# Remediation systems

## Open Source Remediation Systems

For vulnerabilities of open source dependencies, Xygeni provides the capability of [Automatic Fix](/xygeni-products/open-source-security-oss/oss-auto-remediation.md).

{% hint style="info" %}
See [OSS Auto-remediation (Automatic Fix)](/xygeni-products/open-source-security-oss/oss-auto-remediation.md) for further information
{% endhint %}

In order to use Auto-Fix, you must configure the supported systems: **GitHub, GitLab, Bitbucket, Azure DevOps and Gitea.**

Go to **Settings >> Integrations >> Remediation** to configure the integration with them.

<figure><img src="/files/9MhYkZqd3I1aMPIO3dO2" alt=""><figcaption></figcaption></figure>

### GitHub

To configure **GitHub**, you should provide a GitHub Personal Access Token with the following permissions:

<table><thead><tr><th width="206">Token type</th><th>Permissions</th></tr></thead><tbody><tr><td>Classic token</td><td><code>repo</code><br><code>repo:status</code><br><code>read:org</code></td></tr><tr><td>Fine-grained token</td><td><code>Contents:Write</code><br><code>Pull requests:Write</code></td></tr></tbody></table>

### GitLab

To configure **GitLab**, you should provide a GitLab Personal Access Token with the following permissions:

| <p><code>api</code><br><code>write\_repository</code></p> | Developer |
| --------------------------------------------------------- | --------- |

### Bitbucket

To configure **Bitbucket** , you should provide an access tokens with the following permissions:

| <p><code>account</code><br><code>repository</code><br><code>repository:write</code><br><code>pullrequest</code><br><code>pullrequest:write</code></p> |
| ----------------------------------------------------------------------------------------------------------------------------------------------------- |

Use the token type that best suites your case:

* Repository Access Token
* Project Access Token
* Workspace Access Token
* Personal Access Token

### Azure Devops

To configure **Azure Devops**, you should provide a Azure Personal Access Token with the following permissions:

| <p><code>vso.code</code><br><code>vso.code\_write</code></p> | Contributor |
| ------------------------------------------------------------ | ----------- |

### Gitea

To configure **Gitea**, you should provide a Personal Access Tokens with the following permissions:

| <p><code>read:repository</code><br><code>write:repository</code><br><code>read:organization</code></p> |
| ------------------------------------------------------------------------------------------------------ |


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://docs.xygeni.io/xygeni-administration/platform-administration/integrations/remediation-systems.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.