-current-iac.md b/scan-fix-and-prevent/scan-with-snyk/snyk-iac/scan-your-iac-source-code/scan-kubernetes-configuration-files/scan-and-fix-security-issues-in-kubernetes-configuration-files-current-iac.md
index 530b68906242..5199f50287bc 100644
--- a/scan-fix-and-prevent/scan-with-snyk/snyk-iac/scan-your-iac-source-code/scan-kubernetes-configuration-files/scan-and-fix-security-issues-in-kubernetes-configuration-files-current-iac.md
+++ b/scan-fix-and-prevent/scan-with-snyk/snyk-iac/scan-your-iac-source-code/scan-kubernetes-configuration-files/scan-and-fix-security-issues-in-kubernetes-configuration-files-current-iac.md
@@ -1,6 +1,6 @@
# Scan and fix security issues in Kubernetes configuration files
-Snyk Infrastructure as Code scans your manifest files for security vulnerabilities and scans your Kubernetes configuration files for misconfigurations and security issues as well. After configuration files are scanned, Snyk reports on any misconfigurations based on the settings your administrator has implemented and makes recommendations for fixing accordingly.
+Snyk Infrastructure as Code scans your manifest files for security vulnerabilities and scans your Kubernetes configuration files for misconfigurations and security issues as well. After scanning configuration files, Snyk reports on any misconfigurations based on the settings your administrator implemented and makes recommendations for fixing accordingly.
## Prerequisites for scanning and fixing issues in Kubernetes files
@@ -15,11 +15,11 @@ Snyk Infrastructure as Code supports:
## Scan and fix your Kubernetes configuration files
* Log in to your account and navigate to the relevant Group and Organization that you want to manage.
-* If you imported your repositories for testing before cloud configuration file detection was enabled by your administrator, re-import that repository to import the relevant JSON or YAML configuration files.
+* If you imported your repositories for testing before your administrator enabled cloud configuration file detection, re-import that repository to import the relevant JSON or YAML configuration files.
Every time a repository is scanned, every supported manifest file and every supported configuration file is imported as a separate Project, grouped together per repository.
-When you re-import the repository in order to import the cloud configuration files, Snyk imports and tests the configuration files and re-tests the already imported application manifest files, displaying the test time as "now".
+When you re-import the repository to import the cloud configuration files, Snyk imports and tests the configuration files and re-tests the already imported application manifest files, displaying the test time as "now".
* Click the link for the Project of interest to you to view the scan results and to correct your configuration files accordingly:
diff --git a/scan-fix-and-prevent/scan-with-snyk/snyk-iac/scan-your-iac-source-code/scan-serverless-files.md b/scan-fix-and-prevent/scan-with-snyk/snyk-iac/scan-your-iac-source-code/scan-serverless-files.md
index 1536acd573ce..d58a2b4521e2 100644
--- a/scan-fix-and-prevent/scan-with-snyk/snyk-iac/scan-your-iac-source-code/scan-serverless-files.md
+++ b/scan-fix-and-prevent/scan-with-snyk/snyk-iac/scan-your-iac-source-code/scan-serverless-files.md
@@ -2,6 +2,6 @@
Snyk IaC supports the scanning of Serverless configuration files only through the CLI.
-Users can share their Serverless scan results with the platform and present them in the UI by using the [Share CLI results feature](https://app.gitbook.com/s/IEEjSXQQu36y0vmFV8zf/snyk-cli/snyk-cli/scan-and-maintain-projects-using-the-cli/snyk-cli-for-iac/share-cli-results-with-the-snyk-web-ui).
+You can share your Serverless scan results with the platform and present them in the UI by using the [Share CLI results feature](https://app.gitbook.com/s/IEEjSXQQu36y0vmFV8zf/snyk-cli/snyk-cli/scan-and-maintain-projects-using-the-cli/snyk-cli-for-iac/share-cli-results-with-the-snyk-web-ui).
For more information, see [Test your Serverless files with Snyk CLI](https://app.gitbook.com/s/IEEjSXQQu36y0vmFV8zf/snyk-cli/snyk-cli/scan-and-maintain-projects-using-the-cli/snyk-cli-for-iac/test-your-iac-files/serverless-files).
diff --git a/scan-fix-and-prevent/scan-with-snyk/snyk-iac/scan-your-iac-source-code/scan-terraform-files/README.md b/scan-fix-and-prevent/scan-with-snyk/snyk-iac/scan-your-iac-source-code/scan-terraform-files/README.md
index 075b6965e8aa..ac88eebbe134 100644
--- a/scan-fix-and-prevent/scan-with-snyk/snyk-iac/scan-your-iac-source-code/scan-terraform-files/README.md
+++ b/scan-fix-and-prevent/scan-with-snyk/snyk-iac/scan-your-iac-source-code/scan-terraform-files/README.md
@@ -1,8 +1,8 @@
# Scan Terraform files
-The following information is provided to help you scan Terraform files:
+Use the following information to scan Terraform files:
* [Configure your integration to find security issues in your Terraform files](configure-your-integration-to-find-security-issues-in-your-terraform-files-current-iac.md)
* [Scan and fix security issues in Terraform files](scan-and-fix-security-issues-in-terraform-files-current-iac.md)
-* [Terraform variables suport](terraform-variables-support-current-iac.md)
+* [Terraform variables support](terraform-variables-support-current-iac.md)
* [Terraform AWS Provider support](terraform-aws-provider-support.md)
diff --git a/scan-fix-and-prevent/scan-with-snyk/snyk-iac/scan-your-iac-source-code/scan-terraform-files/configure-your-integration-to-find-security-issues-in-your-terraform-files-current-iac.md b/scan-fix-and-prevent/scan-with-snyk/snyk-iac/scan-your-iac-source-code/scan-terraform-files/configure-your-integration-to-find-security-issues-in-your-terraform-files-current-iac.md
index 3d6ba12cad8f..cc9b770c9160 100644
--- a/scan-fix-and-prevent/scan-with-snyk/snyk-iac/scan-your-iac-source-code/scan-terraform-files/configure-your-integration-to-find-security-issues-in-your-terraform-files-current-iac.md
+++ b/scan-fix-and-prevent/scan-with-snyk/snyk-iac/scan-your-iac-source-code/scan-terraform-files/configure-your-integration-to-find-security-issues-in-your-terraform-files-current-iac.md
@@ -1,6 +1,6 @@
# Configure your integration to find security issues in your Terraform files
-Snyk tests and monitors your Terraform files from your source code repositories, guiding you with advice on how you can better secure your cloud environment--catching misconfigurations before you push to production and helping you to fix them.
+Snyk tests and monitors your Terraform files from your source code repositories, guiding you with advice on how you can better secure your cloud environment — catching misconfigurations before you push to production and helping you to fix them.
## Supported Git repositories and Terraform file formats
@@ -8,7 +8,7 @@ Snyk scans Terraform (`.tf`) files when they are imported from an integrated Git
Scanning Terraform files gives you security feedback on everything that is statically configured in the module. To benefit from recurring and scheduled testing, follow best practices and import custom modules directly from an SCM.
-See the Snyk blog post about the ability to interpolate variables: [Snyk IaC public beta introduces Terraform plan analysis](https://snyk.io/blog/snyk-iac-public-beta-introduces-terraform-plan-analysis/). This allows scanning of the Terraform Plan output with the CLI, enabling scanning of the entire Terraform deployment to include the output of the modules used to create the deployment.
+See the Snyk blog post about the ability to interpolate variables: [Snyk IaC public beta introduces Terraform plan analysis](https://snyk.io/blog/snyk-iac-public-beta-introduces-terraform-plan-analysis/). This lets you scan the Terraform Plan output with the CLI, enabling scanning of the entire Terraform deployment to include the output of the modules used to create the deployment.
## Configure Snyk to scan your Terraform configuration files
diff --git a/scan-fix-and-prevent/scan-with-snyk/snyk-iac/scan-your-iac-source-code/scan-terraform-files/scan-and-fix-security-issues-in-terraform-files-current-iac.md b/scan-fix-and-prevent/scan-with-snyk/snyk-iac/scan-your-iac-source-code/scan-terraform-files/scan-and-fix-security-issues-in-terraform-files-current-iac.md
index 7ca9fc7ba588..c6a940340455 100644
--- a/scan-fix-and-prevent/scan-with-snyk/snyk-iac/scan-your-iac-source-code/scan-terraform-files/scan-and-fix-security-issues-in-terraform-files-current-iac.md
+++ b/scan-fix-and-prevent/scan-with-snyk/snyk-iac/scan-your-iac-source-code/scan-terraform-files/scan-and-fix-security-issues-in-terraform-files-current-iac.md
@@ -11,13 +11,13 @@ Snyk scans your Terraform code for misconfigurations and security issues as well
## Scan and fix your Terraform configuration files
* Log in to your account and navigate to the relevant Group and Organization that you want to manage.
-* If you imported your repositories for testing before the infrastructure as code feature was enabled by your administrator, from the **Add project** screen, re-import that repository in order to detect the Terraform code:
+* If you imported your repositories for testing before your administrator enabled the infrastructure as code feature, from the **Add project** screen, re-import that repository to detect the Terraform code:
Add project screen
Every time a repository is scanned, every Terraform file is imported as a separate Project, grouped together per repository, similar to the example shown.
-If you re-imported the repository in order to import the Terraform files, then Snyk imports and re-tests the already imported application manifest files, displaying the test time as "now".
+If you re-imported the repository to import the Terraform files, then Snyk imports and re-tests the already imported application manifest files, displaying the test time as "now".
List of Terraform Projects
diff --git a/scan-fix-and-prevent/scan-with-snyk/snyk-iac/scan-your-iac-source-code/scan-terraform-files/terraform-aws-provider-support.md b/scan-fix-and-prevent/scan-with-snyk/snyk-iac/scan-your-iac-source-code/scan-terraform-files/terraform-aws-provider-support.md
index 822c3309c0f1..d2eadc1a92fb 100644
--- a/scan-fix-and-prevent/scan-with-snyk/snyk-iac/scan-your-iac-source-code/scan-terraform-files/terraform-aws-provider-support.md
+++ b/scan-fix-and-prevent/scan-with-snyk/snyk-iac/scan-your-iac-source-code/scan-terraform-files/terraform-aws-provider-support.md
@@ -14,7 +14,7 @@ From the Terraform documentation: "To help distribute the management of S3 bucke
To migrate to Terraform v4.0.0, you must refactor and re-import your S3 service definitions. Depending on how you choose to do this, it may limit your coverage of security findings.
-See the [Terraform V4 upgrade guide from Hashicorp](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/guides/version-4-upgrade) for more details
+See the [Terraform V4 upgrade guide from Hashicorp](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/guides/version-4-upgrade) for more details.
## Example of Terraform AWS Provider support
@@ -29,7 +29,7 @@ resource "aws_s3_bucket" "example" {
```
{% endcode %}
-The definition of the S3 bucket is in one resource block. If you scanned this file using `snyk iac test s3.tf` you would get a security finding for the permissive ACL settings.
+The definition of the S3 bucket is in one resource block. If you scan this file using `snyk iac test s3.tf`, you get a security finding for the permissive ACL settings.
With v4.0.0 of the Provider, certain S3 bucket properties are now defined in their own resources. Continuing the previous example, the ACL property has moved to its own resource, so the refactored Terraform looks like this.
@@ -46,7 +46,7 @@ resource "aws_s3_bucket_acl" "example" {
```
{% endcode %}
-If you scan this file using `snyk iac test s3.tf` you will get the same results as before for the permissive ACL settings.
+If you scan this file using `snyk iac test s3.tf`, you get the same results as before for the permissive ACL settings.
## Limitations of support for Terraform AWS Provider
@@ -69,7 +69,7 @@ resource "aws_s3_bucket_acl" "example" {
```
{% endcode %}
-If you scan these files, you will either not receive a security issue or receive a false positive for the permissive ACL. This is because Snyk cannot currently link the two resources together.
+If you scan these files, you either do not receive a security issue or receive a false positive for the permissive ACL. This is because Snyk cannot link the two resources together.
Snyk is working on adding support for this additional use case to the product.
diff --git a/scan-fix-and-prevent/scan-with-snyk/snyk-iac/scan-your-iac-source-code/scan-terraform-files/terraform-variables-support-current-iac.md b/scan-fix-and-prevent/scan-with-snyk/snyk-iac/scan-your-iac-source-code/scan-terraform-files/terraform-variables-support-current-iac.md
index 87b819df9cd7..eece7b7b0274 100644
--- a/scan-fix-and-prevent/scan-with-snyk/snyk-iac/scan-your-iac-source-code/scan-terraform-files/terraform-variables-support-current-iac.md
+++ b/scan-fix-and-prevent/scan-with-snyk/snyk-iac/scan-your-iac-source-code/scan-terraform-files/terraform-variables-support-current-iac.md
@@ -1,15 +1,15 @@
# Terraform variables support
-Support for Terraform (TF) variables is currently available only in the CLI. Snyk supports:
+Support for Terraform (TF) variables is available only in the CLI. Snyk supports:
* [Input Variables](https://www.terraform.io/language/values/variables)
* [Local Values](https://www.terraform.io/language/values/locals)
-At this time Snyk does not support [Output Values](https://www.terraform.io/language/values/outputs).
+Snyk does not support [Output Values](https://www.terraform.io/language/values/outputs).
The CLI scans all directories and handles each directory that includes supported TF files as its own module. Each module that includes variables is dereferenced appropriately.
-Supported TF file formats are `.tf`, `.tfvars`, `.auto.tfvars`. Snyk does not support variables that were set and defined using environment variables or the `--var` CLI option.
+Supported TF file formats are `.tf`, `.tfvars`, `.auto.tfvars`. Snyk does not support variables that you set and define using environment variables or the `--var` CLI option.
The scan handles [variable definition precedence](https://www.terraform.io/language/values/variables#variable-definition-precedence) in the same way that TF handles the precedence.
@@ -47,7 +47,7 @@ The following functions are supported:
In the example that follows, we see that we configured a new resource, and we are using a variable named `remote_user_addr` to set its `cidr_blocks` value.
-The variable is defined inside the `variables.tf` file with a default value, but the value is being overridden inside the `terraform.tfvars` file.
+The `variables.tf` file defines the variable with a default value, but the `terraform.tfvars` file overrides the value.
At the end, the value is set to `0.0.0.0/0`, and this causes the CLI to raise an issue.
diff --git a/scan-fix-and-prevent/scan-with-snyk/snyk-iac/snyk-iac-integrations/jira-integration-for-iac.md b/scan-fix-and-prevent/scan-with-snyk/snyk-iac/snyk-iac-integrations/jira-integration-for-iac.md
index c0bf766f2920..7072f4314e8d 100644
--- a/scan-fix-and-prevent/scan-with-snyk/snyk-iac/snyk-iac-integrations/jira-integration-for-iac.md
+++ b/scan-fix-and-prevent/scan-with-snyk/snyk-iac/snyk-iac-integrations/jira-integration-for-iac.md
@@ -1,8 +1,8 @@
# Jira integration for Snyk IaC
-Snyk Infrastructure as Code allows users to raise Jira issues for misconfigurations found in their IaC resources.
+Snyk Infrastructure as Code lets you raise Jira issues for misconfigurations found in your IaC resources.
-This integration is available via the Snyk Web UI only; API support is not provided.
+This integration is available through the Snyk Web UI only. Snyk does not provide API support.
To learn more about setting up and using the integration, see [Jira integration](https://app.gitbook.com/s/IEEjSXQQu36y0vmFV8zf/integrations/jira-and-slack-integrations/jira-integration).
diff --git a/scan-fix-and-prevent/scan-with-snyk/snyk-iac/snyk-iac-integrations/snyk-iac-with-broker-for-self-hosted-git.md b/scan-fix-and-prevent/scan-with-snyk/snyk-iac/snyk-iac-integrations/snyk-iac-with-broker-for-self-hosted-git.md
index 42a5ba0e5a06..c8f48dc8d3de 100644
--- a/scan-fix-and-prevent/scan-with-snyk/snyk-iac/snyk-iac-integrations/snyk-iac-with-broker-for-self-hosted-git.md
+++ b/scan-fix-and-prevent/scan-with-snyk/snyk-iac/snyk-iac-integrations/snyk-iac-with-broker-for-self-hosted-git.md
@@ -1,7 +1,7 @@
# Snyk IaC with Broker for self-hosted Git
-Snyk Broker enables you to connect your local Git server to Snyk if the Git server is not internet-reachable.
+Snyk Broker lets you connect your local Git server to Snyk if the Git server is not internet-reachable.
-By default, Snyk Broker allows only information for Snyk Open Source and Docker files to go through. If you also want to analyze Infrastructure as Code files, such as `.tf` or `.yaml`, you must configure the Broker to do so.
+By default, Snyk Broker allows only information for Snyk Open Source and Docker files to pass through. If you also want to analyze Infrastructure as Code files, such as `.tf` or `.yaml`, you must configure the Broker to do so.
For details, see [Snyk Broker - Infrastructure as Code detection](https://app.gitbook.com/s/IgtgtomLQ2TUgSKOMSAm/snyk-broker/classic-broker/snyk-broker-infrastructure-as-code-detection). For more information about Snyk Broker, see the [Broker](https://app.gitbook.com/s/IgtgtomLQ2TUgSKOMSAm/snyk-broker/snyk-broker) docs.
diff --git a/scan-fix-and-prevent/scan-with-snyk/snyk-iac/view-snyk-iac-issue-reports.md b/scan-fix-and-prevent/scan-with-snyk/snyk-iac/view-snyk-iac-issue-reports.md
index d8478263d70a..d1985edc348d 100644
--- a/scan-fix-and-prevent/scan-with-snyk/snyk-iac/view-snyk-iac-issue-reports.md
+++ b/scan-fix-and-prevent/scan-with-snyk/snyk-iac/view-snyk-iac-issue-reports.md
@@ -8,4 +8,4 @@ You can also use this filter on the **Issues** page to view your IaC issues acro
## API access to IaC issues
-You can set the **product\_name** filter for the [Export](https://app.gitbook.com/s/IEEjSXQQu36y0vmFV8zf/snyk-api/reference/export) API to `Snyk IaC` to retrieve a list of IaC issues on your Org or Group.
+You can set the **product\_name** filter for the [Export](https://app.gitbook.com/s/IEEjSXQQu36y0vmFV8zf/snyk-api/reference/export) API to `Snyk IaC` to retrieve a list of IaC issues on your Organization or Group.
diff --git a/scan-fix-and-prevent/scan-with-snyk/snyk-open-source/README.md b/scan-fix-and-prevent/scan-with-snyk/snyk-open-source/README.md
index ff9d48efa1be..e3e505bd7e44 100644
--- a/scan-fix-and-prevent/scan-with-snyk/snyk-open-source/README.md
+++ b/scan-fix-and-prevent/scan-with-snyk/snyk-open-source/README.md
@@ -4,11 +4,11 @@
To start scanning, see [Scan open-source libraries and licenses](scan-open-source-libraries-and-licenses/).
{% endhint %}
-Snyk Open Source is a developer-first software composition analysis (SCA) solution. Snyk Open Source allows you to find and fix vulnerabilities in the open-source libraries used by your applications. You can also find and address licensing issues in or caused by these open-source libraries.
+Snyk Open Source is a developer-first software composition analysis (SCA) solution. Snyk Open Source lets you find and fix vulnerabilities in the open-source libraries used by your applications. You can also find and address licensing issues in or caused by these open-source libraries.
Developers worldwide use open-source code because it enables fast development. The vast majority of the code making up modern applications is open source. This growing reliance exposes organizations to security vulnerabilities and license issues.
-Sometimes, these issues are rooted deep in the code. Open-source packages often reference other packages, and many vulnerabilities are found in these indirect dependencies. Developers may not realize which packages are being called. By using Snyk Open Source, you can reduce the risks introduced by open-source components. Snyk Open Source can help you find, prioritize, and fix security vulnerabilities and license risks in open-source dependencies throughout the SDLC.
+Sometimes, these issues are rooted deep in the code. Open-source packages often reference other packages, and many vulnerabilities are found in these indirect dependencies. Developers may not realize which packages are being called. By using Snyk Open Source, you can reduce the risks that open-source components introduce. Snyk Open Source can help you find, prioritize, and fix security vulnerabilities and license risks in open-source dependencies throughout the SDLC.
Snyk Open Source is available in many common languages and platforms. See [Supported languages and package managers](https://app.gitbook.com/s/L7HyJj9FsK1W4pNt8Gzl/supported-languages/supported-languages-package-managers-and-frameworks).
diff --git a/scan-fix-and-prevent/scan-with-snyk/snyk-open-source/manage-vulnerabilities/README.md b/scan-fix-and-prevent/scan-with-snyk/snyk-open-source/manage-vulnerabilities/README.md
index 4b8c4b1519a6..aee05615513e 100644
--- a/scan-fix-and-prevent/scan-with-snyk/snyk-open-source/manage-vulnerabilities/README.md
+++ b/scan-fix-and-prevent/scan-with-snyk/snyk-open-source/manage-vulnerabilities/README.md
@@ -4,8 +4,8 @@ The documentation in this section explains how to fix vulnerabilities and licens
To apply fixes, you can use different methods, including manual application in the Snyk Web UI and automatic pull requests opened by Snyk. See [Fix your vulnerabilities](fix-your-vulnerabilities.md) for more details.
-For information about fixability, see [Vulnerability fix types](vulnerability-fix-types.md). For details, see [Upgrade package versions to fix vulnerabilities](upgrade-package-versions-to-fix-vulnerabilities.md) and [Snyk patches to fix vulnerabilities](snyk-patches-to-fix-vulnerabilities.md) for details.
+For information about fixability, see [Vulnerability fix types](vulnerability-fix-types.md). For details, see [Upgrade package versions to fix vulnerabilities](upgrade-package-versions-to-fix-vulnerabilities.md) and [Snyk patches to fix vulnerabilities](snyk-patches-to-fix-vulnerabilities.md).
To help you decide which issues to fix, see [Prioritizing and managing issues](../../../manage-risk/prioritize-issues-for-fixing/).
-Fixing vulnerabilities relies on the [Snyk Vulnerability Database](snyk-vulnerability-database.md). You may see [differences in Open Source vulnerability counts across environments](differences-in-open-source-vulnerability-counts-across-environments.md). Information about [troubleshooting](troubleshoot-fixing-vulnerabilities-with-snyk-open-source.md) when you are fixing vulnerabilities is provided.
+Fixing vulnerabilities relies on the [Snyk Vulnerability Database](snyk-vulnerability-database.md). You may see [differences in Open Source vulnerability counts across environments](differences-in-open-source-vulnerability-counts-across-environments.md). For help when you are fixing vulnerabilities, see [troubleshooting](troubleshoot-fixing-vulnerabilities-with-snyk-open-source.md).
diff --git a/scan-fix-and-prevent/scan-with-snyk/snyk-open-source/manage-vulnerabilities/artifactory-gatekeeper-plugin.md b/scan-fix-and-prevent/scan-with-snyk/snyk-open-source/manage-vulnerabilities/artifactory-gatekeeper-plugin.md
index bb91ee669210..7795ef4cb4c4 100644
--- a/scan-fix-and-prevent/scan-with-snyk/snyk-open-source/manage-vulnerabilities/artifactory-gatekeeper-plugin.md
+++ b/scan-fix-and-prevent/scan-with-snyk/snyk-open-source/manage-vulnerabilities/artifactory-gatekeeper-plugin.md
@@ -12,12 +12,12 @@ After the plugin is installed, it runs in the background and can do the followin
* Add vulnerability and license issue counts from Snyk as properties in an artifact
* Block developers from downloading packages with vulnerability and license issues according to a configured threshold
-By scanning artifacts as part of your workflow and then displaying those test results directly from the Artifactory UI, the Snyk Artifactory Gatekeeper Plugin enables you to track and identify issues that are risks to your application security more quickly and to avoid using those artifacts in your Projects.
+By scanning artifacts as part of your workflow and then displaying those test results directly from the Artifactory UI, the Snyk Artifactory Gatekeeper Plugin lets you track and identify issues that are risks to your application security more quickly and avoid using those artifacts in your Projects.
{% hint style="info" %}
This page refers to the Artifactory Plugin, an independent piece of software that is installed on the Artifactory machine and serves as a gatekeeper, blocking vulnerable packages from being downloaded from the Artifactory instance.
-This plugin is separate from the [Artifactory Registry for Maven](../package-repository-integrations/artifactory-package-repository-connection-setup/artifactory-registry-for-maven.md), a Snyk integration that allows configuring SCM scans to use custom package registries.
+This plugin is separate from the [Artifactory Registry for Maven](../package-repository-integrations/artifactory-package-repository-connection-setup/artifactory-registry-for-maven.md), a Snyk integration that lets you configure SCM scans to use custom package registries.
{% endhint %}
## Package managers supported by the Artifactory Plugin
@@ -40,7 +40,7 @@ This plugin is separate from the [Artifactory Registry for Maven](../package-rep
Artifactory transmits the package name and version to the test endpoint at the Snyk API instance. In the header, the authorization token is transmitted.
-If the Artifactory installation is configured to use a proxy, Snyk will automatically use it too. Potentially, there could be an issue if the proxy is an authenticated or Kerberos proxy, but a standard, unauthenticated, forwarding proxy should work if the Artifactory installation and its underlying JVM are configured correctly with a proxy.
+If the Artifactory installation is configured to use a proxy, Snyk uses it too. Potentially, there could be an issue if the proxy is an authenticated or Kerberos proxy, but a standard, unauthenticated, forwarding proxy should work if the Artifactory installation and its underlying JVM are configured correctly with a proxy.
Snyk calls [`https://api.snyk.io/v1/test`](https://api.snyk.io/v1/test) for the right packager manager with the right name and version.
@@ -80,7 +80,7 @@ To view details about the download status, open the **System Logs**.
If a scan finds issues, based on your configuration, the download request can be blocked with an HTTP status code "403 Forbidden".
-You can find the results of a scan under the artifact properties, where you can decide to ignore the issues and allow downloads. To find the artifact, use the Artifactory search bar or navigate the **t**ree view.
+You can find the results of a scan under the artifact properties, where you can decide to ignore the issues and allow downloads. To find the artifact, use the Artifactory search bar or navigate the tree view.
Results of a scan
@@ -96,7 +96,7 @@ For a full list of properties, [view the properties file on GitHub](https://gith
These are the properties set by the plugin on scanned artifacts. Artifact access is allowed or forbidden depending on the values of these properties.
-
Property
Description
snyk.test.timestamp
Date and time when the artifact wast last scanned by Snyk.
snyk.issue.url
This is the URL to the Snyk database and explanation of the vulnerability, including specific details about vulnerable versions, available upgrades, and Snyk patches.
snyk.issue.vulnerabilities
Regardless of the thresholds configured, this row displays vulnerability summary scan results.
snyk.issue.vulnerabilities.forceDownload
When true, allows downloads for this artifact even when there are vulnerabilities.
snyk.issue.vulnerabilities.forceDownload.info
Use this field to provide additional information about why the forceDownload is enabled.
snyk.issue.licenses
Regardless of the thresholds configured, this row displays license summary scan results.
snyk.issue.licenses.forceDownload
When true, allows downloads for this artifact even when there are license issues.
snyk.issue.licenses.forceDownload.info
Use this field to provide additional information about why the forceDownload is enabled.
+
Property
Description
snyk.test.timestamp
Date and time when Snyk last scanned the artifact.
snyk.issue.url
This is the URL to the Snyk database and explanation of the vulnerability, including specific details about vulnerable versions, available upgrades, and Snyk patches.
snyk.issue.vulnerabilities
Regardless of the thresholds configured, this row displays vulnerability summary scan results.
snyk.issue.vulnerabilities.forceDownload
When true, allows downloads for this artifact even when there are vulnerabilities.
snyk.issue.vulnerabilities.forceDownload.info
Use this field to provide additional information about why the forceDownload is enabled.
snyk.issue.licenses
Regardless of the thresholds configured, this row displays license summary scan results.
snyk.issue.licenses.forceDownload
When true, allows downloads for this artifact even when there are license issues.
snyk.issue.licenses.forceDownload.info
Use this field to provide additional information about why the forceDownload is enabled.
## Troubleshooting for the Artifactory Gatekeeper Plugin
diff --git a/scan-fix-and-prevent/scan-with-snyk/snyk-open-source/manage-vulnerabilities/differences-in-open-source-vulnerability-counts-across-environments.md b/scan-fix-and-prevent/scan-with-snyk/snyk-open-source/manage-vulnerabilities/differences-in-open-source-vulnerability-counts-across-environments.md
index 1d4a89a8f13a..d7edccb63537 100644
--- a/scan-fix-and-prevent/scan-with-snyk/snyk-open-source/manage-vulnerabilities/differences-in-open-source-vulnerability-counts-across-environments.md
+++ b/scan-fix-and-prevent/scan-with-snyk/snyk-open-source/manage-vulnerabilities/differences-in-open-source-vulnerability-counts-across-environments.md
@@ -8,7 +8,7 @@ There are also other possible causes of variation in vulnerabilities reported. T
## Scanning a local repository using the CLI
-When you scan a local repository using the CLI, `snyk test` builds a dependency graph based on the source files in your build environment. When you run a test with the CLI using `snyk test` or make a snapshot for ongoing testing using `snyk monitor`, Snyk looks at the dependencies as detected by the build tool (for example, Maven, npm, and so on) in order to see exactly what your Project relies on. Private dependencies and the specifics of your build environment are all available to the build tool and so to Snyk as well.
+When you scan a local repository using the CLI, `snyk test` builds a dependency graph based on the source files in your build environment. When you run a test with the CLI using `snyk test` or make a snapshot for ongoing testing using `snyk monitor`, Snyk looks at the dependencies as detected by the build tool (for example, Maven, npm, and so on) to see exactly what your Project relies on. Private dependencies and the specifics of your build environment are all available to the build tool and so to Snyk as well.
## Scanning a remote repository using the Web UI
@@ -40,7 +40,7 @@ Dependency overrides and mapping using code can sometimes cause the CLI to repor
For Go Modules Projects imported using a Git integration, dependencies are resolved at the module level rather than the package level, as Snyk does not have full access to the Project source code.
-This means you may see more issues reported for Projects tested in the Git repository because Snyk reports all vulnerabilities for each module rather than for the package(s) referenced in the source code.
+This means you may see more issues reported for Projects tested in the Git repository because Snyk reports all vulnerabilities for each module rather than for the packages referenced in the source code.
## Differences when dev dependencies are being ignored
@@ -55,7 +55,7 @@ Snyk has more vulnerabilities in its database and may include them sooner than o
When comparing results between tools, consider the following:
-* Is what is being scanned the same? For example, were the projects built on different machines at different times without a lockfile that ensures similar dependencies?
+* Is what is being scanned the same? For example, were the Projects built on different machines at different times without a lockfile that ensures similar dependencies?
* Are there "ignore" rules configured in one tool but not in the other?
* Does one tool evaluate developer dependencies while the other does not? Snyk does not evaluate developer dependencies by default to reduce noise not seen in production.
* Does the vendor "scrape databases" _or_ does it curate and review issues and their severities like Snyk does?
@@ -79,8 +79,8 @@ That is, ignores are not showing because you created them in the Project importe
If you want the ignores to be effective in the CLI, create the Project from the CLI and apply the ignores in the CLI as follows:
-1. Go to the root of your Project and run `snyk monitor`.
-2. Go to the Snyk Web UI; there is a new Project that has the name of the Project in the `package.json` file with the CLI icon.
+1. Navigate to the root of your Project and run `snyk monitor`.
+2. Navigate to the Snyk Web UI. A new Project appears with the name of the Project in the `package.json` file and the CLI icon.
3. Use the `snyk ignore` command to ignore the issue in the new Project. You can also set ignores in the Web UI for a Project created with the CLI.
4. Run `snyk test` and `snyk monitor` and see if this solution ignores the issues you intend to ignore. Wait a minute or two to allow some caches to expire. Then look at the Projects screen to see if what you intended is ignored.
diff --git a/scan-fix-and-prevent/scan-with-snyk/snyk-open-source/manage-vulnerabilities/fix-your-vulnerabilities.md b/scan-fix-and-prevent/scan-with-snyk/snyk-open-source/manage-vulnerabilities/fix-your-vulnerabilities.md
index fc88e8d67a53..3e31b908202c 100644
--- a/scan-fix-and-prevent/scan-with-snyk/snyk-open-source/manage-vulnerabilities/fix-your-vulnerabilities.md
+++ b/scan-fix-and-prevent/scan-with-snyk/snyk-open-source/manage-vulnerabilities/fix-your-vulnerabilities.md
@@ -1,6 +1,6 @@
# Fix your vulnerabilities
-Snyk helps you to fix vulnerabilities by upgrading the direct dependencies to a more secure version or by patching the vulnerability. After Snyk scans your Projects, the scan results allow you to resolve issues in your code with the help of clear suggestions and explanations.
+Snyk helps you to fix vulnerabilities by upgrading the direct dependencies to a more secure version or by patching the vulnerability. After Snyk scans your Projects, the scan results let you resolve issues in your code with the help of clear suggestions and explanations.
Using Snyk Open Source, you can do the following:
@@ -17,7 +17,7 @@ For Snyk Open Source, on the **Issues** tab, the results are displayed as follow
* Different versions are listed and can be expanded to show the full list of vulnerabilities remediated in that specific version.
* All vulnerabilities contain contextual information to help you prioritize the issues and start fixing them.
-
Example of issues diplayed on the Issues tab for a Project
+
Example of issues displayed on the Issues tab for a Project
## View fix advice
@@ -25,7 +25,7 @@ The **Fixes** tab also appears on the Project details page. On this page, Snyk o
* An upgrade to the original package.
* Pinning a package, installing a package as a top-level dependency; that is, a specific version of an indirect dependency. This avoids having a direct dependency pull in a vulnerable version.
-* A Snyk precision patch to fix the issue. If an upgrade to fix any of the vulnerabilities in the package is not currently available, Snyk offers patches to fix the issues
+* A Snyk precision patch to fix the issue. If no upgrade is available to fix the vulnerabilities in the package, Snyk offers patches to fix the issues.
The summary area groups advice by package, and is displayed based on the best available fix. Advice in these summary lists includes these details for each package:
@@ -36,8 +36,8 @@ The summary area groups advice by package, and is displayed based on the best av
You can also find additional advice and details further down on the Project details page:
-* From the **Issues**, tab, a full description per vulnerability
-* From the **Dependencies** tab, the entire tree of your Project dependencies, enabling you to clearly visualize affected paths
+* From the **Issues** tab, a full description per vulnerability
+* From the **Dependencies** tab, the entire tree of your Project dependencies, so you can clearly visualize affected paths
## Fixing vulnerabilities based on scan results using Snyk CLI
diff --git a/scan-fix-and-prevent/scan-with-snyk/snyk-open-source/manage-vulnerabilities/snyk-patches-to-fix-vulnerabilities.md b/scan-fix-and-prevent/scan-with-snyk/snyk-open-source/manage-vulnerabilities/snyk-patches-to-fix-vulnerabilities.md
index c79e3c347f95..b998156991a3 100644
--- a/scan-fix-and-prevent/scan-with-snyk/snyk-open-source/manage-vulnerabilities/snyk-patches-to-fix-vulnerabilities.md
+++ b/scan-fix-and-prevent/scan-with-snyk/snyk-open-source/manage-vulnerabilities/snyk-patches-to-fix-vulnerabilities.md
@@ -4,10 +4,10 @@
Sometimes there is no direct upgrade that can address the vulnerability, or an upgrade is not possible due to functional reasons, for example, the upgrade is a major breaking change.
-In such cases, Snyk can help you [protect your code with patches](https://app.gitbook.com/s/IEEjSXQQu36y0vmFV8zf/snyk-cli/snyk-cli/scan-and-maintain-projects-using-the-cli/snyk-protect-package). This option will make minimal modifications to your locally installed`node_modules` files to fix the vulnerability. It will also update the policy to patch this issue when you use [@snyk/protect](https://github.com/snyk/cli/tree/master/packages/snyk-protect).
+In such cases, Snyk can help you [protect your code with patches](https://app.gitbook.com/s/IEEjSXQQu36y0vmFV8zf/snyk-cli/snyk-cli/scan-and-maintain-projects-using-the-cli/snyk-protect-package). This option makes minimal modifications to your locally installed`node_modules` files to fix the vulnerability. It also updates the policy to patch this issue when you use [@snyk/protect](https://github.com/snyk/cli/tree/master/packages/snyk-protect).
{% hint style="info" %}
-Patching is currently supported for Node.js Projects only.
+Patching is supported for Node.js Projects only.
{% endhint %}
Patches are applicable in the following scenarios:
@@ -40,7 +40,7 @@ After the patch is created by a Snyk Security Engineer, it is reviewed by two ot
All patches are available for download and review by the community, and Snyk welcomes any feedback.
-For unmaintained packages, Snyk will create a patch and open a pull request to the Project for the patch to be merged.
+For unmaintained packages, Snyk creates a patch and opens a pull request to the Project for the patch to be merged.
## How patches work when you are using the Snyk CLI
diff --git a/scan-fix-and-prevent/scan-with-snyk/snyk-open-source/manage-vulnerabilities/snyk-vulnerability-database.md b/scan-fix-and-prevent/scan-with-snyk/snyk-open-source/manage-vulnerabilities/snyk-vulnerability-database.md
index 9a97c039d0b9..4a1b90c44dca 100644
--- a/scan-fix-and-prevent/scan-with-snyk/snyk-open-source/manage-vulnerabilities/snyk-vulnerability-database.md
+++ b/scan-fix-and-prevent/scan-with-snyk/snyk-open-source/manage-vulnerabilities/snyk-vulnerability-database.md
@@ -73,7 +73,7 @@ The package health score is calculated based on four main categories: Popularity
Overview of package health score
-Each category contributes to the overall score, enabling developers to evaluate various aspects of an open-source package.
+Each category contributes to the overall score, so developers can evaluate various aspects of an open-source package.
#### Popularity
@@ -89,7 +89,7 @@ This category helps you gain insights into the health of an open-source dependen
#### Security
-This category helps you quickly assess the security posture of an Open Source Project and its past versions. By connecting your Project with Snyk enables you to receive fixed and automations that enable security at scale and speed.
+This category helps you quickly assess the security posture of an Open Source Project and its past versions. Connecting your Project with Snyk lets you receive fixes and automations that enable security at scale and speed.
Security category
@@ -101,7 +101,7 @@ This category helps you understand whether the community is thriving around an o
## Incorporating the Vulnerability Database into your systems
-Incorporating information into your own systems is useful for customers who already have their own security products. You can benefit from Snyk’s expertise and accumulated knowledge with access to this database. This gives your development teams access to trusted intelligence, allowing them to rapidly secure open source and container code.
+Incorporating information into your own systems is useful for customers who already have their own security products. You can benefit from Snyk’s expertise and accumulated knowledge with access to this database. This gives your development teams access to trusted intelligence, so they can rapidly secure open source and container code.
The Snyk Vulnerability Database includes two feeds:
diff --git a/scan-fix-and-prevent/scan-with-snyk/snyk-open-source/manage-vulnerabilities/troubleshoot-fixing-vulnerabilities-with-snyk-open-source.md b/scan-fix-and-prevent/scan-with-snyk/snyk-open-source/manage-vulnerabilities/troubleshoot-fixing-vulnerabilities-with-snyk-open-source.md
index f93a1396100f..e1028359a67d 100644
--- a/scan-fix-and-prevent/scan-with-snyk/snyk-open-source/manage-vulnerabilities/troubleshoot-fixing-vulnerabilities-with-snyk-open-source.md
+++ b/scan-fix-and-prevent/scan-with-snyk/snyk-open-source/manage-vulnerabilities/troubleshoot-fixing-vulnerabilities-with-snyk-open-source.md
@@ -4,13 +4,13 @@ When you find a vulnerability, you have the opportunity to report that vulnerabi
## Unable to open a pull request or merge request for issues found by Snyk
-When you import a Project, either through integration or by using the CLI, both CLI and SCM projects receive fix advice, while SCM projects additionally offer the option to open a Fix PR.
+When you import a Project, either through integration or by using the CLI, both CLI and SCM Projects receive fix advice, while SCM Projects additionally offer the option to open a Fix PR.
Snyk does not open PRs for transitive dependencies. For more information, see [Fixing transitive dependencies](vulnerability-fix-types.md#fixing-transitive-dependencies).
## Languages supported for Fix and Backlog Pull Requests or Merge Requests
-Snyk can generate Fix Pull Requests (Fix PRs) or Merge Requests (MRs) for dependencies that may have a patch or an upgrade that will fix a vulnerability.
+Snyk can generate Fix Pull Requests (Fix PRs) or Merge Requests (MRs) for dependencies that may have a patch or an upgrade that fixes a vulnerability.
Snyk supports creating Fix PRs or MRs for the following languages:
diff --git a/scan-fix-and-prevent/scan-with-snyk/snyk-open-source/manage-vulnerabilities/upgrade-package-versions-to-fix-vulnerabilities.md b/scan-fix-and-prevent/scan-with-snyk/snyk-open-source/manage-vulnerabilities/upgrade-package-versions-to-fix-vulnerabilities.md
index 6f5c3baf0154..ea75cc8bed47 100644
--- a/scan-fix-and-prevent/scan-with-snyk/snyk-open-source/manage-vulnerabilities/upgrade-package-versions-to-fix-vulnerabilities.md
+++ b/scan-fix-and-prevent/scan-with-snyk/snyk-open-source/manage-vulnerabilities/upgrade-package-versions-to-fix-vulnerabilities.md
@@ -1,8 +1,8 @@
# Upgrade package versions to fix vulnerabilities
-Snyk will always recommend the smallest upgrade of a dependency to resolve a vulnerability.
+Snyk always recommends the smallest upgrade of a dependency to resolve a vulnerability.
-To resolve a vulnerability in a transitive dependency, Snyk will calculate the dependency tree for your Project and determine the minimum upgrade to the direct dependency that will result in a vulnerability-free version of the indirect dependency.
+To resolve a vulnerability in a transitive dependency, Snyk calculates the dependency tree for your Project and determines the minimum upgrade to the direct dependency that results in a vulnerability-free version of the indirect dependency.
Some fixes may require a major upgrade of a dependency. In this situation, if Snyk suspects a major change that would cause breakage, the Fix PR screen indicates this.
diff --git a/scan-fix-and-prevent/scan-with-snyk/snyk-open-source/manage-vulnerabilities/vulnerability-fix-types.md b/scan-fix-and-prevent/scan-with-snyk/snyk-open-source/manage-vulnerabilities/vulnerability-fix-types.md
index f434eb1d32d2..d37303498c7c 100644
--- a/scan-fix-and-prevent/scan-with-snyk/snyk-open-source/manage-vulnerabilities/vulnerability-fix-types.md
+++ b/scan-fix-and-prevent/scan-with-snyk/snyk-open-source/manage-vulnerabilities/vulnerability-fix-types.md
@@ -8,8 +8,8 @@ The list of issues does not show any vulnerabilities that have been fixed. These
The sidebar on the list of issues has groups of filters. The ones referring to vulnerabilities are:
-* The **Computed Fixability** filters allow you to see the vulnerabilities based on their remediation paths.
-* The "**Fixed in" Available** filters allow you to see if the found vulnerabilities have a version in which they were fixed.
+* The **Computed Fixability** filters let you see the vulnerabilities based on their remediation paths.
+* The "**Fixed in" Available** filters let you see if the found vulnerabilities have a version in which they were fixed.
## Computed Fixability filters
@@ -20,8 +20,6 @@ The Computed Fixability filters include the following values:
* **No supported fix**: The issue has no upgradable paths, or Snyk does not support Fix PRs for this Project type.
{% hint style="info" %}
-For Projects imported using the CLI, or ecosystems for which Snyk Fix PRs are not supported, issues will
-
Snyk displays issues with **No Supported Fix** for Projects imported using the CLI or ecosystems that do not support Snyk fix PRs.
If a fix is available, you can manually update the dependencies. Depending on the package manager and dependency path, you can pin or override the dependency.
@@ -78,7 +76,7 @@ A direct dependency is fixable if a fixed, that is, secure, version of the packa
Example of a transitive dependency
-Under **Detailed paths,** a mention is displayed that no remediation path is available. However, the issue card shows that the vulnerability is **Fixed in** the more recent version. Snyk does not have the ability to reach the level where the vulnerability exists in this specific Project, but the vulnerability does not match the definition of No supported fix.
+Under **Detailed paths,** a mention is displayed that no remediation path is available. However, the issue card shows that the vulnerability is **Fixed in** the more recent version. Snyk cannot reach the level where the vulnerability exists in this specific Project, but the vulnerability does not match the definition of No supported fix.
### Fixing transitive dependencies
@@ -88,7 +86,7 @@ You cannot automatically fix transitive dependencies or open a Fix PR (see [Fix
To fix a transitive dependency like the one in this example, follow the link to the [Snyk Vulnerability Database](snyk-vulnerability-database.md):
-
LInk to Snyk Vulnerability Database for a transitive dependency
+
Link to Snyk Vulnerability Database for a transitive dependency
From the Snyk Vulnerability Database, you can see remediation advice for more fix information:
diff --git a/scan-fix-and-prevent/scan-with-snyk/snyk-open-source/package-repository-integrations/artifactory-package-repository-connection-setup/artifactory-registry-for-maven.md b/scan-fix-and-prevent/scan-with-snyk/snyk-open-source/package-repository-integrations/artifactory-package-repository-connection-setup/artifactory-registry-for-maven.md
index 1449dfe74732..deddb67167af 100644
--- a/scan-fix-and-prevent/scan-with-snyk/snyk-open-source/package-repository-integrations/artifactory-package-repository-connection-setup/artifactory-registry-for-maven.md
+++ b/scan-fix-and-prevent/scan-with-snyk/snyk-open-source/package-repository-integrations/artifactory-package-repository-connection-setup/artifactory-registry-for-maven.md
@@ -20,7 +20,7 @@ If authentication is required for access to your custom registry, you must confi
After the integration is set up, you can configure Maven settings by navigating to **Settings** > **Languages** > **Java**.
-You can choose whether to use Artifactory as a mirror or as an additional repository where your artifacts will reside. These settings will be very similar to what you have in `~/.m2/settings.xml`.
+You can choose whether to use Artifactory as a mirror or as an additional repository where your artifacts reside. These settings are very similar to what you have in `~/.m2/settings.xml`.
## Mirrors
@@ -40,7 +40,7 @@ For example, if the URL is `http://artifactory.company.io/artifactory/libs-relea
## Additional repositories
-Alternatively, you can configure repositories that will be used as additional locations to check for artifacts.
+Alternatively, you can configure repositories to use as additional locations to check for artifacts.
Repositories are configured in the same way as [Mirrors](artifactory-registry-for-maven.md#mirrors), but do not require **Mirror Of**.
diff --git a/scan-fix-and-prevent/scan-with-snyk/snyk-open-source/package-repository-integrations/artifactory-package-repository-connection-setup/artifactory-registry-for-npm.md b/scan-fix-and-prevent/scan-with-snyk/snyk-open-source/package-repository-integrations/artifactory-package-repository-connection-setup/artifactory-registry-for-npm.md
index c60a646b3555..0eed31333ba8 100644
--- a/scan-fix-and-prevent/scan-with-snyk/snyk-open-source/package-repository-integrations/artifactory-package-repository-connection-setup/artifactory-registry-for-npm.md
+++ b/scan-fix-and-prevent/scan-with-snyk/snyk-open-source/package-repository-integrations/artifactory-package-repository-connection-setup/artifactory-registry-for-npm.md
@@ -15,7 +15,7 @@ You can add configuration to tell Snyk where your private Artifactory Node.js pa
## JavaScript language settings
1. Navigate to **Settings** > **Languages** > **JavaScript** and either the npm or Yarn settings, depending on your Project type.
-2. If you have not previously connected to Artifactory, you will be asked to configure an integration first; see [Artifactory Package Repository connection setup](./).
+2. If you have not previously connected to Artifactory, Snyk asks you to configure an integration first; see [Artifactory Package Repository connection setup](./).
3. Select **Add registry configuration**.
1. Select **Artifactory** as the Package source.
2. If you want to configure this registry as the default registry url, leave the scope blank.
diff --git a/scan-fix-and-prevent/scan-with-snyk/snyk-open-source/package-repository-integrations/artifactory-package-repository-connection-setup/artifactory-repository-manager-for-nuget.md b/scan-fix-and-prevent/scan-with-snyk/snyk-open-source/package-repository-integrations/artifactory-package-repository-connection-setup/artifactory-repository-manager-for-nuget.md
index d4b58e310ffd..467b61f5af01 100644
--- a/scan-fix-and-prevent/scan-with-snyk/snyk-open-source/package-repository-integrations/artifactory-package-repository-connection-setup/artifactory-repository-manager-for-nuget.md
+++ b/scan-fix-and-prevent/scan-with-snyk/snyk-open-source/package-repository-integrations/artifactory-package-repository-connection-setup/artifactory-repository-manager-for-nuget.md
@@ -17,7 +17,7 @@ Configure the URL where your private Artifactory Package Repositories host NuGet
To do this:
-1. In the Snyk web UI, navigate to **Settings** > **Languages** > **.NET** > **Brokered package registries**.
+1. In the Snyk Web UI, navigate to **Settings** > **Languages** > **.NET** > **Brokered package registries**.
If you use a brokered connection and have not configured the Universal Broker, follow the Universal Broker instructions to set it up.
diff --git a/scan-fix-and-prevent/scan-with-snyk/snyk-open-source/package-repository-integrations/nexus-repository-manager-connection-setup/nexus-repository-manager-for-maven.md b/scan-fix-and-prevent/scan-with-snyk/snyk-open-source/package-repository-integrations/nexus-repository-manager-connection-setup/nexus-repository-manager-for-maven.md
index 4d7ba7f14e26..cb117dbc1844 100644
--- a/scan-fix-and-prevent/scan-with-snyk/snyk-open-source/package-repository-integrations/nexus-repository-manager-connection-setup/nexus-repository-manager-for-maven.md
+++ b/scan-fix-and-prevent/scan-with-snyk/snyk-open-source/package-repository-integrations/nexus-repository-manager-connection-setup/nexus-repository-manager-for-maven.md
@@ -18,13 +18,13 @@ The following explains how to set up custom Maven package registries
If authentication is required to access your Nexus registry, you must first configure the Nexus Repository Manager integration. See [Nexus Repository Manager setup](./).
-You can choose to use Nexus as a mirror or as an additional repository where your artifacts will reside.
+You can choose to use Nexus as a mirror or as an additional repository where your artifacts reside.
These settings are very similar to what you have in `~/.m2/settings.xml`.
Set up for Mirrors
-Choose a value for the Type, either **Direct** or, if you are using using authentication, **Integration**.
+Choose a value for the Type, either **Direct** or, if you are using authentication, **Integration**.
If you are using **Direct,** you must complete the **URL**, **Repository Name** and what it is a **Mirror Of**.
@@ -50,6 +50,6 @@ If the URL is `http://nexus.company.io/nexus/content/repositories/releases`, Rep
{% endtab %}
{% endtabs %}
-Alternatively, you can configure repositories will be used as additional locations to check for artifacts.
+Alternatively, you can configure repositories to use as additional locations to check for artifacts.
Repositories are configured in the same way as Mirrors, but do not require **Mirror Of**.
diff --git a/scan-fix-and-prevent/scan-with-snyk/snyk-open-source/package-repository-integrations/nexus-repository-manager-connection-setup/nexus-repository-manager-for-npm-1.md b/scan-fix-and-prevent/scan-with-snyk/snyk-open-source/package-repository-integrations/nexus-repository-manager-connection-setup/nexus-repository-manager-for-npm-1.md
index 1945078402f7..b225701e1777 100644
--- a/scan-fix-and-prevent/scan-with-snyk/snyk-open-source/package-repository-integrations/nexus-repository-manager-connection-setup/nexus-repository-manager-for-npm-1.md
+++ b/scan-fix-and-prevent/scan-with-snyk/snyk-open-source/package-repository-integrations/nexus-repository-manager-connection-setup/nexus-repository-manager-for-npm-1.md
@@ -19,7 +19,7 @@ Configure the URL where your private Nexus Repository Manager hosts NuGet packag
To do this:
-1. In the Snyk web UI, navigate to **Settings** > **Languages** > **.NET** > **Brokered package registries**.
+1. In the Snyk Web UI, navigate to **Settings** > **Languages** > **.NET** > **Brokered package registries**.
If you use a brokered connection and have not configured the Universal Broker, follow the Universal Broker instructions to set it up.
diff --git a/scan-fix-and-prevent/scan-with-snyk/snyk-open-source/package-repository-integrations/nexus-repository-manager-connection-setup/nexus-repository-manager-for-npm.md b/scan-fix-and-prevent/scan-with-snyk/snyk-open-source/package-repository-integrations/nexus-repository-manager-connection-setup/nexus-repository-manager-for-npm.md
index 1bd25fda6e71..daf4759f22ca 100644
--- a/scan-fix-and-prevent/scan-with-snyk/snyk-open-source/package-repository-integrations/nexus-repository-manager-connection-setup/nexus-repository-manager-for-npm.md
+++ b/scan-fix-and-prevent/scan-with-snyk/snyk-open-source/package-repository-integrations/nexus-repository-manager-connection-setup/nexus-repository-manager-for-npm.md
@@ -17,11 +17,11 @@ This is the same information you would normally add in your `.yarnrc` or `.npmrc
## JavaScript language settings
-Go to **Settings** > **Languages** > **JavaScript** and either the npm or Yarn settings, depending on your Project type.
+Navigate to **Settings** > **Languages** > **JavaScript** and either the npm or Yarn settings, depending on your Project type.
-If you have not previously connected to Nexus Repository Manager you will be asked to configure an integration first; see [Nexus Repository Manager connection setup](./).
+If you have not previously connected to Nexus Repository Manager, Snyk asks you to configure an integration first; see [Nexus Repository Manager connection setup](./).
-Follow the steps on the tabs below, according to your version of Nexus.
+Follow the steps on the tab for your version of Nexus.
Configure Nexus registry
diff --git a/scan-fix-and-prevent/scan-with-snyk/snyk-open-source/package-repository-integrations/npm-teams-and-npm-enterprise-integration.md b/scan-fix-and-prevent/scan-with-snyk/snyk-open-source/package-repository-integrations/npm-teams-and-npm-enterprise-integration.md
index 8ed8c2f0f27d..cfa72c6349b0 100644
--- a/scan-fix-and-prevent/scan-with-snyk/snyk-open-source/package-repository-integrations/npm-teams-and-npm-enterprise-integration.md
+++ b/scan-fix-and-prevent/scan-with-snyk/snyk-open-source/package-repository-integrations/npm-teams-and-npm-enterprise-integration.md
@@ -11,16 +11,16 @@ Snyk can use custom npm Teams and npm Enterprise repositories with npm and Yarn
This enables Snyk to resolve all direct and transitive dependencies of packages hosted on the custom registry and calculate a more complete, accurate dependency graph and related vulnerabilities.
-After configuration, Snyk will also use this information to access private dependencies when creating Pull/Merge Requests, by allowing npm and yarn to reach those dependencies in order to regenerate the lockfile.
+After configuration, Snyk also uses this information to access private dependencies when creating Pull/Merge Requests, by allowing npm and Yarn to reach those dependencies to regenerate the lockfile.
-You can add configuration to tell Snyk where your private npm Teams and npm Enterprise Node.js packages are hosted and under what scope..
+You can add configuration to tell Snyk where your private npm Teams and npm Enterprise Node.js packages are hosted and under what scope.
This is the same information you would normally add in your `.yarnrc` or `.npmrc`
## JavaScript language settings
1. Navigate to **Settings** > **Languages** > **JavaScript** and either the npm or Yarn settings, depending on your Project type. Yarn is shown in the screenshot.
-2. If you have not previously connected to npm Teams or npm Enterprise, you will be asked to configure an integration first. See [npm Teams and npm Enterprise registry settings](npm-teams-and-npm-enterprise-integration.md#npm-teams-and-npm-enterprise-registry-settings).
+2. If you have not previously connected to npm Teams or npm Enterprise, Snyk asks you to configure an integration first. See [npm Teams and npm Enterprise registry settings](npm-teams-and-npm-enterprise-integration.md#npm-teams-and-npm-enterprise-registry-settings).
3. After you have set up the integration, select **Add registry configuration.**
1. Select **npm** as the **Package source**.
2. If you want to configure this registry as the default registry url, leave the scope blank.
diff --git a/scan-fix-and-prevent/scan-with-snyk/snyk-open-source/package-repository-integrations/private-gem-sources-for-ruby-configuration.md b/scan-fix-and-prevent/scan-with-snyk/snyk-open-source/package-repository-integrations/private-gem-sources-for-ruby-configuration.md
index 19433731239b..0ec356e029b7 100644
--- a/scan-fix-and-prevent/scan-with-snyk/snyk-open-source/package-repository-integrations/private-gem-sources-for-ruby-configuration.md
+++ b/scan-fix-and-prevent/scan-with-snyk/snyk-open-source/package-repository-integrations/private-gem-sources-for-ruby-configuration.md
@@ -9,7 +9,7 @@ This guide is relevant for Snyk UI integrations only. The CLI supports Ruby Proj
You can add a configuration to tell Snyk where your private gems are hosted. This is the same information you would normally add as a Bundler environment variable.
-After you have added this configuration, Snyk uses the information to access private dependencies when creating Pull/Merge Requests, by allowing Bundler to reach those dependencies in order to regenerate the lockfile.
+After you have added this configuration, Snyk uses the information to access private dependencies when creating Pull/Merge Requests, by allowing Bundler to reach those dependencies to regenerate the lockfile.
## Configuration of private gem sources for Ruby
diff --git a/scan-fix-and-prevent/scan-with-snyk/snyk-open-source/scan-open-source-libraries-and-licenses/README.md b/scan-fix-and-prevent/scan-with-snyk/snyk-open-source/scan-open-source-libraries-and-licenses/README.md
index 6b95858ce1ab..7633e0c5328e 100644
--- a/scan-fix-and-prevent/scan-with-snyk/snyk-open-source/scan-open-source-libraries-and-licenses/README.md
+++ b/scan-fix-and-prevent/scan-with-snyk/snyk-open-source/scan-open-source-libraries-and-licenses/README.md
@@ -35,6 +35,6 @@ To fix vulnerabilities:
5. Snyk acts on the PR and displays a results screen.
6. Optionally, select the **Files changed** tab to see details of the changes made.
-
Files changed tab in GitHub after triggering Fix PR for an open source project
+
Files changed tab in GitHub after triggering Fix PR for an open source project
For more details, see [Fix your vulnerabilities](../manage-vulnerabilities/fix-your-vulnerabilities.md).
diff --git a/scan-fix-and-prevent/scan-with-snyk/snyk-open-source/scan-open-source-libraries-and-licenses/open-source-license-compliance.md b/scan-fix-and-prevent/scan-with-snyk/snyk-open-source/scan-open-source-libraries-and-licenses/open-source-license-compliance.md
index db4e5483a9bd..c934c5402def 100644
--- a/scan-fix-and-prevent/scan-with-snyk/snyk-open-source/scan-open-source-libraries-and-licenses/open-source-license-compliance.md
+++ b/scan-fix-and-prevent/scan-with-snyk/snyk-open-source/scan-open-source-libraries-and-licenses/open-source-license-compliance.md
@@ -6,12 +6,12 @@ Every time you test your code in the Snyk web UI, the Snyk CLI, or using PR Chec
### Default license policy
-To enable customers to get started with license compliance faster, Snyk created a default license policy. The default policy is a baseline that tries to meet the requirements of multiple types of applications, SaaS, distributed, and so on. It may be used as a starting point to calibrate additional license policies. The default policy does not endorse or criticize any license.
+To help customers get started with license compliance faster, Snyk created a default license policy. The default policy is a baseline that tries to meet the requirements of multiple types of applications, SaaS, distributed, and so on. You can use it as a starting point to calibrate additional license policies. The default policy does not endorse or criticize any license.
By default, Snyk determines the severity of a license issue in the following way:
-* High severity - licenses that definitely present issues for commercial software
-* Medium severity - licenses with clauses that may be of concern and should be reviewed.
+* High severity - licenses that present issues for commercial software
+* Medium severity - licenses with clauses that you should review
For more information, visit [License policies](../../../manage-risk/policies/license-policies/) and [Open Source Licenses: Types and Comparison](https://snyk.io/learn/open-source-licenses/).
@@ -31,7 +31,7 @@ You can view an inventory of all of your licenses across all your Projects. For
Different customers may have different needs and tolerance levels for different license types. Snyk encourages you to ensure you have made the needed changes or created new policies that fit your company's specific requirements.
-New licenses added by Snyk default to a severity of **None** and do not inherit the **Unknown** license severity. Unless you explicitly configure a severity for the newly supported license, it will not appear in Snyk test results.
+New licenses added by Snyk default to a severity of **None** and do not inherit the **Unknown** license severity. Unless you explicitly configure a severity for the newly supported license, it does not appear in Snyk test results.
If you notice a license with the wrong license type assigned to it, contact Snyk support.
diff --git a/scan-fix-and-prevent/scan-with-snyk/snyk-open-source/scan-open-source-libraries-and-licenses/snyk-license-compliance-management.md b/scan-fix-and-prevent/scan-with-snyk/snyk-open-source/scan-open-source-libraries-and-licenses/snyk-license-compliance-management.md
index 776e61bd62fe..81e8199babf5 100644
--- a/scan-fix-and-prevent/scan-with-snyk/snyk-open-source/scan-open-source-libraries-and-licenses/snyk-license-compliance-management.md
+++ b/scan-fix-and-prevent/scan-with-snyk/snyk-open-source/scan-open-source-libraries-and-licenses/snyk-license-compliance-management.md
@@ -31,11 +31,11 @@ You can create and edit multiple license policies for Organizations. For details
## View compliance issues
-Snyk’s [Git-based integrations ](https://app.gitbook.com/s/IEEjSXQQu36y0vmFV8zf/integrations/scm-integrations/organization-level-integrations)support license scanning as part of the regular workflow. During scanning, license issues appear as a filterable list in the **Issues** tab.
+The [Git-based integrations ](https://app.gitbook.com/s/IEEjSXQQu36y0vmFV8zf/integrations/scm-integrations/organization-level-integrations)in Snyk support license scanning as part of the regular workflow. During scanning, license issues appear as a filterable list in the **Issues** tab.
Issues overview with the "License issues" filter applied
-The example below shows a high-severity issue under the GPL-2.0 license, with accompanying instructions as defined in the license's policies.
+The following example shows a high-severity issue under the GPL-2.0 license, with accompanying instructions as defined in the license's policies.
You can also view license issues using the Snyk CLI tool after running `snyk test`:
@@ -57,8 +57,8 @@ Click the tree icon to view a full dependency tree. This shows the dependency th
## Resolve license issues
-You can now take action to resolve the license issues identified during the scan, to help you build and deploy your application without outstanding licensing issues.
+You can take action to resolve the license issues identified during the scan, to help you build and deploy your application without outstanding licensing issues.
The actions you take depend on the license conditions and on your policies. For example, if a license violation has surfaced, this issue can be mitigated by either approaching your legal team or by replacing the dependency that added the violation.
-Alternatively, you may want to ignore the issue. For details, see [ignore issues](../../../manage-risk/prioritize-issues-for-fixing/ignore-issues/).
+Alternatively, you can ignore the issue. For details, see [ignore issues](../../../manage-risk/prioritize-issues-for-fixing/ignore-issues/).
diff --git a/scan-fix-and-prevent/snyk-platform-administration/snyk-projects/README.md b/scan-fix-and-prevent/snyk-platform-administration/snyk-projects/README.md
index 740d46d78b37..33fd877541db 100644
--- a/scan-fix-and-prevent/snyk-platform-administration/snyk-projects/README.md
+++ b/scan-fix-and-prevent/snyk-platform-administration/snyk-projects/README.md
@@ -1,11 +1,11 @@
# Snyk Projects
-Snyk Project information appears in the **Projects** listing, which you can display from the menu on the Snyk dashboard. The filters you can add depend on the **Group by** option you choose from the pulldown on the right. To filter by Origin or source, use an Integrations filter.
+Snyk Project information appears in the **Projects** listing, which you can display from the menu on the Snyk dashboard. The filters you can add depend on the **Group by** option you choose from the dropdown. To filter by Origin or source, use an Integrations filter.
Progress and error information on the state of your repository and container registry image imports are shown in the [Import Log](import-log.md).
{% hint style="info" %}
-After filters have been applied to the Project listing page, you can bookmark the URL and share it with other users in the Organization. This allows all users to see the same view of the page.
+After filters have been applied to the Project listing page, you can bookmark the URL and share it with other users in the Organization. This lets all users see the same view of the page.
{% endhint %}
Snyk Projects concepts include the following:
@@ -20,7 +20,7 @@ Snyk Projects concepts include the following:
Projects are held in a Target. A Target represents an external resource Snyk has scanned: a code repository, a Kubernetes workload, or another scannable resource external to Snyk.
-Snyk creates a Target when you request to import a Project or scan using the CLI. If the import fails or finds nothing, the Target will be empty.
+Snyk creates a Target when you request to import a Project or scan using the CLI. If the import fails or finds nothing, the Target is empty.
When you select **Group by target**, Snyk Targets appear in the **Projects** listing. You can also find Targets using the endpoints [Get targets by org ID](https://app.gitbook.com/s/IEEjSXQQu36y0vmFV8zf/snyk-api/reference/targets#orgs-org_id-targets) and [List all Projects for an Org with the given Org ID](https://app.gitbook.com/s/IEEjSXQQu36y0vmFV8zf/snyk-api/reference/projects#orgs-org_id-projects).
@@ -34,7 +34,7 @@ The grouping option controls whether the filtering attributes are applied at the
Snyk provides both pagination to improve the page loading time for Projects page requests and filtering, which is particularly helpful if you have hundreds of thousands of Projects to scan.
-Use **Sort by** (pull down on the far right) to sort the **Projects** listing by severity, by how recently the Projects were imported, or in alphabetical order.
+Use **Sort by** (the dropdown) to sort the **Projects** listing by severity, by how recently the Projects were imported, or in alphabetical order.
Sorting attributes available when grouping by Target
@@ -109,7 +109,7 @@ To perform an action at bulk on your Projects, first select the Projects and the
Click **Delete** to remove Projects from the **Projects** listing page and the Target-level aggregates.
-Click **Deactivate** to remove webhooks and prevent tests from occurring. Deactivating a Project will:
+Click **Deactivate** to remove webhooks and prevent tests from occurring. Deactivating a Project does the following:
* Stop showing the Project results in reporting.
* Keep showing the findings of the last scan in the **Projects** listing page, including the Target-level aggregates on the **Group by Target** view.
diff --git a/scan-fix-and-prevent/snyk-platform-administration/snyk-projects/automatically-created-project-collections.md b/scan-fix-and-prevent/snyk-platform-administration/snyk-projects/automatically-created-project-collections.md
index 2f03f67c308b..fb87341100ae 100644
--- a/scan-fix-and-prevent/snyk-platform-administration/snyk-projects/automatically-created-project-collections.md
+++ b/scan-fix-and-prevent/snyk-platform-administration/snyk-projects/automatically-created-project-collections.md
@@ -8,9 +8,9 @@ Automated Collections are in Early Access and available only with Enterprise pla
See also [Limitations of Automated Collections](automatically-created-project-collections.md#limitations-of-automated-collections). You can enable Automated Collections in your Organization settings.
-Scanning a repository through an SCM integration and rescanning it using the Snyk CLI creates duplicate Targets within the Snyk Web UI with duplicate Projects and issues. These may not be exact duplicates.
+Scanning a repository through an SCM integration and rescanning it using the Snyk CLI creates duplicate Targets in the Snyk Web UI with duplicate Projects and issues. These may not be exact duplicates.
-With the option to create Project collections automatically, Projects from these duplicate Targets will be detected and grouped automatically into a new collection. This helps identify duplicates and allows filtering and reporting on the issues of your preferred code-scanning method.
+With the option to create Project collections automatically, Snyk detects Projects from these duplicate Targets and groups them automatically into a new collection. This helps identify duplicates and lets you filter and report on the issues of your preferred code-scanning method.
{% hint style="info" %}
Automated Collections takes up to an hour to create or delete a collection.
@@ -26,24 +26,24 @@ Automated Collections can be turned on under the **Organization settings** by us
Managing Automated Collections under Organization Settings
-After Automated Collections are enabled, all the Organization's Projects will be analyzed, and Projects with the same repository URL will be grouped automatically into a collection. All subsequent Project imports will also update the list of automatically created collections; there is no need to refresh the list manually.
+After you enable Automated Collections, Snyk analyzes all the Organization's Projects and groups Projects with the same repository URL automatically into a collection. All subsequent Project imports also update the list of automatically created collections. There is no need to refresh the list manually.
## Turn off Automated Collections
-Turning off Automated Collections will remove all the automatically created collections without impacting any of the grouped Projects. Only the automated collections are deleted, not their contents.
+Turning off Automated Collections removes all the automatically created collections without impacting any of the grouped Projects. Only the automated collections are deleted, not their contents.
## Automatically versus manually created Project collections
An automatically created collection has the same filtering and reporting options as a manually created collection:
-* You can filter an automatically created collection to see only the result of your preferred scanning method, thus hiding duplicates.
+* You can filter an automatically created collection to see only the result of your preferred scanning method, hiding duplicates.
* You can create reports from an automatically created collection and track issues from just one of the scanning methods and ignore the rest.
Automatically created collections have no management options available:
-* You cannot rename an automated collection; its name will reflect the repository URL of the matched Projects.
+* You cannot rename an automated collection. Its name reflects the repository URL of the matched Projects.
* You cannot add new Projects to an automated collection. Its content updates itself when new Projects with the same repo URL are imported.
-* You cannot delete an automatically created collection. You can turn off the Automated Collections feature, which will remove all automatically created collections.
+* You cannot delete an automatically created collection. You can turn off the Automated Collections feature, which removes all automatically created collections.
## Limitations of Automated Collections
diff --git a/scan-fix-and-prevent/snyk-platform-administration/snyk-projects/import-log.md b/scan-fix-and-prevent/snyk-platform-administration/snyk-projects/import-log.md
index 0080915f7654..60c677ce7528 100644
--- a/scan-fix-and-prevent/snyk-platform-administration/snyk-projects/import-log.md
+++ b/scan-fix-and-prevent/snyk-platform-administration/snyk-projects/import-log.md
@@ -1,6 +1,6 @@
# Import log
-The Import log feature provides a history of all the Git repositories and container registry images imported into an Organization through an Integration, allowing all manual and automated changes to be reviewed and any errors troubleshooted. This log makes it easier to see if any errors have occurred and how to resolve them.
+The Import log feature provides a history of all the Git repositories and container registry images imported into an Organization through an Integration, letting you review all manual and automated changes and troubleshoot any errors. This log makes it easier to see if any errors have occurred and how to resolve them.
## View import log
@@ -13,7 +13,7 @@ You must have the View Organization and View Project [permissions](https://app.g
## Import log timeline
-The Import Log timeline will go back as far as the **most recent** applicable condition of:
+The Import Log timeline goes back as far as the **most recent** applicable condition of:
* January 25th 2023.
* The date the Organization was created.
@@ -24,13 +24,13 @@ For example, if the Organization was created before January 25th, 2023, Snyk can
The Import Log shows all imported targets listed in reverse chronological order, with the most recent import at the top of the page. Each import can be expanded using the dropdown, listing all the imported Projects created in Snyk at the time of import.
-Targets that are in the process of being imported will have a loading icon stating **Importing target**.
+Targets that are in the process of being imported have a loading icon stating **Importing target**.
-Selecting **View Project** will take you to the Issues tab for that specific Project.
+Selecting **View Project** takes you to the Issues tab for that specific Project.
## Import log error messages
-If an error occurs on import, a warning icon will display on the repository name. Expanding this will show the Project the error is related to, with the error detail under the **Status** column.
+If an error occurs on import, a warning icon displays on the repository name. Expanding this shows the Project the error is related to, with the error detail under the **Status** column.
The error messages that can be displayed are:
diff --git a/scan-fix-and-prevent/snyk-platform-administration/snyk-projects/issue-card-information.md b/scan-fix-and-prevent/snyk-platform-administration/snyk-projects/issue-card-information.md
index 2563e2554e1f..78c4b36a2968 100644
--- a/scan-fix-and-prevent/snyk-platform-administration/snyk-projects/issue-card-information.md
+++ b/scan-fix-and-prevent/snyk-platform-administration/snyk-projects/issue-card-information.md
@@ -21,7 +21,7 @@ The dependency card provides a [Header section](issue-card-information.md#header
* [Severity level](../../manage-risk/prioritize-issues-for-fixing/severity-levels.md): for example, **High**. For dependencies with multiple severity levels, the severity shown in the header is the maximum of all listed issues under that dependency.
* Dependency name: for example, **jsonwebtoken** or **libxmljs2**.
-* **Score**: [Risk Score](../../manage-risk/prioritize-issues-for-fixing/risk-score.md) or [Priority score](../../manage-risk/prioritize-issues-for-fixing/priority-score.md): 0 to 1,000. For dependencies with multiple scores, the score shown in the header is the maximum of all listed issues under that dependency. This will show as Priority score unless you are opted-in to the Early Access for Risk score.
+* **Score**: [Risk Score](../../manage-risk/prioritize-issues-for-fixing/risk-score.md) or [Priority score](../../manage-risk/prioritize-issues-for-fixing/priority-score.md): 0 to 1,000. For dependencies with multiple scores, the score shown in the header is the maximum of all listed issues under that dependency. This shows as Priority score unless you are opted in to the Early Access for Risk score.
* Tabs separating out the fixable issues, issues with no supported fix, and vulnerable dependencies.
### Expanded vulnerability section
@@ -32,7 +32,7 @@ The dependency card provides a [Header section](issue-card-information.md#header
* Type: **VULNERABILITY** or LICENSE ISSUE
* Links to [CWE](https://cwe.mitre.org/index.html) (Common Weakness Enumeration), [CVSS](https://www.first.org/cvss/calculator/3.1) (Common Vulnerability Scoring System), and [Snyk Vulnerability Database](https://snyk.io/vuln) information for the issue. You can use these links to view more information about the CWE, CVE, and CVSS scores or navigate to the Snyk Vulnerability Database information for a specific vulnerability from its issue card.
* [**Exploit maturity**](../../manage-risk/prioritize-issues-for-fixing/view-exploits.md): for example, **Mature** or **Proof Of Concept**, which indicates how well known the implementation of this exploit is.
-* The exploit's **reachability**, for example, **Reachable**. This indicates whether a path from your first party code to the vulnerable code element exists, For information and an example, see [Reachable vulnerabilities](../../manage-risk/prioritize-issues-for-fixing/reachability-analysis.md).
+* The exploit's **reachability**, for example, **Reachable**. This indicates whether a path from your first-party code to the vulnerable code element exists. For information and an example, see [Reachable vulnerabilities](../../manage-risk/prioritize-issues-for-fixing/reachability-analysis.md).
* **Fixed in:** The file the vulnerability is fixed in
* **Social Trends**: Snyk occasionally shows a [Trending](../../manage-risk/prioritize-issues-for-fixing/vulnerabilities-with-social-trends.md) banner for issues that are being actively discussed on X (formerly known as Twitter).
diff --git a/scan-fix-and-prevent/snyk-platform-administration/snyk-projects/maximum-number-of-projects-in-an-organization.md b/scan-fix-and-prevent/snyk-platform-administration/snyk-projects/maximum-number-of-projects-in-an-organization.md
index 2b4e203b1fed..2908de15412c 100644
--- a/scan-fix-and-prevent/snyk-platform-administration/snyk-projects/maximum-number-of-projects-in-an-organization.md
+++ b/scan-fix-and-prevent/snyk-platform-administration/snyk-projects/maximum-number-of-projects-in-an-organization.md
@@ -12,7 +12,7 @@ When you reach the limit for your pricing plan, Snyk stops importing Projects in
## **Notification of reaching the limit**
-You will know you have reached the limit when you see the following warnings.
+You know you have reached the limit when you see the following warnings.
In the Snyk Web UI, this warning banner appears:
diff --git a/scan-fix-and-prevent/snyk-platform-administration/snyk-projects/project-attributes.md b/scan-fix-and-prevent/snyk-platform-administration/snyk-projects/project-attributes.md
index 987c93e97fd9..d841b298a3c4 100644
--- a/scan-fix-and-prevent/snyk-platform-administration/snyk-projects/project-attributes.md
+++ b/scan-fix-and-prevent/snyk-platform-administration/snyk-projects/project-attributes.md
@@ -1,6 +1,6 @@
# Project attributes
-Project attributes are static and non-configurable fields that allow you to apply attribute values to a Project by selecting from a predefined list of values. After you have applied attributes, you can remove them from a Project as needed.
+Project attributes are static and non-configurable fields that let you apply attribute values to a Project by selecting from a predefined list of values. After you have applied attributes, you can remove them from a Project as needed.
Use attributes to group, prioritize, and filter Projects. Use attributes such as lifecycle stage, business criticality, and environment to prioritize issues at a granular level. After you apply attributes to Snyk [policies](../../manage-risk/policies/), you can assign policies to Projects that have those attributes applied.
@@ -14,7 +14,7 @@ The available Project attributes are summarized in the following table.
| Attribute | Attribute options |
| -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------- |
-|
Business criticality Note that When Risk Score is enabled, the Business Criticality attribute automatically affects the score according to the highest attribute level. Learn more in the Risk Score docs.
|
Critical
High
Medium
Low
|
+|
Business criticality Note that when Risk Score is enabled, the Business Criticality attribute automatically affects the score according to the highest attribute level. Learn more in the Risk Score docs.
|
Critical
High
Medium
Low
|
| Environment |
Frontend
Backend
Internal
External
Mobile
SaaS
On-Prem
Hosted
Distributed
|
| Lifecycle stage |
Production
Development
Sandbox
|
diff --git a/scan-fix-and-prevent/snyk-platform-administration/snyk-projects/project-collections-groupings/README.md b/scan-fix-and-prevent/snyk-platform-administration/snyk-projects/project-collections-groupings/README.md
index 61e54fd9aefd..b71f9e5f300c 100644
--- a/scan-fix-and-prevent/snyk-platform-administration/snyk-projects/project-collections-groupings/README.md
+++ b/scan-fix-and-prevent/snyk-platform-administration/snyk-projects/project-collections-groupings/README.md
@@ -2,7 +2,7 @@
{% hint style="info" %}
**Feature availability**\
-This feature is available only with Enterprise Plans. For more information, see [plans and pricing](https://snyk.io/plans/).
+This feature is available only with Enterprise plans. For more information, see [plans and pricing](https://snyk.io/plans/).
{% endhint %}
There are two ways to group your Projects: **Project views** and **Project collections**.
diff --git a/scan-fix-and-prevent/snyk-platform-administration/snyk-projects/project-collections-groupings/project-collections.md b/scan-fix-and-prevent/snyk-platform-administration/snyk-projects/project-collections-groupings/project-collections.md
index ade19cc62589..c680603cebd2 100644
--- a/scan-fix-and-prevent/snyk-platform-administration/snyk-projects/project-collections-groupings/project-collections.md
+++ b/scan-fix-and-prevent/snyk-platform-administration/snyk-projects/project-collections-groupings/project-collections.md
@@ -1,6 +1,6 @@
# Project collections
-On this page you will find information about how to create and use Project collections:
+This page describes how to create and use Project collections:
* [Select all filtered Projects that are visible to create a Project collection](project-collections.md#select-all-filtered-projects-that-are-visible-to-create-a-project-collection)
* [Add Projects to an existing Project collection using filters](project-collections.md#add-projects-to-an-existing-project-collection-using-filters)
@@ -10,7 +10,7 @@ On this page you will find information about how to create and use Project colle
* [View your Project collections on the collection listing page](project-collections.md#view-your-project-collections-on-the-collection-listing-page)
{% hint style="info" %}
-If you move a Project between Organizations, the Project will also be removed from any Project collections it is part of.
+If you move a Project between Organizations, Snyk also removes the Project from any Project collections it is part of.
{% endhint %}
## Select all filtered Projects that are visible to create a Project collection
@@ -58,7 +58,7 @@ If you move a Project between Organizations, the Project will also be removed fr
2. You can perform the following actions:
1. Activate selected Projects.
2. Deactivate selected Projects.
- 3. Add the selected Projects to a collection. In this case, the action will add the selected Projects to another collection that you have created.
+ 3. Add the selected Projects to a collection. In this case, the action adds the selected Projects to another collection that you have created.
4. Remove selected Projects from a collection.
5. Delete selected Projects.
diff --git a/scan-fix-and-prevent/snyk-platform-administration/snyk-projects/project-collections-groupings/project-views.md b/scan-fix-and-prevent/snyk-platform-administration/snyk-projects/project-collections-groupings/project-views.md
index 0f25372a41c4..0948ea195d4a 100644
--- a/scan-fix-and-prevent/snyk-platform-administration/snyk-projects/project-collections-groupings/project-views.md
+++ b/scan-fix-and-prevent/snyk-platform-administration/snyk-projects/project-collections-groupings/project-views.md
@@ -1,6 +1,6 @@
# Project views
-On this page you will find information about how to create and use Project views:
+This page describes how to create and use Project views:
* [Create and configure a Project view](project-views.md#create-and-configure-a-project-view)
* [View reports on your Projects](project-views.md#view-reports-on-your-projects)
@@ -11,8 +11,8 @@ A Project view is visible to all users in the same Organization they were create
## Create and configure a Project view
-1. On the right side of the Project listing page, beneath the **View import log** button, select **Group by none** from the drop-down list.
-2. Click the drop-down next to the FILTERS drop-down, and click **Create new view**. If you already have filters selected, click **Save changes** next to the drop-down and follow the next step.
+1. On the right side of the Project listing page, beneath the **View import log** button, select **Group by none** from the dropdown list.
+2. Click the dropdown next to the FILTERS dropdown, and click **Create new view**. If you already have filters selected, click **Save changes** next to the dropdown and follow the next step.
Create a Project view
@@ -22,17 +22,17 @@ A Project view is visible to all users in the same Organization they were create
Your new view is created and automatically selected. Click the icon next to your Project view to duplicate, rename, or delete it.
-4. In the filters drop-down, select the criteria to organize your view.
+4. In the filters dropdown, select the criteria to organize your view.
Apply filters
-5. After applying all the filters you want, click **Save changes** next to the drop-down. Your Project view will be updated.
+5. After applying all the filters you want, click **Save changes** next to the dropdown. Snyk updates your Project view.
6. If you want to configure a Project view, select different filters and click **Save changes** again. You can also discard any changes to a Project view before you save them to return it to its most recent saved state.
## View reports on your Projects
-1. From the Project view drop-down, select the Project view for which you would like to view the report.
-2. Next to the FILTERS drop-down, click **See report for these projects**.
+1. From the Project view dropdown, select the Project view for which you would like to view the report.
+2. Next to the FILTERS dropdown, click **See report for these projects**.
View report on your Project view
@@ -41,5 +41,5 @@ The Reports page loads and displays a report of the Projects in your Project vie
Automatically scoped report for your Project view
{% hint style="info" %}
-The scan results you see on the Project listing page will be reflected in the reporting page roughly one (1) hour after the scan is complete.
+The scan results you see on the Project listing page appear on the reporting page roughly one hour after the scan is complete.
{% endhint %}
diff --git a/scan-fix-and-prevent/snyk-platform-administration/snyk-projects/project-tags.md b/scan-fix-and-prevent/snyk-platform-administration/snyk-projects/project-tags.md
index 0abedbd01076..a714c01d904c 100644
--- a/scan-fix-and-prevent/snyk-platform-administration/snyk-projects/project-tags.md
+++ b/scan-fix-and-prevent/snyk-platform-administration/snyk-projects/project-tags.md
@@ -13,7 +13,7 @@ Project tags are available only with Enterprise plans. For more information, see
Group and Organization admins can perform the actions explained on this page. Collaborators can perform the actions if they are in an Organization that is part of the Group.
{% endhint %}
-The Project tags feature allows you to add custom metadata to Snyk Projects. You can create and delete tags, apply tags to and remove tags from Projects, and filter Projects using tags.
+The Project tags feature lets you add custom metadata to Snyk Projects. You can create and delete tags, apply tags to and remove tags from Projects, and filter Projects using tags.
You can perform these actions in the Snyk Web UI, as shown on this page.
@@ -22,7 +22,7 @@ You can also perform these actions using the API endpoints [Add a tag to a Proje
You can set values for a tag applied to a Project and clear the Project tags using the Snyk CLI option `--project-tags`. See the [CLI commands and options summary](https://app.gitbook.com/s/IEEjSXQQu36y0vmFV8zf/snyk-cli/snyk-cli/cli-commands-and-options-summary) for the commands that support this option.
{% hint style="info" %}
-If a Project tag is no longer assigned to a Project, the tag will no longer exist.
+If a Project tag is no longer assigned to a Project, the tag no longer exists.
{% endhint %}
### Tag conditions
@@ -45,7 +45,7 @@ To create a new tag for a Snyk Project:
2. Add the new key and click **Enter**.
3. Add a new value and click **Enter**.
-You have created a new tag. When a new tag is created, it is automatically applied to the Project it was created in. The tag can also be used for any other Project in the Group.
+You have created a new tag. Snyk automatically applies a new tag to the Project it was created in. The tag can also be used for any other Project in the Group.
You can apply multiple Project tag values to the same Project tag key.
@@ -55,12 +55,12 @@ After you create a tag, it can be applied to other Projects in the Snyk Group.
To delete a Project tag from the Group, use the API endpoint [Delete a tag from a Group](https://app.gitbook.com/s/IEEjSXQQu36y0vmFV8zf/snyk-api/reference/groups-v1#group-groupid-tags).
-This endpoint has the option in the Body to specify `"force": false` or `"force": true`_._ If you specify `"force": true`, the tag will be removed from any Projects to which it is applied, and it will then be deleted. If you specify `"force": false` and the tag is still applied to any Projects, error 403 “the tag has entities” occurs. Otherwise, tag deletion should succeed.
+This endpoint has the option in the Body to specify `"force": false` or `"force": true`_._ If you specify `"force": true`, Snyk removes the tag from any Projects to which it is applied and then deletes it. If you specify `"force": false` and the tag is still applied to any Projects, error 403 “the tag has entities” occurs. Otherwise, tag deletion succeeds.
{% hint style="info" %}
A tag will only exist if it has been created and applied to one or more Projects. If a tag is
-removed from all Projects, it will no longer exist.
+removed from all Projects, it no longer exists.
{% endhint %}
## **How to apply and remove tags**
@@ -72,7 +72,7 @@ If a tag exists in your Group, you can apply it to any Snyk Project.
3. You can either select a value from the list of recently used values or type out the key value you want to apply to the Project.
4. After you select the value, the tag is applied to your Project.
5. To remove a tag from a Project, click the **x** for the tag.\
- If you remove a tag and it has not been assigned to any other Project, the tag will no longer exist.
+ If you remove a tag and it has not been assigned to any other Project, the tag no longer exists.
## How to filter the Projects listing by tags
diff --git a/scan-fix-and-prevent/snyk-platform-administration/snyk-projects/view-and-edit-project-settings.md b/scan-fix-and-prevent/snyk-platform-administration/snyk-projects/view-and-edit-project-settings.md
index 19d48e68b41b..b444130e0c4f 100644
--- a/scan-fix-and-prevent/snyk-platform-administration/snyk-projects/view-and-edit-project-settings.md
+++ b/scan-fix-and-prevent/snyk-platform-administration/snyk-projects/view-and-edit-project-settings.md
@@ -17,8 +17,8 @@ To deactivate a Project, select **Deactivate project** on the Project settings p
* Remove the webhook from the SCM repository.
* Disable pull request tests for new vulnerabilities.
* Disable a Fix pull request from being opened for newly disclosed vulnerabilities.
-* Disable recurring tests; email alerts about newly disclosed vulnerabilities will be turned off.
-* Remove any vulnerabilities in the Project from reporting and dashboard views
+* Disable recurring tests and turn off email alerts about newly disclosed vulnerabilities.
+* Remove any vulnerabilities in the Project from reporting and dashboard views.
To delete a Project, select **Delete project** on the Project settings page. By deleting a Project, you do the following:
diff --git a/scan-fix-and-prevent/snyk-platform-administration/snyk-projects/view-project-history.md b/scan-fix-and-prevent/snyk-platform-administration/snyk-projects/view-project-history.md
index f0630fdd4d94..96335f5a4d32 100644
--- a/scan-fix-and-prevent/snyk-platform-administration/snyk-projects/view-project-history.md
+++ b/scan-fix-and-prevent/snyk-platform-administration/snyk-projects/view-project-history.md
@@ -1,7 +1,7 @@
# View Project history
-Select the **History** tab on the Project details page to view the Project history, which shows results of previous scans. Under normal circumstances, Snyk retains at least two snapshots: a historic snapshot and a current snapshot of the latest scan. More entries may be shown when the found issues between scans have not changed, but the entries in the list point to the same snapshot. If numerous scans are executed within 24 hours, all of the scans are displayed, distinct issues or not, after which they are purged from the list.
+Select the **History** tab on the Project details page to view the Project history, which shows results of previous scans. Under normal circumstances, Snyk retains at least two snapshots: a historic snapshot and a current snapshot of the latest scan. Snyk may show more entries when the found issues between scans have not changed, but the entries in the list point to the same snapshot. If numerous scans run in 24 hours, Snyk displays all of the scans, distinct issues or not, then purges them from the list.
Project details page History tab
-Click on an entry to view a snapshot of the Project details page for that period.
+Click an entry to view a snapshot of the Project details page for that period.
diff --git a/scan-fix-and-prevent/snyk-platform-administration/snyk-projects/view-project-issues-fixes-and-dependencies.md b/scan-fix-and-prevent/snyk-platform-administration/snyk-projects/view-project-issues-fixes-and-dependencies.md
index 0cae3ecf221b..71138b8e56b2 100644
--- a/scan-fix-and-prevent/snyk-platform-administration/snyk-projects/view-project-issues-fixes-and-dependencies.md
+++ b/scan-fix-and-prevent/snyk-platform-administration/snyk-projects/view-project-issues-fixes-and-dependencies.md
@@ -12,7 +12,7 @@ The Project details page displays Issue cards on the **Issues** tab. The informa
Project details Issues tab and filters in environments with Fix advice available
-Use the filters in the panel to the left to narrow the search for issues. Select the checkboxes to filter issues by **Issue type**, **Severity**, **Fixability**, **Exploit Maturity**, and **Status**. You can also edit the **Priority Score** slider to change the range displayed; the default is 0 to 1000.
+Use the filters in the **Filters** panel to narrow the search for issues. Select the checkboxes to filter issues by **Issue type**, **Severity**, **Fixability**, **Exploit Maturity**, and **Status**. You can also edit the **Priority Score** slider to change the range displayed. The default is 0 to 1,000.
Issue details are shown on issue cards in the main area, sorted by priority score. See [Issue card information](issue-card-information.md) for more details.
@@ -26,7 +26,7 @@ Scroll to a dependency and the listed issues to view details, including the max
The Severity icon in front of the dependency title shows the maximum severity associated with the dependency. In this example, there are listed issues with medium or high severity, so the maximum severity for the dependency is high.
-The score associated with the dependency title is the maximum of all listed issues under that dependency. This will show as either [Risk Score](../../manage-risk/prioritize-issues-for-fixing/risk-score.md) if you are opted-in to the Early Access feature, or [Priority Score](../../manage-risk/prioritize-issues-for-fixing/priority-score.md).
+The score associated with the dependency title is the maximum of all listed issues under that dependency. This shows as either [Risk Score](../../manage-risk/prioritize-issues-for-fixing/risk-score.md) if you are opted in to the Early Access feature, or [Priority Score](../../manage-risk/prioritize-issues-for-fixing/priority-score.md).