> For the complete documentation index, see [llms.txt](https://docs.sprinto.com/llms.txt). Markdown versions of documentation pages are available by appending `.md` to page URLs; this page is available as [Markdown](https://docs.sprinto.com/integrations/overview/deepsource-integration.md). # DeepSource Integration DeepSource is a code monitoring service designed for developers to automatically find and fix code quality issues, security vulnerabilities, and performance inefficiencies in their codebase. ### How does this integration help Sprinto The integration below assists Sprinto in meeting compliance requirements concerning vulnerability monitoring on production classified code repositories. Sprinto detects vulnerabilities from your configured DeepSource account and ensures they are resolved within the defined SLA (Service Level Agreement) with the assistance of Sprinto's checks. #### Sprinto checks for DeepSource integration Following are the Sprinto checks available for DeepSource integration:
Sprinto checkRequired action
DeepSource vulnerability alert should be resolved within SLA

This check activates when Sprinto detects a vulnerability in the open status on your configured DeepSource account.

To fix this check, resolve the detected vulnerability from the source.

### Before your begin * Ensure you have “Admin” access on the DeepSource account you wish to integrate on Sprinto. * Log in on Sprinto as administrator. ### Integrate Sprinto with DeepSource Follow the below steps to integrate Sprinto with DeepSource: 1. Get the API key from the DeepSource account. * Log in to [DeepSource account](https://app.deepsource.com/login) using your credentials or available Single Sign-On (SSO) options. * Go to Settings > Tokens, and click Generate a New Token. * Enter the token name and set the expiry. We recommend setting the token expiration to “Never expire.” Click Generate.
* Copy the generated token and save it securely. We will need this token on Sprinto to build integration. 2. Integrate DeepSource on Sprinto. * Go to **Settings** > **Integrations** > **Available**, and click Connect next to DeepSource.
* Read the on-screen instructions, and click Next.
* Enter the API token copied from Step 1, and click Connect.
3. Add DeepSource as a vulnerability monitoring source. * Go to **Data Library** > **Vulnerabilities** > **Overview**, and click + Add Monitoring Source. * On Add Vulnerability monitoring source page, click Choose next to DeepSource.
* Click Add DeepSource from the configuration page. After completing Step 2, allow 15 to 20 minutes for Sprinto to finish the data syncing process. Sprinto may take a few hours to evaluate the synced data and activate relevant Sprinto checks. If needed, go to Security Hub > Vulnerabilities and click DeepSource to review the pending Sprinto checks. Contact [Sprinto support](mailto:www.support@sprinto.com) if you have any queries regarding the integration or need any assistance --- # Agent Instructions This documentation is published with GitBook. GitBook is the documentation platform designed so that both humans and AI agents can read, navigate, and reason over technical content effectively. Learn more at gitbook.com. ## Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://docs.sprinto.com/integrations/overview/deepsource-integration.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.