AutoFix Suggestions and Inline Commenting for PR Checks
Aikido supports inline comments directly in your SCM software. This feature allows developers to receive feedback on specific lines of code, helping them resolve issues faster. Configuration is available per repository, so teams can enable it only where needed.
Moreover we can also make AutoFix suggestions to fix issues instantly when they arise, we continuously enable more and more rules to have autofixes available.
Prerequisities
Make sure to have your CI Checks enabled (via the Aikido Dashboard)
You are an admin within Aikido
Enabling Inline Commenting
Step 1: Go to the settings page via Repositories > Pull/Merge Requests > Manage PR/MR Checks
Step 2:Select the repo(s) for which you want to enable it and click Setup PR Scans
Step 3:Enable the toggle for Add comments. Make sure at least SAST or Secrets scan is enabled.
Step 4: When a new issue is introduced (based on the scan failure severity), a new comment will be added in your SCM.
Security bot flags script from malicious domain, recommends its immediate removal from code.
Step 5. When available, Aikido will make AutoFix suggestions. Review the diff and commit the suggestion to fix the newly introduced vulnerability all at once.
Suggested code change to add "drop_invalid_header_fields" to AWS ALB resource configuration.
