OSS Auto-Remediation

Automatic Fix for Open Source Vulnerabilities

Xygeni can automatically fix vulnerabilities in your open source dependencies.

Actionable fixes for supported ecosystems appear in the scan results as shown in the following example:

To enable this functionality, please configure as explained at the Remediation Systems documentation.

Filtering by Auto fix available you will see which vulnerabilities can be automatically fixed by Xygeni.

Click on the icon of any issue in the table to view its details.

The Fix vulnerability button will be enabled if the issue is tagged as Auto Fix

In this example, you can see that the vulnerability (CD-2019-10744) is related to lodash version 4.17.11 and resolved in version 4.17.12.

Clicking on Fix vulnerability button will open a dialog where you can view the manifest file changes to upgrade to the fixed version. You can also view the repository details and the Pull Request that will open with the proposed change.

Clicking on Open PR button will create the Pull Request.

Navigate to your source control management system (e.g., GitHub) to view the newly created branch.

The newly created branch will include a commit encompassing the proposed modifications.

You will receive notification of the newly created Pull Request, enabling you to review and approve it for merging into the protected branch.

Please see Open Source Remediation Systems for further information on how to configure auto-remediation

PreviousOSS Prioritization Funnels NextMalware Early Warning (MEW)

Last updated 2 months ago