Bulk Vulnerability Resolution

Everyone can contribute. Help move this issue forward while earning points, leveling up and collecting rewards.

• Close this issue

Problem to Solve

Users want to resolve vulnerabilities quickly so they can minimize organizational risk and unblock developers. Today, Vulnerability Resolution uses AI to resolve vulnerabilities one by one. However, organizations have hundreds if not thousands of vulnerabilities. Let's enable users to open merge requests that solve multiple vulnerabilities at once.

Proposal

Create a MR that fixes multiple vulnerabilities

This feature will:

• Resolve all the vulnerabilities found in a given file.
• Resolve all the vulnerabilities found of a given type in the entire repo (i.e. fix all deprecated cryptographic algorithms in the project).

Background and Validation

GitLab field team members and SMEs have raised issues akin to this request:

1. AI Feature Proposal: Vulnerability Resolution i... (#460819 - closed)
2. New "targeted vulnerabilities" workflow (#442688), please also see #442688 (comment 1805565583)

V1 Design proposal