Remediation systems

Open Source Remediation Systems

For vulnerabilities of open source dependencies, Xygeni provides the capability of Automatic Fix.

See OSS Auto-remediation (Automatic Fix) for further information

In order to use Auto-Fix, you must configure the supported systems: GitHub and GitLab

Go to Settings >> Integrations >> Remediation to configure the integration with them.

GitHub

To configure GitHub, you should provide a GitHub Token

Please visit Required Token Permission for GitHub for further information on how to create a GitHub token as well as needed permissions.

Important: The provided token will be used for any remediation on any Xygeni project, so be sure to provide a token with enough permissions to create branches and open pull requests in the repos of your SCM organization.

GitLab

To configure GitLab, you should provide a GitLab Token

Please visit Required Token Permission for GitLab for further information on how to create a GitLab token as well as needed permissions.

Important: The provided token will be used for any remediation on any Xygeni project, so be sure to provide a token with enough permissions to create branches and open pull requests in the repos of your SCM organization.

Bitbucket

To configure Bitbucket , you should provide a Workspace Access Tokens

Please visit Required Token Permission for Bitbucket for further information on how to create a Bitbucket Workspace Access Tokens token as well as needed permissions.

Important: The provided token will be used for any remediation on any Xygeni project, so be sure to provide a token with enough permissions to create branches and open pull requests in the repos of your SCM organization.

Azure Devops

To configure Azure Devops, you should provide a Azure Personal Access Token.

Please visit Required Token Permission for Azure Devops for further information on how to create an Azure Devops token as well as needed permissions.

Important: The provided token will be used for any remediation on any Xygeni project, so be sure to provide a token with enough permissions to create branches and open pull requests in the repos of your SCM organization.

Last updated