Security issues need addressing, perhaps automatically?

Question

Security issues need addressing, perhaps automatically?

lirantal opened this issue 6 years ago · 5 comments

What happened:

Because I originally connected Snyk to my GitHub fork of the mockit repository I am now getting automatic fix PRs from Snyk to resolve security issues - while it's nice, it serves little purpose on my own fork :)

Problem description:

Security vulnerabilities affecting mockit need to be addressed.
See the PR here: lirantal#1

Suggested solution:

Perhaps connect to Snyk with your GitHub account and this monitor this repository so it is able to automatically open fix PRs to mitigate security issues.

See example PR in my fork:

Answer 1 · 2019-04-23T21:14:25.000Z

Hey @lirantal

Awesome stuff, I will get this added. I have set up the account and just saw a button saying raise PR for fix.

How do you set it up for automatic PR's?

Answer 2 · 2019-04-23T21:16:42.000Z

I have this setup, so hopefully, the will raise in the future?

Answer 3 · 2019-04-23T21:19:47.000Z

Yep, looking good!
First PR you need to raise manually then those toggles you checked in will make sure in the future PRs will get open automatically 👌

Answer 4 · 2019-04-23T22:07:35.000Z

#24

Happy days!

All set up and should be automatic now, which is really neat. Thanks for the heads up @lirantal and the suggestion

Answer 5 · 2019-04-23T22:16:36.000Z

Cool stuff! Congrats 🎉