You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
The code/snyk (mightyprytanis) check continues to appear on PRs even though snyk-security.yml is disabled. This is because Snyk (and Semgrep) each have a GitHub App integration that triggers PR checks independently of any workflow file — disabling the workflow has no effect on the App.
Status of each check
Check
Source
Status
snyk-security.yml
GitHub Actions workflow
✅ Disabled (workflow_dispatch only + if: ${{ false }})
codeql.yml
GitHub Actions workflow
✅ PR trigger removed
semgrep.yml
GitHub Actions workflow
✅ PR trigger removed
SnykCode / code/snyk (mightyprytanis)
Snyk GitHub App
⚠️ Still running — must be disabled externally
semgrep-cloud-platform/scan
Semgrep GitHub App
⚠️ Still running — must be disabled externally
Required action (cannot be done via code)
To stop code/snyk from running on PRs, one of:
Snyk dashboard → Settings → GitHub integration → disable PR checks or disconnect the repo
GitHub → Settings → GitHub Apps → Snyk → Configure → remove this repository from its access list
Same applies to semgrep-cloud-platform/scan if that check also needs to stop blocking auto-merges.
💡 You can make Copilot smarter by setting up custom instructions, customizing its development environment and configuring Model Context Protocol (MCP) servers. Learn more Copilot coding agent tips in the docs.
CopilotAI
changed the title
[WIP] Build(deps): bump vite from 7.3.1 to 8.0.1
chore: explain why code/snyk GitHub App check persists despite workflow disable
Mar 21, 2026
@copilot I have manually disabled Snyk code, yet it is still showing up. Why?
Two things to clarify here:
1. SnykCode is NOT blocking this PR — it's showing as ✅ success (and completes in ~1 second, so it's effectively a no-op). Disabling "Snyk Code" in Snyk's dashboard turns off the scan itself but the GitHub App still posts a pass-through check run. To make it disappear entirely, you'd need to uninstall/revoke the Snyk GitHub App from this repo in GitHub Settings → Apps.
2. The actual blocker is Quality Gates — it's failing because Cyrano's test suite ran at 81.16% pass rate (56/69 tests passing, 13 failing), which is below the 85% threshold in ci.yml. This is a pre-existing Cyrano test failure unrelated to the Vite bump in this PR.
The auto-approve/auto-merge steps also showed as skipped because Vite 7→8 is a major version update, which the Dependabot auto-merge workflow intentionally excludes (it only auto-merges patch and minor updates).
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
MightyPrytanis
merged commit 
The
code/snyk (mightyprytanis)check continues to appear on PRs even thoughsnyk-security.ymlis disabled. This is because Snyk (and Semgrep) each have a GitHub App integration that triggers PR checks independently of any workflow file — disabling the workflow has no effect on the App.Status of each check
snyk-security.ymlworkflow_dispatchonly +if: ${{ false }})codeql.ymlsemgrep.ymlSnykCode/code/snyk (mightyprytanis)semgrep-cloud-platform/scanRequired action (cannot be done via code)
To stop
code/snykfrom running on PRs, one of:Same applies to
semgrep-cloud-platform/scanif that check also needs to stop blocking auto-merges.💡 You can make Copilot smarter by setting up custom instructions, customizing its development environment and configuring Model Context Protocol (MCP) servers. Learn more Copilot coding agent tips in the docs.