Additional Auto Remediation support for Dependency Scanning
Problem to solve
Auto Remediation automatically fix vulnerabilities.
It currently supports Dependency Scanning findings, but only for Yarn based projects. We should add more package managers in the supported list.
- Sasha, Software Developer
- Sam, Security Analyst
Provide patches for other package managers. Once done, everything should follow the same flow of the existing Auto Remediation feature.
What does success look like, and how can we measure that?
Number of Depedency Scanning vulnerabilities fixed by Auto Remediation.