Ignoring issues

Prioritize and deprioritize issues

Ignore as a prioritization strategy

Snyk provides several ways to prioritize the list of issues found in your projects.

Ignoring issues can be a useful way to deprioritize issues that are less important in your remediation strategy.

Organization administrators can define their own ignore strategy and permissions for projects included in their organizations.

If the organization admin restricts the ability to ignore an issue or edit the ignore settings for an issue, other users in projects within that organization will not have the option to ignore issues. For these cases, the Ignore button on issues will not be visible.

Determine Ignore Strategy

Snyk recommends a best practice of fixing, patching, or removing vulnerable dependencies whenever possible.

However, sometimes it is necessary to ignore an issue. Ignoring an issue helps prevent it from reappearing in your Snyk tests, either for a set period of time or permanently. You can also ignore issues to prevent them from failing builds in the CI/CD process.

For example, if an issue doesn't currently have a fix, you may want to ignore it until it does. Or if an issue has a path that makes it non-exploitable, you may postpone fixing the issue for a certain period of time. Sometimes as a matter of prioritization, you decide to postpone certain issues so that your resources can focus on more critical issues.

Whatever the reason for ignoring an issue, you will want to define how ignore policies are applied to projects in your first organization.

Define Ignore Permissions

To indicate who can ignore issues within the organization and whether they must enter a reason, complete the following steps:

  1. Select the Settings icon from the organization you want to update.
  2. On the General tab, scroll down to the Ignores section.
  3. To limit permissions for ignoring issues, select Admin users only. Note that none of your organization members will be able to ignore issues using the CLI or API. The org admin will have to ignore issues using the Snyk web app. Otherwise, select All users in any environment.
  4. Select whether to require a reason when ignoring an issue.
  5. Select Update.

Ignoring issues in Snyk UI

There are a few valid reasons for ignoring issues so they won't continue to appear in your list of issues. You can ignore an issue right from the issue card in the Snyk UI (if you have that permission). You can choose how long to ignore the issue and provide a rationale for the ignore.

Congratulations

Congrats! You understand how to use ignores in your prioritization strategy and you learned how to ignore issues in the Snyk UI.

Scan your code & stay secure with Snyk - for FREE!

Did you know you can use Snyk for free to verify that your code
doesn't include this or other vulnerabilities?

Scan your code