All Collections
Aikido Autofix
Aikido Autofix for 3rd party dependencies
Aikido Autofix for 3rd party dependencies

This article gives an explanation of what the Aikido Autofix is, and how it can help you get more secure faster.

Bert Coppens avatar
Written by Bert Coppens
Updated over a week ago

Aikdo Autofix is a tool you can use to have Aikido fix vulnerabilities in 3rd party dependencies in your projects. It will do this by creating pull requests that remove the vulnerability via package updates or by other means. In some cases an Aikido Autofix can remove a whole class of vulnerabilities instead of just 1 issue.

Step 1. Enable Autofix on the Settings > General page.

Step 2. After installing the Aikido Autofix application via the settings page, you can instruct Aikido to create these pull requests via the action menu in the sub-issues table in the sidebar. Autofixes can only be created on sub-issue level at the moment.

We'll always explain beforehand what Aikido Autofix will be doing. In some cases, there are multiple ways we can fix an issue. In such a case you will be able to select the option you prefer.

When a fix is prepared, we'll present you with a modal with the commands we are running to install the requested fix. This way you'll be able to reproduce the creation of the pull request locally if needed. The modal can be closed while the process is still running.

Support for the auto-fixer at this time is limited to Javascript, Go, PHP and Python repositories which are hosted on Github, Bitbucket or Gitlab/GitLab Self-Managed (see Article).

Did this answer your question?