Aikdo Autofix is a tool you can use to have Aikido fix vulnerabilities in 3rd party dependencies in your projects. It will do this by creating pull requests that remove the vulnerability via package updates or by other means. In some cases an Aikido Autofix can remove a whole class of vulnerabilities instead of just 1 issue.
After installing the Aikido Autofix application via the settings page, you can instruct Aikido to create these pull requests via the action menu in the sub-issues table in the sidebar.
We'll always explain beforehand what Aikido Autofix will be doing. In some cases, there are multiple ways we can fix an issue. In such a case you will be able to select the option you prefer.
When a fix is prepared, we'll present you with a modal with the commands we are running to install the requested fix. This way you'll be able to reproduce the creation of the pull request locally if needed. The modal can be closed while the process is still running.
Support for the auto-fixer at this time is limited to Javascript, Go, PHP and Python repositories which are hosted on Github, Bitbucket or Gitlab cloud. We will extend support to other platforms and languages in and Q3 2023.