{% tabs %} {% tab title="API custom PR templates" %}
You can use the following variables in your template.
A list of Jira tickets associated with the issues contained within the pull request. Ensure 1that the Snyk Jira integration is enabled on the Project or repository that contains the Project and that you have linked Snyk issues to JIRA tickets.
To automatically link Jira to the relevant pull requests, include a list of associated Jira tickets in the commit message.
{
"data": {
"attributes": {
"commit_message": "This pull request is from Snyk and relates to {{ jira_ids }}"
},
"type": "pull_request_template"
}
}
The commit message of your PR will be:
This pull request is from Snyk and relates to JIRA-1,JIRA-2,JIRA-3
This output indicates that the suggested solution successfully resolved three problems. It also includes links to every Jira ticket.
This is the Snyk Project URL and can be used to link to the Snyk Project page.
{
"data": {
"attributes": {
"description": "To find more details, see the Snyk project {{ snyk_project_url }}"
},
"type": "pull_request_template"
}
}
The description of your PR will be:
To find more details, see the Snyk project https://app.snyk.io/org/my-org/project/xx-xxx-xx-xx
In this output, my-org
is your Snyk Organization name and xx-xxx-xx-xx-xxxx
is the public ID of your Project or repository.
This is the Snyk Project name. You can add the Snyk Project name to your description.
{
"data": {
"attributes": {
"description": "Fix applied to project {{ snyk_project_name }}"
},
"type": "pull_request_template"
}
}
The description of your PR will be:
Fix applied to project my-org/project:filename
This is the Snyk Organization name. You can add the Snyk Organization name to your description.
{
"data": {
"attributes": {
"description": "Fix applied by {{ snyk_org_name }}"
},
"type": "pull_request_template"
}
}
The description of your PR will be:
Fix applied by my-org
This is the name of the package being fixed or upgraded. When more than one package is changed, this variable will default to the first one.
Follow this example to display in the description the package name of the first dependency being fixed in the PR.
{
"data": {
"attributes": {
"description": "Fixes {{ package_name }}"
},
"type": "pull_request_template"
}
}
The description of your PR will be:
Fixes adm-zip
This is the version of the package that is being fixed or upgraded. In cases where more than one package is changed, this variable will default to the from
version of the first one.
{
"data": {
"attributes": {
"description": "Fix is applied by moving from {{ package_from}}"
},
"type": "pull_request_template"
}
}
The description of your PR will be:
Fix is applied by moving from 0.4.7
The package is transitioning to this particular version. In cases where more than one package is changed, this variable will default to the to
version of the first one.
{
"data": {
"attributes": {
"description": "Fix is applied by moving to {{ package_to}}"
},
"type": "pull_request_template"
}
}
The description of your PR will be:
Fix is applied by moving to 0.5.2
This is the number of issues in your Project or repository that are covered by the PR.
{
"data": {
"attributes": {
"description": "The PR will fix {{ issue_count }} issues."
},
"type": "pull_request_template"
}
}
The description of your PR will be:
The PR will fix 98 issues.
This variable can be used to customize attributes based on whether the PR is a Snyk Container product. Currently, there are two different product types at Snyk that can open PRs (Snyk Open Source PRs and Snyk Container PRs). Using this variable will help you customize your template to differentiate between the two.
{
"data": {
"attributes": {
"description": "{{ #product_is_container }} This Container PR has been opened to fix vulnerabilities in your project. {{ /product_is_container }}"
},
"type": "pull_request_template"
}
}
If your PR is an Open Source product, then the description of your PR will be:
This Container PR has been opened to fix vulnerabilities in your project
This variable can be used to customize attributes based on whether the PR is an Open-Source product. Currently, Snyk has two different product types that can open PRs (Open-Source PRs and Container PRs). Using this variable will help you customize your template to differentiate between the two.
{
"data": {
"attributes": {
"description": "{{ #product_is_open_source }} This Open Source PR has been opened to fix vulnerabilities in your project. {{ /product_is_open_source }}"
},
"type": "pull_request_template"
}
}
If your PR is an Open Source product then the description of your PR will be:
This Open Source PR has been opened to fix vulnerabilities in your project
This variable can be used to customize attributes based on whether the PR is a backlog PR, for example, opened to fix new vulnerabilities introduced to the Project or repository in the latest scan. In the example below, you can see that the description of the PR will only show if it is a fixed PR.
{
"data": {
"attributes": {
"description": "{{ #is_fix_pr }} This PR has been opened to fix vulnerabilities in your project. {{ /is_fix_pr }}"
},
"type": "pull_request_template"
}
}
If your PR is a fixed PR ,then the description of your PR will be:
This PR has been opened to fix vulnerabilities in your project.
This variable can be used to customize attributes based on whether the PR is a backlog PR, for example, opened to fix known vulnerabilities already in the Project or repository. In the example below you can see that the description of the PR will only show if it is a backlog PR.
{
"data": {
"attributes": {
"description": "{{ #is_backlog_pr }} This PR has been opened to fix known vulnerbilities. These vulnerabilities are retrieved from the Project's backlog. {{ /is_backlog_pr }}"
},
"type": "pull_request_template"
}
}
If your PR is a backlog PR then the description of your PR will be:
This PR has been opened to fix known vulnerabilities. These vulnerabilities are retrieved from the Project's backlog.
This variable can be used to customize attributes based on whether the PR is an Upgrade PR, or to upgrade dependencies to newer versions regardless of vulnerabilities. In the example below you can see that the description of the PR will only show if it is an upgrade PR.
{
"data": {
"attributes": {
"description": "{{ #is_upgrade_pr }} This PR has been opened to make sure our repositories are kept up-to-date. It updates {{ package_name }} from version {{ package_from }} to version {{ package_to }}. Review relevant docs for possible breaking changes. {{ /is_upgrade_pr }} "
},
"type": "pull_request_template"
}
}
If your PR is an upgrade PR then the description of your PR will be:
This PR has been opened to make sure our repositories are kept up-to-date. It updates package-x from version 1.0.0 to version 2.0.0. Review relevant docs for possible breaking changes.
This variable can be used in your template to list the files changed as part of the pull request.
{
"data": {
"attributes": {
"description": "Changes included in this PR: {{ files_changed }}"
},
"type": "pull_request_template"
}
}
If the pull request was for a maven project and the changes made were in the pom.xml file then this is what the description of your PR would look like.
Changes included in this PR: pom.xml
This variable is for container projects only. It can be used to display the name of the recommended base image applied in this PR.
{
"data": {
"attributes": {
"description": "We recommend upgrading to {{ container.recommended_base_image_name }}"
},
"type": "pull_request_template"
}
}
The description of your PR will be:
We recommend upgrading to node:xx.xx.x
This variable is for container projects only. It can be used to display the current base image.
{
"data": {
"attributes": {
"description": "The current base image is: {{ container.current_base_image_name }}"
},
"type": "pull_request_template"
}
}
The description of your PR will be:
The current base image is: node:xx.xx.x
This is the prType of your Project or repository. You can use it to display the PR type from the pull request description.
{
"data": {
"attributes": {
"commit_message": "{{ snyk_pull_request_type}}: for {{ package_name }}"
},
"type": "pull_request_template"
}
}
If you have opened a Fix PR, then the commit message of your PR will be:
fix: for package-x
{% endtab %}
{% tab title="YAML file custom PR templates" %}
You can use the following variables in your template. These variables can be used in any of the customizable PR properties.
A list of Jira tickets associated with the issues contained within the pull request. Ensure 2that the Snyk Jira integration is enabled on the Project or repository that contains the Project and that you have linked Snyk issues to JIRA tickets.
To automatically link Jira to the relevant pull requests, include a list of associated Jira tickets in the commit message.
commitMessage: |
This pull request is from Snyk and relates to {{ jira_ids }}
The commit message of your PR will be:
This pull request is from Snyk and relates to JIRA-1,JIRA-2,JIRA-3
This output indicates that the suggested solution successfully resolved three problems. It also includes links to every Jira ticket.
This is the Snyk Project URL and can be used to link to the Snyk Project page.
description: |
To find more details, see the Snyk project {{ snyk_project_url }}
The description of your PR will be:
To find more details, see the Snyk project https://app.snyk.io/org/my-org/project/xx-xxx-xx-xx
In this output, my-org
is your Snyk Organization name and xx-xxx-xx-xx-xxxx
is the public ID of your Project or repository.
This is the Snyk Project name. You can add the Snyk Project name to your description.
description: |
Fix applied to project {{ snyk_project_name }}
The description of your PR will be:
Fix applied to project my-org/project:filename
This is the Snyk Organization name. You can add the Snyk Organization name to your description.
description: |
Fix applied by {{ snyk_org_name }}
The description of your PR will be:
Fix applied by my-org
This is the name of the package being fixed or upgraded. When more than one package is changed, this variable will default to the first one.
Follow this example to display in the description the package name of the first dependency being fixed in the PR.
description: |
Fixes {{ package_name }}
The description of your PR will be:
Fixes adm-zip
This is the version of the package that is being fixed or upgraded. In cases where more than one package is changed, this variable will default to the from
version of the first one.
description: |
Fix is applied by moving from {{ package_from}}
The description of your PR will be:
Fix is applied by moving from 0.4.7
The package is transitioning to this particular version. In cases where more than one package is changed, this variable will default to the to
version of the first one.
description: |
Fix is applied by moving to {{ package_to}}
The description of your PR will be:
Fix is applied by moving to 0.5.2
This is the number of issues in your Project or repository that are covered by the PR.
description: |
The PR will fix {{ issue_count }} issues.
The description of your PR will be:
The PR will fix 98 issues.
This variable can be used to customize attributes based on whether the PR is a Container product. Currently there are two different product types at Snyk which can open PRs (Open Source PRs and Container Prs). Using this variable will help you customise your template to differentiate between the two.
description: |
{{ #product_is_container }}
This Container PR has been opened to make sure our repositories are kept up-to-date.
It updates {{ package_name }} from version {{ package_from }} to version {{ package_to }}.
Review relevant docs for possible breaking changes.
{{ /product_is_container }}
If your project is a Container project, the description will be:
This Container PR has been opened to make sure our repositories are kept up-to-date.
It updates package x from version 1 to version 2.
Review relevant docs for possible breaking changes.
This variable can be used to customize attributes based on whether the PR is an Open Source product. Currently there are two different product types at Snyk which can open PRs (Open Source PRs and Container Prs). Using this variable will help you customise your template to differentiate between the two.
description: |
{{ #product_is_open_source }}
This Open Source PR has been opened to make sure our repositories are kept up-to-date.
It updates {{ package_name }} from version {{ package_from }} to version {{ package_to }}.
Review relevant docs for possible breaking changes.
{{ /product_is_open_source }}
If your project is an Open Source project, the description will be:
This Open Source PR has been opened to make sure our repositories are kept up-to-date.
It updates package x from version 1 to version 2.
Review relevant docs for possible breaking changes.
This checks to determine whether the pull request is a fix PR, for example, opened to fix new vulnerabilities introduced to the Project or repository in the latest scan.
description: |
Is this pr a fix pr? {{ is_fix_pr }}
The description of your PR will be:
Is this a fix pr? true
This checks to determine whether the pull request is a backlog PR, for example, opened to fix known vulnerabilities already in the Project or repository.
description: |
Is this pr a backlog pr? {{ is_backlog_pr }}
The description of your PR will be:
Is this a backlog pr? false
This checks whether the pull request is an upgrade PR, for example, opened to upgrade dependencies to newer versions regardless of vulnerabilities.
description: |
Is this pr an upgrade pr? {{ is_upgrade_pr }}
The description of your PR will be:
Is this an upgrade pr? false
This variable can be used in your template to list the files changed as part of the pull request.
{
"data": {
"attributes": {
"description": "Changes included in this PR: {{ files_changed }}"
},
"type": "pull_request_template"
}
}
If the pull request was for a maven project and the changes made were in the pom.xml file then this is what the description of your PR would look like.
Changes included in this PR: pom.xml
This variable is for container projects only. It can be used to display the name of the recommended base image applied in this PR.
{
"data": {
"attributes": {
"description": "We recommend upgrading to {{ container.recommended_base_image_name }}"
},
"type": "pull_request_template"
}
}
The description of your PR will be:
We recommend upgrading to node:xx.xx.x
This variable is for container projects only. It can be used to display the current base image.
{
"data": {
"attributes": {
"description": "The current base image is: {{ container.current_base_image_name }}"
},
"type": "pull_request_template"
}
}
The description of your PR will be:
The current base image is: node:xx.xx.x
This is the prType of your Project or repository. You can use it to display the PR type from the pull request description.
description: |
This is a {{ snyk_pull_request_type }} pull request
The description of your PR will be:
This is a fix pull request
{% endtab %} {% endtabs %}